function discuss_list($message = '') { pagetop(gTxt('list_discussions'), $message); extract(doSlash(gpsa(array('page', 'crit')))); extract(get_prefs()); $total = safe_count('txp_discuss', "1=1"); $limit = max(@$comment_list_pageby, 25); $numPages = ceil($total / $limit); $page = !$page ? 1 : $page; $offset = ($page - 1) * $limit; $nav[] = $page > 1 ? PrevNextLink("discuss", $page - 1, gTxt('prev'), 'prev') : ''; $nav[] = sp . small($page . '/' . $numPages) . sp; $nav[] = $page != $numPages ? PrevNextLink("discuss", $page + 1, gTxt('next'), 'next') : ''; $criteria = $crit ? "message like '%{$crit}%'" : '1=1'; $rs = safe_rows_start("*, unix_timestamp(posted) as uPosted", "txp_discuss", "{$criteria} order by posted desc limit {$offset}, {$limit}"); echo pageby_form('discuss', $comment_list_pageby); if ($rs) { echo '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list'), assHead('date', 'name', 'message', 'parent', ''); while ($a = nextRow($rs)) { extract($a); $dmessage = $visible == SPAM ? short_preview($message) : $message; $date = "" . date("M d, g:ia", $uPosted + tz_offset()) . ""; $editlink = eLink('discuss', 'discuss_edit', 'discussid', $discussid, $date); $cbox = fInput('checkbox', 'selected[]', $discussid); $tq = fetch('Title', 'textpattern', 'ID', $parentid); $parent = !$tq ? gTxt('article_deleted') : $tq; echo assRow(array($editlink => 100, $name => 100, $dmessage => 250, $parent => 100, $cbox => 20), ' class="' . ($visible == VISIBLE ? 'visible' : ($visible == SPAM ? 'spam' : 'moderate')) . '"'); } echo tr(tda(select_buttons() . discuss_multiedit_form(), ' colspan="5" style="text-align:right;border:0px"')); echo endTable() . '</form>'; echo startTable('edit'), tr(td(form(fInput('text', 'crit', '', 'edit') . fInput('submit', 'search', gTxt('search'), 'smallbox') . eInput("discuss") . sInput("list"))) . td(graf(join('', $nav)))) . tr(tda(graf('<a href="index.php?event=discuss' . a . 'step=ipban_list">' . gTxt('list_banned_ips') . '</a>'), ' colspan="2" align="center" valign="middle"')), endTable(); } else { echo graf(gTxt('no_comments_recorded'), ' align="center"'); } }
function list_list($message = "", $post = '') { extract(get_prefs()); $lvars = array("page", "sort", "dir", "crit", 'method'); extract(gpsa($lvars)); global $statuses, $step; pagetop("Textpattern", $message); $total = getCount('textpattern', "1"); $limit = $article_list_pageby ? $article_list_pageby : 25; $numPages = ceil($total / $limit); $page = !$page ? 1 : $page; $offset = ($page - 1) * $limit; if (!$sort) { $sort = "Posted"; } if (!$dir) { $dir = "desc"; } if ($dir == "desc") { $linkdir = "asc"; } else { $linkdir = "desc"; } if ($crit) { $critsql = array('title_body' => "Title rlike '{$crit}' or Body rlike '{$crit}'", 'author' => "AuthorID rlike '{$crit}'", 'categories' => "Category1 rlike '{$crit}' or Category2 rlike '{$crit}'", 'section' => "Section rlike '{$crit}'", 'status' => "Status rlike '{$crit}'"); $criteria = $critsql[$method]; $limit = 500; } else { $criteria = 1; } $rs = safe_rows("*, unix_timestamp(Posted) as uPosted", "textpattern", "{$criteria} order by {$sort} {$dir} limit {$offset},{$limit}"); echo !$crit ? list_nav_form($page, $numPages, $sort, $dir) : '', list_searching_form($crit, $method); if ($rs) { echo '<form action="index.php" method="post" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list'), '<tr>', column_head('posted', 'Posted', 'list', 1, $linkdir), column_head('title', 'Title', 'list', 1, $linkdir), $use_sections ? column_head('section', 'Section', 'list', 1, $linkdir) : '', $use_categories ? column_head('category1', 'Category1', 'list', 1, $linkdir) . column_head('category2', 'Category2', 'list', 1, $linkdir) : '', hCell(gTxt('Author')), column_head(gTxt('status'), 'Status', 'list', 1, $linkdir), td(), '</tr>'; foreach ($rs as $a) { extract($a); if ($use_categories == 1) { $cat1 = $Category1; $cat2 = $Category2; } $stat = !empty($Status) ? $statuses[$Status] : ''; if ($use_sections == 1) { $sect = $Section; } $adate = date("d M y", $uPosted + $timeoffset); $alink = eLink('article', 'edit', 'ID', $ID, $adate); $tlink = eLink('article', 'edit', 'ID', $ID, $Title); $modbox = fInput('checkbox', 'selected[]', $ID); echo "<tr>" . n, td($alink), td($tlink, 200), $use_sections ? td($sect, 75) : '', $use_categories ? td($cat1, 75) . td($cat2, 75) : '', td($AuthorID), td($stat, 45), td($modbox), '</tr>' . n; } echo tr(tda(list_multiedit_form(), ' colspan="8" style="text-align:right;border:0px"')); echo "</table></form>"; echo pageby_form('list', $article_list_pageby); unset($sort); } }
function prefs_list($message = '') { global $textarray; echo pagetop(gTxt('edit_preferences'), $message); extract(get_prefs()); $locale = setlocale(LC_ALL, $locale); $textarray = load_lang($language); echo n . n . '<form method="post" action="index.php">' . n . n . startTable('list') . n . n . tr(tdcs(hed(gTxt('site_prefs'), 1), 3)) . n . n . tr(tdcs(sLink('prefs', 'prefs_list', gTxt('site_prefs'), 'navlink-active') . sp . sLink('prefs', 'advanced_prefs', gTxt('advanced_preferences'), 'navlink') . sp . sLink('prefs', 'list_languages', gTxt('manage_languages'), 'navlink'), '3')); $evt_list = safe_column('event', 'txp_prefs', "type = 0 and prefs_id = 1 group by event order by event desc"); foreach ($evt_list as $event) { $rs = safe_rows_start('*', 'txp_prefs', "type = 0 and prefs_id = 1 and event = '" . doSlash($event) . "' order by position"); $cur_evt = ''; while ($a = nextRow($rs)) { if ($a['event'] != $cur_evt) { $cur_evt = $a['event']; if ($cur_evt == 'comments' && !$use_comments) { continue; } echo n . n . tr(tdcs(hed(gTxt($a['event']), 2, ' class="pref-heading"'), 3)); } if ($cur_evt == 'comments' && !$use_comments) { continue; } // Skip old settings that don't have an input type if (!is_callable($a['html'])) { continue; } $label = $a['html'] != 'yesnoradio' ? '<label for="' . $a['name'] . '">' . gTxt($a['name']) . '</label>' : gTxt($a['name']); $out = tda($label, ' style="text-align: right; vertical-align: middle;"'); if ($a['html'] == 'text_input') { $out .= td(pref_func('text_input', $a['name'], $a['val'], 20)); } else { $out .= td(pref_func($a['html'], $a['name'], $a['val'])); } $out .= tda(popHelp($a['name']), ' style="vertical-align: middle;"'); echo tr($out); } } echo n . n . tr(tda(fInput('submit', 'Submit', gTxt('save_button'), 'publish') . n . sInput('prefs_save') . n . eInput('prefs') . n . hInput('prefs_id', '1'), ' colspan="3" class="noline"')) . n . n . endTable() . n . n . '</form>'; $check_updates = gps('check_updates'); if ($check_updates) { $updates = checkUpdates(); if (is_array($updates)) { $out = join(br, $updates); } else { $out = $updates; } echo n . n . startTable('edit') . n . n . tr(tda($out)) . n . n . endTable(); } else { echo form(graf('<strong>' . gTxt('check_for_txp_updates') . '</strong>' . sp . n . '<input type="submit" name="check_updates" value="' . gTxt('go') . '" class="publish" />' . n . eInput('prefs') . n . sInput('prefs_list')), 'text-align: center;'); } }
function prefs_list($message = '') { global $textarray; extract(get_prefs()); $locale = setlocale(LC_ALL, $locale); $textarray = load_lang($language); echo pagetop(gTxt('edit_preferences'), $message), '<form action="index.php" method="post">', startTable('list'), tr(tdcs(hed(gTxt('site_prefs'), 1), 3)), tr(tdcs(sLink('prefs', 'advanced_prefs', gTxt('advanced_preferences'), 'navlink') . sp . sLink('prefs', 'list_languages', gTxt('install_language'), 'navlink'), '3')); $evt_list = safe_column('event', 'txp_prefs', "type='0' AND prefs_id='1' GROUP BY 'event' ORDER BY 'event' DESC"); foreach ($evt_list as $event) { $rs = safe_rows_start('*', 'txp_prefs', "type='0' AND prefs_id='1' AND event='{$event}' ORDER BY 'position'"); $cur_evt = ''; while ($a = nextRow($rs)) { if ($a['event'] != $cur_evt) { $cur_evt = $a['event']; if ($cur_evt == 'comments' && !$use_comments) { continue; } echo tr(tdcs(hed(ucfirst(gTxt($a['event'])), 1), 3)); } if ($cur_evt == 'comments' && !$use_comments) { continue; } # Skip old settings that don't have an input type if (!is_callable($a['html'])) { continue; } $out = tda(gTxt($a['name']), ' style="text-align:right;vertical-align:middle"'); if ($a['html'] == 'text_input') { $size = 20; $out .= td(call_user_func('text_input', $a['name'], $a['val'], $size)); } else { $out .= td(call_user_func($a['html'], $a['name'], $a['val'])); } $out .= tda(popHelp($a['name']), ' style="vertical-align:middle"'); echo tr($out); } } echo tr(tda(fInput('submit', 'Submit', gTxt('save_button'), 'publish'), ' colspan="3" class="noline"')), endTable(), sInput('prefs_save'), eInput('prefs'), hInput('prefs_id', "1"), hInput('lastmod', "now()"), '</form>'; $check_updates = gps('check_updates'); if (!empty($check_updates)) { include_once txpath . '/lib/txplib_update.php'; $updates = checkUpdates(); if (is_array($updates)) { $out = join(br, $updates); } else { $out = $updates; } echo startTable('edit'), tr(tda($out)), endTable(); } else { echo startTable('edit'), form(tr(tda(tag(gTxt('check_for_txp_updates'), 'strong'), ' style="text-align:right;vertical-align:middle"') . tda('<input type="submit" value="' . gTxt('go') . '" name="check_updates" class="publish" />')) . eInput('prefs') . sInput('prefs_list')), endTable(); } }
function log_list() { pagetop(gTxt('visitor_logs')); extract(get_prefs()); safe_delete("txp_log", "`time` < date_sub(now(),interval " . $expire_logs_after . " day)"); safe_optimize("txp_log"); safe_repair("txp_log"); $page = gps('page'); $total = getCount('txp_log', "1"); $limit = 50; $numPages = ceil($total / $limit); $page = !$page ? 1 : $page; $offset = ($page - 1) * $limit; $nav[] = $page > 1 ? PrevNextLink("log", $page - 1, gTxt('prev'), 'prev') : ''; $nav[] = sp . small($page . '/' . $numPages) . sp; $nav[] = $page != $numPages ? PrevNextLink("log", $page + 1, gTxt('next'), 'next') : ''; $rs = safe_rows_start("*, unix_timestamp(time) as stamp", "txp_log", "1 order by time desc limit {$offset},{$limit}"); if ($rs) { echo startTable('list'), assHead('time', 'host', 'page', 'referrer'); $stamp = ''; while ($a = nextRow($rs)) { extract($a); if ($refer) { $referprint = preg_replace("/^www\\./", "", chunk(htmlspecialchars($refer), 50)); $referprint = '<a href="http://' . htmlspecialchars($refer) . '">' . $referprint . '</a>'; } else { $referprint = ' '; } $pageprint = preg_replace('/\\/$/', '', htmlspecialchars(substr($page, 1))); $pageprint = $pageprint == '' ? '' : '<a href="' . htmlspecialchars($page) . '" target="_blank">' . chunk($pageprint, 50) . '</a>'; if ($method == 'POST') { $pageprint = '<b>' . $pageprint . '</b>'; } $fstamp = date("n/j g:i a", $stamp + tz_offset()); $hostprint = chunk($host, 40); echo tr(td($fstamp) . td($hostprint) . td($pageprint) . td($referprint)); unset($refer, $referprint, $page, $pageprint); } echo '<tr><td colspan="4" align="right" style="padding:10px">', join('', $nav), "</td></tr>", endTable(); } else { echo graf(gTxt('no_refers_recorded'), ' align="center"'); } }
function image_list($message = '') { global $txpcfg, $extensions, $path_from_root, $img_dir; $pfr = $path_from_root; extract($txpcfg); extract(get_prefs()); pagetop(gTxt('image'), $message); echo pageby_form('image', $article_list_pageby); echo startTable('list'), tr(tda(upload_form(gTxt('upload_file'), gTxt('upload'), 'image_insert'), ' colspan="4" style="border:0"')), tr(hCell(ucfirst(gTxt('name'))) . hCell(gTxt('image_category')) . hCell(gTxt('tags')) . hCell(gTxt('author')) . hCell(gTxt('thumbnail')) . hCell()); $page = gps('page'); $total = getCount('txp_image', "1"); $limit = 15; $numPages = ceil($total / $limit); $page = !$page ? 1 : $page; $offset = ($page - 1) * $limit; $nav[] = $page > 1 ? PrevNextLink("image", $page - 1, gTxt('prev'), 'prev') : ''; $nav[] = sp . small($page . '/' . $numPages) . sp; $nav[] = $page != $numPages ? PrevNextLink("image", $page + 1, gTxt('next'), 'next') : ''; $rs = safe_rows("*", "txp_image", "1 order by category,name limit {$offset},{$limit}"); if ($rs) { foreach ($rs as $a) { extract($a); $thumbnail = $thumbnail ? '<img src="' . $pfr . $img_dir . '/' . $id . 't' . $ext . '" />' : gTxt('no'); $elink = eLink('image', 'image_edit', 'id', $id, $name); $txtilelink = '<a target="_blank" href="?event=tag' . a . 'name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'alt=' . $alt . a . 'h=' . $h . a . 'w=' . $w . a . 'type=textile" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">Textile</a>'; $txplink = '<a target="_blank" href="?event=tag' . a . 'name=image' . a . 'id=' . $id . a . 'type=textpattern" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">Textpattern</a>'; $xhtmlink = '<a target="_blank" href="?event=tag' . a . 'name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'h=' . $h . a . 'w=' . $w . a . 'type=xhtml" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">XHTML</a>'; $dlink = dLink('image', 'image_delete', 'id', $id); echo tr(td($elink) . td($category) . td($txtilelink . ' / ' . $txplink . ' / ' . $xhtmlink) . td($author) . td($thumbnail) . td($dlink, 10)); } echo tr(tdcs(graf(join('', $nav)), 4)); } echo endTable(); $imgdir = $doc_root . $path_from_root . $img_dir; if (!is_dir($imgdir) or !is_writeable($imgdir)) { echo graf(str_replace("{imgdir}", $imgdir, gTxt('img_dir_not_writeable')), ' style="text-align:center;color:red"'); } }
function link_list($message = "") { global $step, $link_list_pageby; extract(get_prefs()); $page = gps('page'); $total = getCount('txp_link', "1"); $limit = $link_list_pageby; $numPages = ceil($total / $limit); $page = !$page ? 1 : $page; $offset = ($page - 1) * $limit; $sort = gps('sort'); $dir = gps('dir'); $sort = $sort ? $sort : 'linksort'; $dir = $dir ? $dir : 'asc'; if ($dir == "desc") { $dir = "asc"; } else { $dir = "desc"; } $nav[] = $page > 1 ? PrevNextLink("link", $page - 1, gTxt('prev'), 'prev') : ''; $nav[] = sp . small($page . '/' . $numPages) . sp; $nav[] = $page != $numPages ? PrevNextLink("link", $page + 1, gTxt('next'), 'next') : ''; $rs = safe_rows("*", "txp_link", "1 order by {$sort} {$dir} limit {$offset},{$limit}"); if ($rs) { echo '<form action="index.php" method="post" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list'), tr(column_head('link_name', 'linksort', 'link', 1, $dir) . column_head('description', 'description', 'link', 1, $dir) . column_head('link_category', 'category', 'link', 1, $dir) . td()); foreach ($rs as $a) { extract($a); $elink = eLink('link', 'link_edit', 'id', $id, $linkname); $cbox = fInput('checkbox', 'selected[]', $id); echo tr(td($elink) . td($description) . td($category) . td($cbox)); } echo tr(tda(link_multiedit_form(), ' colspan="4" style="border:0px;text-align:right"')); echo endTable(), '</form>'; echo pageby_form('link', $link_list_pageby); echo graf(join('', $nav), ' align="center"'); } }
