function discuss_list($message = '')
{
pagetop(gTxt('list_discussions'), $message);
extract(doSlash(gpsa(array('page', 'crit'))));
extract(get_prefs());
$total = safe_count('txp_discuss', "1=1");
$limit = max(@$comment_list_pageby, 25);
$numPages = ceil($total / $limit);
$page = !$page ? 1 : $page;
$offset = ($page - 1) * $limit;
$nav[] = $page > 1 ? PrevNextLink("discuss", $page - 1, gTxt('prev'), 'prev') : '';
$nav[] = sp . small($page . '/' . $numPages) . sp;
$nav[] = $page != $numPages ? PrevNextLink("discuss", $page + 1, gTxt('next'), 'next') : '';
$criteria = $crit ? "message like '%{$crit}%'" : '1=1';
$rs = safe_rows_start("*, unix_timestamp(posted) as uPosted", "txp_discuss", "{$criteria} order by posted desc limit {$offset}, {$limit}");
echo pageby_form('discuss', $comment_list_pageby);
if ($rs) {
echo '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list'), assHead('date', 'name', 'message', 'parent', '');
while ($a = nextRow($rs)) {
extract($a);
$dmessage = $visible == SPAM ? short_preview($message) : $message;
$date = "" . date("M d, g:ia", $uPosted + tz_offset()) . "";
$editlink = eLink('discuss', 'discuss_edit', 'discussid', $discussid, $date);
$cbox = fInput('checkbox', 'selected[]', $discussid);
$tq = fetch('Title', 'textpattern', 'ID', $parentid);
$parent = !$tq ? gTxt('article_deleted') : $tq;
echo assRow(array($editlink => 100, $name => 100, $dmessage => 250, $parent => 100, $cbox => 20), ' class="' . ($visible == VISIBLE ? 'visible' : ($visible == SPAM ? 'spam' : 'moderate')) . '"');
}
echo tr(tda(select_buttons() . discuss_multiedit_form(), ' colspan="5" style="text-align:right;border:0px"'));
echo endTable() . '</form>';
echo startTable('edit'), tr(td(form(fInput('text', 'crit', '', 'edit') . fInput('submit', 'search', gTxt('search'), 'smallbox') . eInput("discuss") . sInput("list"))) . td(graf(join('', $nav)))) . tr(tda(graf('<a href="index.php?event=discuss' . a . 'step=ipban_list">' . gTxt('list_banned_ips') . '</a>'), ' colspan="2" align="center" valign="middle"')), endTable();
} else {
echo graf(gTxt('no_comments_recorded'), ' align="center"');
}
}
function list_list($message = "", $post = '')
{
extract(get_prefs());
$lvars = array("page", "sort", "dir", "crit", 'method');
extract(gpsa($lvars));
global $statuses, $step;
pagetop("Textpattern", $message);
$total = getCount('textpattern', "1");
$limit = $article_list_pageby ? $article_list_pageby : 25;
$numPages = ceil($total / $limit);
$page = !$page ? 1 : $page;
$offset = ($page - 1) * $limit;
if (!$sort) {
$sort = "Posted";
}
if (!$dir) {
$dir = "desc";
}
if ($dir == "desc") {
$linkdir = "asc";
} else {
$linkdir = "desc";
}
if ($crit) {
$critsql = array('title_body' => "Title rlike '{$crit}' or Body rlike '{$crit}'", 'author' => "AuthorID rlike '{$crit}'", 'categories' => "Category1 rlike '{$crit}' or Category2 rlike '{$crit}'", 'section' => "Section rlike '{$crit}'", 'status' => "Status rlike '{$crit}'");
$criteria = $critsql[$method];
$limit = 500;
} else {
$criteria = 1;
}
$rs = safe_rows("*, unix_timestamp(Posted) as uPosted", "textpattern", "{$criteria} order by {$sort} {$dir} limit {$offset},{$limit}");
echo !$crit ? list_nav_form($page, $numPages, $sort, $dir) : '', list_searching_form($crit, $method);
if ($rs) {
echo '<form action="index.php" method="post" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list'), '<tr>', column_head('posted', 'Posted', 'list', 1, $linkdir), column_head('title', 'Title', 'list', 1, $linkdir), $use_sections ? column_head('section', 'Section', 'list', 1, $linkdir) : '', $use_categories ? column_head('category1', 'Category1', 'list', 1, $linkdir) . column_head('category2', 'Category2', 'list', 1, $linkdir) : '', hCell(gTxt('Author')), column_head(gTxt('status'), 'Status', 'list', 1, $linkdir), td(), '</tr>';
foreach ($rs as $a) {
extract($a);
if ($use_categories == 1) {
$cat1 = $Category1;
$cat2 = $Category2;
}
$stat = !empty($Status) ? $statuses[$Status] : '';
if ($use_sections == 1) {
$sect = $Section;
}
$adate = date("d M y", $uPosted + $timeoffset);
$alink = eLink('article', 'edit', 'ID', $ID, $adate);
$tlink = eLink('article', 'edit', 'ID', $ID, $Title);
$modbox = fInput('checkbox', 'selected[]', $ID);
echo "<tr>" . n, td($alink), td($tlink, 200), $use_sections ? td($sect, 75) : '', $use_categories ? td($cat1, 75) . td($cat2, 75) : '', td($AuthorID), td($stat, 45), td($modbox), '</tr>' . n;
}
echo tr(tda(list_multiedit_form(), ' colspan="8" style="text-align:right;border:0px"'));
echo "</table></form>";
echo pageby_form('list', $article_list_pageby);
unset($sort);
}
}
function prefs_list($message = '')
{
global $textarray;
echo pagetop(gTxt('edit_preferences'), $message);
extract(get_prefs());
$locale = setlocale(LC_ALL, $locale);
$textarray = load_lang($language);
echo n . n . '<form method="post" action="index.php">' . n . n . startTable('list') . n . n . tr(tdcs(hed(gTxt('site_prefs'), 1), 3)) . n . n . tr(tdcs(sLink('prefs', 'prefs_list', gTxt('site_prefs'), 'navlink-active') . sp . sLink('prefs', 'advanced_prefs', gTxt('advanced_preferences'), 'navlink') . sp . sLink('prefs', 'list_languages', gTxt('manage_languages'), 'navlink'), '3'));
$evt_list = safe_column('event', 'txp_prefs', "type = 0 and prefs_id = 1 group by event order by event desc");
foreach ($evt_list as $event) {
$rs = safe_rows_start('*', 'txp_prefs', "type = 0 and prefs_id = 1 and event = '" . doSlash($event) . "' order by position");
$cur_evt = '';
while ($a = nextRow($rs)) {
if ($a['event'] != $cur_evt) {
$cur_evt = $a['event'];
if ($cur_evt == 'comments' && !$use_comments) {
continue;
}
echo n . n . tr(tdcs(hed(gTxt($a['event']), 2, ' class="pref-heading"'), 3));
}
if ($cur_evt == 'comments' && !$use_comments) {
continue;
}
// Skip old settings that don't have an input type
if (!is_callable($a['html'])) {
continue;
}
$label = $a['html'] != 'yesnoradio' ? '<label for="' . $a['name'] . '">' . gTxt($a['name']) . '</label>' : gTxt($a['name']);
$out = tda($label, ' style="text-align: right; vertical-align: middle;"');
if ($a['html'] == 'text_input') {
$out .= td(pref_func('text_input', $a['name'], $a['val'], 20));
} else {
$out .= td(pref_func($a['html'], $a['name'], $a['val']));
}
$out .= tda(popHelp($a['name']), ' style="vertical-align: middle;"');
echo tr($out);
}
}
echo n . n . tr(tda(fInput('submit', 'Submit', gTxt('save_button'), 'publish') . n . sInput('prefs_save') . n . eInput('prefs') . n . hInput('prefs_id', '1'), ' colspan="3" class="noline"')) . n . n . endTable() . n . n . '</form>';
$check_updates = gps('check_updates');
if ($check_updates) {
$updates = checkUpdates();
if (is_array($updates)) {
$out = join(br, $updates);
} else {
$out = $updates;
}
echo n . n . startTable('edit') . n . n . tr(tda($out)) . n . n . endTable();
} else {
echo form(graf('<strong>' . gTxt('check_for_txp_updates') . '</strong>' . sp . n . '<input type="submit" name="check_updates" value="' . gTxt('go') . '" class="publish" />' . n . eInput('prefs') . n . sInput('prefs_list')), 'text-align: center;');
}
}
function prefs_list($message = '')
{
global $textarray;
extract(get_prefs());
$locale = setlocale(LC_ALL, $locale);
$textarray = load_lang($language);
echo pagetop(gTxt('edit_preferences'), $message), '<form action="index.php" method="post">', startTable('list'), tr(tdcs(hed(gTxt('site_prefs'), 1), 3)), tr(tdcs(sLink('prefs', 'advanced_prefs', gTxt('advanced_preferences'), 'navlink') . sp . sLink('prefs', 'list_languages', gTxt('install_language'), 'navlink'), '3'));
$evt_list = safe_column('event', 'txp_prefs', "type='0' AND prefs_id='1' GROUP BY 'event' ORDER BY 'event' DESC");
foreach ($evt_list as $event) {
$rs = safe_rows_start('*', 'txp_prefs', "type='0' AND prefs_id='1' AND event='{$event}' ORDER BY 'position'");
$cur_evt = '';
while ($a = nextRow($rs)) {
if ($a['event'] != $cur_evt) {
$cur_evt = $a['event'];
if ($cur_evt == 'comments' && !$use_comments) {
continue;
}
echo tr(tdcs(hed(ucfirst(gTxt($a['event'])), 1), 3));
}
if ($cur_evt == 'comments' && !$use_comments) {
continue;
}
# Skip old settings that don't have an input type
if (!is_callable($a['html'])) {
continue;
}
$out = tda(gTxt($a['name']), ' style="text-align:right;vertical-align:middle"');
if ($a['html'] == 'text_input') {
$size = 20;
$out .= td(call_user_func('text_input', $a['name'], $a['val'], $size));
} else {
$out .= td(call_user_func($a['html'], $a['name'], $a['val']));
}
$out .= tda(popHelp($a['name']), ' style="vertical-align:middle"');
echo tr($out);
}
}
echo tr(tda(fInput('submit', 'Submit', gTxt('save_button'), 'publish'), ' colspan="3" class="noline"')), endTable(), sInput('prefs_save'), eInput('prefs'), hInput('prefs_id', "1"), hInput('lastmod', "now()"), '</form>';
$check_updates = gps('check_updates');
if (!empty($check_updates)) {
include_once txpath . '/lib/txplib_update.php';
$updates = checkUpdates();
if (is_array($updates)) {
$out = join(br, $updates);
} else {
$out = $updates;
}
echo startTable('edit'), tr(tda($out)), endTable();
} else {
echo startTable('edit'), form(tr(tda(tag(gTxt('check_for_txp_updates'), 'strong'), ' style="text-align:right;vertical-align:middle"') . tda('<input type="submit" value="' . gTxt('go') . '" name="check_updates" class="publish" />')) . eInput('prefs') . sInput('prefs_list')), endTable();
}
}
function log_list()
{
pagetop(gTxt('visitor_logs'));
extract(get_prefs());
safe_delete("txp_log", "`time` < date_sub(now(),interval " . $expire_logs_after . " day)");
safe_optimize("txp_log");
safe_repair("txp_log");
$page = gps('page');
$total = getCount('txp_log', "1");
$limit = 50;
$numPages = ceil($total / $limit);
$page = !$page ? 1 : $page;
$offset = ($page - 1) * $limit;
$nav[] = $page > 1 ? PrevNextLink("log", $page - 1, gTxt('prev'), 'prev') : '';
$nav[] = sp . small($page . '/' . $numPages) . sp;
$nav[] = $page != $numPages ? PrevNextLink("log", $page + 1, gTxt('next'), 'next') : '';
$rs = safe_rows_start("*, unix_timestamp(time) as stamp", "txp_log", "1 order by time desc limit {$offset},{$limit}");
if ($rs) {
echo startTable('list'), assHead('time', 'host', 'page', 'referrer');
$stamp = '';
while ($a = nextRow($rs)) {
extract($a);
if ($refer) {
$referprint = preg_replace("/^www\\./", "", chunk(htmlspecialchars($refer), 50));
$referprint = '<a href="http://' . htmlspecialchars($refer) . '">' . $referprint . '</a>';
} else {
$referprint = ' ';
}
$pageprint = preg_replace('/\\/$/', '', htmlspecialchars(substr($page, 1)));
$pageprint = $pageprint == '' ? '' : '<a href="' . htmlspecialchars($page) . '" target="_blank">' . chunk($pageprint, 50) . '</a>';
if ($method == 'POST') {
$pageprint = '<b>' . $pageprint . '</b>';
}
$fstamp = date("n/j g:i a", $stamp + tz_offset());
$hostprint = chunk($host, 40);
echo tr(td($fstamp) . td($hostprint) . td($pageprint) . td($referprint));
unset($refer, $referprint, $page, $pageprint);
}
echo '<tr><td colspan="4" align="right" style="padding:10px">', join('', $nav), "</td></tr>", endTable();
} else {
echo graf(gTxt('no_refers_recorded'), ' align="center"');
}
}
function image_list($message = '')
{
global $txpcfg, $extensions, $path_from_root, $img_dir;
$pfr = $path_from_root;
extract($txpcfg);
extract(get_prefs());
pagetop(gTxt('image'), $message);
echo pageby_form('image', $article_list_pageby);
echo startTable('list'), tr(tda(upload_form(gTxt('upload_file'), gTxt('upload'), 'image_insert'), ' colspan="4" style="border:0"')), tr(hCell(ucfirst(gTxt('name'))) . hCell(gTxt('image_category')) . hCell(gTxt('tags')) . hCell(gTxt('author')) . hCell(gTxt('thumbnail')) . hCell());
$page = gps('page');
$total = getCount('txp_image', "1");
$limit = 15;
$numPages = ceil($total / $limit);
$page = !$page ? 1 : $page;
$offset = ($page - 1) * $limit;
$nav[] = $page > 1 ? PrevNextLink("image", $page - 1, gTxt('prev'), 'prev') : '';
$nav[] = sp . small($page . '/' . $numPages) . sp;
$nav[] = $page != $numPages ? PrevNextLink("image", $page + 1, gTxt('next'), 'next') : '';
$rs = safe_rows("*", "txp_image", "1 order by category,name limit {$offset},{$limit}");
if ($rs) {
foreach ($rs as $a) {
extract($a);
$thumbnail = $thumbnail ? '<img src="' . $pfr . $img_dir . '/' . $id . 't' . $ext . '" />' : gTxt('no');
$elink = eLink('image', 'image_edit', 'id', $id, $name);
$txtilelink = '<a target="_blank" href="?event=tag' . a . 'name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'alt=' . $alt . a . 'h=' . $h . a . 'w=' . $w . a . 'type=textile" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">Textile</a>';
$txplink = '<a target="_blank" href="?event=tag' . a . 'name=image' . a . 'id=' . $id . a . 'type=textpattern" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">Textpattern</a>';
$xhtmlink = '<a target="_blank" href="?event=tag' . a . 'name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'h=' . $h . a . 'w=' . $w . a . 'type=xhtml" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">XHTML</a>';
$dlink = dLink('image', 'image_delete', 'id', $id);
echo tr(td($elink) . td($category) . td($txtilelink . ' / ' . $txplink . ' / ' . $xhtmlink) . td($author) . td($thumbnail) . td($dlink, 10));
}
echo tr(tdcs(graf(join('', $nav)), 4));
}
echo endTable();
$imgdir = $doc_root . $path_from_root . $img_dir;
if (!is_dir($imgdir) or !is_writeable($imgdir)) {
echo graf(str_replace("{imgdir}", $imgdir, gTxt('img_dir_not_writeable')), ' style="text-align:center;color:red"');
}
}
function link_list($message = "")
{
global $step, $link_list_pageby;
extract(get_prefs());
$page = gps('page');
$total = getCount('txp_link', "1");
$limit = $link_list_pageby;
$numPages = ceil($total / $limit);
$page = !$page ? 1 : $page;
$offset = ($page - 1) * $limit;
$sort = gps('sort');
$dir = gps('dir');
$sort = $sort ? $sort : 'linksort';
$dir = $dir ? $dir : 'asc';
if ($dir == "desc") {
$dir = "asc";
} else {
$dir = "desc";
}
$nav[] = $page > 1 ? PrevNextLink("link", $page - 1, gTxt('prev'), 'prev') : '';
$nav[] = sp . small($page . '/' . $numPages) . sp;
$nav[] = $page != $numPages ? PrevNextLink("link", $page + 1, gTxt('next'), 'next') : '';
$rs = safe_rows("*", "txp_link", "1 order by {$sort} {$dir} limit {$offset},{$limit}");
if ($rs) {
echo '<form action="index.php" method="post" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list'), tr(column_head('link_name', 'linksort', 'link', 1, $dir) . column_head('description', 'description', 'link', 1, $dir) . column_head('link_category', 'category', 'link', 1, $dir) . td());
foreach ($rs as $a) {
extract($a);
$elink = eLink('link', 'link_edit', 'id', $id, $linkname);
$cbox = fInput('checkbox', 'selected[]', $id);
echo tr(td($elink) . td($description) . td($category) . td($cbox));
}
echo tr(tda(link_multiedit_form(), ' colspan="4" style="border:0px;text-align:right"'));
echo endTable(), '</form>';
echo pageby_form('link', $link_list_pageby);
echo graf(join('', $nav), ' align="center"');
}
}
function discuss_list($message = '')
{
pagetop(gTxt('list_discussions'), $message);
echo graf('<a href="index.php?event=discuss' . a . 'step=ipban_list">' . gTxt('list_banned_ips') . '</a>', ' style="text-align: center;"');
extract(get_prefs());
extract(gpsa(array('sort', 'dir', 'page', 'crit', 'search_method')));
$dir = $dir == 'asc' ? 'asc' : 'desc';
switch ($sort) {
case 'id':
$sort_sql = 'discussid ' . $dir;
break;
case 'ip':
$sort_sql = 'ip ' . $dir;
break;
case 'name':
$sort_sql = 'name ' . $dir;
break;
case 'email':
$sort_sql = 'email ' . $dir;
break;
case 'website':
$sort_sql = 'web ' . $dir;
break;
case 'message':
$sort_sql = 'message ' . $dir;
break;
case 'status':
$sort_sql = 'visible ' . $dir;
break;
case 'parent':
$sort_sql = 'parentid ' . $dir;
break;
default:
$sort = 'date';
$sort_sql = 'txp_discuss.posted ' . $dir;
break;
}
if ($sort != 'date') {
$sort_sql .= ', txp_discuss.posted asc';
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "discussid = '{$crit_escaped}'", 'parent' => "parentid = '{$crit_escaped}' OR title like '%{$crit_escaped}%'", 'name' => "name like '%{$crit_escaped}%'", 'message' => "message like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'website' => "web like '%{$crit_escaped}%'", 'ip' => "ip like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$spamq = cs('toggle_show_spam') ? '1=1' : 'visible != ' . intval(SPAM);
$total = getThing('SELECT COUNT(*)' . ' FROM ' . safe_pfx_j('txp_discuss') . ' LEFT JOIN ' . safe_pfx_j('textpattern') . ' ON txp_discuss.parentid = textpattern.ID' . ' WHERE ' . $spamq . ' AND ' . $criteria);
if ($total < 1) {
if ($criteria != 1) {
echo n . discuss_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"');
