/**
* Initialize all default tpl tags.
*/
private function initialize()
{
$this->tpl = new RainTPL();
try {
$version = ApplicationUtils::checkUpdate(shaarli_version, $GLOBALS['config']['UPDATECHECK_FILENAME'], $GLOBALS['config']['UPDATECHECK_INTERVAL'], $GLOBALS['config']['ENABLE_UPDATECHECK'], isLoggedIn(), $GLOBALS['config']['UPDATECHECK_BRANCH']);
$this->tpl->assign('newVersion', escape($version));
$this->tpl->assign('versionError', '');
} catch (Exception $exc) {
logm($GLOBALS['config']['LOG_FILE'], $_SERVER['REMOTE_ADDR'], $exc->getMessage());
$this->tpl->assign('newVersion', '');
$this->tpl->assign('versionError', escape($exc->getMessage()));
}
$this->tpl->assign('feedurl', escape(index_url($_SERVER)));
$searchcrits = '';
// Search criteria
if (!empty($_GET['searchtags'])) {
$searchcrits .= '&searchtags=' . urlencode($_GET['searchtags']);
}
if (!empty($_GET['searchterm'])) {
$searchcrits .= '&searchterm=' . urlencode($_GET['searchterm']);
}
$this->tpl->assign('searchcrits', $searchcrits);
$this->tpl->assign('source', index_url($_SERVER));
$this->tpl->assign('version', shaarli_version);
$this->tpl->assign('scripturl', index_url($_SERVER));
$this->tpl->assign('pagetitle', 'Shaarli');
$this->tpl->assign('privateonly', !empty($_SESSION['privateonly']));
// Show only private links?
if (!empty($GLOBALS['title'])) {
$this->tpl->assign('pagetitle', $GLOBALS['title']);
}
if (!empty($GLOBALS['titleLink'])) {
$this->tpl->assign('titleLink', $GLOBALS['titleLink']);
}
if (!empty($GLOBALS['pagetitle'])) {
$this->tpl->assign('pagetitle', $GLOBALS['pagetitle']);
}
$this->tpl->assign('shaarlititle', empty($GLOBALS['title']) ? 'Shaarli' : $GLOBALS['title']);
if (!empty($GLOBALS['plugin_errors'])) {
$this->tpl->assign('plugin_errors', $GLOBALS['plugin_errors']);
}
}
function install()
{
// On free.fr host, make sure the /sessions directory exists, otherwise login will not work.
if (endsWith($_SERVER['HTTP_HOST'], '.free.fr') && !is_dir($_SERVER['DOCUMENT_ROOT'] . '/sessions')) {
mkdir($_SERVER['DOCUMENT_ROOT'] . '/sessions', 0705);
}
// This part makes sure sessions works correctly.
// (Because on some hosts, session.save_path may not be set correctly,
// or we may not have write access to it.)
if (isset($_GET['test_session']) && (!isset($_SESSION) || !isset($_SESSION['session_tested']) || $_SESSION['session_tested'] != 'Working')) {
// Step 2: Check if data in session is correct.
echo '<pre>Sessions do not seem to work correctly on your server.<br>';
echo 'Make sure the variable session.save_path is set correctly in your php config, and that you have write access to it.<br>';
echo 'It currently points to ' . session_save_path() . '<br>';
echo 'Check that the hostname used to access Shaarli contains a dot. On some browsers, accessing your server via a hostname like \'localhost\' or any custom hostname without a dot causes cookie storage to fail. We recommend accessing your server via it\'s IP address or Fully Qualified Domain Name.<br>';
echo '<br><a href="?">Click to try again.</a></pre>';
die;
}
if (!isset($_SESSION['session_tested'])) {
// Step 1 : Try to store data in session and reload page.
$_SESSION['session_tested'] = 'Working';
// Try to set a variable in session.
header('Location: ' . index_url($_SERVER) . '?test_session');
// Redirect to check stored data.
}
if (isset($_GET['test_session'])) {
// Step 3: Sessions are OK. Remove test parameter from URL.
header('Location: ' . index_url($_SERVER));
}
if (!empty($_POST['setlogin']) && !empty($_POST['setpassword'])) {
$tz = 'UTC';
if (!empty($_POST['continent']) && !empty($_POST['city']) && isTimeZoneValid($_POST['continent'], $_POST['city'])) {
$tz = $_POST['continent'] . '/' . $_POST['city'];
}
$GLOBALS['timezone'] = $tz;
// Everything is ok, let's create config file.
$GLOBALS['login'] = $_POST['setlogin'];
$GLOBALS['salt'] = sha1(uniqid('', true) . '_' . mt_rand());
// Salt renders rainbow-tables attacks useless.
$GLOBALS['hash'] = sha1($_POST['setpassword'] . $GLOBALS['login'] . $GLOBALS['salt']);
$GLOBALS['title'] = empty($_POST['title']) ? 'Shared links on ' . escape(index_url($_SERVER)) : $_POST['title'];
$GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']);
try {
writeConfig($GLOBALS, isLoggedIn());
} catch (Exception $e) {
error_log('ERROR while writing config file after installation.' . PHP_EOL . $e->getMessage());
// TODO: do not handle exceptions/errors in JS.