function discuss_list($message = '') { pagetop(gTxt('list_discussions'), $message); echo graf('<a href="index.php?event=discuss' . a . 'step=ipban_list">' . gTxt('list_banned_ips') . '</a>', ' style="text-align: center;"'); extract(get_prefs()); extract(gpsa(array('sort', 'dir', 'page', 'crit', 'search_method'))); $dir = $dir == 'asc' ? 'asc' : 'desc'; switch ($sort) { case 'id': $sort_sql = 'discussid ' . $dir; break; case 'ip': $sort_sql = 'ip ' . $dir; break; case 'name': $sort_sql = 'name ' . $dir; break; case 'email': $sort_sql = 'email ' . $dir; break; case 'website': $sort_sql = 'web ' . $dir; break; case 'message': $sort_sql = 'message ' . $dir; break; case 'status': $sort_sql = 'visible ' . $dir; break; case 'parent': $sort_sql = 'parentid ' . $dir; break; default: $sort = 'date'; $sort_sql = 'txp_discuss.posted ' . $dir; break; } if ($sort != 'date') { $sort_sql .= ', txp_discuss.posted asc'; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "discussid = '{$crit_escaped}'", 'parent' => "parentid = '{$crit_escaped}' OR title like '%{$crit_escaped}%'", 'name' => "name like '%{$crit_escaped}%'", 'message' => "message like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'website' => "web like '%{$crit_escaped}%'", 'ip' => "ip like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $spamq = cs('toggle_show_spam') ? '1=1' : 'visible != ' . intval(SPAM); $total = getThing('SELECT COUNT(*)' . ' FROM ' . safe_pfx_j('txp_discuss') . ' LEFT JOIN ' . safe_pfx_j('textpattern') . ' ON txp_discuss.parentid = textpattern.ID' . ' WHERE ' . $spamq . ' AND ' . $criteria); if ($total < 1) { if ($criteria != 1) { echo n . discuss_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"'); } else { echo graf(gTxt('no_comments_recorded'), ' style="text-align: center;"'); } return; } $limit = max(@$comment_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo discuss_search_form($crit, $search_method); $rs = safe_query('SELECT txp_discuss.*, unix_timestamp(txp_discuss.posted) as uPosted, ID as thisid, Section as section, url_title, Title as title, Status, unix_timestamp(textpattern.Posted) as posted' . ' FROM ' . safe_pfx_j('txp_discuss') . ' LEFT JOIN ' . safe_pfx_j('textpattern') . ' ON txp_discuss.parentid = textpattern.ID' . ' WHERE ' . $spamq . ' AND ' . $criteria . ' ORDER BY ' . $sort_sql . ' LIMIT ' . $offset . ', ' . $limit); if ($rs) { echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '90%') . n . n . tr(column_head('ID', 'id', 'discuss', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . column_head('date', 'date', 'discuss', true, $switch_dir, $crit, $search_method, 'date' == $sort ? $dir : '') . column_head('name', 'name', 'discuss', true, $switch_dir, $crit, $search_method, 'name' == $sort ? $dir : '') . column_head('message', 'message', 'discuss', true, $switch_dir, $crit, $search_method, 'message' == $sort ? $dir : '') . column_head('email', 'email', 'discuss', true, $switch_dir, $crit, $search_method, ('email' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('website', 'website', 'discuss', true, $switch_dir, $crit, $search_method, ('website' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('IP', 'ip', 'discuss', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('status', 'status', 'discuss', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('parent', 'parent', 'discuss', true, $switch_dir, $crit, $search_method, 'parent' == $sort ? $dir : '') . hCell()); include_once txpath . '/publish/taghandlers.php'; while ($a = nextRow($rs)) { extract($a); $parentid = assert_int($parentid); $edit_url = '?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $discussid . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $dmessage = $visible == SPAM ? short_preview($message) : $message; switch ($visible) { case VISIBLE: $comment_status = gTxt('visible'); $row_class = 'visible'; break; case SPAM: $comment_status = gTxt('spam'); $row_class = 'spam'; break; case MODERATE: $comment_status = gTxt('unmoderated'); $row_class = 'moderate'; break; default: break; } if (empty($thisid)) { $parent = gTxt('article_deleted') . ' (' . $parentid . ')'; $view = ''; } else { $parent_title = empty($title) ? '<em>' . gTxt('untitled') . '</em>' : escape_title($title); $parent = href($parent_title, '?event=list' . a . 'step=list' . a . 'search_method=id' . a . 'crit=' . $parentid); $view = ''; if ($visible == VISIBLE and in_array($Status, array(4, 5))) { $view = n . t . '<li><a href="' . permlinkurl($a) . '#c' . $discussid . '">' . gTxt('view') . '</a></li>'; } } echo n . n . tr(n . td('<a href="' . $edit_url . '">' . $discussid . '</a>' . n . '<ul class="discuss_detail">' . n . t . '<li><a href="' . $edit_url . '">' . gTxt('edit') . '</a></li>' . $view . n . '</ul>', 50) . td(gTime($uPosted)) . td(htmlspecialchars(soft_wrap($name, 15))) . td(short_preview($dmessage)) . td(htmlspecialchars(soft_wrap($email, 15)), '', 'discuss_detail') . td(htmlspecialchars(soft_wrap($web, 15)), '', 'discuss_detail') . td($ip, '', 'discuss_detail') . td($comment_status, '', 'discuss_detail') . td($parent) . td(fInput('checkbox', 'selected[]', $discussid)), ' class="' . $row_class . '"'); } echo tr(tda(toggle_box('discuss_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . discuss_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . endTable() . '</form>' . n . cookie_box('show_spam') . nav_form('discuss', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('discuss', $comment_list_pageby); } }
function _sed_si_inject_section_admin($page) { global $DB, $prefs, $_sed_si_l18n, $step, $mlp; if (!isset($DB)) { $DB = new db(); } if (!isset($prefs)) { $prefs = get_prefs(); } $mlp = new sed_lib_mlp('sed_section_fields', $_sed_si_l18n, '', 'admin'); $section_index = ''; $rows = safe_rows_start('*', 'txp_section', "name != 'default' order by name"); $c = @mysql_num_rows($rows); if ($rows && $c > 0) { while ($row = nextRow($rows)) { $name = $row['name']; #$title = $row['title']; #$title = strtr( $title , array( "'"=>''' , '"'=>'"' ) ); # Build the list of sections for the section-tab index $section_index .= '<li id="sed_section-' . $name . '"><a href="#section-' . $name . '" class="sed_si_hide_all_but_one">' . $name . '</a></li>'; } # # Insert a JS variable holding the index of sections... # $newsection = ''; if ($step == 'section_create' || $step == 'section_save') { $newsection = ps('name'); } $filter = ''; $limit = $prefs[_sed_si_prefix_key('filter_limit')]; if (!is_numeric($limit)) { $limit = 18; } if ($c >= $limit) { $filter = '<label for="sed_si_section_index_filter">' . $mlp->gTxt('filter_label') . '</label><br /><input id="sed_si_section_index_filter" type="text" class="edit" />'; } $section_index = '<div id="sed_si_section_index_div">' . '<form id="sed_si_filter_form">' . $filter . '</form>' . '<ol id="sed_si_section_index" class="sed_si_section_index">' . '<li id="sed_section-default"><a href="#section-default" class="sed_si_hide_all_but_one">default</a></li>' . $section_index . '</ol>' . '</div>'; $section_index = str_replace('"', '\\"', $section_index); $r = '<script type=\'text/javascript\'> var sed_si_new_section = "#section-' . $newsection . '"; var sed_si_section_index = "' . $section_index . '";</script>'; $f = '<script src=\'' . hu . 'textpattern/index.php?sed_resources=sed_si_section_js\' type=\'text/javascript\'></script>'; $page = str_replace($f, $r . n . $f, $page); } return $page; }
function products_list($event = '', $step = '', $message = '') { global $statuses, $comments_disabled_after, $step, $txp_user; $message = ''; pagetop(gTxt('tab_list'), $message); echo poweredit_products(); //echo the poweredit js extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $sesutats = array_flip($statuses); $dir = $dir == 'desc' ? 'desc' : 'asc'; echo '<script type="text/javascript" src="http://' . $siteurl . '/js/prototype.js"></script>'; echo '<script type="text/javascript" src="http://' . $siteurl . '/js/scriptaculous.js"></script>'; switch ($sort) { case 'id': $sort_sql = 'ID ' . $dir; break; case 'posted': $sort_sql = 'Posted ' . $dir; break; case 'title': $sort_sql = 'Title ' . $dir . ', Posted desc'; break; case 'section': $sort_sql = 'Section ' . $dir . ', Posted desc'; break; case 'category1': $sort_sql = 'Category1 ' . $dir . ', Posted desc'; break; case 'category2': $sort_sql = 'Category2 ' . $dir . ', Posted desc'; break; case 'status': $sort_sql = 'Status ' . $dir . ', Posted desc'; break; case 'author': $sort_sql = 'AuthorID ' . $dir . ', Posted desc'; break; case 'comments': $sort_sql = 'comments_count ' . $dir . ', Posted desc'; break; default: $dir = 'desc'; $sort_sql = 'Posted ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = "section = 'store'"; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "ID = '{$crit_escaped}'", 'title_body' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('textpattern', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . list_search_form_products($crit, $search_method) . n . graf("No products found", ' style="text-align: center;"'); } else { echo graf("No products found", ' style="text-align: center;"'); } return; } $limit = max(@$article_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo n . list_search_form_products($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(Posted) as posted', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { $total_comments = array(); // fetch true comment count, not the public comment count // maybe we should have another row in the db? $rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid"); if ($rs2) { while ($a = nextRow($rs2)) { $pid = $a['parentid']; $num = $a['num']; $total_comments[$pid] = $num; } } echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '700') . n . tr(hCell() . n . column_head('ID', 'id', 'products', true, $switch_dir, $crit, $search_method) . column_head('title', 'title', 'products', true, $switch_dir, $crit, $search_method) . column_head('category1', 'category1', 'products', true, $switch_dir, $crit, $search_method) . column_head('category2', 'category2', 'products', true, $switch_dir, $crit, $search_method) . column_head('status', 'status', 'products', true, $switch_dir, $crit, $search_method) . hCell()); include_once txpath . '/publish/taghandlers.php'; while ($a = nextRow($rs)) { extract($a); if (empty($Title)) { $Title = '<em>' . eLink('product', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>'; } else { $Title = eLink('product', 'edit', 'ID', $ID, $Title); } if (!empty($Image)) { $Image = "<img src='{$Image}' alt='Product Image' width='15' height='15'/>"; } $Category1 = '<span title="' . htmlspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . ' </span>'; $Category2 = '<span title="' . htmlspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . ' </span>'; $manage = n . '<ul class="articles_detail">' . n . t . '<li>' . eLink('product', 'edit', 'ID', $ID, gTxt('edit')) . '</li>' . (($Status == 4 or $Status == 5) ? n . t . '<li><a href="' . permlinkurl($a) . '">' . gTxt('view') . '</a></li>' : '') . n . '</ul>'; $Status = !empty($Status) ? $statuses[$Status] : ''; $comments = gTxt('none'); if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) { $comments = href(gTxt('manage'), 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID) . ' (' . $total_comments[$ID] . ')'; } $comment_status = $Annotate ? gTxt('on') : gTxt('off'); if ($comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $posted; if ($time_since > $lifespan) { $comment_status = gTxt('expired'); } } $comments = n . '<ul>' . n . t . '<li>' . $comment_status . '</li>' . n . t . '<li>' . $comments . '</li>' . n . '</ul>'; echo n . n . tr(n . td($Image, 15) . td(eLink('product', 'edit', 'ID', $ID, $ID) . $manage) . td($Title) . td($Category1, 100) . td($Category2, 100) . td($a['Status'] < 4 ? $Status : '<a href="' . permlinkurl($a) . '">' . $Status . '</a>', 50) . td(($a['Status'] >= 4 and has_privs('article.edit.published') or $a['Status'] >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < 4 and has_privs('article.edit') or $a['Status'] < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID) : ' ')); } echo n . n . tr(tda(toggle_box('articles_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . product_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="5" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>' . n . '<h4 style="font-weight:normal; text-align:center; width:100%;"><a href="#" class="navlink" onclick="if($(\'uploadCSV\').style.display == \'none\'){$(\'uploadCSV\').style.display = \'block\';}else{$(\'uploadCSV\').style.display = \'none\';}">Import Products</a>'; //n. $instructions = tag(tag('<li>Using FTP, upload your product images to <pre>/txp_site_root/images/_import/</pre></li><li>Upload a correctly formatted CSV file using the form below. (CSV must be in UTF-8 character encoding with DOS or UNIX line breaks.)</li><li>Sit back and watch the magic</li>', "ol"), "div", ' id="instructions" style="display:none; width: 380px; text-align:left; margin:0 auto;"'); echo tag('<h4 style="font-weight:normal; text-align:center; width:100%;"><small><a href="http://homeplatewp.com/TextCommerce/file_download/3">Download Example CSV</a> | <a href="javascript:void(0)" onclick="if($(\'instructions\').style.display == \'none\'){$(\'instructions\').style.display = \'block\';}else{$(\'instructions\').style.display = \'none\';}">Import Instructions</a></small></h4>' . $instructions . upload_form("Browse for CSV:", '', 'product_import', 'product'), 'div', ' id="uploadCSV" style="display:none;"'); echo n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('list', $article_list_pageby); } }
function image_list($message = '') { global $txpcfg, $extensions, $img_dir, $file_max_upload_size; pagetop(gTxt('images'), $message); extract($txpcfg); extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if (!is_dir(IMPATH) or !is_writeable(IMPATH)) { echo graf(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), ' id="warning"'); } else { echo upload_form(gTxt('upload_image'), 'upload', 'image_insert', 'image', '', $file_max_upload_size); } $dir = $dir == 'asc' ? 'asc' : 'desc'; switch ($sort) { case 'name': $sort_sql = 'name ' . $dir; break; case 'thumbnail': $sort_sql = 'thumbnail ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; case 'author': $sort_sql = 'author ' . $dir . ', id asc'; break; default: $sort = 'id'; $sort_sql = 'id ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "id = '{$crit_escaped}'", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_image', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . image_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"'); } else { echo n . graf(gTxt('no_images_recorded'), ' style="text-align: center;"'); } return; } $limit = max(@$image_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo image_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n\t\t"); if ($rs) { echo n . n . startTable('list') . n . tr(column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . hCell() . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, 'date' == $sort ? $dir : '') . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, 'name' == $sort ? $dir : '') . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, 'thumbnail' == $sort ? $dir : '') . hCell(gTxt('tags')) . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, 'category' == $sort ? $dir : '') . column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, 'author' == $sort ? $dir : '') . hCell()); while ($a = nextRow($rs)) { extract($a); $edit_url = '?event=image' . a . 'step=image_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $name = empty($name) ? gTxt('unnamed') : htmlspecialchars($name); $thumbnail = $thumbnail ? '<img src="' . hu . $img_dir . '/' . $id . 't' . $ext . '" alt="" />' : gTxt('no'); $tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption); $category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'image')) . '">' . $category . '</span>' : ''; echo n . n . tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li><a href="' . hu . $img_dir . '/' . $id . $ext . '">' . gTxt('view') . '</a></li>' . n . '</ul>', 35) . td(gTime($uDate), 75) . td(href($name, $edit_url), 75) . td(href($thumbnail, $edit_url), 80) . td('<ul>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href); return false;">XHTML</a></li>' . '</ul>', 85) . td($category, 75) . td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', 75) . td(dLink('image', 'image_delete', 'id', $id, '', '', '', false, array($page, $sort, $dir, $crit, $search_method)), 10)); } echo endTable() . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('image', $image_list_pageby); } }