} else {
echo graf(gTxt('no_comments_recorded'), ' style="text-align: center;"');
}
return;
}
$limit = max(@$comment_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo discuss_search_form($crit, $search_method);
$rs = safe_query('SELECT txp_discuss.*, unix_timestamp(txp_discuss.posted) as uPosted, ID as thisid, Section as section, url_title, Title as title, Status, unix_timestamp(textpattern.Posted) as posted' . ' FROM ' . safe_pfx_j('txp_discuss') . ' LEFT JOIN ' . safe_pfx_j('textpattern') . ' ON txp_discuss.parentid = textpattern.ID' . ' WHERE ' . $spamq . ' AND ' . $criteria . ' ORDER BY ' . $sort_sql . ' LIMIT ' . $offset . ', ' . $limit);
if ($rs) {
echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '90%') . n . n . tr(column_head('ID', 'id', 'discuss', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . column_head('date', 'date', 'discuss', true, $switch_dir, $crit, $search_method, 'date' == $sort ? $dir : '') . column_head('name', 'name', 'discuss', true, $switch_dir, $crit, $search_method, 'name' == $sort ? $dir : '') . column_head('message', 'message', 'discuss', true, $switch_dir, $crit, $search_method, 'message' == $sort ? $dir : '') . column_head('email', 'email', 'discuss', true, $switch_dir, $crit, $search_method, ('email' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('website', 'website', 'discuss', true, $switch_dir, $crit, $search_method, ('website' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('IP', 'ip', 'discuss', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('status', 'status', 'discuss', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('parent', 'parent', 'discuss', true, $switch_dir, $crit, $search_method, 'parent' == $sort ? $dir : '') . hCell());
include_once txpath . '/publish/taghandlers.php';
while ($a = nextRow($rs)) {
extract($a);
$parentid = assert_int($parentid);
$edit_url = '?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $discussid . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$dmessage = $visible == SPAM ? short_preview($message) : $message;
switch ($visible) {
case VISIBLE:
$comment_status = gTxt('visible');
$row_class = 'visible';
break;
case SPAM:
$comment_status = gTxt('spam');
$row_class = 'spam';
break;
case MODERATE:
$comment_status = gTxt('unmoderated');
$row_class = 'moderate';
break;
default:
break;
}
if (empty($thisid)) {
$parent = gTxt('article_deleted') . ' (' . $parentid . ')';
$view = '';
} else {
$parent_title = empty($title) ? '<em>' . gTxt('untitled') . '</em>' : escape_title($title);
$parent = href($parent_title, '?event=list' . a . 'step=list' . a . 'search_method=id' . a . 'crit=' . $parentid);
$view = '';
if ($visible == VISIBLE and in_array($Status, array(4, 5))) {
$view = n . t . '<li><a href="' . permlinkurl($a) . '#c' . $discussid . '">' . gTxt('view') . '</a></li>';
}
}
echo n . n . tr(n . td('<a href="' . $edit_url . '">' . $discussid . '</a>' . n . '<ul class="discuss_detail">' . n . t . '<li><a href="' . $edit_url . '">' . gTxt('edit') . '</a></li>' . $view . n . '</ul>', 50) . td(gTime($uPosted)) . td(htmlspecialchars(soft_wrap($name, 15))) . td(short_preview($dmessage)) . td(htmlspecialchars(soft_wrap($email, 15)), '', 'discuss_detail') . td(htmlspecialchars(soft_wrap($web, 15)), '', 'discuss_detail') . td($ip, '', 'discuss_detail') . td($comment_status, '', 'discuss_detail') . td($parent) . td(fInput('checkbox', 'selected[]', $discussid)), ' class="' . $row_class . '"');
}
echo tr(tda(toggle_box('discuss_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . discuss_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . endTable() . '</form>' . n . cookie_box('show_spam') . nav_form('discuss', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('discuss', $comment_list_pageby);
}
}
function _sed_si_inject_section_admin($page)
{
global $DB, $prefs, $_sed_si_l18n, $step, $mlp;
if (!isset($DB)) {
$DB = new db();
}
if (!isset($prefs)) {
$prefs = get_prefs();
}
$mlp = new sed_lib_mlp('sed_section_fields', $_sed_si_l18n, '', 'admin');
$section_index = '';
$rows = safe_rows_start('*', 'txp_section', "name != 'default' order by name");
$c = @mysql_num_rows($rows);
if ($rows && $c > 0) {
while ($row = nextRow($rows)) {
$name = $row['name'];
#$title = $row['title'];
#$title = strtr( $title , array( "'"=>''' , '"'=>'"' ) );
# Build the list of sections for the section-tab index
$section_index .= '<li id="sed_section-' . $name . '"><a href="#section-' . $name . '" class="sed_si_hide_all_but_one">' . $name . '</a></li>';
}
#
# Insert a JS variable holding the index of sections...
#
$newsection = '';
if ($step == 'section_create' || $step == 'section_save') {
$newsection = ps('name');
}
$filter = '';
$limit = $prefs[_sed_si_prefix_key('filter_limit')];
if (!is_numeric($limit)) {
$limit = 18;
}
if ($c >= $limit) {
$filter = '<label for="sed_si_section_index_filter">' . $mlp->gTxt('filter_label') . '</label><br /><input id="sed_si_section_index_filter" type="text" class="edit" />';
}
$section_index = '<div id="sed_si_section_index_div">' . '<form id="sed_si_filter_form">' . $filter . '</form>' . '<ol id="sed_si_section_index" class="sed_si_section_index">' . '<li id="sed_section-default"><a href="#section-default" class="sed_si_hide_all_but_one">default</a></li>' . $section_index . '</ol>' . '</div>';
$section_index = str_replace('"', '\\"', $section_index);
$r = '<script type=\'text/javascript\'> var sed_si_new_section = "#section-' . $newsection . '"; var sed_si_section_index = "' . $section_index . '";</script>';
$f = '<script src=\'' . hu . 'textpattern/index.php?sed_resources=sed_si_section_js\' type=\'text/javascript\'></script>';
$page = str_replace($f, $r . n . $f, $page);
}
return $page;
}
function products_list($event = '', $step = '', $message = '')
{
global $statuses, $comments_disabled_after, $step, $txp_user;
$message = '';
pagetop(gTxt('tab_list'), $message);
echo poweredit_products();
//echo the poweredit js
extract(get_prefs());
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
$sesutats = array_flip($statuses);
$dir = $dir == 'desc' ? 'desc' : 'asc';
echo '<script type="text/javascript" src="http://' . $siteurl . '/js/prototype.js"></script>';
echo '<script type="text/javascript" src="http://' . $siteurl . '/js/scriptaculous.js"></script>';
switch ($sort) {
case 'id':
$sort_sql = 'ID ' . $dir;
break;
case 'posted':
$sort_sql = 'Posted ' . $dir;
break;
case 'title':
$sort_sql = 'Title ' . $dir . ', Posted desc';
break;
case 'section':
$sort_sql = 'Section ' . $dir . ', Posted desc';
break;
case 'category1':
$sort_sql = 'Category1 ' . $dir . ', Posted desc';
break;
case 'category2':
$sort_sql = 'Category2 ' . $dir . ', Posted desc';
break;
case 'status':
$sort_sql = 'Status ' . $dir . ', Posted desc';
break;
case 'author':
$sort_sql = 'AuthorID ' . $dir . ', Posted desc';
break;
case 'comments':
$sort_sql = 'comments_count ' . $dir . ', Posted desc';
break;
default:
$dir = 'desc';
$sort_sql = 'Posted ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = "section = 'store'";
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "ID = '{$crit_escaped}'", 'title_body' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('textpattern', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . list_search_form_products($crit, $search_method) . n . graf("No products found", ' style="text-align: center;"');
} else {
echo graf("No products found", ' style="text-align: center;"');
}
return;
}
$limit = max(@$article_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo n . list_search_form_products($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(Posted) as posted', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$total_comments = array();
// fetch true comment count, not the public comment count
// maybe we should have another row in the db?
$rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid");
if ($rs2) {
while ($a = nextRow($rs2)) {
$pid = $a['parentid'];
$num = $a['num'];
$total_comments[$pid] = $num;
}
}
echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '700') . n . tr(hCell() . n . column_head('ID', 'id', 'products', true, $switch_dir, $crit, $search_method) . column_head('title', 'title', 'products', true, $switch_dir, $crit, $search_method) . column_head('category1', 'category1', 'products', true, $switch_dir, $crit, $search_method) . column_head('category2', 'category2', 'products', true, $switch_dir, $crit, $search_method) . column_head('status', 'status', 'products', true, $switch_dir, $crit, $search_method) . hCell());
include_once txpath . '/publish/taghandlers.php';
while ($a = nextRow($rs)) {
extract($a);
if (empty($Title)) {
$Title = '<em>' . eLink('product', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>';
} else {
$Title = eLink('product', 'edit', 'ID', $ID, $Title);
}
if (!empty($Image)) {
$Image = "<img src='{$Image}' alt='Product Image' width='15' height='15'/>";
}
$Category1 = '<span title="' . htmlspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . ' </span>';
$Category2 = '<span title="' . htmlspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . ' </span>';
$manage = n . '<ul class="articles_detail">' . n . t . '<li>' . eLink('product', 'edit', 'ID', $ID, gTxt('edit')) . '</li>' . (($Status == 4 or $Status == 5) ? n . t . '<li><a href="' . permlinkurl($a) . '">' . gTxt('view') . '</a></li>' : '') . n . '</ul>';
$Status = !empty($Status) ? $statuses[$Status] : '';
$comments = gTxt('none');
if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) {
$comments = href(gTxt('manage'), 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID) . ' (' . $total_comments[$ID] . ')';
}
$comment_status = $Annotate ? gTxt('on') : gTxt('off');
if ($comments_disabled_after) {
$lifespan = $comments_disabled_after * 86400;
$time_since = time() - $posted;
if ($time_since > $lifespan) {
$comment_status = gTxt('expired');
}
}
$comments = n . '<ul>' . n . t . '<li>' . $comment_status . '</li>' . n . t . '<li>' . $comments . '</li>' . n . '</ul>';
echo n . n . tr(n . td($Image, 15) . td(eLink('product', 'edit', 'ID', $ID, $ID) . $manage) . td($Title) . td($Category1, 100) . td($Category2, 100) . td($a['Status'] < 4 ? $Status : '<a href="' . permlinkurl($a) . '">' . $Status . '</a>', 50) . td(($a['Status'] >= 4 and has_privs('article.edit.published') or $a['Status'] >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < 4 and has_privs('article.edit') or $a['Status'] < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID) : ' '));
}
echo n . n . tr(tda(toggle_box('articles_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . product_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="5" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>' . n . '<h4 style="font-weight:normal; text-align:center; width:100%;"><a href="#" class="navlink" onclick="if($(\'uploadCSV\').style.display == \'none\'){$(\'uploadCSV\').style.display = \'block\';}else{$(\'uploadCSV\').style.display = \'none\';}">Import Products</a>';
//n.
$instructions = tag(tag('<li>Using FTP, upload your product images to <pre>/txp_site_root/images/_import/</pre></li><li>Upload a correctly formatted CSV file using the form below. (CSV must be in UTF-8 character encoding with DOS or UNIX line breaks.)</li><li>Sit back and watch the magic</li>', "ol"), "div", ' id="instructions" style="display:none; width: 380px; text-align:left; margin:0 auto;"');
echo tag('<h4 style="font-weight:normal; text-align:center; width:100%;"><small><a href="http://homeplatewp.com/TextCommerce/file_download/3">Download Example CSV</a> | <a href="javascript:void(0)" onclick="if($(\'instructions\').style.display == \'none\'){$(\'instructions\').style.display = \'block\';}else{$(\'instructions\').style.display = \'none\';}">Import Instructions</a></small></h4>' . $instructions . upload_form("Browse for CSV:", '', 'product_import', 'product'), 'div', ' id="uploadCSV" style="display:none;"');
echo n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('list', $article_list_pageby);
}
}
function image_list($message = '')
{
global $txpcfg, $extensions, $img_dir, $file_max_upload_size;
pagetop(gTxt('images'), $message);
extract($txpcfg);
extract(get_prefs());
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if (!is_dir(IMPATH) or !is_writeable(IMPATH)) {
echo graf(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), ' id="warning"');
} else {
echo upload_form(gTxt('upload_image'), 'upload', 'image_insert', 'image', '', $file_max_upload_size);
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
switch ($sort) {
case 'name':
$sort_sql = 'name ' . $dir;
break;
case 'thumbnail':
$sort_sql = 'thumbnail ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'id';
$sort_sql = 'id ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "id = '{$crit_escaped}'", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('txp_image', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . image_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"');
} else {
echo n . graf(gTxt('no_images_recorded'), ' style="text-align: center;"');
}
return;
}
$limit = max(@$image_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo image_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n\t\t");
if ($rs) {
echo n . n . startTable('list') . n . tr(column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . hCell() . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, 'date' == $sort ? $dir : '') . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, 'name' == $sort ? $dir : '') . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, 'thumbnail' == $sort ? $dir : '') . hCell(gTxt('tags')) . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, 'category' == $sort ? $dir : '') . column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, 'author' == $sort ? $dir : '') . hCell());
while ($a = nextRow($rs)) {
extract($a);
$edit_url = '?event=image' . a . 'step=image_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$name = empty($name) ? gTxt('unnamed') : htmlspecialchars($name);
$thumbnail = $thumbnail ? '<img src="' . hu . $img_dir . '/' . $id . 't' . $ext . '" alt="" />' : gTxt('no');
$tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption);
$category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'image')) . '">' . $category . '</span>' : '';
echo n . n . tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li><a href="' . hu . $img_dir . '/' . $id . $ext . '">' . gTxt('view') . '</a></li>' . n . '</ul>', 35) . td(gTime($uDate), 75) . td(href($name, $edit_url), 75) . td(href($thumbnail, $edit_url), 80) . td('<ul>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href); return false;">XHTML</a></li>' . '</ul>', 85) . td($category, 75) . td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', 75) . td(dLink('image', 'image_delete', 'id', $id, '', '', '', false, array($page, $sort, $dir, $crit, $search_method)), 10));
}
echo endTable() . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('image', $image_list_pageby);
}
}
function article_edit($message = "")
{
global $txpcfg, $txp_user, $vars;
extract(get_prefs());
extract(gpsa(array('view', 'from_view', 'step')));
if (!empty($GLOBALS['ID'])) {
// newly-saved article
$ID = intval($GLOBALS['ID']);
$step = 'edit';
} else {
$ID = gps('ID');
}
include_once $txpcfg['txpath'] . '/lib/classTextile.php';
$textile = new Textile();
if (!$view) {
$view = "text";
}
if (!$step) {
$step = "create";
}
if ($step == "edit" && $view == "text" && !empty($ID) && $from_view != "preview" && $from_view != 'html') {
$pull = true;
//-- it's an existing article - off we go to the db
$rs = safe_row("*, unix_timestamp(Posted) as sPosted,\n\t\t\t\tunix_timestamp(LastMod) as sLastMod", "textpattern", "ID={$ID}");
extract($rs);
if ($AnnotateInvite != $comments_default_invite) {
$AnnotateInvite = $AnnotateInvite;
} else {
$AnnotateInvite = $comments_default_invite;
}
} else {
$pull = false;
//-- assume they came from post
if (!$from_view or $from_view == 'text') {
extract(gpsa($vars));
} elseif ($from_view == 'preview' or $from_view == 'html') {
// coming from either html or preview
if (isset($_POST['store'])) {
$store = unserialize(base64_decode($_POST['store']));
extract($store);
}
}
foreach ($vars as $var) {
if (isset(${$var})) {
$store_out[$var] = ${$var};
}
}
}
$GLOBALS['step'] = $step;
if ($step == 'create') {
$textile_body = 1;
$textile_excerpt = 1;
}
if ($step != 'create') {
// Previous record?
$prev_id = checkIfNeighbour('prev', $sPosted);
// Next record?