echo '<script>alert("' . $e->getMessage() . '");document.location=\'?\';</script>';
exit;
}
echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>';
exit;
}
// Display config form:
list($timezone_form, $timezone_js) = generateTimeZoneForm();
$timezone_html = '';
if ($timezone_form != '') {
$timezone_html = '<tr><td><b>Timezone:</b></td><td>' . $timezone_form . '</td></tr>';
}
$PAGE = new PageBuilder();
$PAGE->assign('timezone_html', $timezone_html);
$PAGE->assign('timezone_js', $timezone_js);
$PAGE->renderPage('install');
exit;
}
function index_site($url, $reindex, $maxlevel, $soption, $url_inc, $url_not_inc, $can_leave_domain)
{
global $mysql_table_prefix, $command_line, $mainurl, $tmp_urls, $domain_arr, $all_keywords;
if (!isset($all_keywords)) {
$result = mysql_query("select keyword_ID, keyword from " . $mysql_table_prefix . "keywords");
echo mysql_error();
while ($row = mysql_fetch_array($result)) {
$all_keywords[addslashes($row[1])] = $row[0];
}
}
$compurl = parse_url($url);
if ($compurl['path'] == '') {
$url = $url . "/";
}
$t = microtime();
$a = getenv("REMOTE_ADDR");
$sessid = md5($t . $a);
$urlparts = parse_url($url);
$domain = $urlparts['host'];
if (isset($urlparts['port'])) {
$port = (int) $urlparts['port'];
} else {
$port = 80;
}
$result = mysql_query("select site_id from " . $mysql_table_prefix . "sites where url='{$url}'");
echo mysql_error();
$row = mysql_fetch_row($result);
$site_id = $row[0];
if ($site_id != "" && $reindex == 1) {
mysql_query("insert into " . $mysql_table_prefix . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')");
echo mysql_error();
$result = mysql_query("select url, level from " . $mysql_table_prefix . "links where site_id = {$site_id}");
while ($row = mysql_fetch_array($result)) {
$site_link = $row['url'];
$link_level = $row['level'];
if ($site_link != $url) {
mysql_query("insert into " . $mysql_table_prefix . "temp (link, level, id) values ('{$site_link}', {$link_level}, '{$sessid}')");
}
}
$qry = "update " . $mysql_table_prefix . "sites set indexdate=now(), spider_depth = {$maxlevel}, required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain={$can_leave_domain} where site_id={$site_id}";
mysql_query($qry);
echo mysql_error();
} else {
if ($site_id == '') {
mysql_query("insert into " . $mysql_table_prefix . "sites (url, indexdate, spider_depth, required, disallowed, can_leave_domain) " . "values ('{$url}', now(), {$maxlevel}, '{$url_inc}', '{$url_not_inc}', {$can_leave_domain})");
echo mysql_error();
$result = mysql_query("select site_ID from " . $mysql_table_prefix . "sites where url='{$url}'");
$row = mysql_fetch_row($result);
$site_id = $row[0];
} else {
mysql_query("update " . $mysql_table_prefix . "sites set indexdate=now(), spider_depth = {$maxlevel}, required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain={$can_leave_domain} where site_id={$site_id}");
echo mysql_error();
}
}
$result = mysql_query("select site_id, temp_id, level, count, num from " . $mysql_table_prefix . "pending where site_id='{$site_id}'");
echo mysql_error();
$row = mysql_fetch_row($result);
$pending = $row[0];
$level = 0;
$domain_arr = get_domains();
if ($pending == '') {
mysql_query("insert into " . $mysql_table_prefix . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')");
echo mysql_error();
} else {
if ($pending != '') {
printStandardReport('continueSuspended', $command_line);
mysql_query("select temp_id, level, count from " . $mysql_table_prefix . "pending where site_id='{$site_id}'");
echo mysql_error();
$sessid = $row[1];
$level = $row[2];
$pend_count = $row[3] + 1;
$num = $row[4];
$pending = 1;
$tmp_urls = get_temp_urls($sessid);
}
}
if ($reindex != 1) {
mysql_query("insert into " . $mysql_table_prefix . "pending (site_id, temp_id, level, count) values ('{$site_id}', '{$sessid}', '0', '0')");
echo mysql_error();
}
$time = time();
$omit = check_robot_txt($url);
printHeader($omit, $url, $command_line);
$mainurl = $url;
$num = 0;
while ($level <= $maxlevel && $soption == 'level' || $soption == 'full') {
if ($pending == 1) {
$count = $pend_count;
$pending = 0;
} else {
$count = 0;
}
$links = array();
$result = mysql_query("select distinct link from " . $mysql_table_prefix . "temp where level={$level} && id='{$sessid}' order by link");
echo mysql_error();
$rows = mysql_num_rows($result);
if ($rows == 0) {
break;
}
$i = 0;
while ($row = mysql_fetch_array($result)) {
$links[] = $row['link'];
}
reset($links);
while ($count < count($links)) {
$num++;
$thislink = $links[$count];
$urlparts = parse_url($thislink);
reset($omit);
$forbidden = 0;
foreach ($omit as $omiturl) {
$omiturl = trim($omiturl);
$omiturl_parts = parse_url($omiturl);
if ($omiturl_parts['scheme'] == '') {
$check_omit = $urlparts['host'] . $omiturl;
} else {
$check_omit = $omiturl;
}
if (strpos($thislink, $check_omit)) {
printRobotsReport($num, $thislink, $command_line);
check_for_removal($thislink);
$forbidden = 1;
break;
}
}
if (!check_include($thislink, $url_inc, $url_not_inc)) {
printUrlStringReport($num, $thislink, $command_line);
check_for_removal($thislink);
$forbidden = 1;
}
if ($forbidden == 0) {
printRetrieving($num, $thislink, $command_line);
$query = "select md5sum, indexdate from " . $mysql_table_prefix . "links where url='{$thislink}'";
$result = mysql_query($query);
echo mysql_error();
$rows = mysql_num_rows($result);
if ($rows == 0) {
index_url($thislink, $level + 1, $site_id, '', $domain, '', $sessid, $can_leave_domain, $reindex);
