function editor_post() { if (!jabCanUser("edit")) { return; } global $editor; $model['editor'] = $editor; $model['referrer'] = jabRequestParam("referrer"); if (strlen($model['referrer']) == 0) { $model['referrer'] = "/"; } $model['file'] = str_replace("..", ".", jabRequestParam("file")); $model['content'] = jabRequestParam("content"); // Handle no file specified if (strlen($model['file']) == 0) { return; } // Handle attempt to escape the document root if (strstr($model['file'], "..")) { return; } // Cancel? if (jabRequestParam("cancel")) { return jabRedirect($model['referrer']); } $fullpath = jabPathAppend($_SERVER['DOCUMENT_ROOT'], $model['file']); // Handle file uploads for ($i = 1; $i <= (isset($editor['maxuploadfiles']) ? $editor['maxuploadfiles'] : 4); $i++) { if (strlen($_FILES['file' . $i]['name']) == 0) { continue; } $target_path = jabPathAppend(dirname($fullpath), basename($_FILES['file' . $i]['name'])); if (is_file($target_path) && jabRequestParam('overwrite') == "") { $errors[] = "File " . $_FILES['file' . $i]['name'] . " would be overwriten"; } else { if (!move_uploaded_file($_FILES['file' . $i]['tmp_name'], $target_path)) { $errors[] = "Failed to upload " . $_FILES['file' . $i]['name']; } else { if (jabRequestParam("addtoarticle") != "") { $file = $_FILES['file' . $i]['name']; $ext = strrpos($file, ".") === false ? null : substr($file, strrpos($file, ".") + 1); if (in_array($ext, explode(";", "png;jpg;jpeg;tif;tiff;gif"))) { $model['content'] .= "\n\n<center>![{$file}]({$file})</center>\n\n"; } else { $model['content'] .= "\n\n[{$file}]({$file})\n\n"; } } } } } if (jabRequestParam("delete")) { if (jabRequestParam("deleteconfirmed") == "yes") { try { unlink($fullpath); return jabRedirect($model['referrer']); } catch (Exception $ex) { $model['errors'][] = "Failed to delete {$ex->getMessage()}."; } } else { $model['errors'][] = "Press Delete again to really delete this file"; $model['deleteconfirmed'] = "yes"; } return jabRenderView("editor_view.php", $model); } if (jabRequestParam("save")) { try { $fh = @fopen($fullpath, 'w'); fwrite($fh, $model['content']); fclose($fh); jabRedirect($model['referrer']); } catch (Exception $ex) { $model['errors'][] = "Failed to save file - {$ex->getMessage()}."; } } return jabRenderView("editor_view.php", $model); }
function jabReRoute($from, $to, $regex = false, $redirect = false) { $url = substr($_SERVER['REQUEST_URI'], 1); if ($regex) { $newurl = preg_replace($from, $to, $url); if ($newurl == $from) { return false; } } else { if ($url != $from) { return false; } $urlnew = $to; } $url = "/" . $url; if ($redirect) { jabRedirect($urlnew); } else { $_SERVER['REQUEST_URI'] = $urlnew; $_SERVER['REQUEST_URI_CLEAN'] = strtok($urlnew, '?'); } }
function logout($referrer) { jabLogout(); return jabRedirect($referrer); }
<?php global $jab; // Includes require_once "../jab/jab.php"; jabRequire("auth_single;contact;blog;editor;querystring;recaptcha"); // Check for ?login query string command if (jabUserName() == null && isset($_REQUEST['login'])) { $refpage = jabQueryStringRemove($_SERVER['REQUEST_URI'], 'login'); jabRedirect("/account/login?referrer=" . urlencode($refpage)); } // Check for ?phpinfo query string command if (isset($_REQUEST['phpinfo'])) { phpinfo(); die; } /* // Insert your recaptcha keys here // Configure recapture keys jabInitRecaptcha( "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" ); */ // Select the theme jabSetThemeFolder("theme"); // Setup theme related variables $jab['siteName'] = "My Jab Site"; $jab['siteCopyright'] = "Copright © " . $jab['siteName']; // Insert your Google tracked id here // $jab['googlePageTrackerID']="XX-NNNNNNN-N";
function upgrade() { init_blog_db(); jabRedirect(blog_link("")); }