$next_id = checkIfNeighbour('next', $sPosted);
}
pagetop($Title, $message);
echo '<form action="index.php" method="post" name="article">';
if (!empty($store_out)) {
echo hInput('store', base64_encode(serialize($store_out)));
}
echo hInput('ID', $ID), eInput('article'), sInput($step);
echo '<input type="hidden" name="view" />', startTable('edit');
echo '<tr><td> </td><td colspan="3">', $view == 'preview' ? hed(ucfirst(gTxt('preview')), 2) . graf($Title) : '', $view == 'html' ? hed('XHTML', 2) . graf($Title) : '', $view == 'text' ? br . '<input type="text" name="Title" value="' . cleanfInput($Title) . '" class="edit" size="40" tabindex="1" />' : '', '</td></tr>';
//-- article input --------------
echo '<tr>
<td valign="top">', $view == 'text' && $use_textile == 2 ? '<p><a href="#" onclick="toggleDisplay(\'textile_help\');">' . gTxt('textile_help') . '</a></p>
<div id="textile_help" style="display:none;">' . sidehelp() . '</div>' : sp;
if ($view == 'text') {
echo '<p><a href="#" onclick="toggleDisplay(\'advanced\');">' . gTxt('advanced_options') . '</a></p>', '<div id="advanced" style="display:none;">', graf(gTxt('use_textile') . br . tag(checkbox2('textile_body', $textile_body) . gTxt('article'), 'label') . br . tag(checkbox2('textile_excerpt', $textile_excerpt) . gTxt('excerpt'), 'label')), $allow_form_override ? graf(gTxt('override_default_form') . br . form_pop($override_form) . popHelp('override_form')) : '', $custom_1_set ? custField(1, $custom_1_set, $custom_1) : '', $custom_2_set ? custField(2, $custom_2_set, $custom_2) : '', $custom_3_set ? custField(3, $custom_3_set, $custom_3) : '', $custom_4_set ? custField(4, $custom_4_set, $custom_4) : '', $custom_5_set ? custField(5, $custom_5_set, $custom_5) : '', $custom_6_set ? custField(6, $custom_6_set, $custom_6) : '', $custom_7_set ? custField(7, $custom_7_set, $custom_7) : '', $custom_8_set ? custField(8, $custom_8_set, $custom_8) : '', $custom_9_set ? custField(9, $custom_9_set, $custom_9) : '', $custom_10_set ? custField(10, $custom_10_set, $custom_10) : '', graf(gTxt('keywords') . popHelp('keywords') . br . '<textarea name="Keywords" style="width:100px;height:80px" rows="1" cols="1">' . $Keywords . '</textarea>'), graf(gTxt('article_image') . popHelp('article_image') . br . fInput('text', 'Image', $Image, 'edit')), graf(gTxt('url_title') . popHelp('url_title') . br . fInput('text', 'url_title', $url_title, 'edit')) . '</div>
<p><a href="#" onclick="toggleDisplay(\'recent\');">' . gTxt('recent_articles') . '</a>' . '</p>' . '<div id="recent" style="display:none;">';
$recents = safe_rows_start("Title, ID", 'textpattern', "1 order by LastMod desc limit 10");
if ($recents) {
echo '<p>';
while ($recent = nextRow($recents)) {
extract($recent);
if (!$Title) {
$Title = gTxt('untitled') . sp . $ID;
}
echo '<a href="?event=article' . a . 'step=edit' . a . 'ID=' . $ID . '">' . $Title . '</a>' . br . n;
}
echo '</p>';
}
echo '</div>';
} else {
echo sp;
}
echo '</td>
<td valign="top" style="width:400px">';
if ($view == "preview") {
if ($use_textile == 2) {
echo $textile->TextileThis($Body);
} else {
if ($use_textile == 1) {
echo nl2br($Body);
} else {
if ($use_textile == 0) {
echo $Body;
}
}
}
} elseif ($view == "html") {
if ($use_textile == 2) {
$bod = $textile->TextileThis($Body);
} else {
if ($use_textile == 1) {
$bod = nl2br($Body);
} else {
if ($use_textile == 0) {
$bod = $Body;
}
}
}
echo tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($bod)), 'code');
} else {
echo '<textarea style="width:400px;height:420px" rows="1" cols="1" name="Body" tabindex="2">', htmlspecialchars($Body), '</textarea>';
}
//-- excerpt --------------------
if ($articles_use_excerpts) {
if ($view == 'text') {
$Excerpt = str_replace("&", "&", htmlspecialchars($Excerpt));
echo graf(gTxt('excerpt') . popHelp('excerpt') . br . '<textarea style="width:400px;height:50px" rows="1" cols="1" name="Excerpt" tabindex="3">' . $Excerpt . '</textarea>');
} else {
echo '<hr width="50%" />';
echo $textile_excerpt ? $view == 'preview' ? graf($textile->textileThis($Excerpt), 1) : tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($textile->TextileThis($Excerpt), 1)), 'code') : graf($Excerpt);
}
}
//-- author --------------
if ($view == "text" && $step != "create") {
echo "<p><small>" . gTxt('posted_by') . " {$AuthorID}: ", date("H:i, d M y", $sPosted + tz_offset());
if ($sPosted != $sLastMod) {
echo br . gTxt('modified_by') . " {$LastModID}: ", date("H:i, d M y", $sLastMod + tz_offset());
}
echo '</small></p>';
}
echo hInput('from_view', $view), '</td>';
echo '<td valign="top" align="left" width="20">';
//-- layer tabs -------------------
echo $use_textile == 2 ? tab('text', $view) . tab('html', $view) . tab('preview', $view) : ' ';
echo '</td>';
?>
<td width="200" valign="top" style="padding-left:10px" align="left" id="articleside">
<?php
//-- prev/next article links --
if ($view == 'text') {
if ($step != 'create' and ($prev_id or $next_id)) {
echo '<p>', $prev_id ? prevnext_link('‹' . gTxt('prev'), 'article', 'edit', $prev_id, gTxt('prev')) : '', $next_id ? prevnext_link(gTxt('next') . '›', 'article', 'edit', $next_id, gTxt('next')) : '', '</p>';
}
}
//-- status radios --------------
echo $view == 'text' ? n . graf(status_radio($Status)) . n : '';
//-- category selects -----------
echo $view == 'text' ? graf(gTxt('categorize') . ' [' . eLink('category', '', '', '', gTxt('edit')) . ']' . br . category_popup('Category1', $Category1) . category_popup('Category2', $Category2)) : '';
//-- section select --------------
if (!$from_view && !$pull) {
$Section = getDefaultSection();
}
echo $view == 'text' ? graf(gTxt('section') . ' [' . eLink('section', '', '', '', gTxt('edit')) . ']' . br . section_popup($Section)) : '';
//-- comments stuff --------------
if ($step == "create") {
//Avoiding invite disappear when previewing
$AnnotateInvite = !empty($store_out['AnnotateInvite']) ? $store_out['AnnotateInvite'] : $comments_default_invite;
if ($comments_on_default == 1) {
$Annotate = 1;
}
}
echo $use_comments == 1 && $view == 'text' ? graf(gTxt('comments') . onoffRadio("Annotate", $Annotate) . '<br />' . gTxt('comment_invitation') . '<br />' . fInput('text', 'AnnotateInvite', $AnnotateInvite, 'edit')) : '';
//-- timestamp -------------------
if ($step == "create" and empty($GLOBALS['ID'])) {
if ($view == 'text') {
//Avoiding modified date to disappear
$persist_timestamp = !empty($store_out['year']) ? mktime($store_out['hour'], $store_out['minute'], '00', $store_out['month'], $store_out['day'], $store_out['year']) : time();
echo graf(tag(checkbox('publish_now', '1') . gTxt('set_to_now'), 'label')), '<p>', gTxt('or_publish_at'), popHelp("timestamp"), br, tsi('year', 'Y', $persist_timestamp), tsi('month', 'm', $persist_timestamp), tsi('day', 'd', $persist_timestamp), sp, tsi('hour', 'H', $persist_timestamp), ':', tsi('minute', 'i', $persist_timestamp), '</p>';
}
//-- publish button --------------
if ($view == 'text') {
echo has_privs('article.publish') ? fInput('submit', 'publish', gTxt('publish'), "publish") : fInput('submit', 'publish', gTxt('save'), "publish");
}
} else {
if ($view == 'text') {
echo '<p>', gTxt('published_at'), popHelp("timestamp"), br, tsi('year', 'Y', $sPosted, 5), tsi('month', 'm', $sPosted, 6), tsi('day', 'd', $sPosted, 7), sp, tsi('hour', 'H', $sPosted, 8), ':', tsi('minute', 'i', $sPosted, 9), '</p>', hInput('sPosted', $sPosted), hInput('sLastMod', $sLastMod), hInput('AuthorID', $AuthorID), hInput('LastModID', $LastModID), graf(checkbox('reset_time', '1', 0) . gTxt('reset_time'));
}
//-- save button --------------
if ($view == 'text') {
if ($Status >= 4 and has_privs('article.edit.published') or $Status >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $Status < 4 and has_privs('article.edit') or $Status < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) {
echo fInput('submit', 'save', gTxt('save'), "publish");
}
}
}
echo '</td></tr></table></form>';
}
if ((include txpath . DS . 'update' . DS . '_to_4.3.0.php') !== false) {
$dbversion = '4.3.0';
}
}
if (version_compare($dbversion, '4.4.0', '<')) {
if ((include txpath . DS . 'update' . DS . '_to_4.4.0.php') !== false) {
$dbversion = '4.4.0';
}
}
if (version_compare($dbversion, '4.4.1', '<')) {
if ((include txpath . DS . 'update' . DS . '_to_4.4.1.php') !== false) {
$dbversion = '4.4.1';
}
}
if (version_compare($dbversion, '4.4.2', '<')) {
if ((include txpath . DS . 'update' . DS . '_to_4.4.2.php') !== false) {
$dbversion = '4.4.2';
}
}
// keep track of updates for svn users
safe_delete('txp_prefs', "name = 'dbupdatetime'");
safe_insert('txp_prefs', "prefs_id=1, name='dbupdatetime',val='" . max(newest_file(), time()) . "', type='2'");
// update version
safe_delete('txp_prefs', "name = 'version'");
safe_insert('txp_prefs', "prefs_id=1, name='version',val='{$dbversion}', type='2'");
// updated, baby. So let's get the fresh prefs and send them to languages
define('TXP_UPDATE_DONE', 1);
$event = 'prefs';
$step = 'list_languages';
$prefs = get_prefs();
extract($prefs);
function thumbnail_clear_settings($id)
{
set_pref('thumb_w', '', 'image', 2);
set_pref('thumb_h', '', 'image', 2);
set_pref('thumb_crop', 0, 'image', 2);
$GLOBALS['prefs'] = get_prefs();
return '';
}
function doDiagnostics()
{
global $prefs, $files, $txpcfg, $step;
extract(get_prefs());
$urlparts = parse_url(hu);
$mydomain = $urlparts['host'];
$server_software = @$_SERVER['SERVER_SOFTWARE'] || @$_SERVER['HTTP_HOST'] ? @$_SERVER['SERVER_SOFTWARE'] ? @$_SERVER['SERVER_SOFTWARE'] : $_SERVER['HTTP_HOST'] : '';
$is_apache = ($server_software and stristr($server_software, 'Apache')) or is_callable('apache_get_version');
$real_doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? realpath($_SERVER['DOCUMENT_ROOT']) : '';
// ini_get() returns string values passed via php_value as a string, not boolean
$is_register_globals = (strcasecmp(ini_get('register_globals'), 'on') === 0 or ini_get('register_globals') === '1');
$fail = array('php_version_4_3_0_required' => (!is_callable('version_compare') or version_compare(PHP_VERSION, '4.3.0', '<')) ? gTxt('php_version_4_3_0_required') : '', 'path_to_site_missing' => !isset($path_to_site) ? gTxt('path_to_site_missing') : '', 'dns_lookup_fails' => @gethostbyname($mydomain) == $mydomain ? gTxt('dns_lookup_fails') . cs . $mydomain : '', 'path_to_site_inacc' => !@is_dir($path_to_site) ? gTxt('path_to_site_inacc') . cs . $path_to_site : '', 'site_trailing_slash' => rtrim($siteurl, '/') != $siteurl ? gTxt('site_trailing_slash') . cs . $path_to_site : '', 'index_inaccessible' => (!@is_file($path_to_site . "/index.php") or !@is_readable($path_to_site . "/index.php")) ? "{$path_to_site}/index.php " . gTxt('is_inaccessible') : '', 'dir_not_writable' => trim((!@is_writable($path_to_site . '/' . $img_dir) ? str_replace('{dirtype}', gTxt('img_dir'), gTxt('dir_not_writable')) . ": {$path_to_site}/{$img_dir}\r\n" : '') . (!@is_writable($file_base_path) ? str_replace('{dirtype}', gTxt('file_base_path'), gTxt('dir_not_writable')) . ": {$file_base_path}\r\n" : '') . (!@is_writable($tempdir) ? str_replace('{dirtype}', gTxt('tempdir'), gTxt('dir_not_writable')) . ": {$tempdir}\r\n" : '')), 'cleanurl_only_apache' => ($permlink_mode != 'messy' and !$is_apache) ? gTxt('cleanurl_only_apache') : '', 'htaccess_missing' => ($permlink_mode != 'messy' and !@is_readable($path_to_site . '/.htaccess')) ? gTxt('htaccess_missing') : '', 'mod_rewrite_missing' => ($permlink_mode != 'messy' and is_callable('apache_get_modules') and !apache_module('mod_rewrite')) ? gTxt('mod_rewrite_missing') : '', 'file_uploads_disabled' => !ini_get('file_uploads') ? gTxt('file_uploads_disabled') : '', 'setup_still_exists' => @is_dir(txpath . DS . 'setup') ? txpath . DS . "setup" . DS . ' ' . gTxt('still_exists') : '', 'no_temp_dir' => empty($tempdir) ? gTxt('no_temp_dir') : '', 'warn_mail_unavailable' => !is_callable('mail') ? gTxt('warn_mail_unavailable') : '', 'warn_register_globals_or_update' => $is_register_globals && (version_compare(phpversion(), '4.4.0', '<=') or version_compare(phpversion(), '5.0.0', '>=') and version_compare(phpversion(), '5.0.5', '<=')) ? gTxt('warn_register_globals_or_update') : '');
if ($permlink_mode != 'messy') {
$rs = safe_column("name", "txp_section", "1");
foreach ($rs as $name) {
if ($name and @file_exists($path_to_site . '/' . $name)) {
$fail['old_placeholder_exists'] = gTxt('old_placeholder') . ": {$path_to_site}/{$name}";
}
}
}
$missing = array();
foreach ($files as $f) {
if (!is_readable(txpath . $f)) {
$missing[] = txpath . $f;
}
}
if ($missing) {
$fail['missing_files'] = gTxt('missing_files') . cs . join(', ', $missing);
}
foreach ($fail as $k => $v) {
if (empty($v)) {
unset($fail[$k]);
}
}
# Find the highest revision number
$file_revs = array();
$rev = 0;
foreach ($files as $f) {
$lines = @file(txpath . $f);
if ($lines) {
foreach ($lines as $line) {
if (preg_match('/^\\$' . 'LastChangedRevision: (\\w+) \\$/', $line, $match)) {
$file_revs[$f] = $match[1];
if (intval($match[1]) > $rev) {
$rev = intval($match[1]);
}
}
}
}
}
# Check revs & md5 against stable release, if possible
$dev_files = $old_files = $modified_files = array();
if ($cs = @file(txpath . '/checksums.txt')) {
foreach ($cs as $c) {
if (preg_match('@^(\\S+): r?(\\S+) \\((.*)\\)$@', trim($c), $m)) {
list(, $file, $r, $md5) = $m;
if (!empty($file_revs[$file]) and $r and $file_revs[$file] < $r) {
$old_files[] = $file;
} elseif (!empty($file_revs[$file]) and $r and $file_revs[$file] > $r) {
$dev_files[] = $file;