function article_edit($message = "") { global $txpcfg, $txp_user, $vars; extract(get_prefs()); extract(gpsa(array('view', 'from_view', 'step'))); if (!empty($GLOBALS['ID'])) { // newly-saved article $ID = intval($GLOBALS['ID']); $step = 'edit'; } else { $ID = gps('ID'); } include_once $txpcfg['txpath'] . '/lib/classTextile.php'; $textile = new Textile(); if (!$view) { $view = "text"; } if (!$step) { $step = "create"; } if ($step == "edit" && $view == "text" && !empty($ID) && $from_view != "preview" && $from_view != 'html') { $pull = true; //-- it's an existing article - off we go to the db $rs = safe_row("*, unix_timestamp(Posted) as sPosted,\n\t\t\t\tunix_timestamp(LastMod) as sLastMod", "textpattern", "ID={$ID}"); extract($rs); if ($AnnotateInvite != $comments_default_invite) { $AnnotateInvite = $AnnotateInvite; } else { $AnnotateInvite = $comments_default_invite; } } else { $pull = false; //-- assume they came from post if (!$from_view or $from_view == 'text') { extract(gpsa($vars)); } elseif ($from_view == 'preview' or $from_view == 'html') { // coming from either html or preview if (isset($_POST['store'])) { $store = unserialize(base64_decode($_POST['store'])); extract($store); } } foreach ($vars as $var) { if (isset(${$var})) { $store_out[$var] = ${$var}; } } } $GLOBALS['step'] = $step; if ($step == 'create') { $textile_body = 1; $textile_excerpt = 1; } if ($step != 'create') { // Previous record? $prev_id = checkIfNeighbour('prev', $sPosted); // Next record? $next_id = checkIfNeighbour('next', $sPosted); } pagetop($Title, $message); echo '<form action="index.php" method="post" name="article">'; if (!empty($store_out)) { echo hInput('store', base64_encode(serialize($store_out))); } echo hInput('ID', $ID), eInput('article'), sInput($step); echo '<input type="hidden" name="view" />', startTable('edit'); echo '<tr><td> </td><td colspan="3">', $view == 'preview' ? hed(ucfirst(gTxt('preview')), 2) . graf($Title) : '', $view == 'html' ? hed('XHTML', 2) . graf($Title) : '', $view == 'text' ? br . '<input type="text" name="Title" value="' . cleanfInput($Title) . '" class="edit" size="40" tabindex="1" />' : '', '</td></tr>'; //-- article input -------------- echo '<tr> <td valign="top">', $view == 'text' && $use_textile == 2 ? '<p><a href="#" onclick="toggleDisplay(\'textile_help\');">' . gTxt('textile_help') . '</a></p> <div id="textile_help" style="display:none;">' . sidehelp() . '</div>' : sp; if ($view == 'text') { echo '<p><a href="#" onclick="toggleDisplay(\'advanced\');">' . gTxt('advanced_options') . '</a></p>', '<div id="advanced" style="display:none;">', graf(gTxt('use_textile') . br . tag(checkbox2('textile_body', $textile_body) . gTxt('article'), 'label') . br . tag(checkbox2('textile_excerpt', $textile_excerpt) . gTxt('excerpt'), 'label')), $allow_form_override ? graf(gTxt('override_default_form') . br . form_pop($override_form) . popHelp('override_form')) : '', $custom_1_set ? custField(1, $custom_1_set, $custom_1) : '', $custom_2_set ? custField(2, $custom_2_set, $custom_2) : '', $custom_3_set ? custField(3, $custom_3_set, $custom_3) : '', $custom_4_set ? custField(4, $custom_4_set, $custom_4) : '', $custom_5_set ? custField(5, $custom_5_set, $custom_5) : '', $custom_6_set ? custField(6, $custom_6_set, $custom_6) : '', $custom_7_set ? custField(7, $custom_7_set, $custom_7) : '', $custom_8_set ? custField(8, $custom_8_set, $custom_8) : '', $custom_9_set ? custField(9, $custom_9_set, $custom_9) : '', $custom_10_set ? custField(10, $custom_10_set, $custom_10) : '', graf(gTxt('keywords') . popHelp('keywords') . br . '<textarea name="Keywords" style="width:100px;height:80px" rows="1" cols="1">' . $Keywords . '</textarea>'), graf(gTxt('article_image') . popHelp('article_image') . br . fInput('text', 'Image', $Image, 'edit')), graf(gTxt('url_title') . popHelp('url_title') . br . fInput('text', 'url_title', $url_title, 'edit')) . '</div> <p><a href="#" onclick="toggleDisplay(\'recent\');">' . gTxt('recent_articles') . '</a>' . '</p>' . '<div id="recent" style="display:none;">'; $recents = safe_rows_start("Title, ID", 'textpattern', "1 order by LastMod desc limit 10"); if ($recents) { echo '<p>'; while ($recent = nextRow($recents)) { extract($recent); if (!$Title) { $Title = gTxt('untitled') . sp . $ID; } echo '<a href="?event=article' . a . 'step=edit' . a . 'ID=' . $ID . '">' . $Title . '</a>' . br . n; } echo '</p>'; } echo '</div>'; } else { echo sp; } echo '</td> <td valign="top" style="width:400px">'; if ($view == "preview") { if ($use_textile == 2) { echo $textile->TextileThis($Body); } else { if ($use_textile == 1) { echo nl2br($Body); } else { if ($use_textile == 0) { echo $Body; } } } } elseif ($view == "html") { if ($use_textile == 2) { $bod = $textile->TextileThis($Body); } else { if ($use_textile == 1) { $bod = nl2br($Body); } else { if ($use_textile == 0) { $bod = $Body; } } } echo tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($bod)), 'code'); } else { echo '<textarea style="width:400px;height:420px" rows="1" cols="1" name="Body" tabindex="2">', htmlspecialchars($Body), '</textarea>'; } //-- excerpt -------------------- if ($articles_use_excerpts) { if ($view == 'text') { $Excerpt = str_replace("&", "&", htmlspecialchars($Excerpt)); echo graf(gTxt('excerpt') . popHelp('excerpt') . br . '<textarea style="width:400px;height:50px" rows="1" cols="1" name="Excerpt" tabindex="3">' . $Excerpt . '</textarea>'); } else { echo '<hr width="50%" />'; echo $textile_excerpt ? $view == 'preview' ? graf($textile->textileThis($Excerpt), 1) : tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($textile->TextileThis($Excerpt), 1)), 'code') : graf($Excerpt); } } //-- author -------------- if ($view == "text" && $step != "create") { echo "<p><small>" . gTxt('posted_by') . " {$AuthorID}: ", date("H:i, d M y", $sPosted + tz_offset()); if ($sPosted != $sLastMod) { echo br . gTxt('modified_by') . " {$LastModID}: ", date("H:i, d M y", $sLastMod + tz_offset()); } echo '</small></p>'; } echo hInput('from_view', $view), '</td>'; echo '<td valign="top" align="left" width="20">'; //-- layer tabs ------------------- echo $use_textile == 2 ? tab('text', $view) . tab('html', $view) . tab('preview', $view) : ' '; echo '</td>'; ?> <td width="200" valign="top" style="padding-left:10px" align="left" id="articleside"> <?php //-- prev/next article links -- if ($view == 'text') { if ($step != 'create' and ($prev_id or $next_id)) { echo '<p>', $prev_id ? prevnext_link('‹' . gTxt('prev'), 'article', 'edit', $prev_id, gTxt('prev')) : '', $next_id ? prevnext_link(gTxt('next') . '›', 'article', 'edit', $next_id, gTxt('next')) : '', '</p>'; } } //-- status radios -------------- echo $view == 'text' ? n . graf(status_radio($Status)) . n : ''; //-- category selects ----------- echo $view == 'text' ? graf(gTxt('categorize') . ' [' . eLink('category', '', '', '', gTxt('edit')) . ']' . br . category_popup('Category1', $Category1) . category_popup('Category2', $Category2)) : ''; //-- section select -------------- if (!$from_view && !$pull) { $Section = getDefaultSection(); } echo $view == 'text' ? graf(gTxt('section') . ' [' . eLink('section', '', '', '', gTxt('edit')) . ']' . br . section_popup($Section)) : ''; //-- comments stuff -------------- if ($step == "create") { //Avoiding invite disappear when previewing $AnnotateInvite = !empty($store_out['AnnotateInvite']) ? $store_out['AnnotateInvite'] : $comments_default_invite; if ($comments_on_default == 1) { $Annotate = 1; } } echo $use_comments == 1 && $view == 'text' ? graf(gTxt('comments') . onoffRadio("Annotate", $Annotate) . '<br />' . gTxt('comment_invitation') . '<br />' . fInput('text', 'AnnotateInvite', $AnnotateInvite, 'edit')) : ''; //-- timestamp ------------------- if ($step == "create" and empty($GLOBALS['ID'])) { if ($view == 'text') { //Avoiding modified date to disappear $persist_timestamp = !empty($store_out['year']) ? mktime($store_out['hour'], $store_out['minute'], '00', $store_out['month'], $store_out['day'], $store_out['year']) : time(); echo graf(tag(checkbox('publish_now', '1') . gTxt('set_to_now'), 'label')), '<p>', gTxt('or_publish_at'), popHelp("timestamp"), br, tsi('year', 'Y', $persist_timestamp), tsi('month', 'm', $persist_timestamp), tsi('day', 'd', $persist_timestamp), sp, tsi('hour', 'H', $persist_timestamp), ':', tsi('minute', 'i', $persist_timestamp), '</p>'; } //-- publish button -------------- if ($view == 'text') { echo has_privs('article.publish') ? fInput('submit', 'publish', gTxt('publish'), "publish") : fInput('submit', 'publish', gTxt('save'), "publish"); } } else { if ($view == 'text') { echo '<p>', gTxt('published_at'), popHelp("timestamp"), br, tsi('year', 'Y', $sPosted, 5), tsi('month', 'm', $sPosted, 6), tsi('day', 'd', $sPosted, 7), sp, tsi('hour', 'H', $sPosted, 8), ':', tsi('minute', 'i', $sPosted, 9), '</p>', hInput('sPosted', $sPosted), hInput('sLastMod', $sLastMod), hInput('AuthorID', $AuthorID), hInput('LastModID', $LastModID), graf(checkbox('reset_time', '1', 0) . gTxt('reset_time')); } //-- save button -------------- if ($view == 'text') { if ($Status >= 4 and has_privs('article.edit.published') or $Status >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $Status < 4 and has_privs('article.edit') or $Status < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) { echo fInput('submit', 'save', gTxt('save'), "publish"); } } } echo '</td></tr></table></form>'; }
if ((include txpath . DS . 'update' . DS . '_to_4.3.0.php') !== false) { $dbversion = '4.3.0'; } } if (version_compare($dbversion, '4.4.0', '<')) { if ((include txpath . DS . 'update' . DS . '_to_4.4.0.php') !== false) { $dbversion = '4.4.0'; } } if (version_compare($dbversion, '4.4.1', '<')) { if ((include txpath . DS . 'update' . DS . '_to_4.4.1.php') !== false) { $dbversion = '4.4.1'; } } if (version_compare($dbversion, '4.4.2', '<')) { if ((include txpath . DS . 'update' . DS . '_to_4.4.2.php') !== false) { $dbversion = '4.4.2'; } } // keep track of updates for svn users safe_delete('txp_prefs', "name = 'dbupdatetime'"); safe_insert('txp_prefs', "prefs_id=1, name='dbupdatetime',val='" . max(newest_file(), time()) . "', type='2'"); // update version safe_delete('txp_prefs', "name = 'version'"); safe_insert('txp_prefs', "prefs_id=1, name='version',val='{$dbversion}', type='2'"); // updated, baby. So let's get the fresh prefs and send them to languages define('TXP_UPDATE_DONE', 1); $event = 'prefs'; $step = 'list_languages'; $prefs = get_prefs(); extract($prefs);
function thumbnail_clear_settings($id) { set_pref('thumb_w', '', 'image', 2); set_pref('thumb_h', '', 'image', 2); set_pref('thumb_crop', 0, 'image', 2); $GLOBALS['prefs'] = get_prefs(); return ''; }
function doDiagnostics() { global $prefs, $files, $txpcfg, $step; extract(get_prefs()); $urlparts = parse_url(hu); $mydomain = $urlparts['host']; $server_software = @$_SERVER['SERVER_SOFTWARE'] || @$_SERVER['HTTP_HOST'] ? @$_SERVER['SERVER_SOFTWARE'] ? @$_SERVER['SERVER_SOFTWARE'] : $_SERVER['HTTP_HOST'] : ''; $is_apache = ($server_software and stristr($server_software, 'Apache')) or is_callable('apache_get_version'); $real_doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? realpath($_SERVER['DOCUMENT_ROOT']) : ''; // ini_get() returns string values passed via php_value as a string, not boolean $is_register_globals = (strcasecmp(ini_get('register_globals'), 'on') === 0 or ini_get('register_globals') === '1'); $fail = array('php_version_4_3_0_required' => (!is_callable('version_compare') or version_compare(PHP_VERSION, '4.3.0', '<')) ? gTxt('php_version_4_3_0_required') : '', 'path_to_site_missing' => !isset($path_to_site) ? gTxt('path_to_site_missing') : '', 'dns_lookup_fails' => @gethostbyname($mydomain) == $mydomain ? gTxt('dns_lookup_fails') . cs . $mydomain : '', 'path_to_site_inacc' => !@is_dir($path_to_site) ? gTxt('path_to_site_inacc') . cs . $path_to_site : '', 'site_trailing_slash' => rtrim($siteurl, '/') != $siteurl ? gTxt('site_trailing_slash') . cs . $path_to_site : '', 'index_inaccessible' => (!@is_file($path_to_site . "/index.php") or !@is_readable($path_to_site . "/index.php")) ? "{$path_to_site}/index.php " . gTxt('is_inaccessible') : '', 'dir_not_writable' => trim((!@is_writable($path_to_site . '/' . $img_dir) ? str_replace('{dirtype}', gTxt('img_dir'), gTxt('dir_not_writable')) . ": {$path_to_site}/{$img_dir}\r\n" : '') . (!@is_writable($file_base_path) ? str_replace('{dirtype}', gTxt('file_base_path'), gTxt('dir_not_writable')) . ": {$file_base_path}\r\n" : '') . (!@is_writable($tempdir) ? str_replace('{dirtype}', gTxt('tempdir'), gTxt('dir_not_writable')) . ": {$tempdir}\r\n" : '')), 'cleanurl_only_apache' => ($permlink_mode != 'messy' and !$is_apache) ? gTxt('cleanurl_only_apache') : '', 'htaccess_missing' => ($permlink_mode != 'messy' and !@is_readable($path_to_site . '/.htaccess')) ? gTxt('htaccess_missing') : '', 'mod_rewrite_missing' => ($permlink_mode != 'messy' and is_callable('apache_get_modules') and !apache_module('mod_rewrite')) ? gTxt('mod_rewrite_missing') : '', 'file_uploads_disabled' => !ini_get('file_uploads') ? gTxt('file_uploads_disabled') : '', 'setup_still_exists' => @is_dir(txpath . DS . 'setup') ? txpath . DS . "setup" . DS . ' ' . gTxt('still_exists') : '', 'no_temp_dir' => empty($tempdir) ? gTxt('no_temp_dir') : '', 'warn_mail_unavailable' => !is_callable('mail') ? gTxt('warn_mail_unavailable') : '', 'warn_register_globals_or_update' => $is_register_globals && (version_compare(phpversion(), '4.4.0', '<=') or version_compare(phpversion(), '5.0.0', '>=') and version_compare(phpversion(), '5.0.5', '<=')) ? gTxt('warn_register_globals_or_update') : ''); if ($permlink_mode != 'messy') { $rs = safe_column("name", "txp_section", "1"); foreach ($rs as $name) { if ($name and @file_exists($path_to_site . '/' . $name)) { $fail['old_placeholder_exists'] = gTxt('old_placeholder') . ": {$path_to_site}/{$name}"; } } } $missing = array(); foreach ($files as $f) { if (!is_readable(txpath . $f)) { $missing[] = txpath . $f; } } if ($missing) { $fail['missing_files'] = gTxt('missing_files') . cs . join(', ', $missing); } foreach ($fail as $k => $v) { if (empty($v)) { unset($fail[$k]); } } # Find the highest revision number $file_revs = array(); $rev = 0; foreach ($files as $f) { $lines = @file(txpath . $f); if ($lines) { foreach ($lines as $line) { if (preg_match('/^\\$' . 'LastChangedRevision: (\\w+) \\$/', $line, $match)) { $file_revs[$f] = $match[1]; if (intval($match[1]) > $rev) { $rev = intval($match[1]); } } } } } # Check revs & md5 against stable release, if possible $dev_files = $old_files = $modified_files = array(); if ($cs = @file(txpath . '/checksums.txt')) { foreach ($cs as $c) { if (preg_match('@^(\\S+): r?(\\S+) \\((.