mysql_query("update " . $mysql_table_prefix . "pending set level = {$level}, count={$count}, num={$num} where site_id={$site_id}");
echo mysql_error();
} else {
if ($rows != 0 && $reindex == 1) {
$row = mysql_fetch_array($result);
$md5sum = $row['md5sum'];
$indexdate = $row['indexdate'];
index_url($thislink, $level + 1, $site_id, $md5sum, $domain, $indexdate, $sessid, $can_leave_domain, $reindex);
mysql_query("update " . $mysql_table_prefix . "pending set level = {$level}, count={$count}, num={$num} where site_id={$site_id}");
echo mysql_error();
} else {
printStandardReport('inDatabase', $command_line);
}
}
}
$count++;
}
$level++;
}
mysql_query("delete from " . $mysql_table_prefix . "temp where id = '{$sessid}'");
echo mysql_error();
mysql_query("delete from " . $mysql_table_prefix . "pending where site_id = '{$site_id}'");
echo mysql_error();
printStandardReport('completed', $command_line);
}
/**
* If on the main page, remove "index.php" from the URL resource
*/
public function testRemoveIndex()
{
$this->assertEquals('http://host.tld/', index_url(array('HTTPS' => 'Off', 'SERVER_NAME' => 'host.tld', 'SERVER_PORT' => '80', 'SCRIPT_NAME' => '/index.php')));
$this->assertEquals('http://host.tld/admin/', index_url(array('HTTPS' => 'Off', 'SERVER_NAME' => 'host.tld', 'SERVER_PORT' => '80', 'SCRIPT_NAME' => '/admin/index.php')));
}
function index_site($url, $reindex, $maxlevel, $soption, $url_inc, $url_not_inc, $can_leave, $use_robot, $use_nofollow, $cl, $all, $use_pref)
{
global $db_con, $mysql_table_prefix, $command_line, $mainurl, $tmp_urls, $domain_arr, $all_keywords, $smp, $follow_sitemap;
global $link_check, $smap_dir, $index_media, $clear, $create_sitemap, $tmp_dir, $domaincb;
global $max_links, $realnum, $debug, $no_log, $dba_act, $add_auth, $interrupt, $index_media, $thumb_folder;
if (!$can_leave) {
$can_leave = $domaincb;
}
$can_leave_domain = $can_leave;
$starttime = getmicrotime();
// start time to index this site
$black = '0';
// will become counter for hits of blacklist
$site_id = '';
$skip = '';
$smp = '0';
$omit = array();
$url = $db_con->real_escape_string(stripslashes($url));
if (strstr($interrupt, "-")) {
// if indexer should not be interrupted periodically
$interrupt = '999999';
// never
}
$int_count = $interrupt;
// $int_count will be decreased by each indexed link until $int_count = 1
printStandardReport('starting', $command_line, $no_log);
if (!isset($all_keywords)) {
mysqltest();
$sql_query = "SELECT keyword_ID, keyword from " . $mysql_table_prefix . "keywords";
$result = $db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
while ($row = $result->fetch_array(MYSQLI_NUM)) {
$all_keywords[addslashes($row[1])] = $row[0];
}
if ($clear == 1) {
clean_resource($result, '06');
}
}
$url = convert_url($url);
$compurl = parse_addr($url);
if ($compurl['path'] == '') {
$url = $url . "/";
}
$t = microtime();
$a = getenv("REMOTE_ADDR");
$sessid = md5($t . $a);
if ($url != '/') {
// ignore dummies
$urlparts = parse_addr($url);
$domain = $urlparts['host'];
if (isset($urlparts['port'])) {
$port = (int) $urlparts['port'];
} else {
$port = 80;
}
if (strpos($url, "?")) {
$url_bas = substr($url, 0, strpos($url, "?"));
} else {
$url_bas = $url;
}
mysqltest();
$sql_query = "SELECT * from " . $mysql_table_prefix . "sites where url like '{$url_bas}%'";
$result = $db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
$row = $result->fetch_array(MYSQLI_NUM);
$site_id = $row[0];
$authent = $row[2];
if ($add_auth && $authent) {
// for sites with authentication we need to verify the value
$url_status = url_status($url, $site_id, $sessid);
$url_parts = parse_all_url($url);
if ($url_status['state'] == 'ok' && $url_status['content'] == 'text') {
if ($url_status['relocate']) {
// if relocated, print message and redirect to new URL
printRedirected($url_status['relocate'], $url_status['path'], $cl);
if (strstr($url_status['path'], "//")) {
// if redirected to absolute URL, use this for further usage
$url = $url_status['path'];
} else {
$relo_url = str_replace($url_parts['query'], "", $url);
// url without query
$relo_url = substr($url, 0, strrpos($relo_url, "/") + 1);
// url without file name
if (strpos($url_status['path'], "./") === 0) {
// if redirected relativ to same folder depth
$url_status['path'] = str_replace("./", "", $url_status['path']);
$url = "" . $relo_url . "" . $url_status['path'] . "";
}
if (strpos($url_status['path'], "../") === 0) {
// if redirected relativ and one folder up
$url_status['path'] = str_replace("./", "", $url_status['path']);
$relo_url = substr($url, 0, strpos($url_parts['path']));
// url without file name
$relo_url = substr($url, 0, strrpos($relo_url, "/") + 1);
// url without last folder
$url = "" . $relo_url . "" . $url_status['path'] . "";
}
}
}
// read file
$contents = array();
$file = '';
$file = file_get_contents($url);
if ($file === FALSE) {
// we know another way to get the content
$get_charset = '';
$contents = getFileContents($url, $get_charset);
$file = $contents['file'];
}
// parse header only
preg_match("@<head[^>]*>(.*?)<\\/head>@si", $file, $regs);
$headdata = $regs[1];
// fetch the tag value
preg_match("/<meta +name *=[\"']?Sphider-plus[\"']? *content=[\"'](.*?)[\"']/i", $headdata, $res);
if (isset($res)) {
if ($authent != $res[1]) {
// invalid value in authentication tag
$skip = '1';
printHeader($omit, $url, $command_line);
printStandardReport('Skipped_03', $command_line, $no_log);