} elseif (@is_readable(txpath . $file) and ($sum = md5_file(txpath . $file)) != $md5) {
$modified_files[] = $file;
}
}
}
}
# files that haven't been updated
if ($old_files) {
$fail['old_files'] = gTxt('old_files') . cs . n . t . join(', ' . n . t, $old_files);
}
# files that don't match their checksums
if ($modified_files) {
$fail['modified_files'] = gTxt('modified_files') . cs . n . t . join(', ' . n . t, $modified_files);
}
# running development code in live mode is not recommended
if ($dev_files and $production_status == 'live') {
$fail['dev_version_live'] = gTxt('dev_version_live') . cs . n . t . join(', ' . n . t, $dev_files);
}
# anything might break if arbitrary functions are disabled
if (ini_get('disable_functions')) {
$disabled_funcs = array_map('trim', explode(',', ini_get('disable_functions')));
# commonly disabled functions that we don't need
$disabled_funcs = array_diff($disabled_funcs, array('imagefilltoborder', 'exec', 'system', 'dl', 'passthru', 'chown', 'shell_exec', 'popen', 'proc_open'));
if ($disabled_funcs) {
$fail['some_php_functions_disabled'] = gTxt('some_php_functions_disabled') . cs . join(', ', $disabled_funcs);
}
}
# not sure about this one
#if (strncmp(php_sapi_name(), 'cgi', 3) == 0 and ini_get('cgi.rfc2616_headers'))
# $fail['cgi_header_config'] = gTxt('cgi_header_config');
$guess_site_url = $_SERVER['HTTP_HOST'] . preg_replace('#[/\\\\]$#', '', dirname(dirname($_SERVER['SCRIPT_NAME'])));
if ($siteurl and strip_prefix($siteurl, 'www.') != strip_prefix($guess_site_url, 'www.')) {
$fail['site_url_mismatch'] = gTxt('site_url_mismatch') . cs . $guess_site_url;
}
# test clean URL server vars
if (hu) {
if (ini_get('allow_url_fopen') and $permlink_mode != 'messy') {
$s = md5(uniqid(rand(), true));
$pretext_data = @file(hu . $s . '/?txpcleantest=1');
if ($pretext_data) {
$pretext_req = trim(@$pretext_data[0]);
if ($pretext_req != md5('/' . $s . '/?txpcleantest=1')) {
$fail['clean_url_data_failed'] = gTxt('clean_url_data_failed') . cs . htmlspecialchars($pretext_req);
}
} else {
$fail['clean_url_test_failed'] = gTxt('clean_url_test_failed');
}
}
}
if ($tables = list_txp_tables()) {
$table_errors = check_tables($tables);
if ($table_errors) {
$fail['mysql_table_errors'] = gTxt('mysql_table_errors') . cs . n . t . join(', ' . n . t, $table_errors);
}
}
$active_plugins = array();
if ($rows = safe_rows('name, version, code_md5, md5(code) as md5', 'txp_plugin', 'status > 0')) {
foreach ($rows as $row) {
$n = $row['name'] . '-' . $row['version'];
if (strtolower($row['md5']) != strtolower($row['code_md5'])) {
$n .= 'm';
}
$active_plugins[] = $n;
}
}
// check GD info
if (function_exists('gd_info')) {
$gd_info = gd_info();
$gd_support = array();
if ($gd_info['GIF Create Support']) {
$gd_support[] = 'GIF';
}
if ($gd_info['JPG Support']) {
$gd_support[] = 'JPG';
}
if ($gd_info['PNG Support']) {
$gd_support[] = 'PNG';
}
if ($gd_support) {
$gd_support = join(', ', $gd_support);
} else {
$gd_support = gTxt('none');
}
$gd = gTxt('gd_info', array('{version}' => $gd_info['GD Version'], '{supported}' => $gd_support));
} else {
$gd = gTxt('gd_unavailable');
}
if (realpath($prefs['tempdir']) == realpath($prefs['plugin_cache_dir'])) {
$fail['tmp_plugin_paths_match'] = gTxt('tmp_plugin_paths_match');
}
echo pagetop(gTxt('tab_diagnostics'), ''), startTable('list'), tr(td(hed(gTxt('preflight_check'), 1)));
if ($fail) {
foreach ($fail as $help => $message) {
echo tr(tda(nl2br($message) . sp . popHelp($help), ' class="not-ok"'));
}
} else {
echo tr(tda(gTxt('all_checks_passed'), ' class="ok"'));
}
echo tr(td(hed(gTxt('diagnostic_info'), 1)));
$fmt_date = '%Y-%m-%d %H:%M:%S';
$out = array('<textarea cols="78" rows="18" readonly="readonly" style="width: 500px; height: 300px;">', gTxt('txp_version') . cs . txp_version . ' (' . ($rev ? 'r' . $rev : 'unknown revision') . ')' . n, gTxt('last_update') . cs . gmstrftime($fmt_date, $dbupdatetime) . '/' . gmstrftime($fmt_date, @filemtime(txpath . '/update/_update.php')) . n, gTxt('document_root') . cs . @$_SERVER['DOCUMENT_ROOT'] . ($real_doc_root != @$_SERVER['DOCUMENT_ROOT'] ? ' (' . $real_doc_root . ')' : '') . n, '$path_to_site' . cs . $path_to_site . n, gTxt('txp_path') . cs . txpath . n, gTxt('permlink_mode') . cs . $permlink_mode . n, ini_get('open_basedir') ? 'open_basedir: ' . ini_get('open_basedir') . n : '', ini_get('upload_tmp_dir') ? 'upload_tmp_dir: ' . ini_get('upload_tmp_dir') . n : '', gTxt('tempdir') . cs . $tempdir . n, gTxt('web_domain') . cs . $siteurl . n, getenv('TZ') ? 'TZ: ' . getenv('TZ') . n : '', gTxt('php_version') . cs . phpversion() . n, $is_register_globals ? gTxt('register_globals') . cs . $is_register_globals . n : '', gTxt('gd_library') . cs . $gd . n, gTxt('server_time') . cs . strftime('%Y-%m-%d %H:%M:%S') . n, 'MySQL' . cs . mysql_get_server_info() . n, gTxt('locale') . cs . $locale . n, isset($_SERVER['SERVER_SOFTWARE']) ? gTxt('server') . cs . $_SERVER['SERVER_SOFTWARE'] . n : '', is_callable('apache_get_version') ? gTxt('apache_version') . cs . apache_get_version() . n : '', gTxt('php_sapi_mode') . cs . PHP_SAPI . n, gTxt('rfc2616_headers') . cs . ini_get('cgi.rfc2616_headers') . n, gTxt('os_version') . cs . php_uname('s') . ' ' . php_uname('r') . n, $active_plugins ? gTxt('active_plugins') . cs . join(', ', $active_plugins) . n : '', $fail ? n . gTxt('preflight_check') . cs . n . ln . join("\n", $fail) . n . ln : '', is_readable($path_to_site . '/.htaccess') ? n . gTxt('htaccess_contents') . cs . n . ln . htmlspecialchars(join('', file($path_to_site . '/.htaccess'))) . n . ln : '');
if ($step == 'high') {
$mysql_client_encoding = is_callable('mysql_client_encoding') ? mysql_client_encoding() : '-';
$out[] = n . 'Charset (default/config)' . cs . $mysql_client_encoding . '/' . @$txpcfg['dbcharset'] . n;
$result = safe_query("SHOW variables like 'character_se%'");
while ($row = mysql_fetch_row($result)) {
$out[] = $row[0] . cs . $row[1] . n;
if ($row[0] == 'character_set_connection') {
$conn_char = $row[1];
}
}
$table_names = array(PFX . 'textpattern');
$result = safe_query("SHOW TABLES LIKE '" . PFX . "txp\\_%'");
while ($row = mysql_fetch_row($result)) {
$table_names[] = $row[0];
}
$table_msg = array();
foreach ($table_names as $table) {
$ctr = safe_query("SHOW CREATE TABLE " . $table . "");
if (!$ctr) {
unset($table_names[$table]);
continue;
}
$ctcharset = preg_replace('#^CREATE TABLE.*SET=([^ ]+)[^)]*$#is', '\\1', mysql_result($ctr, 0, 'Create Table'));
if (isset($conn_char) && !stristr($ctcharset, 'CREATE') && $conn_char != $ctcharset) {
$table_msg[] = "{$table} is {$ctcharset}";
}
$ctr = safe_query("CHECK TABLE " . $table);
if (in_array(mysql_result($ctr, 0, 'Msg_type'), array('error', 'warning'))) {
$table_msg[] = $table . cs . mysql_result($ctr, 0, 'Msg_Text');
}
}
if ($table_msg == array()) {
$table_msg = count($table_names) < 18 ? array('-') : array('OK');
}
$out[] = count($table_names) . ' Tables' . cs . implode(', ', $table_msg) . n;
$extns = get_loaded_extensions();
$extv = array();
foreach ($extns as $e) {
$extv[] = $e . (phpversion($e) ? '/' . phpversion($e) : '');
}
$out[] = n . gTxt('php_extensions') . cs . join(', ', $extv) . n;
if (is_callable('apache_get_modules')) {
$out[] = n . gTxt('apache_modules') . cs . join(', ', apache_get_modules()) . n;
}
if (@is_array($pretext_data) and count($pretext_data) > 1) {
$out[] = n . gTxt('pretext_data') . cs . htmlspecialchars(join('', array_slice($pretext_data, 1, 20))) . n;
}
$out[] = n;
foreach ($files as $f) {
$rev = '';
$checksum = '';
if (is_callable('md5_file')) {
$checksum = md5_file(txpath . $f);
}
if (isset($file_revs[$f])) {
$rev = $file_revs[$f];
}
$out[] = "{$f}" . cs . ($rev ? "r" . $rev : gTxt('unknown')) . ' (' . ($checksum ? $checksum : gTxt('unknown')) . ')' . n;
}
}
$out[] = '</textarea>' . br;
$dets = array('low' => gTxt('low'), 'high' => gTxt('high'));
$out[] = form(eInput('diag') . n . gTxt('detail') . cs . selectInput('step', $dets, $step, 0, 1));
echo tr(td(join('', $out))), endTable();
}
function getFreshArticle()
{
global $article_vars;
$prefs = get_prefs();
$a = array();
foreach ($article_vars as $v) {
$a[$v] = '';
}
$a['Status'] = 0;
# use this to identify an unsaved article
$a['Section'] = getDefaultSection();
$a['Annotate'] = $prefs['comments_on_default'];
$a['AnnotateInvite'] = $prefs['comments_default_invite'];
$a['markup_body'] = $prefs['markup_default'];
$a['markup_excerpt'] = $prefs['markup_default'];
$a['sPosted'] = time();
return $a;
}
function install()
{
//figure out what MySQL version we are using (from _update.php)
$mysqlversion = mysql_get_server_info();
$tabletype = intval($mysqlversion[0]) >= 5 || preg_match('#^4\\.(0\\.[2-9]|(1[89]))|(1\\.[2-9])#', $mysqlversion) ? " ENGINE=MyISAM " : " TYPE=MyISAM ";
if (isset($txpcfg['dbcharset']) && (intval($mysqlversion[0]) >= 5 || preg_match('#^4\\.[1-9]#', $mysqlversion))) {
$tabletype .= " CHARACTER SET = " . $txpcfg['dbcharset'] . " ";
}
// Create the hak_tinymce table
$hak_tinymce_prefs_table = safe_query("CREATE TABLE `" . PFX . "txp_hak_tinymce` (\n\t\t `pref_name` VARCHAR(255) NOT NULL, \n\t\t `pref_value` TEXT NOT NULL,\n\t\t PRIMARY KEY (`pref_name`)\n\t\t) {$tabletype}");
// if the table creation succeeds populate with values
if ($hak_tinymce_prefs_table) {
extract(get_prefs());
$hak_mceSettings_default = '';
$hak_mceSettings_default .= "theme : \"advanced\",\n";
$hak_mceSettings_default .= "language : \"en\",\n";
$hak_mceSettings_default .= "relative_urls : false,\n";
$hak_mceSettings_default .= "remove_script_host : false,\n";
$hak_mceSettings_default .= "plugins : \"searchreplace,txpimage\",\n";
$hak_mceSettings_default .= "theme_advanced_buttons1 : \"bold,italic,underline,strikethrough,forecolor,backcolor,removeformat,numlist,bullist,outdent,indent,justifyleft,justifycenter,justifyright,justifyfull\",\n";
$hak_mceSettings_default .= "theme_advanced_buttons2 : \"link,unlink,separator,image,separator,search,replace,separator,cut,copy,paste,separator,code,separator,formatselect\",\n";
$hak_mceSettings_default .= "theme_advanced_buttons3 : \"\",\n";
$hak_mceSettings_default .= "theme_advanced_toolbar_location : \"top\",\n";
$hak_mceSettings_default .= "theme_advanced_toolbar_align : \"left\",";
$hak_mceSettings_default .= "entity_encoding : \"numeric\",";
$hak_mceSettings_compressor = "theme : \"advanced\",\n";
$hak_mceSettings_compressor .= "plugins : \"searchreplace,txpimage\",\n";
$hak_mceSettings_compressor .= "disk_cache : true,\n";
$hak_mceSettings_compressor .= "languages : \"en\",\n";
$hak_mceSettings_compressor .= "debug : false";
// set pref array values properly checking if it had been setup before.
$hak_tinymce_prefs["show_toggle"] = isset($hak_tinymce_show_toggle) ? $hak_tinymce_show_toggle : "1";
$hak_tinymce_prefs["hide_on_textile_edit"] = isset($hak_tinymce_hide_on_textile_edit) ? $hak_tinymce_hide_on_textile_edit : "1";
$hak_tinymce_prefs["body_init"] = isset($hak_tinymce_init_form) && $hak_tinymce_init_form != "hak_tinymce_default" ? fetch_form($hak_tinymce_init_form) : $hak_mceSettings_default;
$hak_tinymce_prefs["body_init"] .= "\nheight:420,";
$hak_tinymce_prefs["excerpt_init"] = $hak_mceSettings_default . "\nheight:150,";
$hak_tinymce_prefs["callbacks"] = '';
$hak_tinymce_prefs["tinymce_path"] = 'tiny_mce/tiny_mce.js';
$hak_tinymce_prefs["hide_textile_select"] = '0';
$hak_tinymce_prefs["enable_body"] = '1';
$hak_tinymce_prefs["enable_excerpt"] = '1';
// insert them into the new table
foreach ($hak_tinymce_prefs as $key => $value) {
safe_insert("txp_hak_tinymce", "pref_name='" . $key . "', pref_value='" . $value . "'");
}
// Run any necessary upgrades
hak_tinymce::upgrade('0.0');
// delete old prefs
safe_delete("txp_prefs", "name='hak_tinymce_init_form'");
safe_delete("txp_prefs", "name='hak_tinymce_show_toggle'");
safe_delete("txp_prefs", "name='hak_tinymce_hide_on_textile_edit'");
}
return true;
}
function list_list($message = '', $post = '')
{
global $statuses, $comments_disabled_after, $step, $txp_user;
pagetop(gTxt('tab_list'), $message);
extract(get_prefs());
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
$sesutats = array_flip($statuses);
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'ID ' . $dir;
break;
case 'posted':
$sort_sql = 'Posted ' . $dir;
break;
case 'title':
$sort_sql = 'Title ' . $dir . ', Posted desc';
break;
case 'section':
$sort_sql = 'Section ' . $dir . ', Posted desc';
break;
case 'category1':
$sort_sql = 'Category1 ' . $dir . ', Posted desc';
break;
case 'category2':
$sort_sql = 'Category2 ' . $dir . ', Posted desc';
break;
case 'status':
$sort_sql = 'Status ' . $dir . ', Posted desc';
break;
case 'author':
$sort_sql = 'AuthorID ' . $dir . ', Posted desc';
break;
case 'comments':
$sort_sql = 'comments_count ' . $dir . ', Posted desc';
break;
default:
$dir = 'desc';
$sort_sql = 'Posted ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "ID = '{$crit_escaped}'", 'title_body' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('textpattern', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . list_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"');
} else {
echo graf(gTxt('no_articles_recorded'), ' style="text-align: center;"');
}
return;
}
$limit = max(@$article_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo n . list_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(Posted) as posted', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$total_comments = array();
// fetch true comment count, not the public comment count
// maybe we should have another row in the db?
$rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid");
if ($rs2) {
while ($a = nextRow($rs2)) {
$pid = $a['parentid'];
$num = $a['num'];
$total_comments[$pid] = $num;
}
}
echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '90%') . n . tr(n . column_head('ID', 'id', 'list', true, $switch_dir, $crit, $search_method) . column_head('posted', 'posted', 'list', true, $switch_dir, $crit, $search_method) . column_head('title', 'title', 'list', true, $switch_dir, $crit, $search_method) . column_head('section', 'section', 'list', true, $switch_dir, $crit, $search_method) . column_head('category1', 'category1', 'list', true, $switch_dir, $crit, $search_method, 'articles_detail') . column_head('category2', 'category2', 'list', true, $switch_dir, $crit, $search_method, 'articles_detail') . column_head('status', 'status', 'list', true, $switch_dir, $crit, $search_method) . column_head('author', 'author', 'list', true, $switch_dir, $crit, $search_method) . column_head('comments', 'comments', 'list', true, $switch_dir, $crit, $search_method, 'articles_detail') . hCell());
include_once txpath . '/publish/taghandlers.php';
while ($a = nextRow($rs)) {
extract($a);
if (empty($Title)) {
$Title = '<em>' . eLink('article', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>';
} else {
$Title = eLink('article', 'edit', 'ID', $ID, $Title);
}
$Category1 = $Category1 ? '<span title="' . htmlspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . '</span>' : '';
$Category2 = $Category2 ? '<span title="' . htmlspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . '</span>' : '';
$manage = n . '<ul class="articles_detail">' . n . t . '<li>' . eLink('article', 'edit', 'ID', $ID, gTxt('edit')) . '</li>' . (($Status == 4 or $Status == 5) ? n . t . '<li><a href="' . permlinkurl($a) . '">' . gTxt('view') . '</a></li>' : '') . n . '</ul>';
$Status = !empty($Status) ? $statuses[$Status] : '';
$comments = gTxt('none');
if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) {
$comments = href(gTxt('manage'), 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID) . ' (' . $total_comments[$ID] . ')';
}
$comment_status = $Annotate ? gTxt('on') : gTxt('off');
if ($comments_disabled_after) {
$lifespan = $comments_disabled_after * 86400;
$time_since = time() - $posted;
if ($time_since > $lifespan) {
$comment_status = gTxt('expired');
}
}
$comments = n . '<ul>' . n . t . '<li>' . $comment_status . '</li>' . n . t . '<li>' . $comments . '</li>' . n . '</ul>';
echo n . n . tr(n . td(eLink('article', 'edit', 'ID', $ID, $ID) . $manage) . td(safe_strftime('%d %b %Y %I:%M %p', $posted)) . td($Title) . td('<span title="' . htmlspecialchars(fetch_section_title($Section)) . '">' . $Section . '</span>', 75) . td($Category1, 100, "articles_detail") . td($Category2, 100, "articles_detail") . td($a['Status'] < 4 ? $Status : '<a href="' . permlinkurl($a) . '">' . $Status . '</a>', 50) . td('<span title="' . htmlspecialchars(get_author_name($AuthorID)) . '">' . $AuthorID . '</span>') . td($comments, 50, "articles_detail") . td(($a['Status'] >= 4 and has_privs('article.edit.published') or $a['Status'] >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < 4 and has_privs('article.edit') or $a['Status'] < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID) : ' '));
}
echo n . n . tr(tda(toggle_box('articles_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . list_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>' . n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('list', $article_list_pageby);
}
}
function doDiagnostics()
{
global $prefs, $files, $txpcfg, $event, $step, $theme;
extract(get_prefs());
$urlparts = parse_url(hu);
$mydomain = $urlparts['host'];
$server_software = @$_SERVER['SERVER_SOFTWARE'] || @$_SERVER['HTTP_HOST'] ? @$_SERVER['SERVER_SOFTWARE'] ? @$_SERVER['SERVER_SOFTWARE'] : $_SERVER['HTTP_HOST'] : '';
$is_apache = ($server_software and stristr($server_software, 'Apache')) or is_callable('apache_get_version');
$real_doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? realpath($_SERVER['DOCUMENT_ROOT']) : '';
// ini_get() returns string values passed via php_value as a string, not boolean
$is_register_globals = (strcasecmp(ini_get('register_globals'), 'on') === 0 or ini_get('register_globals') === '1');
// Check for Textpattern updates, at most once every 24 hours
$now = time();
$updateInfo = unserialize(get_pref('last_update_check', ''));
if (!$updateInfo || $now > $updateInfo['when'] + 60 * 60 * 24) {
$updates = checkUpdates();
$updateInfo['msg'] = $updates ? gTxt($updates['msg'], array('{version}' => $updates['version'])) : '';
$updateInfo['when'] = $now;
set_pref('last_update_check', serialize($updateInfo), 'publish', PREF_HIDDEN, 'text_input');
}
$fail = array('textpattern_version_update' => $updateInfo['msg'] ? diag_msg_wrap($updateInfo['msg'], 'information') : '', 'php_version_required' => (!is_callable('version_compare') or version_compare(PHP_VERSION, REQUIRED_PHP_VERSION, '<')) ? diag_msg_wrap(gTxt('php_version_required', array('{version}' => REQUIRED_PHP_VERSION))) : '', 'path_to_site_missing' => !isset($path_to_site) ? diag_msg_wrap(gTxt('path_to_site_missing'), 'warning') : '', 'dns_lookup_fails' => @gethostbyname($mydomain) == $mydomain ? diag_msg_wrap(gTxt('dns_lookup_fails') . cs . $mydomain, 'warning') : '', 'path_to_site_inacc' => !@is_dir($path_to_site) ? diag_msg_wrap(gTxt('path_to_site_inacc') . cs . $path_to_site) : '', 'site_trailing_slash' => rtrim($siteurl, '/') != $siteurl ? diag_msg_wrap(gTxt('site_trailing_slash') . cs . $path_to_site, 'warning') : '', 'index_inaccessible' => (!@is_file($path_to_site . "/index.php") or !@is_readable($path_to_site . "/index.php")) ? diag_msg_wrap("{$path_to_site}/index.php " . gTxt('is_inaccessible')) : '', 'dir_not_writable' => trim((!@is_writable($path_to_site . '/' . $img_dir) ? diag_msg_wrap(str_replace('{dirtype}', gTxt('img_dir'), gTxt('dir_not_writable')) . ": {$path_to_site}/{$img_dir}", 'warning') . n : '') . (!@is_writable($file_base_path) ? diag_msg_wrap(str_replace('{dirtype}', gTxt('file_base_path'), gTxt('dir_not_writable')) . ": {$file_base_path}", 'warning') . n : '') . (!@is_writable($tempdir) ? diag_msg_wrap(str_replace('{dirtype}', gTxt('tempdir'), gTxt('dir_not_writable')) . ": {$tempdir}", 'warning') . n : '')), 'cleanurl_only_apache' => ($permlink_mode != 'messy' and !$is_apache) ? diag_msg_wrap(gTxt('cleanurl_only_apache'), 'information') : '', 'htaccess_missing' => ($permlink_mode != 'messy' and !@is_readable($path_to_site . '/.htaccess')) ? diag_msg_wrap(gTxt('htaccess_missing')) : '', 'mod_rewrite_missing' => ($permlink_mode != 'messy' and is_callable('apache_get_modules') and !apache_module('mod_rewrite')) ? diag_msg_wrap(gTxt('mod_rewrite_missing')) : '', 'file_uploads_disabled' => !ini_get('file_uploads') ? diag_msg_wrap(gTxt('file_uploads_disabled'), 'information') : '', 'setup_still_exists' => @is_dir(txpath . DS . 'setup') ? diag_msg_wrap(txpath . DS . "setup" . DS . ' ' . gTxt('still_exists'), 'warning') : '', 'no_temp_dir' => empty($tempdir) ? diag_msg_wrap(gTxt('no_temp_dir'), 'warning') : '', 'warn_mail_unavailable' => is_disabled('mail') ? diag_msg_wrap(gTxt('warn_mail_unavailable'), 'warning') : '', 'warn_register_globals_or_update' => $is_register_globals && (version_compare(phpversion(), '4.4.0', '<=') or version_compare(phpversion(), '5.0.0', '>=') and version_compare(phpversion(), '5.0.5', '<=')) ? diag_msg_wrap(gTxt('warn_register_globals_or_update'), 'warning') : '');
if ($permlink_mode != 'messy') {
$rs = safe_column("name", "txp_section", "1");
foreach ($rs as $name) {
if ($name and @file_exists($path_to_site . '/' . $name)) {
$fail['old_placeholder_exists'] = diag_msg_wrap(gTxt('old_placeholder') . ": {$path_to_site}/{$name}");
}
}
}
$missing = array();
foreach ($files as $f) {
$realpath = realpath(txpath . $f);
if (is_readable($realpath)) {
$found[] = $realpath;
} else {
$missing[] = txpath . $f;
}
}
$files = $found;
unset($found);
if ($missing) {
$fail['missing_files'] = diag_msg_wrap(gTxt('missing_files') . cs . n . t . join(', ' . n . t, $missing));
}
foreach ($fail as $k => $v) {
if (empty($v)) {
unset($fail[$k]);
}
}
# Find the highest revision number
$file_revs = $file_md5 = array();
$rev = 0;
foreach ($files as $f) {
$content = @file_get_contents($f);
if ($content !== FALSE) {
if (preg_match('/^\\$' . 'LastChangedRevision: (\\d+) \\$/m', $content, $match)) {
$file_revs[$f] = $match[1];
if ($match[1] > $rev) {
$rev = $match[1];
}
}
$file_md5[$f] = md5(str_replace('$' . 'HeadURL: http:', '$' . 'HeadURL: https:', str_replace("\r\n", "\n", $content)));
}
}
# Check revs & md5 against stable release, if possible
$dev_files = $old_files = $modified_files = array();
if ($cs = @file(txpath . '/checksums.txt')) {
foreach ($cs as $c) {
if (preg_match('@^(\\S+): r?(\\S+) \\((.*)\\)$@', trim($c), $m)) {
list(, $file, $r, $md5) = $m;
$file = realpath(txpath . $file);
if (!empty($file_revs[$file]) and $r and $file_revs[$file] < $r) {
$old_files[] = $file;
} elseif (!empty($file_revs[$file]) and $r and $file_revs[$file] > $r) {
$dev_files[] = $file;
} elseif (!empty($file_md5[$file]) and $file_md5[$file] != $md5) {
$modified_files[] = $file;
}
}
}
}
# files that haven't been updated
if ($old_files) {
$fail['old_files'] = diag_msg_wrap(gTxt('old_files') . cs . n . t . join(', ' . n . t, $old_files));
}
# files that don't match their checksums
if ($modified_files) {
$fail['modified_files'] = diag_msg_wrap(gTxt('modified_files') . cs . n . t . join(', ' . n . t, $modified_files), 'warning');
}
# running development code in live mode is not recommended
if ($dev_files and $production_status == 'live') {
$fail['dev_version_live'] = diag_msg_wrap(gTxt('dev_version_live') . cs . n . t . join(', ' . n . t, $dev_files), 'warning');
}
# anything might break if arbitrary functions are disabled
if (ini_get('disable_functions')) {
$disabled_funcs = array_map('trim', explode(',', ini_get('disable_functions')));
# commonly disabled functions that we don't need
$disabled_funcs = array_diff($disabled_funcs, array('imagefilltoborder', 'exec', 'system', 'dl', 'passthru', 'chown', 'shell_exec', 'popen', 'proc_open'));
if ($disabled_funcs) {
$fail['some_php_functions_disabled'] = diag_msg_wrap(gTxt('some_php_functions_disabled') . cs . join(', ', $disabled_funcs), 'warning');
}
}
# not sure about this one
#if (strncmp(php_sapi_name(), 'cgi', 3) == 0 and ini_get('cgi.rfc2616_headers'))
# $fail['cgi_header_config'] = gTxt('cgi_header_config');
$guess_site_url = $_SERVER['HTTP_HOST'] . preg_replace('#[/\\\\]$#', '', dirname(dirname($_SERVER['SCRIPT_NAME'])));
if ($siteurl and strip_prefix($siteurl, 'www.') != strip_prefix($guess_site_url, 'www.')) {
$fail['site_url_mismatch'] = diag_msg_wrap(gTxt('site_url_mismatch') . cs . $guess_site_url, 'warning');
}
# test clean URL server vars
if (hu) {
if (ini_get('allow_url_fopen') and $permlink_mode != 'messy') {
$s = md5(uniqid(rand(), true));
ini_set('default_socket_timeout', 10);
$pretext_data = @file(hu . $s . '/?txpcleantest=1');
if ($pretext_data) {
$pretext_req = trim(@$pretext_data[0]);
if ($pretext_req != md5('/' . $s . '/?txpcleantest=1')) {
$fail['clean_url_data_failed'] = diag_msg_wrap(gTxt('clean_url_data_failed') . cs . txpspecialchars($pretext_req), 'warning');
}
} else {
$fail['clean_url_test_failed'] = diag_msg_wrap(gTxt('clean_url_test_failed'), 'warning');
}
}
}
if ($tables = list_txp_tables()) {
$table_errors = check_tables($tables);
if ($table_errors) {
$fail['mysql_table_errors'] = diag_msg_wrap(gTxt('mysql_table_errors') . cs . n . t . join(', ' . n . t, $table_errors));
}
}
$active_plugins = array();
if ($rows = safe_rows('name, version, code_md5, md5(code) as md5', 'txp_plugin', 'status > 0')) {
foreach ($rows as $row) {
$n = $row['name'] . '-' . $row['version'];
if (strtolower($row['md5']) != strtolower($row['code_md5'])) {
$n .= 'm';
}
$active_plugins[] = $n;
}
}
$theme_manifest = $theme->manifest();
// check GD info
if (function_exists('gd_info')) {
$gd_info = gd_info();
$gd_support = array();
if ($gd_info['GIF Create Support']) {
$gd_support[] = 'GIF';
}
// Aside: In PHP 5.3, they chose to add a previously unemployed capital "E" to the array key.
if (!empty($gd_info['JPEG Support']) || !empty($gd_info['JPG Support'])) {
$gd_support[] = 'JPG';
}
if ($gd_info['PNG Support']) {
$gd_support[] = 'PNG';
}
if ($gd_support) {
$gd_support = join(', ', $gd_support);
} else {
$gd_support = gTxt('none');
}
$gd = gTxt('gd_info', array('{version}' => $gd_info['GD Version'], '{supported}' => $gd_support));
} else {
$gd = gTxt('gd_unavailable');
}
if (realpath($prefs['tempdir']) == realpath($prefs['plugin_cache_dir'])) {
$fail['tmp_plugin_paths_match'] = diag_msg_wrap(gTxt('tmp_plugin_paths_match'));
}
echo pagetop(gTxt('tab_diagnostics'), ''), '<h1 class="txp-heading">' . gTxt('tab_diagnostics') . '</h1>', '<div id="' . $event . '_container" class="txp-container">', '<div id="pre_flight_check">', hed(gTxt('preflight_check'), 2);
if ($fail) {
foreach ($fail as $help => $message) {
echo graf(nl2br($message) . sp . popHelp($help));
}
} else {
echo graf(diag_msg_wrap(gTxt('all_checks_passed'), 'success'));
}
echo '</div>';
echo '<div id="diagnostics">', hed(gTxt('diagnostic_info'), 2);
$fmt_date = '%Y-%m-%d %H:%M:%S';
$out = array('<p><textarea id="diagnostics-detail" cols="' . INPUT_LARGE . '" rows="' . INPUT_MEDIUM . '" readonly="readonly">', gTxt('txp_version') . cs . txp_version . ' (' . ($rev ? 'r' . $rev : 'unknown revision') . ')' . n, gTxt('last_update') . cs . gmstrftime($fmt_date, $dbupdatetime) . '/' . gmstrftime($fmt_date, @filemtime(txpath . '/update/_update.php')) . n, gTxt('document_root') . cs . @$_SERVER['DOCUMENT_ROOT'] . ($real_doc_root != @$_SERVER['DOCUMENT_ROOT'] ? ' (' . $real_doc_root . ')' : '') . n, '$path_to_site' . cs . $path_to_site . n, gTxt('txp_path') . cs . txpath . n, gTxt('permlink_mode') . cs . $permlink_mode . n, ini_get('open_basedir') ? 'open_basedir: ' . ini_get('open_basedir') . n : '', ini_get('upload_tmp_dir') ? 'upload_tmp_dir: ' . ini_get('upload_tmp_dir') . n : '', gTxt('tempdir') . cs . $tempdir . n, gTxt('web_domain') . cs . $siteurl . n, gTxt('php_version') . cs . phpversion() . n, $is_register_globals ? gTxt('register_globals') . cs . $is_register_globals . n : '', gTxt('gd_library') . cs . $gd . n, gTxt('server') . ' TZ: ' . (timezone::is_supported() ? @date_default_timezone_get() : (getenv('TZ') ? getenv('TZ') : '-')) . n, gTxt('server_time') . cs . strftime('%Y-%m-%d %H:%M:%S') . n, strip_tags(gTxt('is_dst')) . cs . $is_dst . n, strip_tags(gTxt('auto_dst')) . cs . $auto_dst . n, strip_tags(gTxt('gmtoffset')) . cs . $timezone_key . sp . "({$gmtoffset})" . n, 'MySQL' . cs . mysql_get_server_info() . n, gTxt('locale') . cs . $locale . n, isset($_SERVER['SERVER_SOFTWARE']) ? gTxt('server') . cs . $_SERVER['SERVER_SOFTWARE'] . n : '', is_callable('apache_get_version') ? gTxt('apache_version') . cs . @apache_get_version() . n : '', gTxt('php_sapi_mode') . cs . PHP_SAPI . n, gTxt('rfc2616_headers') . cs . ini_get('cgi.rfc2616_headers') . n, gTxt('os_version') . cs . php_uname('s') . ' ' . php_uname('r') . n, $active_plugins ? gTxt('active_plugins') . cs . join(', ', $active_plugins) . n : '', gTxt('theme_name') . cs . $theme_name . sp . $theme_manifest['version'] . n, $fail ? n . gTxt('preflight_check') . cs . n . ln . join("\n", doStripTags($fail)) . n . ln : '', is_readable($path_to_site . '/.htaccess') ? n . gTxt('htaccess_contents') . cs . n . ln . txpspecialchars(join('', file($path_to_site . '/.htaccess'))) . n . ln : '');
if ($step == 'high') {
$mysql_client_encoding = is_callable('mysql_client_encoding') ? mysql_client_encoding() : '-';
$out[] = n . 'Charset (default/config)' . cs . $mysql_client_encoding . '/' . @$txpcfg['dbcharset'] . n;
$result = safe_query("SHOW variables like 'character_se%'");
while ($row = mysql_fetch_row($result)) {
$out[] = $row[0] . cs . $row[1] . n;
if ($row[0] == 'character_set_connection') {
$conn_char = $row[1];
}
}
$table_names = array(PFX . 'textpattern');
$result = safe_query("SHOW TABLES LIKE '" . PFX . "txp\\_%'");
while ($row = mysql_fetch_row($result)) {
$table_names[] = $row[0];
}
$table_msg = array();
foreach ($table_names as $table) {
$ctr = safe_query("SHOW CREATE TABLE " . $table . "");
if (!$ctr) {
unset($table_names[$table]);
continue;
}
$ctcharset = preg_replace('#^CREATE TABLE.*SET=([^ ]+)[^)]*$#is', '\\1', mysql_result($ctr, 0, 'Create Table'));
if (isset($conn_char) && !stristr($ctcharset, 'CREATE') && $conn_char != $ctcharset) {
$table_msg[] = "{$table} is {$ctcharset}";
}
$ctr = safe_query("CHECK TABLE " . $table);
if (in_array(mysql_result($ctr, 0, 'Msg_type'), array('error', 'warning'))) {
$table_msg[] = $table . cs . mysql_result($ctr, 0, 'Msg_Text');
}
}
if ($table_msg == array()) {
$table_msg = count($table_names) < 17 ? array('-') : array('OK');
}
$out[] = count($table_names) . ' Tables' . cs . implode(', ', $table_msg) . n;
$cf = preg_grep('/^custom_\\d+/', getThings('describe `' . PFX . 'textpattern`'));
$out[] = n . get_pref('max_custom_fields', 10) . sp . gTxt('custom') . cs . implode(', ', $cf) . sp . '(' . count($cf) . ')' . n;
$extns = get_loaded_extensions();
$extv = array();
foreach ($extns as $e) {
$extv[] = $e . (phpversion($e) ? '/' . phpversion($e) : '');
}
$out[] = n . gTxt('php_extensions') . cs . join(', ', $extv) . n;
if (is_callable('apache_get_modules')) {
$out[] = n . gTxt('apache_modules') . cs . join(', ', apache_get_modules()) . n;
}
if (@is_array($pretext_data) and count($pretext_data) > 1) {
$out[] = n . gTxt('pretext_data') . cs . txpspecialchars(join('', array_slice($pretext_data, 1, 20))) . n;
}
$out[] = n;
foreach ($files as $f) {
$checksum = isset($file_md5[$f]) ? $file_md5[$f] : gTxt('unknown');
$revision = isset($file_revs[$f]) ? 'r' . $file_revs[$f] : gTxt('unknown');
$out[] = "{$f}" . cs . n . t . $revision . ' (' . $checksum . ')' . n;
}
$out[] = n . ln;
}
$out[] = callback_event('diag_results', $step) . n;
$out[] = '</textarea></p>';
$dets = array('low' => gTxt('low'), 'high' => gTxt('high'));
$out[] = form(graf(eInput('diag') . n . '<label>' . gTxt('detail') . '</label>' . n . selectInput('step', $dets, $step, 0, 1)));
echo join('', $out), '</div>', '</div>';
}
function link_list($message = '')
{
global $step, $link_list_pageby;
extract(get_prefs());
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'name':
$sort_sql = 'linksort ' . $dir . ', id asc';
break;
case 'description':
$sort_sql = 'description ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
default:
$dir = 'asc';
$sort_sql = 'linksort asc';
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "id = '{$crit_escaped}'", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = getCount('txp_link', $criteria);
if ($total < 1) {
if ($criteria != 1) {
echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"');
} else {
echo n . graf(gTxt('no_links_recorded'), ' style="text-align: center;"');
}
return;
}
$limit = max(@$link_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo link_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
echo n . n . '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list') . n . tr(column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method) . hCell() . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method) . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method) . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method) . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method) . hCell());
while ($a = nextRow($rs)) {
extract($a);
$edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
echo tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li>' . href(gTxt('view'), $url) . '</li>' . n . '</ul>', 35) . td(href($linkname, $edit_url), 125) . td($description, 150) . td('<span title="' . fetch_category_title($category, 'link') . '">' . $category . '</span>', 125) . td(safe_strftime('%d %b %Y %I:%M %p', $uDate), 75) . td(fInput('checkbox', 'selected[]', $id)));
}
echo n . n . tr(tda(select_buttons() . link_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="7" style="text-align: right; border: none;"')) . endTable() . '</form>' . n . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('link', $link_list_pageby);
}
}
function do_txp_logging()
{
global $txpcfg, $prefs, $siteurl, $DB;
if ($txpcfg == '') {
jpcache_debug('Txp-logging disabled. Include jpcache after config.php.');
return;
}
include $txpcfg['txpath'] . '/lib/txplib_db.php';
$prefs = get_prefs();
$siteurl = $prefs['siteurl'];
if ($prefs['logging'] == 'refer') {
$this->logit('refer');
} elseif ($prefs['logging'] == 'all') {
$this->logit();
}
jpcache_debug('Logged hit per txp-configuration.');
}
function scip_input($year, $season, $dept, $sname)
{
/*
error_reporting(E_ALL);
ini_set('display_errors', TRUE);
ini_set('display_startup_errors', TRUE);
*/
//so we have three csv files to make: ta, section, pref.