*)\\)$@', trim($c), $m)) { list(, $file, $r, $md5) = $m; if (!empty($file_revs[$file]) and $r and $file_revs[$file] < $r) { $old_files[] = $file; } elseif (!empty($file_revs[$file]) and $r and $file_revs[$file] > $r) { $dev_files[] = $file; } elseif (@is_readable(txpath . $file) and ($sum = md5_file(txpath . $file)) != $md5) { $modified_files[] = $file; } } } } # files that haven't been updated if ($old_files) { $fail['old_files'] = gTxt('old_files') . cs . n . t . join(', ' . n . t, $old_files); } # files that don't match their checksums if ($modified_files) { $fail['modified_files'] = gTxt('modified_files') . cs . n . t . join(', ' . n . t, $modified_files); } # running development code in live mode is not recommended if ($dev_files and $production_status == 'live') { $fail['dev_version_live'] = gTxt('dev_version_live') . cs . n . t . join(', ' . n . t, $dev_files); } # anything might break if arbitrary functions are disabled if (ini_get('disable_functions')) { $disabled_funcs = array_map('trim', explode(',', ini_get('disable_functions'))); # commonly disabled functions that we don't need $disabled_funcs = array_diff($disabled_funcs, array('imagefilltoborder', 'exec', 'system', 'dl', 'passthru', 'chown', 'shell_exec', 'popen', 'proc_open')); if ($disabled_funcs) { $fail['some_php_functions_disabled'] = gTxt('some_php_functions_disabled') . cs . join(', ', $disabled_funcs); } } # not sure about this one #if (strncmp(php_sapi_name(), 'cgi', 3) == 0 and ini_get('cgi.rfc2616_headers')) # $fail['cgi_header_config'] = gTxt('cgi_header_config'); $guess_site_url = $_SERVER['HTTP_HOST'] . preg_replace('#[/\\\\]$#', '', dirname(dirname($_SERVER['SCRIPT_NAME']))); if ($siteurl and strip_prefix($siteurl, 'www.') != strip_prefix($guess_site_url, 'www.')) { $fail['site_url_mismatch'] = gTxt('site_url_mismatch') . cs . $guess_site_url; } # test clean URL server vars if (hu) { if (ini_get('allow_url_fopen') and $permlink_mode != 'messy') { $s = md5(uniqid(rand(), true)); $pretext_data = @file(hu . $s . '/?txpcleantest=1'); if ($pretext_data) { $pretext_req = trim(@$pretext_data[0]); if ($pretext_req != md5('/' . $s . '/?txpcleantest=1')) { $fail['clean_url_data_failed'] = gTxt('clean_url_data_failed') . cs . htmlspecialchars($pretext_req); } } else { $fail['clean_url_test_failed'] = gTxt('clean_url_test_failed'); } } } if ($tables = list_txp_tables()) { $table_errors = check_tables($tables); if ($table_errors) { $fail['mysql_table_errors'] = gTxt('mysql_table_errors') . cs . n . t . join(', ' . n . t, $table_errors); } } $active_plugins = array(); if ($rows = safe_rows('name, version, code_md5, md5(code) as md5', 'txp_plugin', 'status > 0')) { foreach ($rows as $row) { $n = $row['name'] . '-' . $row['version']; if (strtolower($row['md5']) != strtolower($row['code_md5'])) { $n .= 'm'; } $active_plugins[] = $n; } } // check GD info if (function_exists('gd_info')) { $gd_info = gd_info(); $gd_support = array(); if ($gd_info['GIF Create Support']) { $gd_support[] = 'GIF'; } if ($gd_info['JPG Support']) { $gd_support[] = 'JPG'; } if ($gd_info['PNG Support']) { $gd_support[] = 'PNG'; } if ($gd_support) { $gd_support = join(', ', $gd_support); } else { $gd_support = gTxt('none'); } $gd = gTxt('gd_info', array('{version}' => $gd_info['GD Version'], '{supported}' => $gd_support)); } else { $gd = gTxt('gd_unavailable'); } if (realpath($prefs['tempdir']) == realpath($prefs['plugin_cache_dir'])) { $fail['tmp_plugin_paths_match'] = gTxt('tmp_plugin_paths_match'); } echo pagetop(gTxt('tab_diagnostics'), ''), startTable('list'), tr(td(hed(gTxt('preflight_check'), 1))); if ($fail) { foreach ($fail as $help => $message) { echo tr(tda(nl2br($message) . sp . popHelp($help), ' class="not-ok"')); } } else { echo tr(tda(gTxt('all_checks_passed'), ' class="ok"')); } echo tr(td(hed(gTxt('diagnostic_info'), 1))); $fmt_date = '%Y-%m-%d %H:%M:%S'; $out = array('<textarea cols="78" rows="18" readonly="readonly" style="width: 500px; height: 300px;">', gTxt('txp_version') . cs . txp_version . ' (' . ($rev ? 'r' . $rev : 'unknown revision') . ')' . n, gTxt('last_update') . cs . gmstrftime($fmt_date, $dbupdatetime) . '/' . gmstrftime($fmt_date, @filemtime(txpath . '/update/_update.php')) . n, gTxt('document_root') . cs . @$_SERVER['DOCUMENT_ROOT'] . ($real_doc_root != @$_SERVER['DOCUMENT_ROOT'] ? ' (' . $real_doc_root . ')' : '') . n, '$path_to_site' . cs . $path_to_site . n, gTxt('txp_path') . cs . txpath . n, gTxt('permlink_mode') . cs . $permlink_mode . n, ini_get('open_basedir') ? 'open_basedir: ' . ini_get('open_basedir') . n : '', ini_get('upload_tmp_dir') ? 'upload_tmp_dir: ' . ini_get('upload_tmp_dir') . n : '', gTxt('tempdir') . cs . $tempdir . n, gTxt('web_domain') . cs . $siteurl . n, getenv('TZ') ? 'TZ: ' . getenv('TZ') . n : '', gTxt('php_version') . cs . phpversion() . n, $is_register_globals ? gTxt('register_globals') . cs . $is_register_globals . n : '', gTxt('gd_library') . cs . $gd . n, gTxt('server_time') . cs . strftime('%Y-%m-%d %H:%M:%S') . n, 'MySQL' . cs . mysql_get_server_info() . n, gTxt('locale') . cs . $locale . n, isset($_SERVER['SERVER_SOFTWARE']) ? gTxt('server') . cs . $_SERVER['SERVER_SOFTWARE'] . n : '', is_callable('apache_get_version') ? gTxt('apache_version') . cs . apache_get_version() . n : '', gTxt('php_sapi_mode') . cs . PHP_SAPI . n, gTxt('rfc2616_headers') . cs . ini_get('cgi.rfc2616_headers') . n, gTxt('os_version') . cs . php_uname('s') . ' ' . php_uname('r') . n, $active_plugins ? gTxt('active_plugins') . cs . join(', ', $active_plugins) . n : '', $fail ? n . gTxt('preflight_check') . cs . n . ln . join("\n", $fail) . n . ln : '', is_readable($path_to_site . '/.htaccess') ? n . gTxt('htaccess_contents') . cs . n . ln . htmlspecialchars(join('', file($path_to_site . '/.htaccess'))) . n . ln : ''); if ($step == 'high') { $mysql_client_encoding = is_callable('mysql_client_encoding') ? mysql_client_encoding() : '-'; $out[] = n . 'Charset (default/config)' . cs . $mysql_client_encoding . '/' . @$txpcfg['dbcharset'] . n; $result = safe_query("SHOW variables like 'character_se%'"); while ($row = mysql_fetch_row($result)) { $out[] = $row[0] . cs . $row[1] . n; if ($row[0] == 'character_set_connection') { $conn_char = $row[1]; } } $table_names = array(PFX . 'textpattern'); $result = safe_query("SHOW TABLES LIKE '" . PFX . "txp\\_%'"); while ($row = mysql_fetch_row($result)) { $table_names[] = $row[0]; } $table_msg = array(); foreach ($table_names as $table) { $ctr = safe_query("SHOW CREATE TABLE " . $table . ""); if (!$ctr) { unset($table_names[$table]); continue; } $ctcharset = preg_replace('#^CREATE TABLE.*SET=([^ ]+)[^)]*$#is', '\\1', mysql_result($ctr, 0, 'Create Table')); if (isset($conn_char) && !stristr($ctcharset, 'CREATE') && $conn_char != $ctcharset) { $table_msg[] = "{$table} is {$ctcharset}"; } $ctr = safe_query("CHECK TABLE " . $table); if (in_array(mysql_result($ctr, 0, 'Msg_type'), array('error', 'warning'))) { $table_msg[] = $table . cs . mysql_result($ctr, 0, 'Msg_Text'); } } if ($table_msg == array()) { $table_msg = count($table_names) < 18 ? array('-') : array('OK'); } $out[] = count($table_names) . ' Tables' . cs . implode(', ', $table_msg) . n; $extns = get_loaded_extensions(); $extv = array(); foreach ($extns as $e) { $extv[] = $e . (phpversion($e) ? '/' . phpversion($e) : ''); } $out[] = n . gTxt('php_extensions') . cs . join(', ', $extv) . n; if (is_callable('apache_get_modules')) { $out[] = n . gTxt('apache_modules') . cs . join(', ', apache_get_modules()) . n; } if (@is_array($pretext_data) and count($pretext_data) > 1) { $out[] = n . gTxt('pretext_data') . cs . htmlspecialchars(join('', array_slice($pretext_data, 1, 20))) . n; } $out[] = n; foreach ($files as $f) { $rev = ''; $checksum = ''; if (is_callable('md5_file')) { $checksum = md5_file(txpath . $f); } if (isset($file_revs[$f])) { $rev = $file_revs[$f]; } $out[] = "{$f}" . cs . ($rev ? "r" . $rev : gTxt('unknown')) . ' (' . ($checksum ? $checksum : gTxt('unknown')) . ')' . n; } } $out[] = '</textarea>' . br; $dets = array('low' => gTxt('low'), 'high' => gTxt('high')); $out[] = form(eInput('diag') . n . gTxt('detail') . cs . selectInput('step', $dets, $step, 0, 1)); echo tr(td(join('', $out))), endTable(); }
function getFreshArticle() { global $article_vars; $prefs = get_prefs(); $a = array(); foreach ($article_vars as $v) { $a[$v] = ''; } $a['Status'] = 0; # use this to identify an unsaved article $a['Section'] = getDefaultSection(); $a['Annotate'] = $prefs['comments_on_default']; $a['AnnotateInvite'] = $prefs['comments_default_invite']; $a['markup_body'] = $prefs['markup_default']; $a['markup_excerpt'] = $prefs['markup_default']; $a['sPosted'] = time(); return $a; }
function install() { //figure out what MySQL version we are using (from _update.php) $mysqlversion = mysql_get_server_info(); $tabletype = intval($mysqlversion[0]) >= 5 || preg_match('#^4\\.(0\\.[2-9]|(1[89]))|(1\\.[2-9])#', $mysqlversion) ? " ENGINE=MyISAM " : " TYPE=MyISAM "; if (isset($txpcfg['dbcharset']) && (intval($mysqlversion[0]) >= 5 || preg_match('#^4\\.[1-9]#', $mysqlversion))) { $tabletype .= " CHARACTER SET = " . $txpcfg['dbcharset'] . " "; } // Create the hak_tinymce table $hak_tinymce_prefs_table = safe_query("CREATE TABLE `" . PFX . "txp_hak_tinymce` (\n\t\t `pref_name` VARCHAR(255) NOT NULL, \n\t\t `pref_value` TEXT NOT NULL,\n\t\t PRIMARY KEY (`pref_name`)\n\t\t) {$tabletype}"); // if the table creation succeeds populate with values if ($hak_tinymce_prefs_table) { extract(get_prefs()); $hak_mceSettings_default = ''; $hak_mceSettings_default .= "theme : \"advanced\",\n"; $hak_mceSettings_default .= "language : \"en\",\n"; $hak_mceSettings_default .= "relative_urls : false,\n"; $hak_mceSettings_default .= "remove_script_host : false,\n"; $hak_mceSettings_default .= "plugins : \"searchreplace,txpimage\",\n"; $hak_mceSettings_default .= "theme_advanced_buttons1 : \"bold,italic,underline,strikethrough,forecolor,backcolor,removeformat,numlist,bullist,outdent,indent,justifyleft,justifycenter,justifyright,justifyfull\",\n"; $hak_mceSettings_default .= "theme_advanced_buttons2 : \"link,unlink,separator,image,separator,search,replace,separator,cut,copy,paste,separator,code,separator,formatselect\",\n"; $hak_mceSettings_default .= "theme_advanced_buttons3 : \"\",\n"; $hak_mceSettings_default .= "theme_advanced_toolbar_location : \"top\",\n"; $hak_mceSettings_default .= "theme_advanced_toolbar_align : \"left\","; $hak_mceSettings_default .= "entity_encoding : \"numeric\","; $hak_mceSettings_compressor = "theme : \"advanced\",\n"; $hak_mceSettings_compressor .= "plugins : \"searchreplace,txpimage\",\n"; $hak_mceSettings_compressor .= "disk_cache : true,\n"; $hak_mceSettings_compressor .= "languages : \"en\",\n"; $hak_mceSettings_compressor .= "debug : false"; // set pref array values properly checking if it had been setup before. $hak_tinymce_prefs["show_toggle"] = isset($hak_tinymce_show_toggle) ? $hak_tinymce_show_toggle : "1"; $hak_tinymce_prefs["hide_on_textile_edit"] = isset($hak_tinymce_hide_on_textile_edit) ? $hak_tinymce_hide_on_textile_edit : "1"; $hak_tinymce_prefs["body_init"] = isset($hak_tinymce_init_form) && $hak_tinymce_init_form != "hak_tinymce_default" ? fetch_form($hak_tinymce_init_form) : $hak_mceSettings_default; $hak_tinymce_prefs["body_init"] .= "\nheight:420,"; $hak_tinymce_prefs["excerpt_init"] = $hak_mceSettings_default . "\nheight:150,"; $hak_tinymce_prefs["callbacks"] = ''; $hak_tinymce_prefs["tinymce_path"] = 'tiny_mce/tiny_mce.js'; $hak_tinymce_prefs["hide_textile_select"] = '0'; $hak_tinymce_prefs["enable_body"] = '1'; $hak_tinymce_prefs["enable_excerpt"] = '1'; // insert them into the new table foreach ($hak_tinymce_prefs as $key => $value) { safe_insert("txp_hak_tinymce", "pref_name='" . $key . "', pref_value='" . $value . "'"); } // Run any necessary upgrades hak_tinymce::upgrade('0.0'); // delete old prefs safe_delete("txp_prefs", "name='hak_tinymce_init_form'"); safe_delete("txp_prefs", "name='hak_tinymce_show_toggle'"); safe_delete("txp_prefs", "name='hak_tinymce_hide_on_textile_edit'"); } return true; }
function list_list($message = '', $post = '') { global $statuses, $comments_disabled_after, $step, $txp_user; pagetop(gTxt('tab_list'), $message); extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $sesutats = array_flip($statuses); $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'ID ' . $dir; break; case 'posted': $sort_sql = 'Posted ' . $dir; break; case 'title': $sort_sql = 'Title ' . $dir . ', Posted desc'; break; case 'section': $sort_sql = 'Section ' . $dir . ', Posted desc'; break; case 'category1': $sort_sql = 'Category1 ' . $dir . ', Posted desc'; break; case 'category2': $sort_sql = 'Category2 ' . $dir . ', Posted desc'; break; case 'status': $sort_sql = 'Status ' . $dir . ', Posted desc'; break; case 'author': $sort_sql = 'AuthorID ' . $dir . ', Posted desc'; break; case 'comments': $sort_sql = 'comments_count ' . $dir . ', Posted desc'; break; default: $dir = 'desc'; $sort_sql = 'Posted ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "ID = '{$crit_escaped}'", 'title_body' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('textpattern', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . list_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"'); } else { echo graf(gTxt('no_articles_recorded'), ' style="text-align: center;"'); } return; } $limit = max(@$article_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo n . list_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(Posted) as posted', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { $total_comments = array(); // fetch true comment count, not the public comment count // maybe we should have another row in the db? $rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid"); if ($rs2) { while ($a = nextRow($rs2)) { $pid = $a['parentid']; $num = $a['num']; $total_comments[$pid] = $num; } } echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '90%') . n . tr(n . column_head('ID', 'id', 'list', true, $switch_dir, $crit, $search_method) . column_head('posted', 'posted', 'list', true, $switch_dir, $crit, $search_method) . column_head('title', 'title', 'list', true, $switch_dir, $crit, $search_method) . column_head('section', 'section', 'list', true, $switch_dir, $crit, $search_method) . column_head('category1', 'category1', 'list', true, $switch_dir, $crit, $search_method, 'articles_detail') . column_head('category2', 'category2', 'list', true, $switch_dir, $crit, $search_method, 'articles_detail') . column_head('status', 'status', 'list', true, $switch_dir, $crit, $search_method) . column_head('author', 'author', 'list', true, $switch_dir, $crit, $search_method) . column_head('comments', 'comments', 'list', true, $switch_dir, $crit, $search_method, 'articles_detail') . hCell()); include_once txpath . '/publish/taghandlers.php'; while ($a = nextRow($rs)) { extract($a); if (empty($Title)) { $Title = '<em>' . eLink('article', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>'; } else { $Title = eLink('article', 'edit', 'ID', $ID, $Title); } $Category1 = $Category1 ? '<span title="' . htmlspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . '</span>' : ''; $Category2 = $Category2 ? '<span title="' . htmlspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . '</span>' : ''; $manage = n . '<ul class="articles_detail">' . n . t . '<li>' . eLink('article', 'edit', 'ID', $ID, gTxt('edit')) . '</li>' . (($Status == 4 or $Status == 5) ? n . t . '<li><a href="' . permlinkurl($a) . '">' . gTxt('view') . '</a></li>' : '') . n . '</ul>'; $Status = !empty($Status) ? $statuses[$Status] : ''; $comments = gTxt('none'); if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) { $comments = href(gTxt('manage'), 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID) . ' (' . $total_comments[$ID] . ')'; } $comment_status = $Annotate ? gTxt('on') : gTxt('off'); if ($comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $posted; if ($time_since > $lifespan) { $comment_status = gTxt('expired'); } } $comments = n . '<ul>' . n . t . '<li>' . $comment_status . '</li>' . n . t . '<li>' . $comments . '</li>' . n . '</ul>'; echo n . n . tr(n . td(eLink('article', 'edit', 'ID', $ID, $ID) . $manage) . td(safe_strftime('%d %b %Y %I:%M %p', $posted)) . td($Title) . td('<span title="' . htmlspecialchars(fetch_section_title($Section)) . '">' . $Section . '</span>', 75) . td($Category1, 100, "articles_detail") . td($Category2, 100, "articles_detail") . td($a['Status'] < 4 ? $Status : '<a href="' . permlinkurl($a) . '">' . $Status . '</a>', 50) . td('<span title="' . htmlspecialchars(get_author_name($AuthorID)) . '">' . $AuthorID . '</span>') . td($comments, 50, "articles_detail") . td(($a['Status'] >= 4 and has_privs('article.edit.published') or $a['Status'] >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < 4 and has_privs('article.edit') or $a['Status'] < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID) : ' ')); } echo n . n . tr(tda(toggle_box('articles_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . list_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>' . n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('list', $article_list_pageby); } }