}
} else {
// no authentication tag found in header
$skip = '1';
printHeader($omit, $url, $command_line);
printStandardReport('Skipped_02', $command_line, $no_log);
}
} else {
$skip = '1';
printHeader($omit, $url, $command_line);
printStandardReport('statError', $command_line, $no_log);
}
}
if (!$skip) {
if ($site_id != "" && $reindex == 1) {
mysqltest();
$sql_query = "INSERT into " . $mysql_table_prefix . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')";
$db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
$sql_query = "SELECT url, level from " . $mysql_table_prefix . "links where site_id = {$site_id}";
$result = $db_con->query($sql_query);
while ($row = $result->fetch_array(MYSQLI_ASSOC)) {
$site_link = $row['url'];
$link_level = $row['level'];
if ($site_link != $url) {
$sql_query = "INSERT into " . $mysql_table_prefix . "temp (link, level, id) values ('{$site_link}', '{$link_level}', '{$sessid}')";
$db_con->query($sql_query);
}
}
$sql_query = "UPDATE " . $mysql_table_prefix . "sites set indexdate=now(), spider_depth ='{$maxlevel}', required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain='{$can_leave}', use_prefcharset='{$use_pref}' where site_id='{$site_id}'";
mysqltest();
$db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
} else {
if ($site_id == '') {
mysqltest();
$sql_query = "INSERT into " . $mysql_table_prefix . "sites (url, indexdate, spider_depth, required, disallowed, can_leave_domain, use_prefcharset) " . "values ('{$url}', now(), '{$maxlevel}', '{$url_inc}', '{$url_not_inc}', '{$can_leave_domain}', '{$use_pref}')";
$db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
$sql_query = "SELECT site_ID from " . $mysql_table_prefix . "sites where url='{$url}'";
$result = $db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
$row = $result->fetch_array(MYSQLI_NUM);
$site_id = $row[0];
if ($clear == 1) {
clean_resource($result, '09');
}
} else {
mysqltest();
$sql_query = "UPDATE " . $mysql_table_prefix . "sites set indexdate=now(), spider_depth ='{$maxlevel}', required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain='{$can_leave_domain}', use_prefcharset='{$use_pref}' where site_id='{$site_id}'";
$db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
}
}
$pending = array();
mysqltest();
$sql_query = "SELECT site_id, temp_id, level, count, num from " . $mysql_table_prefix . "pending where site_id='{$site_id}'";
$result = $db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
$row = $result->fetch_array(MYSQLI_NUM);
$pending = $row[0];
$level = '0';
$count = '0';
if ($clear == 1) {
clean_resource($result, '10');
}
$domain_arr = get_domains();
if ($pending == '') {
mysqltest();
$sql_query = "INSERT into " . $mysql_table_prefix . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')";
$db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
} else {
if ($pending != '') {
printStandardReport('continueSuspended', $command_line, $no_log);
mysqltest();
$pend_count = '0';
//$result = $db_con->query("SELECT temp_id, level, count from ".$mysql_table_prefix."pending where site_id='$site_id'");
$sql_query = "SELECT * from " . $mysql_table_prefix . "pending where site_id='{$site_id}'";
$result = $db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
$row = $result->fetch_array(MYSQLI_NUM);
if ($row) {
$sessid = $row[1];
$level = $row[2];
$pend_count = $row[3] + 1;
$num = $row[4];
$pending = 1;
$tmp_urls = get_temp_urls($sessid);
if ($clear == 1) {
clean_resource($result, '11');
}
}
}
}
if ($pending != 1) {
mysqltest();
$sql_query = "INSERT into " . $mysql_table_prefix . "pending (site_id, temp_id, level, count) values ('{$site_id}', '{$sessid}', '0', '0')";
$db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
}
$time = time();
$robots = "robots.txt";
// standardname of robots file
if ($use_robot == '1') {
$omit = check_robot_txt($url, $robots);
}
printHeader($omit, $url, $command_line);
if ($link_check == 1) {
printStandardReport('start_link_check', $command_line, $no_log);
}
if ($link_check == 0 && $reindex == 1) {
printStandardReport('start_reindex', $command_line, $no_log);
}
if ($link_check == 0 && $reindex == 0) {
printStandardReport('starting', $command_line, $no_log);
}
$mainurl = $url;
$realnum = $num;
$num = 0;
while ($level <= $maxlevel && $soption == 'level' || $soption == 'full') {
if ($pending == 1) {
$count = $pend_count;
$pending = 0;
} else {
$count = 0;
}
$links = array();
mysqltest();
$sql_query = "SELECT distinct link from " . $mysql_table_prefix . "temp where level={$level} && id='{$sessid}' order by link";
$result = $db_con->query($sql_query);
$rows = $result->num_rows;
if ($rows == 0) {
break;
}
while ($row = $result->fetch_array(MYSQLI_ASSOC)) {
$links[] = $row['link'];
}
// now loop through all available links(pages)
while ($count < count($links)) {
$num++;
$realnum++;
if ($realnum > $max_links) {
// if max. links per page reached
mysqltest();
$sql_query = "DELETE from " . $mysql_table_prefix . "temp where id = '{$sessid}'";
$db_con->query($sql_query);
$sql_query = "DELETE from " . $mysql_table_prefix . "pending where site_id = '{$site_id}'";
$db_con->query($sql_query);
printMaxLinks($max_links, $cl);
printStandardReport('completed', $command_line, $no_log);
return;
}
$thislink = $db_con->real_escape_string(stripslashes($links[$count]));
$urlparts = parse_addr($thislink);
$forbidden = 0;
if (is_array($omit)) {
// if valid robots.txt was found
reset($omit);
foreach ($omit as $omiturl) {