$tacsv = array();
$prefcsv = array();
$sectioncsv = array();
//Each row gets its own array; let's start with headers.
$header = array('Name', 'Ranking', 'Units', 'Status', 'Block', 'Sameday', 'Btb', 'Conflicts', 'NULL');
array_push($tacsv, $header);
$header = array('Course', 'Section', 'Instructor', 'Day', 'Time', 'Units', 'TAs', 'NULL');
array_push($sectioncsv, $header);
//given a TA, we already have a function to find all section prefs. So let the list of
// section names be the pref header.
$db = new PDO(DB_PATH, DB_LOGIN, DB_PW);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
try {
//first we want to loop through all current sections of this dept.
$sql = count_sections($dept, $year, $season);
$result = $db->query($sql)->fetch();
if ($result[0] == 0) {
return array("error-message", "Department {$dept} has no section data for {$sname} {$year}.");
}
$sql = sql_section($dept, $year, $season);
//puts($sql);
$result = $db->query($sql);
$header = array("");
foreach ($result as $r) {
$course = $r['course'];
$row = array($course, $r['name'], "");
//Now to get the times.
$sql2 = "SELECT *\n FROM event\n WHERE quarter_year = {$year} and quarter_season = {$season}\n AND department = '{$dept}' AND course = '" . $r['course'] . "' \n AND section = '" . $r['name'] . "' AND type = 'lecture'\n AND day != 'U' AND day != 'S'\n GROUP BY day;";
$result2 = $db->query($sql2);
$days = "";
$start = "";
$end = "";
foreach ($result2 as $r2) {
$days .= $r2['day'];
$start = $r2['start'];
$end = $r2['end'];
}
//Gather all the lecture days and get times.
$time_full = $start . '-' . $end;
array_push($row, $days);
array_push($row, $time_full);
array_push($row, $r['units']);
array_push($row, $r['weight']);
array_push($row, "0");
$row2 = array("", "", "");
$sql2 = "SELECT *\n FROM event\n WHERE quarter_year = {$year} and quarter_season = {$season}\n AND department = '{$dept}' AND course = '" . $r['course'] . "'\n AND day != 'U' AND day != 'S'\n AND section = '" . $r['name'] . "' AND type = 'discussion';";
//puts($sql2);
$result2 = $db->query($sql2);
$discussion = 0;
$days = "";
$start = "";
$end = "";
foreach ($result2 as $r2) {
$days = $r2['day'];
$start = $r2['start'];
$end = $r2['end'];
$discussion = 1;
array_push($row2, $days);
$time_full = $start . '-' . $end;
array_push($row2, $time_full);
}
//enter the discussion.
array_push($row2, $r['units']);
array_push($row2, $r['weight']);
array_push($row2, "0");
//only put in sections with discussions
array_push($header, $course . ' ' . $r['name']);
array_push($sectioncsv, $row);
array_push($sectioncsv, $row2);
}
//for all sections.
array_push($prefcsv, $header);
//Now we get all TAs. We can fill pref.csv as we go here.
$sql = "SELECT t.name_first, t.name_last, t.rank, t.status, t.sid, u.value\n FROM ta t, units u\n WHERE u.sid = t.sid\n AND t.department = '{$dept}' AND u.year = {$year} AND u.season = {$season};";
//puts($sql);
$result = $db->query($sql);
foreach ($result as $r) {
$fullname = scip_clean($r['name_first']) . ' ' . scip_clean($r['name_last']);
$sid = $r['sid'];
$row = array($fullname, $r['rank'], $r['value'], strtolower($r['status']));
$sql2 = "SELECT * FROM pref WHERE sid = " . $r['sid'] . ";";
$r2 = $db->query($sql2);
$p = array();
$countr2 = 0;
foreach ($r2 as $rr2) {
$countr2++;
$p = array($rr2['block'], $rr2['same_day'], $rr2['back_to_back']);
}
if ($countr2 == 0) {
$p = array(0, 0, 0);
}
foreach ($p as $p2) {
array_push($row, $p2);
}
//finally we need to get all time conflicts in form D|SSSS|EEEE D|SSSS|EEEE....
$sql2 = "SELECT day, start, end \n FROM calendar\n WHERE sid = {$sid} AND quarter_year = {$year} AND quarter_season = {$season};";
$result2 = $db->query($sql2);
$conflicts = "";
foreach ($result2 as $r2) {
$conflicts .= $r2['day'] . '|' . $r2['start'] . '|' . $r2['end'] . ' ';
}
//for each event of this TA
array_push($row, $conflicts);
array_push($row, "0");
array_push($tacsv, $row);
$prefs = get_prefs($sid, $year, $season, $dept, "scip");
$prow = array($fullname);
for ($i = 0; $i < count($prefs); $i++) {
array_push($prow, $prefs[$i]->value);
// array_push($prow, ($prefs[$i]->value." ".$prefs[$i]->section));
}
array_push($prefcsv, $prow);
}
//foreach ta
} catch (PDOException $e) {
echo $e->getMessage();
}
//Now we can save the csv files in the scip folder.
$fp = fopen('scip/ta.csv', 'w');
foreach ($tacsv as $fields) {
fputcsv2($fp, str_replace(array("(", ")"), "-", $fields));
}
fclose($fp);
$fp = fopen('scip/section.csv', 'w');
foreach ($sectioncsv as $fields) {
fputcsv2($fp, $fields);
}
fclose($fp);
$fp = fopen('scip/pref.csv', 'w');
foreach (transpose($prefcsv) as $fields) {
fputcsv2($fp, str_replace(array("(", ")"), "-", $fields));
}
$fp = fopen("csv/pref_{$dept}{$year}{$season}.csv", 'w');
foreach (transpose($prefcsv) as $fields) {
fputcsv2($fp, str_replace(array("(", ")"), "-", $fields));
}
fclose($fp);
}
function log_list($message = '')
{
pagetop(gTxt('visitor_logs'), $message);
extract(get_prefs());
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
$expire_logs_after = assert_int($expire_logs_after);
safe_delete('txp_log', "time < date_sub(now(), interval {$expire_logs_after} day)");
$dir = $dir == 'asc' ? 'asc' : 'desc';
switch ($sort) {
case 'ip':
$sort_sql = 'ip ' . $dir;
break;
case 'host':
$sort_sql = 'host ' . $dir;
break;
case 'page':
$sort_sql = 'page ' . $dir;
break;
case 'refer':
$sort_sql = 'refer ' . $dir;
break;
case 'method':
$sort_sql = 'method ' . $dir;
break;
case 'status':
$sort_sql = 'status ' . $dir;
break;
default:
$sort = 'time';
$sort_sql = 'time ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('ip' => "ip like '%{$crit_escaped}%'", 'host' => "host like '%{$crit_escaped}%'", 'page' => "page like '%{$crit_escaped}%'", 'refer' => "refer like '%{$crit_escaped}%'", 'method' => "method like '%{$crit_escaped}%'", 'status' => "status like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('txp_log', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . log_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"');
} else {
echo graf(gTxt('no_refers_recorded'), ' style="text-align: center;"');
}
return;
}
$limit = max(@$log_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo n . log_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(time) as uTime', 'txp_log', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
echo n . n . '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list', '', '', '', '90%') . n . tr(n . column_head('time', 'time', 'log', true, $switch_dir, $crit, $search_method, 'time' == $sort ? $dir : '') . column_head('IP', 'ip', 'log', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'log_detail') . column_head('host', 'host', 'log', true, $switch_dir, $crit, $search_method, 'host' == $sort ? $dir : '') . column_head('page', 'page', 'log', true, $switch_dir, $crit, $search_method, 'page' == $sort ? $dir : '') . column_head('referrer', 'refer', 'log', true, $switch_dir, $crit, $search_method, 'refer' == $sort ? $dir : '') . column_head('method', 'method', 'log', true, $switch_dir, $crit, $search_method, ('method' == $sort ? "{$dir} " : '') . 'log_detail') . column_head('status', 'status', 'log', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'log_detail') . hCell());
while ($a = nextRow($rs)) {
extract($a, EXTR_PREFIX_ALL, 'log');
if ($log_refer) {
$log_refer = 'http://' . $log_refer;
$log_refer = '<a href="' . htmlspecialchars($log_refer) . '" target="_blank">' . htmlspecialchars(soft_wrap($log_refer, 30)) . '</a>';
}
if ($log_page) {
$log_anchor = preg_replace('/\\/$/', '', $log_page);
$log_anchor = soft_wrap(substr($log_anchor, 1), 30);
$log_page = '<a href="' . htmlspecialchars($log_page) . '" target="_blank">' . htmlspecialchars($log_anchor) . '</a>';
if ($log_method == 'POST') {
$log_page = '<strong>' . $log_page . '</strong>';
}
}
echo tr(n . td(gTime($log_uTime), 85) . td($log_ip, 20, 'log_detail') . td(soft_wrap($log_host, 30)) . td($log_page) . td($log_refer) . td(htmlspecialchars($log_method), 60, 'log_detail') . td($log_status, 60, 'log_detail') . td(fInput('checkbox', 'selected[]', $log_id)));
}
echo n . n . tr(tda(toggle_box('log_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . log_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="6" style="text-align: right; border: none;"')) . n . endTable() . '</form>' . n . nav_form('log', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('log', $log_list_pageby);
}
}
/**
* Outputs a diagnostics report.
*
* This is the main panel.
*/
function doDiagnostics()
{
global $prefs, $files, $txpcfg, $event, $step, $theme, $DB;
extract(get_prefs());
$urlparts = parse_url(hu);
$mydomain = $urlparts['host'];
$is_apache = stristr(serverSet('SERVER_SOFTWARE'), 'Apache') || is_callable('apache_get_version');
$real_doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? realpath($_SERVER['DOCUMENT_ROOT']) : '';
// ini_get() returns string values passed via php_value as a string, not boolean.
$is_register_globals = (strcasecmp(ini_get('register_globals'), 'on') === 0 or ini_get('register_globals') === '1');
// Check for Textpattern updates, at most once every 24 hours.
$now = time();
$updateInfo = unserialize(get_pref('last_update_check', ''));
if (!$updateInfo || $now > $updateInfo['when'] + 60 * 60 * 24) {
$updates = checkUpdates();
$updateInfo['msg'] = $updates ? gTxt($updates['msg'], array('{version}' => $updates['version'])) : '';
$updateInfo['when'] = $now;
set_pref('last_update_check', serialize($updateInfo), 'publish', PREF_HIDDEN, 'text_input');
}
$fail = array();
if (!empty($updateInfo['msg'])) {
$fail['textpattern_version_update'] = diag_msg_wrap($updateInfo['msg'], 'information');
}
if (!is_callable('version_compare') || version_compare(PHP_VERSION, REQUIRED_PHP_VERSION, '<')) {
$fail['php_version_required'] = diag_msg_wrap(gTxt('php_version_required', array('{version}' => REQUIRED_PHP_VERSION)));
}
if (!isset($path_to_site)) {
$fail['path_to_site_missing'] = diag_msg_wrap(gTxt('path_to_site_missing'), 'warning');
}
if (@gethostbyname($mydomain) === $mydomain) {
$fail['dns_lookup_fails'] = diag_msg_wrap(gTxt('dns_lookup_fails') . cs . $mydomain, 'warning');
}
if (!@is_dir($path_to_site)) {
$fail['path_to_site_inacc'] = diag_msg_wrap(gTxt('path_to_site_inacc') . cs . $path_to_site);
}
if (rtrim($siteurl, '/') != $siteurl) {
$fail['site_trailing_slash'] = diag_msg_wrap(gTxt('site_trailing_slash') . cs . $path_to_site, 'warning');
}
if (!@is_file($path_to_site . "/index.php") || !@is_readable($path_to_site . "/index.php")) {
$fail['index_inaccessible'] = diag_msg_wrap("{$path_to_site}/index.php " . gTxt('is_inaccessible'));
}
$not_readable = array();
if (!@is_writable($path_to_site . '/' . $img_dir)) {
$not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('img_dir'), gTxt('dir_not_writable')) . ": {$path_to_site}/{$img_dir}", 'warning');
}
if (!@is_writable($file_base_path)) {
$not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('file_base_path'), gTxt('dir_not_writable')) . ": {$file_base_path}", 'warning');
}
if (!@is_writable($tempdir)) {
$not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('tempdir'), gTxt('dir_not_writable')) . ": {$tempdir}", 'warning');
}
if ($not_readable) {
$fail['dir_not_writable'] = join(n, $not_readable);
}
if ($permlink_mode != 'messy' && !$is_apache) {
$fail['cleanurl_only_apache'] = diag_msg_wrap(gTxt('cleanurl_only_apache'), 'information');
}
if ($permlink_mode != 'messy' and !@is_readable($path_to_site . '/.htaccess')) {
$fail['htaccess_missing'] = diag_msg_wrap(gTxt('htaccess_missing'));
}
if ($permlink_mode != 'messy' and is_callable('apache_get_modules') and !apache_module('mod_rewrite')) {
$fail['mod_rewrite_missing'] = diag_msg_wrap(gTxt('mod_rewrite_missing'));
}
if (!ini_get('file_uploads')) {
$fail['file_uploads_disabled'] = diag_msg_wrap(gTxt('file_uploads_disabled'), 'information');
}
if (@is_dir(txpath . DS . 'setup')) {
$fail['setup_still_exists'] = diag_msg_wrap(txpath . DS . "setup" . DS . ' ' . gTxt('still_exists'), 'warning');
}
if (empty($tempdir)) {
$fail['no_temp_dir'] = diag_msg_wrap(gTxt('no_temp_dir'), 'warning');
}
if (is_disabled('mail')) {
$fail['warn_mail_unavailable'] = diag_msg_wrap(gTxt('warn_mail_unavailable'), 'warning');
}
if ($is_register_globals) {
$fail['warn_register_globals_or_update'] = diag_msg_wrap(gTxt('warn_register_globals_or_update'), 'warning');
}
if ($permlink_mode != 'messy') {
$rs = safe_column("name", "txp_section", "1");
foreach ($rs as $name) {
if ($name and @file_exists($path_to_site . '/' . $name)) {
$fail['old_placeholder_exists'] = diag_msg_wrap(gTxt('old_placeholder') . ": {$path_to_site}/{$name}");
}
}
}
$cs = check_file_integrity(INTEGRITY_REALPATH);
if (!$cs) {
$cs = array();
}
// Files that don't match their checksums.
if ($modified_files = array_keys($cs, INTEGRITY_MODIFIED)) {
$fail['modified_files'] = diag_msg_wrap(gTxt('modified_files') . cs . n . t . join(', ' . n . t, $modified_files), 'warning');
}
// Running development code in live mode is not recommended.
if (preg_match('/-dev$/', txp_version) and $production_status == 'live') {
$fail['dev_version_live'] = diag_msg_wrap(gTxt('dev_version_live'), 'warning');
}
// Missing files.
if ($missing = array_merge(array_keys($cs, INTEGRITY_MISSING), array_keys($cs, INTEGRITY_NOT_FILE), array_keys($cs, INTEGRITY_NOT_READABLE))) {
$fail['missing_files'] = diag_msg_wrap(gTxt('missing_files') . cs . n . t . join(', ' . n . t, $missing));
}
// Anything might break if arbitrary functions are disabled.
if (ini_get('disable_functions')) {
$disabled_funcs = array_map('trim', explode(',', ini_get('disable_functions')));
// Commonly disabled functions that we don't need.
$disabled_funcs = array_diff($disabled_funcs, array('imagefilltoborder', 'escapeshellarg', 'escapeshellcmd', 'exec', 'passthru', 'proc_close', 'proc_get_status', 'proc_nice', 'proc_open', 'proc_terminate', 'shell_exec', 'system', 'popen', 'dl', 'chown'));
if ($disabled_funcs) {
$fail['some_php_functions_disabled'] = diag_msg_wrap(gTxt('some_php_functions_disabled') . cs . join(', ', $disabled_funcs), 'warning');
}
}
// Not sure about this one.