function doDiagnostics() { global $prefs, $files, $txpcfg, $event, $step, $theme; extract(get_prefs()); $urlparts = parse_url(hu); $mydomain = $urlparts['host']; $server_software = @$_SERVER['SERVER_SOFTWARE'] || @$_SERVER['HTTP_HOST'] ? @$_SERVER['SERVER_SOFTWARE'] ? @$_SERVER['SERVER_SOFTWARE'] : $_SERVER['HTTP_HOST'] : ''; $is_apache = ($server_software and stristr($server_software, 'Apache')) or is_callable('apache_get_version'); $real_doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? realpath($_SERVER['DOCUMENT_ROOT']) : ''; // ini_get() returns string values passed via php_value as a string, not boolean $is_register_globals = (strcasecmp(ini_get('register_globals'), 'on') === 0 or ini_get('register_globals') === '1'); // Check for Textpattern updates, at most once every 24 hours $now = time(); $updateInfo = unserialize(get_pref('last_update_check', '')); if (!$updateInfo || $now > $updateInfo['when'] + 60 * 60 * 24) { $updates = checkUpdates(); $updateInfo['msg'] = $updates ? gTxt($updates['msg'], array('{version}' => $updates['version'])) : ''; $updateInfo['when'] = $now; set_pref('last_update_check', serialize($updateInfo), 'publish', PREF_HIDDEN, 'text_input'); } $fail = array('textpattern_version_update' => $updateInfo['msg'] ? diag_msg_wrap($updateInfo['msg'], 'information') : '', 'php_version_required' => (!is_callable('version_compare') or version_compare(PHP_VERSION, REQUIRED_PHP_VERSION, '<')) ? diag_msg_wrap(gTxt('php_version_required', array('{version}' => REQUIRED_PHP_VERSION))) : '', 'path_to_site_missing' => !isset($path_to_site) ? diag_msg_wrap(gTxt('path_to_site_missing'), 'warning') : '', 'dns_lookup_fails' => @gethostbyname($mydomain) == $mydomain ? diag_msg_wrap(gTxt('dns_lookup_fails') . cs . $mydomain, 'warning') : '', 'path_to_site_inacc' => !@is_dir($path_to_site) ? diag_msg_wrap(gTxt('path_to_site_inacc') . cs . $path_to_site) : '', 'site_trailing_slash' => rtrim($siteurl, '/') != $siteurl ? diag_msg_wrap(gTxt('site_trailing_slash') . cs . $path_to_site, 'warning') : '', 'index_inaccessible' => (!@is_file($path_to_site . "/index.php") or !@is_readable($path_to_site . "/index.php")) ? diag_msg_wrap("{$path_to_site}/index.php " . gTxt('is_inaccessible')) : '', 'dir_not_writable' => trim((!@is_writable($path_to_site . '/' . $img_dir) ? diag_msg_wrap(str_replace('{dirtype}', gTxt('img_dir'), gTxt('dir_not_writable')) . ": {$path_to_site}/{$img_dir}", 'warning') . n : '') . (!@is_writable($file_base_path) ? diag_msg_wrap(str_replace('{dirtype}', gTxt('file_base_path'), gTxt('dir_not_writable')) . ": {$file_base_path}", 'warning') . n : '') . (!@is_writable($tempdir) ? diag_msg_wrap(str_replace('{dirtype}', gTxt('tempdir'), gTxt('dir_not_writable')) . ": {$tempdir}", 'warning') . n : '')), 'cleanurl_only_apache' => ($permlink_mode != 'messy' and !$is_apache) ? diag_msg_wrap(gTxt('cleanurl_only_apache'), 'information') : '', 'htaccess_missing' => ($permlink_mode != 'messy' and !@is_readable($path_to_site . '/.htaccess')) ? diag_msg_wrap(gTxt('htaccess_missing')) : '', 'mod_rewrite_missing' => ($permlink_mode != 'messy' and is_callable('apache_get_modules') and !apache_module('mod_rewrite')) ? diag_msg_wrap(gTxt('mod_rewrite_missing')) : '', 'file_uploads_disabled' => !ini_get('file_uploads') ? diag_msg_wrap(gTxt('file_uploads_disabled'), 'information') : '', 'setup_still_exists' => @is_dir(txpath . DS . 'setup') ? diag_msg_wrap(txpath . DS . "setup" . DS . ' ' . gTxt('still_exists'), 'warning') : '', 'no_temp_dir' => empty($tempdir) ? diag_msg_wrap(gTxt('no_temp_dir'), 'warning') : '', 'warn_mail_unavailable' => is_disabled('mail') ? diag_msg_wrap(gTxt('warn_mail_unavailable'), 'warning') : '', 'warn_register_globals_or_update' => $is_register_globals && (version_compare(phpversion(), '4.4.0', '<=') or version_compare(phpversion(), '5.0.0', '>=') and version_compare(phpversion(), '5.0.5', '<=')) ? diag_msg_wrap(gTxt('warn_register_globals_or_update'), 'warning') : ''); if ($permlink_mode != 'messy') { $rs = safe_column("name", "txp_section", "1"); foreach ($rs as $name) { if ($name and @file_exists($path_to_site . '/' . $name)) { $fail['old_placeholder_exists'] = diag_msg_wrap(gTxt('old_placeholder') . ": {$path_to_site}/{$name}"); } } } $missing = array(); foreach ($files as $f) { $realpath = realpath(txpath . $f); if (is_readable($realpath)) { $found[] = $realpath; } else { $missing[] = txpath . $f; } } $files = $found; unset($found); if ($missing) { $fail['missing_files'] = diag_msg_wrap(gTxt('missing_files') . cs . n . t . join(', ' . n . t, $missing)); } foreach ($fail as $k => $v) { if (empty($v)) { unset($fail[$k]); } } # Find the highest revision number $file_revs = $file_md5 = array(); $rev = 0; foreach ($files as $f) { $content = @file_get_contents($f); if ($content !== FALSE) { if (preg_match('/^\\$' . 'LastChangedRevision: (\\d+) \\$/m', $content, $match)) { $file_revs[$f] = $match[1]; if ($match[1] > $rev) { $rev = $match[1]; } } $file_md5[$f] = md5(str_replace('$' . 'HeadURL: http:', '$' . 'HeadURL: https:', str_replace("\r\n", "\n", $content))); } } # Check revs & md5 against stable release, if possible $dev_files = $old_files = $modified_files = array(); if ($cs = @file(txpath . '/checksums.txt')) { foreach ($cs as $c) { if (preg_match('@^(\\S+): r?(\\S+) \\((.*)\\)$@', trim($c), $m)) { list(, $file, $r, $md5) = $m; $file = realpath(txpath . $file); if (!empty($file_revs[$file]) and $r and $file_revs[$file] < $r) { $old_files[] = $file; } elseif (!empty($file_revs[$file]) and $r and $file_revs[$file] > $r) { $dev_files[] = $file; } elseif (!empty($file_md5[$file]) and $file_md5[$file] != $md5) { $modified_files[] = $file; } } } } # files that haven't been updated if ($old_files) { $fail['old_files'] = diag_msg_wrap(gTxt('old_files') . cs . n . t . join(', ' . n . t, $old_files)); } # files that don't match their checksums if ($modified_files) { $fail['modified_files'] = diag_msg_wrap(gTxt('modified_files') . cs . n . t . join(', ' . n . t, $modified_files), 'warning'); } # running development code in live mode is not recommended if ($dev_files and $production_status == 'live') { $fail['dev_version_live'] = diag_msg_wrap(gTxt('dev_version_live') . cs . n . t . join(', ' . n . t, $dev_files), 'warning'); } # anything might break if arbitrary functions are disabled if (ini_get('disable_functions')) { $disabled_funcs = array_map('trim', explode(',', ini_get('disable_functions'))); # commonly disabled functions that we don't need $disabled_funcs = array_diff($disabled_funcs, array('imagefilltoborder', 'exec', 'system', 'dl', 'passthru', 'chown', 'shell_exec', 'popen', 'proc_open')); if ($disabled_funcs) { $fail['some_php_functions_disabled'] = diag_msg_wrap(gTxt('some_php_functions_disabled') . cs . join(', ', $disabled_funcs), 'warning'); } } # not sure about this one #if (strncmp(php_sapi_name(), 'cgi', 3) == 0 and ini_get('cgi.rfc2616_headers')) # $fail['cgi_header_config'] = gTxt('cgi_header_config'); $guess_site_url = $_SERVER['HTTP_HOST'] . preg_replace('#[/\\\\]$#', '', dirname(dirname($_SERVER['SCRIPT_NAME']))); if ($siteurl and strip_prefix($siteurl, 'www.') != strip_prefix($guess_site_url, 'www.')) { $fail['site_url_mismatch'] = diag_msg_wrap(gTxt('site_url_mismatch') . cs . $guess_site_url, 'warning'); } # test clean URL server vars if (hu) { if (ini_get('allow_url_fopen') and $permlink_mode != 'messy') { $s = md5(uniqid(rand(), true)); ini_set('default_socket_timeout', 10); $pretext_data = @file(hu . $s . '/?txpcleantest=1'); if ($pretext_data) { $pretext_req = trim(@$pretext_data[0]); if ($pretext_req != md5('/' . $s . '/?txpcleantest=1')) { $fail['clean_url_data_failed'] = diag_msg_wrap(gTxt('clean_url_data_failed') . cs . txpspecialchars($pretext_req), 'warning'); } } else { $fail['clean_url_test_failed'] = diag_msg_wrap(gTxt('clean_url_test_failed'), 'warning'); } } } if ($tables = list_txp_tables()) { $table_errors = check_tables($tables); if ($table_errors) { $fail['mysql_table_errors'] = diag_msg_wrap(gTxt('mysql_table_errors') . cs . n . t . join(', ' . n . t, $table_errors)); } } $active_plugins = array(); if ($rows = safe_rows('name, version, code_md5, md5(code) as md5', 'txp_plugin', 'status > 0')) { foreach ($rows as $row) { $n = $row['name'] . '-' . $row['version']; if (strtolower($row['md5']) != strtolower($row['code_md5'])) { $n .= 'm'; } $active_plugins[] = $n; } } $theme_manifest = $theme->manifest(); // check GD info if (function_exists('gd_info')) { $gd_info = gd_info(); $gd_support = array(); if ($gd_info['GIF Create Support']) { $gd_support[] = 'GIF'; } // Aside: In PHP 5.3, they chose to add a previously unemployed capital "E" to the array key. if (!empty($gd_info['JPEG Support']) || !empty($gd_info['JPG Support'])) { $gd_support[] = 'JPG'; } if ($gd_info['PNG Support']) { $gd_support[] = 'PNG'; } if ($gd_support) { $gd_support = join(', ', $gd_support); } else { $gd_support = gTxt('none'); } $gd = gTxt('gd_info', array('{version}' => $gd_info['GD Version'], '{supported}' => $gd_support)); } else { $gd = gTxt('gd_unavailable'); } if (realpath($prefs['tempdir']) == realpath($prefs['plugin_cache_dir'])) { $fail['tmp_plugin_paths_match'] = diag_msg_wrap(gTxt('tmp_plugin_paths_match')); } echo pagetop(gTxt('tab_diagnostics'), ''), '<h1 class="txp-heading">' . gTxt('tab_diagnostics') . '</h1>', '<div id="' . $event . '_container" class="txp-container">', '<div id="pre_flight_check">', hed(gTxt('preflight_check'), 2); if ($fail) { foreach ($fail as $help => $message) { echo graf(nl2br($message) . sp . popHelp($help)); } } else { echo graf(diag_msg_wrap(gTxt('all_checks_passed'), 'success')); } echo '</div>'; echo '<div id="diagnostics">', hed(gTxt('diagnostic_info'), 2); $fmt_date = '%Y-%m-%d %H:%M:%S'; $out = array('<p><textarea id="diagnostics-detail" cols="' . INPUT_LARGE . '" rows="' . INPUT_MEDIUM . '" readonly="readonly">', gTxt('txp_version') . cs . txp_version . ' (' . ($rev ? 'r' . $rev : 'unknown revision') . ')' . n, gTxt('last_update') . cs . gmstrftime($fmt_date, $dbupdatetime) . '/' . gmstrftime($fmt_date, @filemtime(txpath . '/update/_update.php')) . n, gTxt('document_root') . cs . @$_SERVER['DOCUMENT_ROOT'] . ($real_doc_root != @$_SERVER['DOCUMENT_ROOT'] ? ' (' . $real_doc_root . ')' : '') . n, '$path_to_site' . cs . $path_to_site . n, gTxt('txp_path') . cs . txpath . n, gTxt('permlink_mode') . cs . $permlink_mode . n, ini_get('open_basedir') ? 'open_basedir: ' . ini_get('open_basedir') . n : '', ini_get('upload_tmp_dir') ? 'upload_tmp_dir: ' . ini_get('upload_tmp_dir') . n : '', gTxt('tempdir') . cs . $tempdir . n, gTxt('web_domain') . cs . $siteurl . n, gTxt('php_version') . cs . phpversion() . n, $is_register_globals ? gTxt('register_globals') . cs . $is_register_globals . n : '', gTxt('gd_library') . cs . $gd . n, gTxt('server') . ' TZ: ' . (timezone::is_supported() ? @date_default_timezone_get() : (getenv('TZ') ? getenv('TZ') : '-')) . n, gTxt('server_time') . cs . strftime('%Y-%m-%d %H:%M:%S') . n, strip_tags(gTxt('is_dst')) . cs . $is_dst . n, strip_tags(gTxt('auto_dst')) . cs . $auto_dst . n, strip_tags(gTxt('gmtoffset')) . cs . $timezone_key . sp . "({$gmtoffset})" . n, 'MySQL' . cs . mysql_get_server_info() . n, gTxt('locale') . cs . $locale . n, isset($_SERVER['SERVER_SOFTWARE']) ? gTxt('server') . cs . $_SERVER['SERVER_SOFTWARE'] . n : '', is_callable('apache_get_version') ? gTxt('apache_version') . cs . @apache_get_version() . n : '', gTxt('php_sapi_mode') . cs . PHP_SAPI . n, gTxt('rfc2616_headers') . cs . ini_get('cgi.rfc2616_headers') . n, gTxt('os_version') . cs . php_uname('s') . ' ' . php_uname('r') . n, $active_plugins ? gTxt('active_plugins') . cs . join(', ', $active_plugins) . n : '', gTxt('theme_name') . cs . $theme_name . sp . $theme_manifest['version'] . n, $fail ? n . gTxt('preflight_check') . cs . n . ln . join("\n", doStripTags($fail)) . n . ln : '', is_readable($path_to_site . '/.htaccess') ? n . gTxt('htaccess_contents') . cs . n . ln . txpspecialchars(join('', file($path_to_site . '/.htaccess'))) . n . ln : ''); if ($step == 'high') { $mysql_client_encoding = is_callable('mysql_client_encoding') ? mysql_client_encoding() : '-'; $out[] = n . 'Charset (default/config)' . cs . $mysql_client_encoding . '/' . @$txpcfg['dbcharset'] . n; $result = safe_query("SHOW variables like 'character_se%'"); while ($row = mysql_fetch_row($result)) { $out[] = $row[0] . cs . $row[1] . n; if ($row[0] == 'character_set_connection') { $conn_char = $row[1]; } } $table_names = array(PFX . 'textpattern'); $result = safe_query("SHOW TABLES LIKE '" . PFX . "txp\\_%'"); while ($row = mysql_fetch_row($result)) { $table_names[] = $row[0]; } $table_msg = array(); foreach ($table_names as $table) { $ctr = safe_query("SHOW CREATE TABLE " . $table . ""); if (!$ctr) { unset($table_names[$table]); continue; } $ctcharset = preg_replace('#^CREATE TABLE.*SET=([^ ]+)[^)]*$#is', '\\1', mysql_result($ctr, 0, 'Create Table')); if (isset($conn_char) && !stristr($ctcharset, 'CREATE') && $conn_char != $ctcharset) { $table_msg[] = "{$table} is {$ctcharset}"; } $ctr = safe_query("CHECK TABLE " . $table); if (in_array(mysql_result($ctr, 0, 'Msg_type'), array('error', 'warning'))) { $table_msg[] = $table . cs . mysql_result($ctr, 0, 'Msg_Text'); } } if ($table_msg == array()) { $table_msg = count($table_names) < 17 ? array('-') : array('OK'); } $out[] = count($table_names) . ' Tables' . cs . implode(', ', $table_msg) . n; $cf = preg_grep('/^custom_\\d+/', getThings('describe `' . PFX . 'textpattern`')); $out[] = n . get_pref('max_custom_fields', 10) . sp . gTxt('custom') . cs . implode(', ', $cf) . sp . '(' . count($cf) . ')' . n; $extns = get_loaded_extensions(); $extv = array(); foreach ($extns as $e) { $extv[] = $e . (phpversion($e) ? '/' . phpversion($e) : ''); } $out[] = n . gTxt('php_extensions') . cs . join(', ', $extv) . n; if (is_callable('apache_get_modules')) { $out[] = n . gTxt('apache_modules') . cs . join(', ', apache_get_modules()) . n; } if (@is_array($pretext_data) and count($pretext_data) > 1) { $out[] = n . gTxt('pretext_data') . cs . txpspecialchars(join('', array_slice($pretext_data, 1, 20))) . n; } $out[] = n; foreach ($files as $f) { $checksum = isset($file_md5[$f]) ? $file_md5[$f] : gTxt('unknown'); $revision = isset($file_revs[$f]) ? 'r' . $file_revs[$f] : gTxt('unknown'); $out[] = "{$f}" . cs . n . t . $revision . ' (' . $checksum . ')' . n; } $out[] = n . ln; } $out[] = callback_event('diag_results', $step) . n; $out[] = '</textarea></p>'; $dets = array('low' => gTxt('low'), 'high' => gTxt('high')); $out[] = form(graf(eInput('diag') . n . '<label>' . gTxt('detail') . '</label>' . n . selectInput('step', $dets, $step, 0, 1))); echo join('', $out), '</div>', '</div>'; }
function link_list($message = '') { global $step, $link_list_pageby; extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'name': $sort_sql = 'linksort ' . $dir . ', id asc'; break; case 'description': $sort_sql = 'description ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; default: $dir = 'asc'; $sort_sql = 'linksort asc'; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "id = '{$crit_escaped}'", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = getCount('txp_link', $criteria); if ($total < 1) { if ($criteria != 1) { echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"'); } else { echo n . graf(gTxt('no_links_recorded'), ' style="text-align: center;"'); } return; } $limit = max(@$link_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo link_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { echo n . n . '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list') . n . tr(column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method) . hCell() . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method) . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method) . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method) . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method) . hCell()); while ($a = nextRow($rs)) { extract($a); $edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; echo tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li>' . href(gTxt('view'), $url) . '</li>' . n . '</ul>', 35) . td(href($linkname, $edit_url), 125) . td($description, 150) . td('<span title="' . fetch_category_title($category, 'link') . '">' . $category . '</span>', 125) . td(safe_strftime('%d %b %Y %I:%M %p', $uDate), 75) . td(fInput('checkbox', 'selected[]', $id))); } echo n . n . tr(tda(select_buttons() . link_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="7" style="text-align: right; border: none;"')) . endTable() . '</form>' . n . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('link', $link_list_pageby); } }