$omiturl = trim($omiturl);
$omiturl_parts = array();
$omiturl_parts = parse_addr($omiturl);
if (@$omiturl_parts['scheme'] == '') {
$check_omit = $urlparts['host'] . $omiturl;
} else {
$check_omit = $omiturl;
}
if (strpos($thislink, $check_omit)) {
printRobotsReport($num, $thislink, $command_line);
$realnum--;
check_for_removal($thislink);
$forbidden = 1;
break;
}
}
}
if (!check_include($thislink, $url_inc, $url_not_inc)) {
$realnum--;
printUrlStringReport($num, $thislink, $command_line);
//printUrlStringReport($realnum, $thislink, $command_line);
check_for_removal($thislink);
$forbidden = 1;
}
if ($forbidden == 0) {
printRetrieving($num, stripslashes(rawurldecode($thislink)), $command_line);
//printRetrieving($realnum, $thislink, $command_line);
mysqltest();
$sql_query = "SELECT md5sum, indexdate from " . $mysql_table_prefix . "links where url='{$thislink}'";
$result = $db_con->query($sql_query);
$rows = $result->num_rows;
if ($rows == 0) {
$url_status = index_url($thislink, $level + 1, $site_id, '', $domain, '', $sessid, $can_leave_domain, $reindex, $use_nofollow, $cl, $use_robot, $use_pref, $url_inc, $url_not_inc, $num);
// check for touching the blacklist and its count against limit
if ($url_status['black'] == "1") {
$black++;
if ($black > 20) {
// limit until aborting the indexation of this site
$url_status['aborted'] = "1";
$url_status['state'] = "<br /><br />Indexation aborted for this site, as it met too often the blacklist.";
}
} else {
$black = 0;
// reset counter, as should count only on continuous hits
}
// check for emergency exit
if ($url_status['aborted'] == "1") {
// delete all links from the temp table, which might be left for this site
mysqltest();
$sql_query = "DELETE from " . $mysql_table_prefix . "temp where id = '{$sessid}'";
$db_con->query($sql_query);
$sql_query = "DELETE from " . $mysql_table_prefix . "pending where site_id = '{$site_id}'";
$db_con->query($sql_query);
$sql_query = "UPDATE " . $mysql_table_prefix . "sites set indexdate=now() where url = '{$url}'";
$db_con->query($sql_query);
// end all loops
$forbidden = '1';
$omit = '';
$reindex = '';
$count = '9999999999';
$pending = array();
if (!stristr($url_status['state'], "NOHOST") && !stristr($url_status['state'], "black")) {
// NOHOST warning will be printed separately
printWarning($url_status['state'], $command_line, $no_log);
}
}
if (stristr($url_status['state'], "NOHOST")) {
// delete all links from the temp table, which might be left for this site, etc
mysqltest();
$sql_query = "DELETE from " . $mysql_table_prefix . "temp where id = '{$sessid}'";
$db_con->query($sql_query);
$sql_query = "DELETE from " . $mysql_table_prefix . "pending where site_id = '{$site_id}'";
$db_con->query($sql_query);
$sql_query = "UPDATE " . $mysql_table_prefix . "sites set indexdate=now() where url = '{$url}'";
$db_con->query($sql_query);
// end all loops
$forbidden = '1';
$omit = '';
$reindex = '';
$count = '9999999999';
$pending = array();
printWarning($url_status['state'], $command_line, $no_log);
return;
}
// check for UFO file or invalid suffix (by redirected URL)
if (stristr($url_status['state'], "ufo")) {
//printWarning($url_status['state'],$command_line, $no_log);
}
if ($url_status['state'] != "ok") {
printWarning($url_status['state'], $command_line, $no_log);
}
mysqltest();
$sql_query = "UPDATE " . $mysql_table_prefix . "pending set level ='{$level}', count='{$count}', num='{$realnum}' where site_id='{$site_id}'";
$db_con->query($sql_query);
} else {
if ($rows != 0 && $reindex == 1) {
$row = $result->fetch_array(MYSQLI_ASSOC);
$md5sum = $row['md5sum'];
$indexdate = $row['indexdate'];
if ($link_check == 1 && $reindex == 1) {
link_check($thislink, $level + 1, $sessid, $can_leave_domain, $reindex, $site_id);
} else {
$url_status = index_url($thislink, $level + 1, $site_id, $md5sum, $domain, $indexdate, $sessid, $can_leave_domain, $reindex, $use_nofollow, $cl, $use_robot, $use_pref, $url_inc, $url_not_inc, $num);
// check for emergency exit
if ($url_status['aborted']) {
// delete all links from the temp table, which might be left for this site
mysqltest();
$sql_query = "DELETE from " . $mysql_table_prefix . "temp where id = '{$sessid}'";
$db_con->query($sql_query);
// end all loops
$forbidden = '1';
$omit = '';
$reindex = '';
$count = '9999999999';
$pending = array();
printWarning($url_status['state'], $command_line, $no_log);
}
}
} else {
printStandardReport('inDatabase', $command_line, $no_log);
$realnum--;
//$num--;
}
}
if ($rows != 0) {
mysqltest();
$sql_query = "UPDATE " . $mysql_table_prefix . "pending set level ='{$level}', count='{$count}', num='{$realnum}' where site_id='{$site_id}'";
$db_con->query($sql_query);
}
if ($clear == 1) {
clean_resource($result, '13');
}
}
// check for interrupt counter
if ($int_count == '1') {
// interrupt the index procedure until interactive resume
$sql_query = "UPDATE " . $mysql_table_prefix . "pending set level ='{$level}', count='{$count}', num='{$realnum}' where site_id='{$site_id}'";
$db_con->query($sql_query);
printInterrupt($interrupt, $url, $cl);
die;
}
$count++;
$int_count--;
}
$level++;
}
}
mysqltest();
$sql_query = "DELETE from " . $mysql_table_prefix . "temp where id = '{$sessid}'";
$db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
$sql_query = "DELETE from " . $mysql_table_prefix . "pending where site_id = '{$site_id}'";
$db_con->query($sql_query);
if ($debug && $db_con->errno) {
$err_row = __LINE__ - 2;
printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error);
if (__FUNCTION__) {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>");
} else {
printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>");
}
printf("<p><span class='red'> Script execution aborted. <br /></span>");
printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>");
echo "<p> {$sql_query} </p>";
exit;
}
if ($create_sitemap == 1) {
create_sitemap($site_id, $url);
}
printStandardReport('completed', $command_line, $no_log);
$stats = get_Stats();
printDatabase($stats, $cl);
}
if ($index_media) {
// delete all thumbnails in .../admin/tmp/thumbs/ folder
clear_folder("." . $thumb_folder);
}
}
/**
* Returns the absolute URL of the current script, with the query
*
* If the resource is "index.php", then it is removed (for better-looking URLs)
*
* @param array $server the $_SERVER array
*
* @return string the absolute URL of the current script, with the query
*/
function page_url($server)
{
if (!empty($server['QUERY_STRING'])) {
return index_url($server) . '?' . $server['QUERY_STRING'];
}
return index_url($server);
}
function index_site($url, $reindex, $maxlevel, $soption, $url_inc, $url_not_inc, $can_leave_domain, $use_robot)
{
global $command_line, $mainurl, $tmp_urls, $domain_arr, $all_keywords, $smp, $realnum;
printStandardReport('starting', $command_line);
$smp = '0';
if (!isset($all_keywords)) {
$result = mysql_query("select keyword_ID, keyword from " . TABLE_PREFIX . "keywords");
if (DEBUG > '0') {
echo mysql_error();
}
while ($row = mysql_fetch_array($result)) {
$all_keywords[addslashes($row[1])] = $row[0];
}
clean_resource($result);
}
$compurl = parse_url($url);
if (isset($compurl['path']) && $compurl['path'] == '') {
$url = $url . "/";
}
$t = microtime();
$a = getenv("REMOTE_ADDR");
$sessid = md5($t . $a);
if ($url != '/') {
// ignore dummies
$urlparts = parse_url($url);
$domain = $urlparts['host'];
if (isset($urlparts['port'])) {
$port = (int) $urlparts['port'];
} else {
$port = 80;
}
$result = mysql_query("select site_id from " . TABLE_PREFIX . "sites where url='{$url}'");
if (DEBUG > '0') {
echo mysql_error();
}
$row = mysql_fetch_row($result);
$site_id = $row[0];
clean_resource($result);
if ($site_id != "" && $reindex == 1) {
mysql_query("insert into " . TABLE_PREFIX . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')");
if (DEBUG > '0') {
echo mysql_error();
}
$result = mysql_query("select url, level from " . TABLE_PREFIX . "links where site_id = {$site_id}");
while ($row = mysql_fetch_array($result)) {
$site_link = $row['url'];
$link_level = $row['level'];
if ($site_link != $url) {
mysql_query("insert into " . TABLE_PREFIX . "temp (link, level, id) values ('{$site_link}', {$link_level}, '{$sessid}')");
}
}
clean_resource($result);
$qry = "update " . TABLE_PREFIX . "sites set indexdate=now(), spider_depth = {$maxlevel}, required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain={$can_leave_domain} where site_id={$site_id}";
mysql_query($qry);
if (DEBUG > '0') {
echo mysql_error();
}
} else {
if ($site_id == '') {
mysql_query("insert into " . TABLE_PREFIX . "sites (url, indexdate, spider_depth, required, disallowed, can_leave_domain) " . "values ('{$url}', now(), {$maxlevel}, '{$url_inc}', '{$url_not_inc}', {$can_leave_domain})");
if (DEBUG > '0') {
echo mysql_error();
}
$result = mysql_query("select site_ID from " . TABLE_PREFIX . "sites where url='{$url}'");
$row = mysql_fetch_row($result);
$site_id = $row[0];
clean_resource($result);
} else {
mysql_query("update " . TABLE_PREFIX . "sites set indexdate=now(), spider_depth = {$maxlevel}, required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain={$can_leave_domain} where site_id={$site_id}");
if (DEBUG > '0') {
echo mysql_error();
}
}
}
$result = mysql_query("select site_id, temp_id, level, count, num from " . TABLE_PREFIX . "pending where site_id='{$site_id}'");
if (DEBUG > '0') {
echo mysql_error();
}
$row = mysql_fetch_row($result);
$pending = $row[0];
$level = 0;
clean_resource($result);
$domain_arr = get_domains();
if ($pending == '') {
mysql_query("insert into " . TABLE_PREFIX . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')");
if (DEBUG > '0') {
echo mysql_error();
}
} else {
if ($pending != '') {
printStandardReport('continueSuspended', $command_line);
$result = mysql_query("select temp_id, level, count from " . TABLE_PREFIX . "pending where site_id='{$site_id}'");
if (DEBUG > '0') {
echo mysql_error();
}
$row = mysql_fetch_row($result);
$sessid = $row[1];
$level = $row[2];
$pend_count = $row[3] + 1;
$num = $row[4];
$pending = 1;
$tmp_urls = get_temp_urls($sessid);
clean_resource($result);
}
}
if ($reindex != 1) {
mysql_query("insert into " . TABLE_PREFIX . "pending (site_id, temp_id, level, count) values ('{$site_id}', '{$sessid}', '0', '0')");
if (DEBUG > '0') {
echo mysql_error();
}
}
$time = time();
$robots = "robots.txt";
// standardname of file
if ($use_robot != '1') {
$robots = "no_robots.txt";
// Sphider never will find this file and ignore the contents of robots.txt
}
$omit = check_robot_txt($url, $robots);
printHeader($omit, $url, $command_line);
if (Configure::read('link_check') == 1) {
printStandardReport('start_link_check', $command_line);
}
if (Configure::read('link_check') == 0 && $reindex == 1) {
printStandardReport('start_reindex', $command_line);
}
if (Configure::read('link_check') == 0 && $reindex == 0) {
printStandardReport('starting', $command_line);