// if (strncmp(php_sapi_name(), 'cgi', 3) == 0 and ini_get('cgi.rfc2616_headers'))
// $fail['cgi_header_config'] = gTxt('cgi_header_config');
$guess_site_url = $_SERVER['HTTP_HOST'] . preg_replace('#[/\\\\]$#', '', dirname(dirname($_SERVER['SCRIPT_NAME'])));
if ($siteurl and strip_prefix($siteurl, 'www.') != strip_prefix($guess_site_url, 'www.')) {
$fail['site_url_mismatch'] = diag_msg_wrap(gTxt('site_url_mismatch') . cs . $guess_site_url, 'warning');
}
// Test clean URL server vars.
if (hu) {
if (ini_get('allow_url_fopen') and $permlink_mode != 'messy') {
$s = md5(uniqid(rand(), true));
ini_set('default_socket_timeout', 10);
$pretext_data = @file(hu . $s . '/?txpcleantest=1');
if ($pretext_data) {
$pretext_req = trim(@$pretext_data[0]);
if ($pretext_req != md5('/' . $s . '/?txpcleantest=1')) {
$fail['clean_url_data_failed'] = diag_msg_wrap(gTxt('clean_url_data_failed') . cs . txpspecialchars($pretext_req), 'warning');
}
} else {
$fail['clean_url_test_failed'] = diag_msg_wrap(gTxt('clean_url_test_failed'), 'warning');
}
}
}
if ($tables = list_txp_tables()) {
$table_errors = check_tables($tables);
if ($table_errors) {
$fail['mysql_table_errors'] = diag_msg_wrap(gTxt('mysql_table_errors') . cs . n . t . join(', ' . n . t, $table_errors));
}
}
$active_plugins = array();
if ($rows = safe_rows('name, version, code_md5, md5(code) as md5', 'txp_plugin', 'status > 0')) {
foreach ($rows as $row) {
$n = $row['name'] . '-' . $row['version'];
if (strtolower($row['md5']) != strtolower($row['code_md5'])) {
$n .= 'm';
}
$active_plugins[] = $n;
}
}
$theme_manifest = $theme->manifest();
// Check GD info.
if (function_exists('gd_info')) {
$gd_info = gd_info();
$gd_support = array();
if ($gd_info['GIF Create Support']) {
$gd_support[] = 'GIF';
}
// Aside: In PHP 5.3, they chose to add a previously unemployed capital "E" to the array key.
if (!empty($gd_info['JPEG Support']) || !empty($gd_info['JPG Support'])) {
$gd_support[] = 'JPG';
}
if ($gd_info['PNG Support']) {
$gd_support[] = 'PNG';
}
if ($gd_support) {
$gd_support = join(', ', $gd_support);
} else {
$gd_support = gTxt('none');
}
$gd = gTxt('gd_info', array('{version}' => $gd_info['GD Version'], '{supported}' => $gd_support));
} else {
$gd = gTxt('gd_unavailable');
}
if (realpath($prefs['tempdir']) === realpath($prefs['plugin_cache_dir'])) {
$fail['tmp_plugin_paths_match'] = diag_msg_wrap(gTxt('tmp_plugin_paths_match'));
}
// Database server time.
extract(doSpecial(getRow('select @@global.time_zone as db_global_timezone, @@session.time_zone as db_session_timezone, now() as db_server_time, unix_timestamp(now()) as db_server_timestamp')));
$db_server_timeoffset = $db_server_timestamp - $now;
echo pagetop(gTxt('tab_diagnostics'), '');
echo hed(gTxt('tab_diagnostics'), 1, array('class' => 'txp-heading'));
echo n . '<div id="' . $event . '_container" class="txp-container">' . n . '<div id="pre_flight_check">' . hed(gTxt('preflight_check'), 2);
if ($fail) {
foreach ($fail as $help => $message) {
echo graf(nl2br($message) . popHelp($help));
}
} else {
echo graf(diag_msg_wrap(gTxt('all_checks_passed'), 'success'));
}
echo '</div>';
echo '<div id="diagnostics">', hed(gTxt('diagnostic_info'), 2);
$fmt_date = '%Y-%m-%d %H:%M:%S';
$out = array('<p><textarea class="code" id="diagnostics-detail" cols="' . INPUT_LARGE . '" rows="' . TEXTAREA_HEIGHT_LARGE . '" dir="ltr" readonly>', gTxt('txp_version') . cs . txp_version . ' (' . check_file_integrity(INTEGRITY_DIGEST) . ')' . n, gTxt('last_update') . cs . gmstrftime($fmt_date, $dbupdatetime) . '/' . gmstrftime($fmt_date, @filemtime(txpath . '/update/_update.php')) . n, gTxt('document_root') . cs . @$_SERVER['DOCUMENT_ROOT'] . ($real_doc_root != @$_SERVER['DOCUMENT_ROOT'] ? ' (' . $real_doc_root . ')' : '') . n, '$path_to_site' . cs . $path_to_site . n, gTxt('txp_path') . cs . txpath . n, gTxt('permlink_mode') . cs . $permlink_mode . n, ini_get('open_basedir') ? 'open_basedir: ' . ini_get('open_basedir') . n : '', ini_get('upload_tmp_dir') ? 'upload_tmp_dir: ' . ini_get('upload_tmp_dir') . n : '', gTxt('tempdir') . cs . $tempdir . n, gTxt('web_domain') . cs . $siteurl . n, gTxt('php_version') . cs . phpversion() . n, $is_register_globals ? gTxt('register_globals') . cs . $is_register_globals . n : '', gTxt('gd_library') . cs . $gd . n, gTxt('server') . ' TZ: ' . Txp::get('Textpattern_Date_Timezone')->getTimeZone() . n, gTxt('server_time') . cs . strftime('%Y-%m-%d %H:%M:%S') . n, strip_tags(gTxt('is_dst')) . cs . $is_dst . n, strip_tags(gTxt('auto_dst')) . cs . $auto_dst . n, strip_tags(gTxt('gmtoffset')) . cs . $timezone_key . sp . "({$gmtoffset})" . n, 'MySQL' . cs . mysql_get_server_info() . n, gTxt('db_server_time') . cs . $db_server_time . n, gTxt('db_server_timeoffset') . cs . $db_server_timeoffset . ' s' . n, gTxt('db_global_timezone') . cs . $db_global_timezone . n, gTxt('db_session_timezone') . cs . $db_session_timezone . n, gTxt('locale') . cs . $locale . n, isset($_SERVER['SERVER_SOFTWARE']) ? gTxt('server') . cs . $_SERVER['SERVER_SOFTWARE'] . n : '', is_callable('apache_get_version') ? gTxt('apache_version') . cs . @apache_get_version() . n : '', gTxt('php_sapi_mode') . cs . PHP_SAPI . n, gTxt('rfc2616_headers') . cs . ini_get('cgi.rfc2616_headers') . n, gTxt('os_version') . cs . php_uname('s') . ' ' . php_uname('r') . n, $active_plugins ? gTxt('active_plugins') . cs . join(', ', $active_plugins) . n : '', gTxt('theme_name') . cs . $theme_name . sp . $theme_manifest['version'] . n, $fail ? n . gTxt('preflight_check') . cs . n . ln . join("\n", doStripTags($fail)) . n . ln : '', is_readable($path_to_site . '/.htaccess') ? n . gTxt('htaccess_contents') . cs . n . ln . txpspecialchars(join('', file($path_to_site . '/.htaccess'))) . n . ln : '');
if ($step == 'high') {
$out[] = n . 'Charset (default/config)' . cs . $DB->default_charset . '/' . $DB->charset . n;
$result = safe_query("SHOW variables like 'character_se%'");
while ($row = mysql_fetch_row($result)) {
$out[] = $row[0] . cs . $row[1] . n;
if ($row[0] == 'character_set_connection') {
$conn_char = $row[1];
}
}
$table_names = array(PFX . 'textpattern');
$result = safe_query("SHOW TABLES LIKE '" . PFX . "txp\\_%'");
while ($row = mysql_fetch_row($result)) {
$table_names[] = $row[0];
}
$table_msg = array();
foreach ($table_names as $table) {
$ctr = safe_query("SHOW CREATE TABLE " . $table . "");
if (!$ctr) {
unset($table_names[$table]);
continue;
}
$ctcharset = preg_replace('#^CREATE TABLE.*SET=([^ ]+)[^)]*$#is', '\\1', mysql_result($ctr, 0, 'Create Table'));
if (isset($conn_char) && !stristr($ctcharset, 'CREATE') && $conn_char != $ctcharset) {
$table_msg[] = "{$table} is {$ctcharset}";
}
$ctr = safe_query("CHECK TABLE " . $table);
if (in_array(mysql_result($ctr, 0, 'Msg_type'), array('error', 'warning'))) {
$table_msg[] = $table . cs . mysql_result($ctr, 0, 'Msg_Text');
}
}
if ($table_msg == array()) {
$table_msg = count($table_names) < 17 ? array('-') : array('OK');
}
$out[] = count($table_names) . ' Tables' . cs . implode(', ', $table_msg) . n;
$cf = preg_grep('/^custom_\\d+/', getThings('describe `' . PFX . 'textpattern`'));
$out[] = n . get_pref('max_custom_fields', 10) . sp . gTxt('custom') . cs . implode(', ', $cf) . sp . '(' . count($cf) . ')' . n;
$extns = get_loaded_extensions();
$extv = array();
foreach ($extns as $e) {
$extv[] = $e . (phpversion($e) ? '/' . phpversion($e) : '');
}
$out[] = n . gTxt('php_extensions') . cs . join(', ', $extv) . n;
if (is_callable('apache_get_modules')) {
$out[] = n . gTxt('apache_modules') . cs . join(', ', apache_get_modules()) . n;
}
if (@is_array($pretext_data) and count($pretext_data) > 1) {
$out[] = n . gTxt('pretext_data') . cs . txpspecialchars(join('', array_slice($pretext_data, 1, 20))) . n;
}
$out[] = n;
if ($md5s = check_file_integrity(INTEGRITY_MD5)) {
foreach ($md5s as $f => $checksum) {
$out[] = $f . cs . n . t . (!$checksum ? gTxt('unknown') : $checksum) . n;
}
}
$out[] = n . ln;
}
$out[] = callback_event('diag_results', $step) . n;
$out[] = '</textarea></p>';
$dets = array('low' => gTxt('low'), 'high' => gTxt('high'));
$out[] = form(graf(eInput('diag') . n . '<label>' . gTxt('detail') . '</label>' . selectInput('step', $dets, $step, 0, 1)));
echo join('', $out), '</div>', '</div>';
}
/**
* Executes the real action for @see udpateArticleId and @see newArticle
* @param array $incoming containing the desired article fields
* @param mixed(string|integer) $article_id the ID of the article to update
* @return mixed integer article id on success, false otherwise
* @access private
*/
function _setArticle($incoming, $article_id = null)
{
global $txpcfg;
$prefs = get_prefs();
extract($prefs);
if (!empty($incoming['Section']) && !$this->getSection($incoming['Section'])) {
return false;
}
if (!empty($incoming['Category1']) && !$this->getCategory($incoming['Category1'])) {
return false;
}
if (!empty($incoming['Category2']) && !$this->getCategory($incoming['Category2'])) {
return false;
}
if ($article_id !== null) {
$article_id = assert_int($article_id);
}
//All validation rules assumed to be passed before this point.
//Do content processing here
$incoming_with_markup = $this->textile_main_fields($incoming, $use_textile);
$incoming['Title'] = $incoming_with_markup['Title'];
if (empty($incoming['Body_html']) && !empty($incoming['Body'])) {
$incoming['Body_html'] = $incoming_with_markup['Body_html'];
}
if (empty($incoming['Excerpt_html']) && !empty($incoming['Excerpt'])) {
$incoming['Excerpt_html'] = $incoming_with_markup['Excerpt_html'];
}
unset($incoming_with_markup);
if (empty($incoming['Posted'])) {
if ($article_id === null) {
$when = !$article_id ? 'now()' : '';
$incoming['Posted'] = $when;
} else {
# do not override post time for existing articles unless Posted is present
unset($incoming['Posted']);
}
} else {
$when = strtotime($incoming['Posted']) - tz_offset();
$when = "from_unixtime({$when})";
}
if ($incoming['Title'] || $incoming['Body'] || $incoming['Excerpt']) {
//Build SQL then and run query
//Prevent data erase if not defined on the update action
//but it was on the DB from a previous creation/edition time
if ($article_id) {
$old = safe_row('*', 'textpattern', "ID = {$article_id}");
//Status should be defined previously. Be sure of that.
if (!has_privs('article.publish', $this->txp_user) && $incoming['Status'] == 4 && $old['Status'] != 4) {
$incoming['Status'] = 3;
}
foreach ($old as $key => $val) {
if (!isset($incoming[$key])) {
$incoming[$key] = $val;
}
}
} else {
//Status should be defined previously. Be sure of that.
if (!has_privs('article.publish', $this->txp_user) && $incoming['Status'] == 4) {
$incoming['Status'] = 3;
}
}
if (empty($incoming['Section']) && $article_id) {
$incoming['Section'] = safe_field('Section', 'textpattern', "ID = {$article_id}");
}
$incoming = $this->_check_keys($incoming, array('AuthorID' => $this->txp_user, 'Annotate' => $comments_on_default, 'AnnotateInvite' => $comments_default_invite, 'textile_body' => $use_textile, 'textile_excerpt' => $use_textile, 'url_title' => stripSpace($incoming['Title'])));
//Build the SQL query
$sql = array();
foreach ($incoming as $key => $val) {
if ($key == 'Posted' && $val == 'now()') {
$sql[] = "{$key} = {$val}";
} elseif ($key != 'ID' && $key != 'uid' && $key != 'feed_time' && $key != 'LastMod' && $key != 'LastModID') {
$sql[] = "{$key} = '" . doSlash($val) . "'";
}
}
$sql[] = 'LastMod = now()';
$sql[] = "LastModID = '" . doSlash($this->txp_user) . "'";
if (!$article_id) {
$sql[] = "uid = '" . doSlash(md5(uniqid(rand(), true))) . "'";
}
if (!$article_id) {
if (empty($incoming['Posted'])) {
$sql[] = "feed_time = curdate()";
} else {
$when = strtotime($incoming['Posted']) - tz_offset();
$when = strftime("%Y-%m-%d", $when);
$sql[] = "feed_time ='" . doSlash($when) . "'";
}
}
$sql = join(', ', $sql);
$rs = $article_id ? safe_update('textpattern', $sql, "ID = {$article_id}") : safe_insert('textpattern', $sql);
$oldstatus = $article_id ? $old['Status'] : '';
if (!$article_id && $rs) {
$article_id = $rs;
}
if ($incoming['Status'] >= 4 && !$article_id || $oldstatus != 4 && $article_id) {
safe_update("txp_prefs", "val = now()", "name = 'lastmod'");
//@$this->_sendPings();
}
return $article_id;
}
return false;
}
function file_list($message = '')
{
global $txpcfg, $extensions, $file_base_path;
extract($txpcfg);
extract(get_prefs());
pagetop(gTxt('file'), $message);
$page = gps('page');
$total = getCount('txp_file', "1=1");
$limit = max(@$file_list_pageby, 25);
$numPages = ceil($total / $limit);
$page = !$page ? 1 : $page;
$offset = ($page - 1) * $limit;
$sort = gps('sort');
$dir = gps('dir');
$sort = $sort ? $sort : 'filename';
$dir = $dir ? $dir : 'desc';
if ($dir == "desc") {
$dir = "asc";
} else {
$dir = "desc";
}
$existing_files = get_filenames();
echo startTable('list'), tr(tda(file_upload_form(gTxt('upload_file'), 'upload', 'file_insert'), ' colspan="4" style="border:0"')), count($existing_files) > 0 ? tr(tda(form(graf(gTxt('existing_file') . sp . selectInput('filename', $existing_files, "", 1) . sp . fInput('submit', '', gTxt('Create'), 'smallerbox') . sp . eInput('file') . sInput('file_create'))), ' colspan="4" style="border:0"')) : '', tr(column_head('Id', 'id', 'file', 1, $dir) . column_head('file_name', 'filename', 'file', 1, $dir) . td(gTxt('status')) . td(gTxt('tags')) . column_head('file_category', 'category', 'file', 1, $dir) . column_head('description', 'description', 'file', 1, $dir) . column_head('downloads', 'downloads', 'file', 1, $dir) . td());
$nav[] = $page > 1 ? PrevNextLink("file", $page - 1, gTxt('prev'), 'prev') : '';
$nav[] = sp . small($page . '/' . $numPages) . sp;
$nav[] = $page != $numPages ? PrevNextLink("file", $page + 1, gTxt('next'), 'next') : '';
$rs = safe_rows_start("*", "txp_file", "1=1 order by {$sort} {$dir} limit {$offset}, {$limit}");
if ($rs) {
while ($a = nextRow($rs)) {
extract($a);
// does the downloads column exist?