function do_txp_logging() { global $txpcfg, $prefs, $siteurl, $DB; if ($txpcfg == '') { jpcache_debug('Txp-logging disabled. Include jpcache after config.php.'); return; } include $txpcfg['txpath'] . '/lib/txplib_db.php'; $prefs = get_prefs(); $siteurl = $prefs['siteurl']; if ($prefs['logging'] == 'refer') { $this->logit('refer'); } elseif ($prefs['logging'] == 'all') { $this->logit(); } jpcache_debug('Logged hit per txp-configuration.'); }
function scip_input($year, $season, $dept, $sname) { /* error_reporting(E_ALL); ini_set('display_errors', TRUE); ini_set('display_startup_errors', TRUE); */ //so we have three csv files to make: ta, section, pref. $tacsv = array(); $prefcsv = array(); $sectioncsv = array(); //Each row gets its own array; let's start with headers. $header = array('Name', 'Ranking', 'Units', 'Status', 'Block', 'Sameday', 'Btb', 'Conflicts', 'NULL'); array_push($tacsv, $header); $header = array('Course', 'Section', 'Instructor', 'Day', 'Time', 'Units', 'TAs', 'NULL'); array_push($sectioncsv, $header); //given a TA, we already have a function to find all section prefs. So let the list of // section names be the pref header. $db = new PDO(DB_PATH, DB_LOGIN, DB_PW); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); try { //first we want to loop through all current sections of this dept. $sql = count_sections($dept, $year, $season); $result = $db->query($sql)->fetch(); if ($result[0] == 0) { return array("error-message", "Department {$dept} has no section data for {$sname} {$year}."); } $sql = sql_section($dept, $year, $season); //puts($sql); $result = $db->query($sql); $header = array(""); foreach ($result as $r) { $course = $r['course']; $row = array($course, $r['name'], ""); //Now to get the times. $sql2 = "SELECT *\n FROM event\n WHERE quarter_year = {$year} and quarter_season = {$season}\n AND department = '{$dept}' AND course = '" . $r['course'] . "' \n AND section = '" . $r['name'] . "' AND type = 'lecture'\n AND day != 'U' AND day != 'S'\n GROUP BY day;"; $result2 = $db->query($sql2); $days = ""; $start = ""; $end = ""; foreach ($result2 as $r2) { $days .= $r2['day']; $start = $r2['start']; $end = $r2['end']; } //Gather all the lecture days and get times. $time_full = $start . '-' . $end; array_push($row, $days); array_push($row, $time_full); array_push($row, $r['units']); array_push($row, $r['weight']); array_push($row, "0"); $row2 = array("", "", ""); $sql2 = "SELECT *\n FROM event\n WHERE quarter_year = {$year} and quarter_season = {$season}\n AND department = '{$dept}' AND course = '" . $r['course'] . "'\n AND day != 'U' AND day != 'S'\n AND section = '" . $r['name'] . "' AND type = 'discussion';"; //puts($sql2); $result2 = $db->query($sql2); $discussion = 0; $days = ""; $start = ""; $end = ""; foreach ($result2 as $r2) { $days = $r2['day']; $start = $r2['start']; $end = $r2['end']; $discussion = 1; array_push($row2, $days); $time_full = $start . '-' . $end; array_push($row2, $time_full); } //enter the discussion. array_push($row2, $r['units']); array_push($row2, $r['weight']); array_push($row2, "0"); //only put in sections with discussions array_push($header, $course . ' ' . $r['name']); array_push($sectioncsv, $row); array_push($sectioncsv, $row2); } //for all sections. array_push($prefcsv, $header); //Now we get all TAs. We can fill pref.csv as we go here. $sql = "SELECT t.name_first, t.name_last, t.rank, t.status, t.sid, u.value\n FROM ta t, units u\n WHERE u.sid = t.sid\n AND t.department = '{$dept}' AND u.year = {$year} AND u.season = {$season};"; //puts($sql); $result = $db->query($sql); foreach ($result as $r) { $fullname = scip_clean($r['name_first']) . ' ' . scip_clean($r['name_last']); $sid = $r['sid']; $row = array($fullname, $r['rank'], $r['value'], strtolower($r['status'])); $sql2 = "SELECT * FROM pref WHERE sid = " . $r['sid'] . ";"; $r2 = $db->query($sql2); $p = array(); $countr2 = 0; foreach ($r2 as $rr2) { $countr2++; $p = array($rr2['block'], $rr2['same_day'], $rr2['back_to_back']); } if ($countr2 == 0) { $p = array(0, 0, 0); } foreach ($p as $p2) { array_push($row, $p2); } //finally we need to get all time conflicts in form D|SSSS|EEEE D|SSSS|EEEE.... $sql2 = "SELECT day, start, end \n FROM calendar\n WHERE sid = {$sid} AND quarter_year = {$year} AND quarter_season = {$season};"; $result2 = $db->query($sql2); $conflicts = ""; foreach ($result2 as $r2) { $conflicts .= $r2['day'] . '|' . $r2['start'] . '|' . $r2['end'] . ' '; } //for each event of this TA array_push($row, $conflicts); array_push($row, "0"); array_push($tacsv, $row); $prefs = get_prefs($sid, $year, $season, $dept, "scip"); $prow = array($fullname); for ($i = 0; $i < count($prefs); $i++) { array_push($prow, $prefs[$i]->value); // array_push($prow, ($prefs[$i]->value." ".$prefs[$i]->section)); } array_push($prefcsv, $prow); } //foreach ta } catch (PDOException $e) { echo $e->getMessage(); } //Now we can save the csv files in the scip folder. $fp = fopen('scip/ta.csv', 'w'); foreach ($tacsv as $fields) { fputcsv2($fp, str_replace(array("(", ")"), "-", $fields)); } fclose($fp); $fp = fopen('scip/section.csv', 'w'); foreach ($sectioncsv as $fields) { fputcsv2($fp, $fields); } fclose($fp); $fp = fopen('scip/pref.csv', 'w'); foreach (transpose($prefcsv) as $fields) { fputcsv2($fp, str_replace(array("(", ")"), "-", $fields)); } $fp = fopen("csv/pref_{$dept}{$year}{$season}.csv", 'w'); foreach (transpose($prefcsv) as $fields) { fputcsv2($fp, str_replace(array("(", ")"), "-", $fields)); } fclose($fp); }
function log_list($message = '') { pagetop(gTxt('visitor_logs'), $message); extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $expire_logs_after = assert_int($expire_logs_after); safe_delete('txp_log', "time < date_sub(now(), interval {$expire_logs_after} day)"); $dir = $dir == 'asc' ? 'asc' : 'desc'; switch ($sort) { case 'ip': $sort_sql = 'ip ' . $dir; break; case 'host': $sort_sql = 'host ' . $dir; break; case 'page': $sort_sql = 'page ' . $dir; break; case 'refer': $sort_sql = 'refer ' . $dir; break; case 'method': $sort_sql = 'method ' . $dir; break; case 'status': $sort_sql = 'status ' . $dir; break; default: $sort = 'time'; $sort_sql = 'time ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('ip' => "ip like '%{$crit_escaped}%'", 'host' => "host like '%{$crit_escaped}%'", 'page' => "page like '%{$crit_escaped}%'", 'refer' => "refer like '%{$crit_escaped}%'", 'method' => "method like '%{$crit_escaped}%'", 'status' => "status like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_log', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . log_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"'); } else { echo graf(gTxt('no_refers_recorded'), ' style="text-align: center;"'); } return; } $limit = max(@$log_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo n . log_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(time) as uTime', 'txp_log', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { echo n . n . '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list', '', '', '', '90%') . n . tr(n . column_head('time', 'time', 'log', true, $switch_dir, $crit, $search_method, 'time' == $sort ? $dir : '') . column_head('IP', 'ip', 'log', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'log_detail') . column_head('host', 'host', 'log', true, $switch_dir, $crit, $search_method, 'host' == $sort ? $dir : '') . column_head('page', 'page', 'log', true, $switch_dir, $crit, $search_method, 'page' == $sort ? $dir : '') . column_head('referrer', 'refer', 'log', true, $switch_dir, $crit, $search_method, 'refer' == $sort ? $dir : '') . column_head('method', 'method', 'log', true, $switch_dir, $crit, $search_method, ('method' == $sort ? "{$dir} " : '') . 'log_detail') . column_head('status', 'status', 'log', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'log_detail') . hCell()); while ($a = nextRow($rs)) { extract($a, EXTR_PREFIX_ALL, 'log'); if ($log_refer) { $log_refer = 'http://' . $log_refer; $log_refer = '<a href="' . htmlspecialchars($log_refer) . '" target="_blank">' . htmlspecialchars(soft_wrap($log_refer, 30)) . '</a>'; } if ($log_page) { $log_anchor = preg_replace('/\\/$/', '', $log_page); $log_anchor = soft_wrap(substr($log_anchor, 1), 30); $log_page = '<a href="' . htmlspecialchars($log_page) . '" target="_blank">' . htmlspecialchars($log_anchor) . '</a>'; if ($log_method == 'POST') { $log_page = '<strong>' . $log_page . '</strong>'; } } echo tr(n . td(gTime($log_uTime), 85) . td($log_ip, 20, 'log_detail') . td(soft_wrap($log_host, 30)) . td($log_page) . td($log_refer) . td(htmlspecialchars($log_method), 60, 'log_detail') . td($log_status, 60, 'log_detail') . td(fInput('checkbox', 'selected[]', $log_id))); } echo n . n . tr(tda(toggle_box('log_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . log_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="6" style="text-align: right; border: none;"')) . n . endTable() . '</form>' . n . nav_form('log', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('log', $log_list_pageby); } }
/** * Outputs a diagnostics report. * * This is the main panel. */ function doDiagnostics() { global $prefs, $files, $txpcfg, $event, $step, $theme, $DB; extract(get_prefs()); $urlparts = parse_url(hu); $mydomain = $urlparts['host']; $is_apache = stristr(serverSet('SERVER_SOFTWARE'), 'Apache') || is_callable('apache_get_version'); $real_doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? realpath($_SERVER['DOCUMENT_ROOT']) : ''; // ini_get() returns string values passed via php_value as a string, not boolean. $is_register_globals = (strcasecmp(ini_get('register_globals'), 'on') === 0 or ini_get('register_globals') === '1'); // Check for Textpattern updates, at most once every 24 hours. $now = time(); $updateInfo = unserialize(get_pref('last_update_check', '')); if (!$updateInfo || $now > $updateInfo['when'] + 60 * 60 * 24) { $updates = checkUpdates(); $updateInfo['msg'] = $updates ? gTxt($updates['msg'], array('{version}' => $updates['version'])) : ''; $updateInfo['when'] = $now; set_pref('last_update_check', serialize($updateInfo), 'publish', PREF_HIDDEN, 'text_input'); } $fail = array(); if (!empty($updateInfo['msg'])) { $fail['textpattern_version_update'] = diag_msg_wrap($updateInfo['msg'], 'information'); } if (!is_callable('version_compare') || version_compare(PHP_VERSION, REQUIRED_PHP_VERSION, '<')) { $fail['php_version_required'] = diag_msg_wrap(gTxt('php_version_required', array('{version}' => REQUIRED_PHP_VERSION))); } if (!isset($path_to_site)) { $fail['path_to_site_missing'] = diag_msg_wrap(gTxt('path_to_site_missing'), 'warning'); } if (@gethostbyname($mydomain) === $mydomain) { $fail['dns_lookup_fails'] = diag_msg_wrap(gTxt('dns_lookup_fails') . cs . $mydomain, 'warning'); } if (!@is_dir($path_to_site)) { $fail['path_to_site_inacc'] = diag_msg_wrap(gTxt('path_to_site_inacc') . cs . $path_to_site); } if (rtrim($siteurl, '/') != $siteurl) { $fail['site_trailing_slash'] = diag_msg_wrap(gTxt('site_trailing_slash') . cs . $path_to_site, 'warning'); } if (!@is_file($path_to_site . "/index.php") || !@is_readable($path_to_site . "/index.php")) { $fail['index_inaccessible'] = diag_msg_wrap("{$path_to_site}/index.php " . gTxt('is_inaccessible')); } $not_readable = array(); if (!@is_writable($path_to_site . '/' . $img_dir)) { $not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('img_dir'), gTxt('dir_not_writable')) . ": {$path_to_site}/{$img_dir}", 'warning'); } if (!@is_writable($file_base_path)) { $not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('file_base_path'), gTxt('dir_not_writable')) . ": {$file_base_path}", 'warning'); } if (!@is_writable($tempdir)) { $not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('tempdir'), gTxt('dir_not_writable')) . ": {$tempdir}", 'warning'); } if ($not_readable) { $fail['dir_not_writable'] = join(n, $not_readable); } if ($permlink_mode != 'messy' && !$is_apache) { $fail['cleanurl_only_apache'] = diag_msg_wrap(gTxt('cleanurl_only_apache'), 'information'); } if ($permlink_mode != 'messy' and !@is_readable($path_to_site . '/.htaccess')) { $fail['htaccess_missing'] = diag_msg_wrap(gTxt('htaccess_missing')); } if ($permlink_mode != 'messy' and is_callable('apache_get_modules') and !apache_module('mod_rewrite')) { $fail['mod_rewrite_missing'] = diag_msg_wrap(gTxt('mod_rewrite_missing')); } if (!ini_get('file_uploads')) { $fail['file_uploads_disabled'] = diag_msg_wrap(gTxt('file_uploads_disabled'), 'information'); } if (@is_dir(txpath . DS . 'setup')) { $fail['setup_still_exists'] = diag_msg_wrap(txpath . DS . "setup" . DS . ' ' . gTxt('still_exists'), 'warning'); } if (empty($tempdir)) { $fail['no_temp_dir'] = diag_msg_wrap(gTxt('no_temp_dir'), 'warning'); } if (is_disabled('mail')) { $fail['warn_mail_unavailable'] = diag_msg_wrap(gTxt('warn_mail_unavailable'), 'warning'); } if ($is_register_globals) { $fail['warn_register_globals_or_update'] = diag_msg_wrap(gTxt('warn_register_globals_or_update'), 'warning'); } if ($permlink_mode != 'messy') { $rs = safe_column("name", "txp_section", "1"); foreach ($rs as $name) { if ($name and @file_exists($path_to_site . '/' . $name)) { $fail['old_placeholder_exists'] = diag_msg_wrap(gTxt('old_placeholder') . ": {$path_to_site}/{$name}"); } } } $cs = check_file_integrity(INTEGRITY_REALPATH); if (!$cs) { $cs = array(); } // Files that don't match their checksums. if ($modified_files = array_keys($cs, INTEGRITY_MODIFIED)) { $fail['modified_files'] = diag_msg_wrap(gTxt('modified_files') . cs . n . t . join(', ' . n . t, $modified_files), 'warning'); } // Running development code in live mode is not recommended. if (preg_match('/-dev$/', txp_version) and $production_status == 'live') { $fail['dev_version_live'] = diag_msg_wrap(gTxt('dev_version_live'), 'warning'); } // Missing files. if ($missing = array_merge(array_keys($cs, INTEGRITY_MISSING), array_keys($cs, INTEGRITY_NOT_FILE), array_keys($cs, INTEGRITY_NOT_READABLE))) { $fail['missing_files'] = diag_msg_wrap(gTxt('missing_files') . cs . n . t . join(', ' . n . t, $missing)); } // Anything might break if arbitrary functions are disabled. if (ini_get('disable_functions')) { $disabled_funcs = array_map('trim', explode(',', ini_get('disable_functions'))); // Commonly disabled functions that we don't need. $disabled_funcs = array_diff($disabled_funcs, array('imagefilltoborder', 'escapeshellarg', 'escapeshellcmd', 'exec', 'passthru', 'proc_close', 'proc_get_status', 'proc_nice', 'proc_open', 'proc_terminate', 'shell_exec', 'system', 'popen', 'dl', 'chown')); if ($disabled_funcs) { $fail['some_php_functions_disabled'] = diag_msg_wrap(gTxt('some_php_functions_disabled') . cs . join(', ', $disabled_funcs), 'warning'); } } // Not sure about this one. // if (strncmp(php_sapi_name(), 'cgi', 3) == 0 and ini_get('cgi.rfc2616_headers')) // $fail['cgi_header_config'] = gTxt('cgi_header_config'); $guess_site_url = $_SERVER['HTTP_HOST'] . preg_replace('#[/\\\\]$#', '', dirname(dirname($_SERVER['SCRIPT_NAME']))); if ($siteurl and strip_prefix($siteurl, 'www.') != strip_prefix($guess_site_url, 'www.')) { $fail['site_url_mismatch'] = diag_msg_wrap(gTxt('site_url_mismatch') . cs . $guess_site_url, 'warning'); } // Test clean URL server vars. if (hu) { if (ini_get('allow_url_fopen') and $permlink_mode != 'messy') { $s = md5(uniqid(rand(), true)); ini_set('default_socket_timeout', 10); $pretext_data = @file(hu . $s . '/?txpcleantest=1'); if ($pretext_data) { $pretext_req = trim(@$pretext_data[0]); if ($pretext_req != md5('/' . $s . '/?txpcleantest=1')) { $fail['clean_url_data_failed'] = diag_msg_wrap(gTxt('clean_url_data_failed') . cs . txpspecialchars($pretext_req), 'warning'); } } else { $fail['clean_url_test_failed'] = diag_msg_wrap(gTxt('clean_url_test_failed'), 'warning'); } } } if ($tables = list_txp_tables()) { $table_errors = check_tables($tables); if ($table_errors) { $fail['mysql_table_errors'] = diag_msg_wrap(gTxt('mysql_table_errors') . cs . n . t . join(', ' . n . t, $table_errors)); } } $active_plugins = array(); if ($rows = safe_rows('name, version, code_md5, md5(code) as md5', 'txp_plugin', 'status > 0')) { foreach ($rows as $row) { $n = $row['name'] . '-' . $row['version']; if (strtolower($row['md5']) != strtolower($row['code_md5'])) { $n .