}
$mainurl = $url;
$realnum = 0;
while ($level <= $maxlevel && $soption == 'level' || $soption == 'full') {
if ($pending == 1) {
$count = $pend_count;
$pending = 0;
} else {
$count = 0;
}
$links = array();
$result = mysql_query("select distinct link from " . TABLE_PREFIX . "temp where level={$level} && id='{$sessid}' order by link");
if (DEBUG > '0') {
echo mysql_error();
}
$rows = mysql_num_rows($result);
if ($rows == 0) {
break;
}
$i = 0;
while ($row = mysql_fetch_array($result)) {
$links[] = $row['link'];
}
clean_resource($result);
reset($links);
$num = 0;
while ($count < count($links)) {
$num++;
$realnum++;
if ($realnum > Configure::read('max_links') + 1) {
// if max. links per page reached
mysql_query("delete from " . TABLE_PREFIX . "temp");
if (DEBUG > '0') {
echo mysql_error();
}
mysql_query("delete from " . TABLE_PREFIX . "pending");
if (DEBUG > '0') {
echo mysql_error();
}
printMaxLinks(Configure::read('max_links'));
printStandardReport('completed', $command_line);
return;
}
$thislink = $links[$count];
$urlparts = parse_url($thislink);
reset($omit);
$forbidden = 0;
foreach ($omit as $omiturl) {
$omiturl = trim($omiturl);
$omiturl_parts = parse_url($omiturl);
if ($omiturl_parts['scheme'] == '') {
$check_omit = $urlparts['host'] . $omiturl;
} else {
$check_omit = $omiturl;
}
if (strpos($thislink, $check_omit)) {
printRobotsReport($num, $thislink, $command_line);
$realnum--;
check_for_removal($thislink);
$forbidden = 1;
break;
}
}
if (!check_include($thislink, $url_inc, $url_not_inc)) {
printUrlStringReport($num, $thislink, $command_line);
check_for_removal($thislink);
$forbidden = 1;
}
if ($forbidden == 0) {
printRetrieving($num, $thislink, $command_line);
$query = "select md5sum, indexdate from " . TABLE_PREFIX . "links where url='{$thislink}'";
$result = mysql_query($query);
if (DEBUG > '0') {
echo mysql_error();
}
$rows = mysql_num_rows($result);
if ($rows == 0) {
index_url($thislink, $level + 1, $site_id, '', $domain, '', $sessid, $can_leave_domain, $reindex);
mysql_query("update " . TABLE_PREFIX . "pending set level = {$level}, count={$count}, num={$num} where site_id={$site_id}");
if (DEBUG > '0') {
echo mysql_error();
}
} else {
if ($rows != 0 && $reindex == 1) {
$row = mysql_fetch_array($result);
$md5sum = $row['md5sum'];
$indexdate = $row['indexdate'];
if (Configure::read('link_check') == 1 && $reindex == 1) {
link_check($thislink, $level + 1, $sessid, $can_leave_domain, $reindex);
} else {
index_url($thislink, $level + 1, $site_id, $md5sum, $domain, $indexdate, $sessid, $can_leave_domain, $reindex);
}
mysql_query("update " . TABLE_PREFIX . "pending set level = {$level}, count={$count}, num={$num} where site_id={$site_id}");
if (DEBUG > '0') {
echo mysql_error();
}
} else {
printStandardReport('inDatabase', $command_line);
$realnum--;
}
}
clean_resource($result);
}
$count++;
}
$level++;
}
mysql_query("delete from " . TABLE_PREFIX . "temp where id = '{$sessid}'");
if (DEBUG > '0') {
echo mysql_error();
}
mysql_query("delete from " . TABLE_PREFIX . "pending where site_id = '{$site_id}'");
if (DEBUG > '0') {
echo mysql_error();
}
create_sitemap($site_id, $url);
printStandardReport('completed', $command_line);
$stats = get_Stats();
$stats_sites = $stats['sites'];
$stats_links = $stats['links'];
$stats_categories = $stats['categories'];
$stats_keywords = $stats['keywords'];
printDatabase($stats_sites, $stats_links, $stats_categories, $stats_keywords);
}
}
public function actionEdit()
{
global $sourceFolder, $ICONS;
//require_once("$sourceFolder/diff.lib.php");
require_once $sourceFolder . "/upload.lib.php";
if (isset($_GET['deldraft'])) {
$dno = escape($_GET['dno']);
$query = "DELETE FROM `article_draft` WHERE `page_modulecomponentid`='" . $this->moduleComponentId . "' AND `draft_number`=" . $dno;
$result = mysql_query($query) or die(mysql_error());
}
global $ICONS;
$header = <<<HEADER
\t\t<fieldset><legend><a name='topquicklinks'>Quicklinks</a></legend>
\t\t<table class='iconspanel'>
\t\t<tr>
\t\t<td><a href='#editor'><div>{$ICONS['Edit Page']['large']}<br/>Edit Page</div></a></td>
\t\t<td><a href='#files'><div>{$ICONS['Uploaded Files']['large']}<br/>Manage Uploaded Files</div></a></td>
\t\t<td><a href='#drafts'><div>{$ICONS['Drafts']['large']}<br/>Saved Drafts</div></a></td>
\t\t<td><a href='#revisions'><div>{$ICONS['Page Revisions']['large']}<br/>Page Revisions</div></a></td>
\t\t<td><a href='#comments'><div>{$ICONS['Page Comments']['large']}<br/>Page Comments</div></a></td>
\t\t</tr>
\t\t</table>
\t
\t\t</fieldset><br/><br/>
HEADER;
submitFileUploadForm($this->moduleComponentId, "article", $this->userId, UPLOAD_SIZE_LIMIT);
if (isset($_GET['delComment']) && $this->userId == 1) {
mysql_query("DELETE FROM `article_comments` WHERE `comment_id` = '" . escape($_GET['delComment']) . "'");
if (mysql_affected_rows()) {
displayinfo("Comment deleted!");
} else {
displayerror("Error in deleting comment");
}
}
if (isset($_GET['preview']) && isset($_POST['CKEditor1'])) {
return "<div id=\"preview\" class=\"warning\"><a name=\"preview\">Preview</a></div>" . $this->actionView(stripslashes($_POST[CKEditor1])) . $this->getCkBody(stripslashes($_POST[CKEditor1]));
}
if (isset($_GET['version'])) {
$revision = $this->getRevision($_GET['version']);
return "<div id=\"preview\" class=\"warning\"><a name=\"preview\">Previewing Revision Number " . $_GET['version'] . "</a></div>" . $this->actionView($revision) . $this->getCkBody($revision);