if (!isset($downloads)) {
// nope, add it
safe_alter("txp_file", "ADD downloads INT DEFAULT '0' NOT NULL");
$downloads = 0;
} else {
if (empty($downloads)) {
$downloads = '0';
}
}
$elink = eLink('file', 'file_edit', 'id', $id, $filename);
$dlink = dLink('file', 'file_delete', 'id', $id);
//Add tags helper
$txtilelink = '<a target="_blank" href="?event=tag' . a . 'name=file' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename) . a . 'type=textile" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">Textile</a>';
$txplink = '<a target="_blank" href="?event=tag' . a . 'name=file' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename) . a . 'type=textpattern" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">Textpattern</a>';
$xhtmlink = '<a target="_blank" href="?event=tag' . a . 'name=file' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename) . a . 'type=xhtml" onclick="window.open(this.href, \'popupwindow\', \'width=400,height=400,scrollbars,resizable\'); return false;">XHTML</a>';
$file_exists = file_exists(build_file_path($file_base_path, $filename));
$missing = '<span style="color:';
$missing .= $file_exists ? 'green' : 'red';
$missing .= '">';
$missing .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing');
$missing .= '</span>';
$downloadlink = $file_exists ? make_download_link($id, $filename, $id) : $id;
echo tr(td($downloadlink) . td($elink) . td($missing) . td($txtilelink . ' / ' . $txplink . ' / ' . $xhtmlink) . td($category, 90) . td($description, 150) . td($downloads == '0' ? " 0" : $downloads, 20) . td($dlink, 10));
}
echo tr(tdcs(graf(join('', $nav)), 4));
}
echo endTable();
echo pageby_form('file', $file_list_pageby);
if (!is_dir($file_base_path) or !is_writeable($file_base_path)) {
echo graf(str_replace("{filedir}", $file_base_path, gTxt('file_dir_not_writeable')), ' style="text-align:center;color:red"');
}
}
function doDiagnostics()
{
global $files, $txpcfg, $step;
extract(get_prefs());
$urlparts = parse_url(hu);
$mydomain = $urlparts['host'];
$server_software = @$_SERVER['SERVER_SOFTWARE'] || @$_SERVER['HTTP_HOST'] ? @$_SERVER['SERVER_SOFTWARE'] ? @$_SERVER['SERVER_SOFTWARE'] : $_SERVER['HTTP_HOST'] : '';
$is_apache = ($server_software and stristr($server_software, 'Apache')) or is_callable('apache_get_version');
$real_doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? realpath($_SERVER['DOCUMENT_ROOT']) : '';
// ini_get() returns string values passed via php_value as a string, not boolean
$is_register_globals = (strcasecmp(ini_get('register_globals'), 'on') === 0 or ini_get('register_globals') === '1');
$fail = array('path_to_site_missing' => !isset($path_to_site) ? gTxt('path_to_site_missing') : '', 'dns_lookup_fails' => @gethostbyname($mydomain) == $mydomain ? gTxt('dns_lookup_fails') . cs . $mydomain : '', 'path_to_site_inacc' => !@is_dir($path_to_site) ? gTxt('path_to_site_inacc') . cs . $path_to_site : '', 'site_trailing_slash' => rtrim($siteurl, '/') != $siteurl ? gTxt('site_trailing_slash') . cs . $path_to_site : '', 'index_inaccessible' => (!@is_file($path_to_site . "/index.php") or !@is_readable($path_to_site . "/index.php")) ? "{$path_to_site}/index.php " . gTxt('is_inaccessible') : '', 'dir_not_writable' => trim((!@is_writable($path_to_site . '/' . $img_dir) ? str_replace('{dirtype}', gTxt('img_dir'), gTxt('dir_not_writable')) . ": {$path_to_site}/{$img_dir}\r\n" : '') . (!@is_writable($file_base_path) ? str_replace('{dirtype}', gTxt('file_base_path'), gTxt('dir_not_writable')) . ": {$file_base_path}\r\n" : '') . (!@is_writable($tempdir) ? str_replace('{dirtype}', gTxt('tempdir'), gTxt('dir_not_writable')) . ": {$tempdir}\r\n" : '')), 'cleanurl_only_apache' => ($permlink_mode != 'messy' and !$is_apache) ? gTxt('cleanurl_only_apache') : '', 'htaccess_missing' => ($permlink_mode != 'messy' and !@is_readable($path_to_site . '/.htaccess')) ? gTxt('htaccess_missing') : '', 'mod_rewrite_missing' => ($permlink_mode != 'messy' and is_callable('apache_get_modules') and !apache_module('mod_rewrite')) ? gTxt('mod_rewrite_missing') : '', 'file_uploads_disabled' => !ini_get('file_uploads') ? gTxt('file_uploads_disabled') : '', 'setup_still_exists' => @is_dir($txpcfg['txpath'] . DS . 'setup') ? $txpcfg['txpath'] . DS . "setup" . DS . ' ' . gTxt('still_exists') : '', 'no_temp_dir' => empty($tempdir) ? gTxt('no_temp_dir') : '', 'warn_mail_unavailable' => !is_callable('mail') ? gTxt('warn_mail_unavailable') : '', 'warn_register_globals_or_update' => $is_register_globals && (version_compare(phpversion(), '4.4.0', '<=') or version_compare(phpversion(), '5.0.0', '>=') and version_compare(phpversion(), '5.0.5', '<=')) ? gTxt('warn_register_globals_or_update') : '');
if ($permlink_mode != 'messy') {
$rs = safe_column("name", "txp_section", "1");
foreach ($rs as $name) {
if (@file_exists($path_to_site . '/' . $name)) {
$fail['old_placeholder_exists'] = gTxt('old_placeholder') . ": {$path_to_site}/{$name}";
}
}
}
$missing = array();
foreach ($files as $f) {
if (!is_readable($txpcfg['txpath'] . $f)) {
$missing[] = $txpcfg['txpath'] . $f;
}
}
if ($missing) {
$fail['missing_files'] = gTxt('missing_files') . cs . join(', ', $missing);
}
foreach ($fail as $k => $v) {
if (empty($v)) {
unset($fail[$k]);
}
}
# Find the highest revision number
$file_revs = array();
$rev = 0;
foreach ($files as $f) {
$lines = @file($txpcfg['txpath'] . $f);
if ($lines) {
foreach ($lines as $line) {
if (preg_match('/^\\$LastChangedRevision: (\\w+) \\$/', $line, $match)) {
$file_revs[$f] = $match[1];
if ($match[1] > $rev) {
$rev = $match[1];
}
}
}
}
}
echo pagetop(gTxt('tab_diagnostics'), ''), startTable('list'), tr(td(hed(gTxt('preflight_check'), 1)));
if ($fail) {
foreach ($fail as $help => $message) {
echo tr(tda(nl2br($message) . popHelp($help), ' style="color:red;"'));
}
} else {
echo tr(td(gTxt('all_checks_passed')));
}
echo tr(td(hed(gTxt('diagnostic_info'), 1)));
$fmt_date = '%Y-%m-%d %H:%M:%S';
$out = array('<textarea style="width:500px;height:300px;" readonly="readonly">', gTxt('txp_version') . cs . txp_version . ' (' . ($rev ? 'r' . $rev : 'unknown revision') . ')' . n, gTxt('last_update') . cs . gmstrftime($fmt_date, $dbupdatetime) . '/' . gmstrftime($fmt_date, @filemtime(txpath . '/update/_update.php')) . n, gTxt('document_root') . cs . @$_SERVER['DOCUMENT_ROOT'] . ($real_doc_root != @$_SERVER['DOCUMENT_ROOT'] ? ' (' . $real_doc_root . ')' : '') . n, '$path_to_site' . cs . $path_to_site . n, gTxt('txp_path') . cs . $txpcfg['txpath'] . n, gTxt('permlink_mode') . cs . $permlink_mode . n, ini_get('open_basedir') ? 'open_basedir: ' . ini_get('open_basedir') . n : '', ini_get('upload_tmp_dir') ? 'upload_tmp_dir: ' . ini_get('upload_tmp_dir') . n : '', gTxt('tempdir') . cs . $tempdir . n, gTxt('web_domain') . cs . $siteurl . n, getenv('TZ') ? 'TZ: ' . getenv('TZ') . n : '', gTxt('php_version') . cs . phpversion() . n, $is_register_globals ? gTxt('register_globals') . cs . $is_register_globals . n : '', gTxt('server_time') . cs . strftime('%Y-%m-%d %H:%M:%S') . n, 'MySQL' . cs . mysql_get_server_info() . n, gTxt('locale') . cs . $locale . n, isset($_SERVER['SERVER_SOFTWARE']) ? gTxt('server') . cs . $_SERVER['SERVER_SOFTWARE'] . n : '', is_callable('apache_get_version') ? gTxt('apache_version') . cs . apache_get_version() . n : '', $fail ? n . gTxt('preflight_check') . cs . n . ln . join("\n", $fail) . n . ln : '', is_readable($path_to_site . '/.htaccess') ? n . gTxt('htaccess_contents') . cs . n . ln . join('', file($path_to_site . '/.htaccess')) . n . ln : '');
if ($step == 'high') {
$mysql_client_encoding = is_callable('mysql_client_encoding') ? mysql_client_encoding() : '-';
$out[] = n . 'Charset (default/config)' . cs . $mysql_client_encoding . '/' . @$txpcfg['dbcharset'] . n;
$result = safe_query("SHOW variables like 'character_se%'");
while ($row = mysql_fetch_row($result)) {
$out[] = $row[0] . cs . $row[1] . n;
if ($row[0] == 'character_set_connection') {
$conn_char = $row[1];
}
}
$table_names = array(PFX . 'textpattern');
$result = safe_query("SHOW TABLES LIKE '" . PFX . "txp\\_%'");
while ($row = mysql_fetch_row($result)) {
$table_names[] = $row[0];
}
$table_msg = array();
foreach ($table_names as $table) {
$ctr = safe_query("SHOW CREATE TABLE " . $table . "");
if (!$ctr) {
unset($table_names[$table]);
continue;
}
$ctcharset = preg_replace('#^CREATE TABLE.*SET=([^ ]+)[^)]*$#is', '\\1', mysql_result($ctr, 0, 'Create Table'));
if (isset($conn_char) && !stristr($ctcharset, 'CREATE') && $conn_char != $ctcharset) {
$table_msg[] = "{$table} is {$ctcharset}";
}
$ctr = safe_query("CHECK TABLE " . $table);
if (in_array(mysql_result($ctr, 0, 'Msg_type'), array('error', 'warning'))) {
$table_msg[] = $table . cs . mysql_result($ctr, 0, 'Msg_Text');
}
}
if ($table_msg == array()) {
$table_msg = count($table_names) < 18 ? array('-') : array('OK');
}
$out[] = count($table_names) . ' Tables' . cs . implode(', ', $table_msg) . n;
$extns = get_loaded_extensions();
$extv = array();
foreach ($extns as $e) {
$extv[] = $e . (phpversion($e) ? '/' . phpversion($e) : '');
}
$out[] = n . gTxt('php_extensions') . cs . join(', ', $extv) . n;
if (is_callable('apache_get_modules')) {
$out[] = n . gTxt('apache_modules') . cs . join(', ', apache_get_modules()) . n . n;
}
foreach ($files as $f) {
$rev = '';
$checksum = '';
if (is_callable('md5_file')) {
$checksum = md5_file($txpcfg['txpath'] . $f);
}
if (isset($file_revs[$f])) {
$rev = $file_revs[$f];
}
$out[] = "{$f}" . cs . ($rev ? "r" . $rev : gTxt('unknown')) . ' (' . ($checksum ? $checksum : gTxt('unknown')) . ')' . n;
}
}
$out[] = '</textarea>' . br;
$dets = array('low' => gTxt('low'), 'high' => gTxt('high'));
$out[] = form(eInput('diag') . n . gTxt('detail') . cs . selectInput('step', $dets, $step, 0, 1));
echo tr(td(join('', $out))), endTable();
}
$txpath = $txpcfg['txpath'];
if (isset($_POST['preview'])) {
include $txpath . '/publish.php';
textpattern();
exit;
}
// error_reporting(E_ALL);
// ini_set("display_errors","1");
include $txpath . '/lib/txplib_db.php';
include $txpath . '/lib/txplib_forms.php';
include $txpath . '/lib/txplib_html.php';
include $txpath . '/lib/txplib_misc.php';
include $txpath . '/lib/admin_config.php';
$microstart = getmicrotime();
$dbversion = safe_field('val', 'txp_prefs', "name = 'version'");
extract(get_prefs());
# define("LANG",$language);
define("LANG", "en-gb");
define('txp_version', $thisversion);
$textarray = load_lang(LANG);
if (!$dbversion or $dbversion != $thisversion) {
include_once '_update.php';
}
include $txpath . '/include/txp_auth.php';
include $txpath . '/lib/txplib_head.php';
$event = gps('event');
$step = gps('step');
include !$event ? $txpath . '/include/txp_article.php' : $txpath . '/include/txp_' . $event . '.php';
$microdiff = getmicrotime() - $microstart;
echo "\n<!-- Runtime: ", substr($microdiff, 0, 6), "-->";
end_page();
function customers_list($event = '', $step = '', $message = '')
{
global $statuses, $comments_disabled_after, $step, $txp_user;
pagetop("Customers", $message);
extract(get_prefs());
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'qty', 'search_method')));
$sesutats = array_flip($statuses);
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'RealName':
$sort_sql = 'RealName ' . $dir;
break;
case 'orders':
$sort_sql = 'orders ' . $dir;
break;
default:
$dir = 'desc';
$sort_sql = 'user_id ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = "privs = 0";
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "ID = '{$crit_escaped}'", 'title_body' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('txp_users', "{$criteria}");
if (isset($qty)) {
$customers_list_pageby = $qty;
} else {
$customers_list_pageby = 15;
}
$limit = max(@$customers_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
$rs = safe_rows_start('*', 'txp_users', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
$customersOnPage = $offset + $limit;
if ($rs) {
echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '700') . n . tr(n . tda("Displaying {$offset} - {$customersOnPage} of {$total} customers", ' colspan="2" style="border: none; padding-bottom: 15px;"') . n . tda('<a href="?event=customers&step=edit_customer" class="navlink">Add a new customer</a> <a href="?event=customers&step=export_customer" class="navlink">Export customers</a>', ' colspan="2" style="text-align: right; border: none; padding-bottom: 15px;"')) . n . tr(n . column_head('Customer', 'RealName', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Phone', 'shipping_phone', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Email', 'email', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Orders', 'order_num', 'customers', true, $switch_dir, $crit, $search_method));
include_once txpath . '/publish/taghandlers.php';
while ($a = nextRow($rs)) {
extract($a);
$order_num = safe_count("orders", "user_id = {$user_id}");
$RealName = eLink('customers', 'edit_customer', 'user_id', $user_id, $RealName);
$Orders = eLink('order', 'edit', 'customer', $name, $order_num);
echo n . n . tr(n . td($RealName, "25%") . td($billing_phone, "25%") . td($email, "25%") . td($Orders, "25%"));
}
echo n . endTable() . n . '</form>' . n . nav_form('customers', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('customers', $customers_list_pageby);
}
}
function orders_list($event, $step, $message = '')
{
global $statuses, $comments_disabled_after, $step, $txp_user;
pagetop("Orders", $message);
extract(get_prefs());
extract(doSlash($_REQUEST));
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
$sesutats = array_flip($statuses);
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'user_id':
$sort_sql = 'user_id ' . $dir;
break;
default:
$dir = 'desc';
$sort_sql = 'id ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = "order_status = 'pending'";
if (isset($show_approved)) {
$criteria .= " OR order_status = 'approved'";
$show_approved_selected = "checked='true'";
}
if (isset($show_shipped)) {
$criteria .= " OR order_status = 'shipped'";
$show_shipped_selected = "checked='true'";
}
if (isset($show_declined)) {
$criteria .= " OR order_status = 'declined'";
$show_declined_selected = "checked='true'";
}
if (isset($show_void)) {
$criteria .= " OR order_status = 'void'";
$show_void_selected = "checked='true'";
}
$total = safe_count('orders', "{$criteria}");
$limit = max(@$article_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
$rs = safe_rows_start('*', 'orders', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
$exportOptions = '<div style="display:none" id="exportOptions" class="list">' . br . 'Export <select name="orderType" onchange="if(this.value!=\'\'){window.location=\'http://' . $siteurl . '/textpattern/index.php\'+this.value}">' . n . n . '<option value="" selected="true">Select export options</option>' . n . '<option value="?event=orders&step=export_orders&type=pending">Pending</option>' . n . '<option value="?event=orders&step=export_orders&type=approved">Approved</option>' . n . '<option value="?event=orders&step=export_orders&type=shipped">Shipped</option>' . n . '<option value="?event=orders&step=export_orders&type=declined">Declined</option>' . n . '<option value="?event=orders&step=export_orders&type=void">Void</option>' . n . '<option value="?event=orders&step=export_orders&type=lastweek">All orders in the last 7 days</option>' . n . '<option value="?event=orders&step=export_orders&type=lastmonth">All orders in the last 30 days</option>' . n . '<option value="?event=orders&step=export_orders&type=all">All orders ever!</option></select> [<a href="javascript:void(0)" onclick="document.getElementById(\'exportOptions\').style.display = \'none\';">cancel</a>]' . '</div>';
if ($rs) {
echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . '<input type="hidden" name="event" value="orders"/>' . n . n . startTable('list', '', '', '', '700') . n . tr(n . tda("Displaying {$offset} - {$limit} of {$total} orders ", ' colspan="2" style="border: none; padding-bottom: 15px;"') . n . tda('<a href="javascript:void(0)" onclick="document.getElementById(\'exportOptions\').style.display=\'block\';" class="navlink">Export orders</a>' . $exportOptions, ' colspan="3" style="text-align: right; border: none; padding-bottom: 15px;"')) . n . tr(n . tda('Show <input type="checkbox" value="pending" name="show_pending" checked="checked" disabled="true"/> Pending
<input type="checkbox" value="approved" name="show_approved" ' . $show_approved_selected . '/> Approved
<input type="checkbox" value="shipped" name="show_shipped" ' . $show_shipped_selected . '/> Shipped
<input type="checkbox" value="declined" name="show_declined" ' . $show_declined_selected . '/> Declined
<input type="checkbox" value="void" name="show_void"' . $show_void_selected . ' /> Void
<input type="submit" value="Refresh"/> ', ' colspan="4" style="border: none; padding-bottom: 15px;"')) . n . tr(n . column_head('Order #', 'id', 'orders', true, $switch_dir, $crit, $search_method) . column_head('Customer', 'user_id', 'orders', true, $switch_dir, $crit, $search_method) . column_head('Order Date', 'date_created', 'orders', true, $switch_dir, $crit, $search_method) . column_head('Total', 'total', 'orders', true, $switch_dir, $crit, $search_method) . column_head('Status', 'order_status', 'orders', true, $switch_dir, $crit, $search_method));
include_once txpath . '/publish/taghandlers.php';
while ($a = nextRow($rs)) {
extract($a);
$edit_link = '<a href="?event=orders&step=edit_order&id=' . $id . '">' . $id . '</a> <small>[<a href="?event=orders&step=edit_order&id=' . $id . '">Edit</a> | <a href="?event=orders&step=delete_order&id=' . $id . '" onclick="if(!confirm(\'Are you sure?\')){return false;}">Delete</a>]</small>';
$user = safe_row("RealName, user_id", "txp_users", "user_id = '{$user_id}'");
$user_link = '<a href="?event=customers&step=edit_customer&user_id=' . $user_id . '">' . $user['RealName'] . '</a>';
echo n . n . tr(n . td($edit_link) . td($user_link) . td($date_created) . td('$' . $total) . td($order_status));
}
echo n . endTable() . n . '</form>' . n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('list', $article_list_pageby);
}
}