= 'm'; } $active_plugins[] = $n; } } $theme_manifest = $theme->manifest(); // Check GD info. if (function_exists('gd_info')) { $gd_info = gd_info(); $gd_support = array(); if ($gd_info['GIF Create Support']) { $gd_support[] = 'GIF'; } // Aside: In PHP 5.3, they chose to add a previously unemployed capital "E" to the array key. if (!empty($gd_info['JPEG Support']) || !empty($gd_info['JPG Support'])) { $gd_support[] = 'JPG'; } if ($gd_info['PNG Support']) { $gd_support[] = 'PNG'; } if ($gd_support) { $gd_support = join(', ', $gd_support); } else { $gd_support = gTxt('none'); } $gd = gTxt('gd_info', array('{version}' => $gd_info['GD Version'], '{supported}' => $gd_support)); } else { $gd = gTxt('gd_unavailable'); } if (realpath($prefs['tempdir']) === realpath($prefs['plugin_cache_dir'])) { $fail['tmp_plugin_paths_match'] = diag_msg_wrap(gTxt('tmp_plugin_paths_match')); } // Database server time. extract(doSpecial(getRow('select @@global.time_zone as db_global_timezone, @@session.time_zone as db_session_timezone, now() as db_server_time, unix_timestamp(now()) as db_server_timestamp'))); $db_server_timeoffset = $db_server_timestamp - $now; echo pagetop(gTxt('tab_diagnostics'), ''); echo hed(gTxt('tab_diagnostics'), 1, array('class' => 'txp-heading')); echo n . '<div id="' . $event . '_container" class="txp-container">' . n . '<div id="pre_flight_check">' . hed(gTxt('preflight_check'), 2); if ($fail) { foreach ($fail as $help => $message) { echo graf(nl2br($message) . popHelp($help)); } } else { echo graf(diag_msg_wrap(gTxt('all_checks_passed'), 'success')); } echo '</div>'; echo '<div id="diagnostics">', hed(gTxt('diagnostic_info'), 2); $fmt_date = '%Y-%m-%d %H:%M:%S'; $out = array('<p><textarea class="code" id="diagnostics-detail" cols="' . INPUT_LARGE . '" rows="' . TEXTAREA_HEIGHT_LARGE . '" dir="ltr" readonly>', gTxt('txp_version') . cs . txp_version . ' (' . check_file_integrity(INTEGRITY_DIGEST) . ')' . n, gTxt('last_update') . cs . gmstrftime($fmt_date, $dbupdatetime) . '/' . gmstrftime($fmt_date, @filemtime(txpath . '/update/_update.php')) . n, gTxt('document_root') . cs . @$_SERVER['DOCUMENT_ROOT'] . ($real_doc_root != @$_SERVER['DOCUMENT_ROOT'] ? ' (' . $real_doc_root . ')' : '') . n, '$path_to_site' . cs . $path_to_site . n, gTxt('txp_path') . cs . txpath . n, gTxt('permlink_mode') . cs . $permlink_mode . n, ini_get('open_basedir') ? 'open_basedir: ' . ini_get('open_basedir') . n : '', ini_get('upload_tmp_dir') ? 'upload_tmp_dir: ' . ini_get('upload_tmp_dir') . n : '', gTxt('tempdir') . cs . $tempdir . n, gTxt('web_domain') . cs . $siteurl . n, gTxt('php_version') . cs . phpversion() . n, $is_register_globals ? gTxt('register_globals') . cs . $is_register_globals . n : '', gTxt('gd_library') . cs . $gd . n, gTxt('server') . ' TZ: ' . Txp::get('Textpattern_Date_Timezone')->getTimeZone() . n, gTxt('server_time') . cs . strftime('%Y-%m-%d %H:%M:%S') . n, strip_tags(gTxt('is_dst')) . cs . $is_dst . n, strip_tags(gTxt('auto_dst')) . cs . $auto_dst . n, strip_tags(gTxt('gmtoffset')) . cs . $timezone_key . sp . "({$gmtoffset})" . n, 'MySQL' . cs . mysql_get_server_info() . n, gTxt('db_server_time') . cs . $db_server_time . n, gTxt('db_server_timeoffset') . cs . $db_server_timeoffset . ' s' . n, gTxt('db_global_timezone') . cs . $db_global_timezone . n, gTxt('db_session_timezone') . cs . $db_session_timezone . n, gTxt('locale') . cs . $locale . n, isset($_SERVER['SERVER_SOFTWARE']) ? gTxt('server') . cs . $_SERVER['SERVER_SOFTWARE'] . n : '', is_callable('apache_get_version') ? gTxt('apache_version') . cs . @apache_get_version() . n : '', gTxt('php_sapi_mode') . cs . PHP_SAPI . n, gTxt('rfc2616_headers') . cs . ini_get('cgi.rfc2616_headers') . n, gTxt('os_version') . cs . php_uname('s') . ' ' . php_uname('r') . n, $active_plugins ? gTxt('active_plugins') . cs . join(', ', $active_plugins) . n : '', gTxt('theme_name') . cs . $theme_name . sp . $theme_manifest['version'] . n, $fail ? n . gTxt('preflight_check') . cs . n . ln . join("\n", doStripTags($fail)) . n . ln : '', is_readable($path_to_site . '/.htaccess') ? n . gTxt('htaccess_contents') . cs . n . ln . txpspecialchars(join('', file($path_to_site . '/.htaccess'))) . n . ln : ''); if ($step == 'high') { $out[] = n . 'Charset (default/config)' . cs . $DB->default_charset . '/' . $DB->charset . n; $result = safe_query("SHOW variables like 'character_se%'"); while ($row = mysql_fetch_row($result)) { $out[] = $row[0] . cs . $row[1] . n; if ($row[0] == 'character_set_connection') { $conn_char = $row[1]; } } $table_names = array(PFX . 'textpattern'); $result = safe_query("SHOW TABLES LIKE '" . PFX . "txp\\_%'"); while ($row = mysql_fetch_row($result)) { $table_names[] = $row[0]; } $table_msg = array(); foreach ($table_names as $table) { $ctr = safe_query("SHOW CREATE TABLE " . $table . ""); if (!$ctr) { unset($table_names[$table]); continue; } $ctcharset = preg_replace('#^CREATE TABLE.*SET=([^ ]+)[^)]*$#is', '\\1', mysql_result($ctr, 0, 'Create Table')); if (isset($conn_char) && !stristr($ctcharset, 'CREATE') && $conn_char != $ctcharset) { $table_msg[] = "{$table} is {$ctcharset}"; } $ctr = safe_query("CHECK TABLE " . $table); if (in_array(mysql_result($ctr, 0, 'Msg_type'), array('error', 'warning'))) { $table_msg[] = $table . cs . mysql_result($ctr, 0, 'Msg_Text'); } } if ($table_msg == array()) { $table_msg = count($table_names) < 17 ? array('-') : array('OK'); } $out[] = count($table_names) . ' Tables' . cs . implode(', ', $table_msg) . n; $cf = preg_grep('/^custom_\\d+/', getThings('describe `' . PFX . 'textpattern`')); $out[] = n . get_pref('max_custom_fields', 10) . sp . gTxt('custom') . cs . implode(', ', $cf) . sp . '(' . count($cf) . ')' . n; $extns = get_loaded_extensions(); $extv = array(); foreach ($extns as $e) { $extv[] = $e . (phpversion($e) ? '/' . phpversion($e) : ''); } $out[] = n . gTxt('php_extensions') . cs . join(', ', $extv) . n; if (is_callable('apache_get_modules')) { $out[] = n . gTxt('apache_modules') . cs . join(', ', apache_get_modules()) . n; } if (@is_array($pretext_data) and count($pretext_data) > 1) { $out[] = n . gTxt('pretext_data') . cs . txpspecialchars(join('', array_slice($pretext_data, 1, 20))) . n; } $out[] = n; if ($md5s = check_file_integrity(INTEGRITY_MD5)) { foreach ($md5s as $f => $checksum) { $out[] = $f . cs . n . t . (!$checksum ? gTxt('unknown') : $checksum) . n; } } $out[] = n . ln; } $out[] = callback_event('diag_results', $step) . n; $out[] = '</textarea></p>'; $dets = array('low' => gTxt('low'), 'high' => gTxt('high')); $out[] = form(graf(eInput('diag') . n . '<label>' . gTxt('detail') . '</label>' . selectInput('step', $dets, $step, 0, 1))); echo join('', $out), '</div>', '</div>'; }
/** * Executes the real action for @see udpateArticleId and @see newArticle * @param array $incoming containing the desired article fields * @param mixed(string|integer) $article_id the ID of the article to update * @return mixed integer article id on success, false otherwise * @access private */ function _setArticle($incoming, $article_id = null) { global $txpcfg; $prefs = get_prefs(); extract($prefs); if (!empty($incoming['Section']) && !$this->getSection($incoming['Section'])) { return false; } if (!empty($incoming['Category1']) && !$this->getCategory($incoming['Category1'])) { return false; } if (!empty($incoming['Category2']) && !$this->getCategory($incoming['Category2'])) { return false; } if ($article_id !== null) { $article_id = assert_int($article_id); } //All validation rules assumed to be passed before this point. //Do content processing here $incoming_with_markup = $this->textile_main_fields($incoming, $use_textile); $incoming['Title'] = $incoming_with_markup['Title']; if (empty($incoming['Body_html']) && !empty($incoming['Body'])) { $incoming['Body_html'] = $incoming_with_markup['Body_html']; } if (empty($incoming['Excerpt_html']) && !empty($incoming['Excerpt'])) { $incoming['Excerpt_html'] = $incoming_with_markup['Excerpt_html']; } unset($incoming_with_markup); if (empty($incoming['Posted'])) { if ($article_id === null) { $when = !$article_id ? 'now()' : ''; $incoming['Posted'] = $when; } else { # do not override post time for existing articles unless Posted is present unset($incoming['Posted']); } } else { $when = strtotime($incoming['Posted']) - tz_offset(); $when = "from_unixtime({$when})"; } if ($incoming['Title'] || $incoming['Body'] || $incoming['Excerpt']) { //Build SQL then and run query //Prevent data erase if not defined on the update action //but it was on the DB from a previous creation/edition time if ($article_id) { $old = safe_row('*', 'textpattern', "ID = {$article_id}"); //Status should be defined previously. Be sure of that. if (!has_privs('article.publish', $this->txp_user) && $incoming['Status'] == 4 && $old['Status'] != 4) { $incoming['Status'] = 3; } foreach ($old as $key => $val) { if (!isset($incoming[$key])) { $incoming[$key] = $val; } } } else { //Status should be defined previously. Be sure of that. if (!has_privs('article.publish', $this->txp_user) && $incoming['Status'] == 4) { $incoming['Status'] = 3; } } if (empty($incoming['Section']) && $article_id) { $incoming['Section'] = safe_field('Section', 'textpattern', "ID = {$article_id}"); } $incoming = $this->_check_keys($incoming, array('AuthorID' => $this->txp_user, 'Annotate' => $comments_on_default, 'AnnotateInvite' => $comments_default_invite, 'textile_body' => $use_textile, 'textile_excerpt' => $use_textile, 'url_title' => stripSpace($incoming['Title']))); //Build the SQL query $sql = array(); foreach ($incoming as $key => $val) { if ($key == 'Posted' && $val == 'now()') { $sql[] = "{$key} = {$val}"; } elseif ($key != 'ID' && $key != 'uid' && $key != 'feed_time' && $key != 'LastMod' && $key != 'LastModID') { $sql[] = "{$key} = '" . doSlash($val) . "'"; } } $sql[] = 'LastMod = now()'; $sql[] = "LastModID = '" . doSlash($this->txp_user) . "'"; if (!$article_id) { $sql[] = "uid = '" . doSlash(md5(uniqid(rand(), true))) . "'"; } if (!$article_id) { if (empty($incoming['Posted'])) { $sql[] = "feed_time = curdate()"; } else { $when = strtotime($incoming['Posted']) - tz_offset(); $when = strftime("%Y-%m-%d", $when); $sql[] = "feed_time ='" . doSlash($when) . "'"; } } $sql = join(', ', $sql); $rs = $article_id ? safe_update('textpattern', $sql, "ID = {$article_id}") : safe_insert('textpattern', $sql); $oldstatus = $article_id ? $old['Status'] : ''; if (!$article_id && $rs) { $article_id = $rs; } if ($incoming['Status'] >= 4 && !$article_id || $oldstatus != 4 && $article_id) { safe_update("txp_prefs", "val = now()", "name = 'lastmod'"); //@$this->_sendPings(); } return $article_id; } return false; }
function file_list($message = '') { global $txpcfg, $extensions, $file_base_path; extract($txpcfg); extract(get_prefs()); pagetop(gTxt('file'), $message); $page = gps('page'); $total = getCount('txp_file', "1=1"); $limit = max(@$file_list_pageby, 25); $numPages = ceil($total / $limit); $page = !$page ? 1 : $page; $offset = ($page - 1) * $limit; $sort = gps('sort'); $dir = gps('dir'); $sort = $sort ? $sort : 'filename'; $dir = $dir ? $dir : 'desc'; if ($dir == "desc") { $dir = "asc"; } else { $dir = "desc"; } $existing_files = get_filenames(); echo startTable('list'), tr(tda(file_upload_form(gTxt('upload_file'), 'upload', 'file_insert'), ' colspan="4" style="border:0"')), count($existing_files) > 0 ? tr(tda(form(graf(gTxt('existing_file') . sp . selectInput('filename', $existing_files, "", 1) . sp . fInput('submit', '', gTxt('Create'), 'smallerbox') . sp . eInput('file') . sInput('file_create'))), ' colspan="4" style="border:0"')) : '', tr(column_head('Id', 'id', 'file', 1, $dir) . column_head('file_name', 'filename', 'file', 1, $dir) . td(gTxt('status')) . td(gTxt('tags')) . column_head('file_category', 'category', 'file', 1, $dir) . column_head('description', 'description', 'file', 1, $dir) . column_head('downloads', 'downloads', 'file', 1, $dir) . td()); $nav[] = $page > 1 ? PrevNextLink("file", $page - 1, gTxt('prev'), 'prev') : ''; $nav[] = sp . small($page . '/' . $numPages) . sp; $nav[] = $page != $numPages ? PrevNextLink("file", $page + 1, gTxt('next'), 'next') : ''; $rs = safe_rows_start("*", "txp_file", "1=1 order by {$sort} {$dir} limit {$offset}, {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); // does the downloads column exist? if (!isset($downloads)) { // nope, add it safe_alter("txp_file", "ADD downloads INT DEFAULT '0' NOT NULL"); $downloads = 0; } else { if (empty($downloads)) { $downloads = '0'; } } $elink = eLink('file', 'file_edit', 'id', $id, $filename); $dlink = dLink('file', 'file_delete', 'id', $id); //Add tags helper $txtilelink = '<a target="_blank" href="?event=tag' . a . 'name=file' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename) . a . 'type=textile" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">Textile</a>'; $txplink = '<a target="_blank" href="?event=tag' . a . 'name=file' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename) . a . 'type=textpattern" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">Textpattern</a>'; $xhtmlink = '<a target="_blank" href="?event=tag' . a . 'name=file' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename) . a . 'type=xhtml" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">XHTML</a>'; $file_exists = file_exists(build_file_path($file_base_path, $filename)); $missing = '<span style="color:'; $missing .= $file_exists ? 'green' : 'red'; $missing .= '">'; $missing .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing'); $missing .= '</span>'; $downloadlink = $file_exists ? make_download_link($id, $filename, $id) : $id; echo tr(td($downloadlink) . td($elink) . td($missing) . td($txtilelink . ' / ' . $txplink . ' / ' . $xhtmlink) . td($category, 90) . td($description, 150) . td($downloads == '0' ? " 0" : $downloads, 20) . td($dlink, 10)); } echo tr(tdcs(graf(join('', $nav)), 4)); } echo endTable(); echo pageby_form('file', $file_list_pageby); if (!is_dir($file_base_path) or !is_writeable($file_base_path)) { echo graf(str_replace("{filedir}", $file_base_path, gTxt('file_dir_not_writeable')), ' style="text-align:center;color:red"'); } }