}
if (isset($_GET['dversion'])) {
$draft = $this->getDraft($_GET['dversion']);
displayinfo("Viewing Draft number " . $_GET['dversion']);
return $header . $this->getCkBody($draft);
}
if (isset($_POST['CKEditor1'])) {
/*Save the diff :-*/
$query = "SELECT article_content FROM article_content WHERE page_modulecomponentid='" . $this->moduleComponentId . "'";
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
$diff = mysql_escape_string($this->diff($_POST['CKEditor1'], $row['article_content']));
$query = "SELECT MAX(article_revision) AS MAX FROM `article_contentbak` WHERE page_modulecomponentid ='" . $this->moduleComponentId . "'";
$result = mysql_query($query);
if (!$result) {
displayerror(mysql_error() . "article.lib L:44");
return;
}
if (mysql_num_rows($result)) {
$row = mysql_fetch_assoc($result);
$revId = $row['MAX'] + 1;
} else {
$revId = 1;
}
$query = "INSERT INTO `article_contentbak` (`page_modulecomponentid` ,`article_revision` ,`article_diff`,`user_id`)\nVALUES ('{$this->moduleComponentId}', '{$revId}','{$diff}','{$this->userId}')";
$result = mysql_query($query);
if (!$result) {
displayerror(mysql_error() . "article.lib L:44");
return;
}
/*Save the diff end.*/
$query = "UPDATE `article_content` SET `article_content` = '" . escape($_POST["CKEditor1"]) . "' WHERE `page_modulecomponentid` ='{$this->moduleComponentId}' ";
$result = mysql_query($query);
if (mysql_affected_rows() < 0) {
displayerror("Unable to update the article content");
} else {
/* Index the page by sphider */
$page = replaceAction(selfURI(), "edit", "view");
global $sourceFolder, $moduleFolder;
require_once "{$sourceFolder}/{$moduleFolder}/search/admin/spider.php";
index_url($page, 0, 0, '', 0, 0, 1);
}
/* Update the choice of editor*/
if (isset($_POST['editor'])) {
$editor = escape($_POST['editor']);
$query = "UPDATE `article_content` SET `default_editor` = '" . $editor . "' WHERE `page_modulecomponentid` ='{$this->moduleComponentId}' ";
$result = mysql_query($query);
if (mysql_affected_rows() < 0) {
displayerror("Unable to update the article Editor");
}
}
return $this->actionView();
}
$fulleditpage = $this->getCkBody();
$commentsedit = "<fieldset><legend><a name='comments'>{$ICONS['Page Comments']['small']}Comments</a></legend>";
if ($this->isCommentsEnabled()) {
$comments = mysql_query("SELECT `comment_id`,`user`,`timestamp`,`comment` FROM `article_comments` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' ORDER BY `timestamp`");
if (mysql_num_rows($comments) == 0) {
$commentsedit .= "No comments have been posted !";
}
while ($row = mysql_fetch_array($comments)) {
$commentsedit .= $this->renderComment($row['comment_id'], $row['user'], $row['timestamp'], $row['comment'], 1);
}
} else {
$commentsedit .= "Comments are disabled for this page! You can allow comments from <a href='./+settings'>pagesettings</a>.";
}
$commentsedit .= "</fieldset>";
$top = "<a href='#topquicklinks'>Top</a>";
$fulleditpage .= $commentsedit . $top;
return $header . $fulleditpage;
}
/**
* Initialize all default tpl tags.
*/
private function initialize()
{
$this->tpl = new RainTPL();
$this->tpl->assign('newversion', escape(checkUpdate()));
$this->tpl->assign('feedurl', escape(index_url($_SERVER)));
$searchcrits = '';
// Search criteria
if (!empty($_GET['searchtags'])) {
$searchcrits .= '&searchtags=' . urlencode($_GET['searchtags']);
} elseif (!empty($_GET['searchterm'])) {
$searchcrits .= '&searchterm=' . urlencode($_GET['searchterm']);
}
$this->tpl->assign('searchcrits', $searchcrits);
$this->tpl->assign('source', index_url($_SERVER));
$this->tpl->assign('version', shaarli_version);
$this->tpl->assign('scripturl', index_url($_SERVER));
$this->tpl->assign('pagetitle', 'Shaarli');
$this->tpl->assign('privateonly', !empty($_SESSION['privateonly']));
// Show only private links?
if (!empty($GLOBALS['title'])) {
$this->tpl->assign('pagetitle', $GLOBALS['title']);
}
if (!empty($GLOBALS['titleLink'])) {
$this->tpl->assign('titleLink', $GLOBALS['titleLink']);
}
if (!empty($GLOBALS['pagetitle'])) {
$this->tpl->assign('pagetitle', $GLOBALS['pagetitle']);
}
$this->tpl->assign('shaarlititle', empty($GLOBALS['title']) ? 'Shaarli' : $GLOBALS['title']);
if (!empty($GLOBALS['plugins']['errors'])) {
$this->tpl->assign('plugin_errors', $GLOBALS['plugins']['errors']);
}
}
/**
* Build data for feed templates.
*
* @return array Formatted data for feeds templates.
*/
public function buildData()
{
// Optionally filter the results:
$linksToDisplay = $this->linkDB->filterSearch($this->userInput);
$nblinksToDisplay = $this->getNbLinks(count($linksToDisplay));
// Can't use array_keys() because $link is a LinkDB instance and not a real array.
$keys = array();
foreach ($linksToDisplay as $key => $value) {
$keys[] = $key;
}
$pageaddr = escape(index_url($this->serverInfo));
$linkDisplayed = array();
for ($i = 0; $i < $nblinksToDisplay && $i < count($keys); $i++) {
$linkDisplayed[$keys[$i]] = $this->buildItem($linksToDisplay[$keys[$i]], $pageaddr);
}
$data['language'] = $this->getTypeLanguage();
$data['pubsubhub_url'] = $this->pubsubhubUrl;
$data['last_update'] = $this->getLatestDateFormatted();
$data['show_dates'] = !$this->hideDates || $this->isLoggedIn;
// Remove leading slash from REQUEST_URI.
$data['self_link'] = $pageaddr . escape(ltrim($this->serverInfo['REQUEST_URI'], '/'));
$data['index_url'] = $pageaddr;
$data['usepermalinks'] = $this->usePermalinks === true;
$data['links'] = $linkDisplayed;
return $data;
}