function doDiagnostics() { global $files, $txpcfg, $step; extract(get_prefs()); $urlparts = parse_url(hu); $mydomain = $urlparts['host']; $server_software = @$_SERVER['SERVER_SOFTWARE'] || @$_SERVER['HTTP_HOST'] ? @$_SERVER['SERVER_SOFTWARE'] ? @$_SERVER['SERVER_SOFTWARE'] : $_SERVER['HTTP_HOST'] : ''; $is_apache = ($server_software and stristr($server_software, 'Apache')) or is_callable('apache_get_version'); $real_doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? realpath($_SERVER['DOCUMENT_ROOT']) : ''; // ini_get() returns string values passed via php_value as a string, not boolean $is_register_globals = (strcasecmp(ini_get('register_globals'), 'on') === 0 or ini_get('register_globals') === '1'); $fail = array('path_to_site_missing' => !isset($path_to_site) ? gTxt('path_to_site_missing') : '', 'dns_lookup_fails' => @gethostbyname($mydomain) == $mydomain ? gTxt('dns_lookup_fails') . cs . $mydomain : '', 'path_to_site_inacc' => !@is_dir($path_to_site) ? gTxt('path_to_site_inacc') . cs . $path_to_site : '', 'site_trailing_slash' => rtrim($siteurl, '/') != $siteurl ? gTxt('site_trailing_slash') . cs . $path_to_site : '', 'index_inaccessible' => (!@is_file($path_to_site . "/index.php") or !@is_readable($path_to_site . "/index.php")) ? "{$path_to_site}/index.php " . gTxt('is_inaccessible') : '', 'dir_not_writable' => trim((!@is_writable($path_to_site . '/' . $img_dir) ? str_replace('{dirtype}', gTxt('img_dir'), gTxt('dir_not_writable')) . ": {$path_to_site}/{$img_dir}\r\n" : '') . (!@is_writable($file_base_path) ? str_replace('{dirtype}', gTxt('file_base_path'), gTxt('dir_not_writable')) . ": {$file_base_path}\r\n" : '') . (!@is_writable($tempdir) ? str_replace('{dirtype}', gTxt('tempdir'), gTxt('dir_not_writable')) . ": {$tempdir}\r\n" : '')), 'cleanurl_only_apache' => ($permlink_mode != 'messy' and !$is_apache) ? gTxt('cleanurl_only_apache') : '', 'htaccess_missing' => ($permlink_mode != 'messy' and !@is_readable($path_to_site . '/.htaccess')) ? gTxt('htaccess_missing') : '', 'mod_rewrite_missing' => ($permlink_mode != 'messy' and is_callable('apache_get_modules') and !apache_module('mod_rewrite')) ? gTxt('mod_rewrite_missing') : '', 'file_uploads_disabled' => !ini_get('file_uploads') ? gTxt('file_uploads_disabled') : '', 'setup_still_exists' => @is_dir($txpcfg['txpath'] . DS . 'setup') ? $txpcfg['txpath'] . DS . "setup" . DS . ' ' . gTxt('still_exists') : '', 'no_temp_dir' => empty($tempdir) ? gTxt('no_temp_dir') : '', 'warn_mail_unavailable' => !is_callable('mail') ? gTxt('warn_mail_unavailable') : '', 'warn_register_globals_or_update' => $is_register_globals && (version_compare(phpversion(), '4.4.0', '<=') or version_compare(phpversion(), '5.0.0', '>=') and version_compare(phpversion(), '5.0.5', '<=')) ? gTxt('warn_register_globals_or_update') : ''); if ($permlink_mode != 'messy') { $rs = safe_column("name", "txp_section", "1"); foreach ($rs as $name) { if (@file_exists($path_to_site . '/' . $name)) { $fail['old_placeholder_exists'] = gTxt('old_placeholder') . ": {$path_to_site}/{$name}"; } } } $missing = array(); foreach ($files as $f) { if (!is_readable($txpcfg['txpath'] . $f)) { $missing[] = $txpcfg['txpath'] . $f; } } if ($missing) { $fail['missing_files'] = gTxt('missing_files') . cs . join(', ', $missing); } foreach ($fail as $k => $v) { if (empty($v)) { unset($fail[$k]); } } # Find the highest revision number $file_revs = array(); $rev = 0; foreach ($files as $f) { $lines = @file($txpcfg['txpath'] . $f); if ($lines) { foreach ($lines as $line) { if (preg_match('/^\\$LastChangedRevision: (\\w+) \\$/', $line, $match)) { $file_revs[$f] = $match[1]; if ($match[1] > $rev) { $rev = $match[1]; } } } } } echo pagetop(gTxt('tab_diagnostics'), ''), startTable('list'), tr(td(hed(gTxt('preflight_check'), 1))); if ($fail) { foreach ($fail as $help => $message) { echo tr(tda(nl2br($message) . popHelp($help), ' style="color:red;"')); } } else { echo tr(td(gTxt('all_checks_passed'))); } echo tr(td(hed(gTxt('diagnostic_info'), 1))); $fmt_date = '%Y-%m-%d %H:%M:%S'; $out = array('<textarea style="width:500px;height:300px;" readonly="readonly">', gTxt('txp_version') . cs . txp_version . ' (' . ($rev ? 'r' . $rev : 'unknown revision') . ')' . n, gTxt('last_update') . cs . gmstrftime($fmt_date, $dbupdatetime) . '/' . gmstrftime($fmt_date, @filemtime(txpath . '/update/_update.php')) . n, gTxt('document_root') . cs . @$_SERVER['DOCUMENT_ROOT'] . ($real_doc_root != @$_SERVER['DOCUMENT_ROOT'] ? ' (' . $real_doc_root . ')' : '') . n, '$path_to_site' . cs . $path_to_site . n, gTxt('txp_path') . cs . $txpcfg['txpath'] . n, gTxt('permlink_mode') . cs . $permlink_mode . n, ini_get('open_basedir') ? 'open_basedir: ' . ini_get('open_basedir') . n : '', ini_get('upload_tmp_dir') ? 'upload_tmp_dir: ' . ini_get('upload_tmp_dir') . n : '', gTxt('tempdir') . cs . $tempdir . n, gTxt('web_domain') . cs . $siteurl . n, getenv('TZ') ? 'TZ: ' . getenv('TZ') . n : '', gTxt('php_version') . cs . phpversion() . n, $is_register_globals ? gTxt('register_globals') . cs . $is_register_globals . n : '', gTxt('server_time') . cs . strftime('%Y-%m-%d %H:%M:%S') . n, 'MySQL' . cs . mysql_get_server_info() . n, gTxt('locale') . cs . $locale . n, isset($_SERVER['SERVER_SOFTWARE']) ? gTxt('server') . cs . $_SERVER['SERVER_SOFTWARE'] . n : '', is_callable('apache_get_version') ? gTxt('apache_version') . cs . apache_get_version() . n : '', $fail ? n . gTxt('preflight_check') . cs . n . ln . join("\n", $fail) . n . ln : '', is_readable($path_to_site . '/.htaccess') ? n . gTxt('htaccess_contents') . cs . n . ln . join('', file($path_to_site . '/.htaccess')) . n . ln : ''); if ($step == 'high') { $mysql_client_encoding = is_callable('mysql_client_encoding') ? mysql_client_encoding() : '-'; $out[] = n . 'Charset (default/config)' . cs . $mysql_client_encoding . '/' . @$txpcfg['dbcharset'] . n; $result = safe_query("SHOW variables like 'character_se%'"); while ($row = mysql_fetch_row($result)) { $out[] = $row[0] . cs . $row[1] . n; if ($row[0] == 'character_set_connection') { $conn_char = $row[1]; } } $table_names = array(PFX . 'textpattern'); $result = safe_query("SHOW TABLES LIKE '" . PFX . "txp\\_%'"); while ($row = mysql_fetch_row($result)) { $table_names[] = $row[0]; } $table_msg = array(); foreach ($table_names as $table) { $ctr = safe_query("SHOW CREATE TABLE " . $table . ""); if (!$ctr) { unset($table_names[$table]); continue; } $ctcharset = preg_replace('#^CREATE TABLE.*SET=([^ ]+)[^)]*$#is', '\\1', mysql_result($ctr, 0, 'Create Table')); if (isset($conn_char) && !stristr($ctcharset, 'CREATE') && $conn_char != $ctcharset) { $table_msg[] = "{$table} is {$ctcharset}"; } $ctr = safe_query("CHECK TABLE " . $table); if (in_array(mysql_result($ctr, 0, 'Msg_type'), array('error', 'warning'))) { $table_msg[] = $table . cs . mysql_result($ctr, 0, 'Msg_Text'); } } if ($table_msg == array()) { $table_msg = count($table_names) < 18 ? array('-') : array('OK'); } $out[] = count($table_names) . ' Tables' . cs . implode(', ', $table_msg) . n; $extns = get_loaded_extensions(); $extv = array(); foreach ($extns as $e) { $extv[] = $e . (phpversion($e) ? '/' . phpversion($e) : ''); } $out[] = n . gTxt('php_extensions') . cs . join(', ', $extv) . n; if (is_callable('apache_get_modules')) { $out[] = n . gTxt('apache_modules') . cs . join(', ', apache_get_modules()) . n . n; } foreach ($files as $f) { $rev = ''; $checksum = ''; if (is_callable('md5_file')) { $checksum = md5_file($txpcfg['txpath'] . $f); } if (isset($file_revs[$f])) { $rev = $file_revs[$f]; } $out[] = "{$f}" . cs . ($rev ? "r" . $rev : gTxt('unknown')) . ' (' . ($checksum ? $checksum : gTxt('unknown')) . ')' . n; } } $out[] = '</textarea>' . br; $dets = array('low' => gTxt('low'), 'high' => gTxt('high')); $out[] = form(eInput('diag') . n . gTxt('detail') . cs . selectInput('step', $dets, $step, 0, 1)); echo tr(td(join('', $out))), endTable(); }
$txpath = $txpcfg['txpath']; if (isset($_POST['preview'])) { include $txpath . '/publish.php'; textpattern(); exit; } // error_reporting(E_ALL); // ini_set("display_errors","1"); include $txpath . '/lib/txplib_db.php'; include $txpath . '/lib/txplib_forms.php'; include $txpath . '/lib/txplib_html.php'; include $txpath . '/lib/txplib_misc.php'; include $txpath . '/lib/admin_config.php'; $microstart = getmicrotime(); $dbversion = safe_field('val', 'txp_prefs', "name = 'version'"); extract(get_prefs()); # define("LANG",$language); define("LANG", "en-gb"); define('txp_version', $thisversion); $textarray = load_lang(LANG); if (!$dbversion or $dbversion != $thisversion) { include_once '_update.php'; } include $txpath . '/include/txp_auth.php'; include $txpath . '/lib/txplib_head.php'; $event = gps('event'); $step = gps('step'); include !$event ? $txpath . '/include/txp_article.php' : $txpath . '/include/txp_' . $event . '.php'; $microdiff = getmicrotime() - $microstart; echo "\n<!-- Runtime: ", substr($microdiff, 0, 6), "-->"; end_page();
function customers_list($event = '', $step = '', $message = '') { global $statuses, $comments_disabled_after, $step, $txp_user; pagetop("Customers", $message); extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'qty', 'search_method'))); $sesutats = array_flip($statuses); $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'RealName': $sort_sql = 'RealName ' . $dir; break; case 'orders': $sort_sql = 'orders ' . $dir; break; default: $dir = 'desc'; $sort_sql = 'user_id ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = "privs = 0"; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "ID = '{$crit_escaped}'", 'title_body' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_users', "{$criteria}"); if (isset($qty)) { $customers_list_pageby = $qty; } else { $customers_list_pageby = 15; } $limit = max(@$customers_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); $rs = safe_rows_start('*', 'txp_users', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); $customersOnPage = $offset + $limit; if ($rs) { echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '700') . n . tr(n . tda("Displaying {$offset} - {$customersOnPage} of {$total} customers", ' colspan="2" style="border: none; padding-bottom: 15px;"') . n . tda('<a href="?event=customers&step=edit_customer" class="navlink">Add a new customer</a> <a href="?event=customers&step=export_customer" class="navlink">Export customers</a>', ' colspan="2" style="text-align: right; border: none; padding-bottom: 15px;"')) . n . tr(n . column_head('Customer', 'RealName', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Phone', 'shipping_phone', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Email', 'email', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Orders', 'order_num', 'customers', true, $switch_dir, $crit, $search_method)); include_once txpath . '/publish/taghandlers.php'; while ($a = nextRow($rs)) { extract($a); $order_num = safe_count("orders", "user_id = {$user_id}"); $RealName = eLink('customers', 'edit_customer', 'user_id', $user_id, $RealName); $Orders = eLink('order', 'edit', 'customer', $name, $order_num); echo n . n . tr(n . td($RealName, "25%") . td($billing_phone, "25%") . td($email, "25%") . td($Orders, "25%")); } echo n . endTable() . n . '</form>' . n . nav_form('customers', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('customers', $customers_list_pageby); } }
function orders_list($event, $step, $message = '') { global $statuses, $comments_disabled_after, $step, $txp_user; pagetop("Orders", $message); extract(get_prefs()); extract(doSlash($_REQUEST)); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $sesutats = array_flip($statuses); $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'user_id': $sort_sql = 'user_id ' . $dir; break; default: $dir = 'desc'; $sort_sql = 'id ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = "order_status = 'pending'"; if (isset($show_approved)) { $criteria .= " OR order_status = 'approved'"; $show_approved_selected = "checked='true'"; } if (isset($show_shipped)) { $criteria .= " OR order_status = 'shipped'"; $show_shipped_selected = "checked='true'"; } if (isset($show_declined)) { $criteria .= " OR order_status = 'declined'"; $show_declined_selected = "checked='true'"; } if (isset($show_void)) { $criteria .= " OR order_status = 'void'"; $show_void_selected = "checked='true'"; } $total = safe_count('orders', "{$criteria}"); $limit = max(@$article_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); $rs = safe_rows_start('*', 'orders', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); $exportOptions = '<div style="display:none" id="exportOptions" class="list">' . br . 'Export <select name="orderType" onchange="if(this.value!=\'\'){window.location=\'http://' . $siteurl . '/textpattern/index.php\'+this.value}">' . n . n . '<option value="" selected="true">Select export options</option>' . n . '<option value="?event=orders&step=export_orders&type=pending">Pending</option>' . n . '<option value="?event=orders&step=export_orders&type=approved">Approved</option>' . n . '<option value="?event=orders&step=export_orders&type=shipped">Shipped</option>' . n . '<option value="?event=orders&step=export_orders&type=declined">Declined</option>' . n . '<option value="?event=orders&step=export_orders&type=void">Void</option>' . n . '<option value="?event=orders&step=export_orders&type=lastweek">All orders in the last 7 days</option>' . n . '<option value="?event=orders&step=export_orders&type=lastmonth">All orders in the last 30 days</option>' . n . '<option value="?event=orders&step=export_orders&type=all">All orders ever!</option></select> [<a href="javascript:void(0)" onclick="document.getElementById(\'exportOptions\').style.display = \'none\';">cancel</a>]' . '</div>'; if ($rs) { echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . '<input type="hidden" name="event" value="orders"/>' . n . n . startTable('list', '', '', '', '700') . n . tr(n . tda("Displaying {$offset} - {$limit} of {$total} orders ", ' colspan="2" style="border: none; padding-bottom: 15px;"') . n . tda('<a href="javascript:void(0)" onclick="document.getElementById(\'exportOptions\').style.display=\'block\';" class="navlink">Export orders</a>' . $exportOptions, ' colspan="3" style="text-align: right; border: none; padding-bottom: 15px;"')) . n . tr(n . tda('Show <input type="checkbox" value="pending" name="show_pending" checked="checked" disabled="true"/> Pending <input type="checkbox" value="approved" name="show_approved" ' . $show_approved_selected . '/> Approved <input type="checkbox" value="shipped" name="show_shipped" ' . $show_shipped_selected . '/> Shipped <input type="checkbox" value="declined" name="show_declined" ' . $show_declined_selected . '/> Declined <input type="checkbox" value="void" name="show_void"' . $show_void_selected . ' /> Void <input type="submit" value="Refresh"/> ', ' colspan="4" style="border: none; padding-bottom: 15px;"')) . n . tr(n . column_head('Order #', 'id', 'orders', true, $switch_dir, $crit, $search_method) . column_head('Customer', 'user_id', 'orders', true, $switch_dir, $crit, $search_method) . column_head('Order Date', 'date_created', 'orders', true, $switch_dir, $crit, $search_method) . column_head('Total', 'total', 'orders', true, $switch_dir, $crit, $search_method) . column_head('Status', 'order_status', 'orders', true, $switch_dir, $crit, $search_method)); include_once txpath . '/publish/taghandlers.php'; while ($a = nextRow($rs)) { extract($a); $edit_link = '<a href="?event=orders&step=edit_order&id=' . $id . '">' . $id . '</a> <small>[<a href="?event=orders&step=edit_order&id=' . $id . '">Edit</a> | <a href="?event=orders&step=delete_order&id=' . $id . '" onclick="if(!confirm(\'Are you sure?\')){return false;}">Delete</a>]</small>'; $user = safe_row("RealName, user_id", "txp_users", "user_id = '{$user_id}'"); $user_link = '<a href="?event=customers&step=edit_customer&user_id=' . $user_id . '">' . $user['RealName'] . '</a>'; echo n . n . tr(n . td($edit_link) . td($user_link) . td($date_created) . td('$' . $total) . td($order_status)); } echo n . endTable() . n . '</form>' . n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('list', $article_list_pageby); } }