function dowork()
{
global $db, $main_smarty;
$canIhaveAccess = 0;
$canIhaveAccess = $canIhaveAccess + checklevel('admin');
if ($canIhaveAccess == 1) {
if (is_writable('../settings.php') == 0) {
die("<div class='alert'>Error: settings.php is not writeable.</div>");
}
$action = isset($_REQUEST['action']) && sanitize($_REQUEST['action'], 3) != '' ? sanitize($_REQUEST['action'], 3) : "view";
if ($action == "view") {
$config = new pliggconfig();
if (isset($_REQUEST['page'])) {
$config->var_page = sanitize($_REQUEST['page'], 3);
$config->showpage();
}
}
if ($action == "save") {
$config = new pliggconfig();
// $config->var_id = substr(sanitize($_REQUEST['var_id'], 3), 6, 10);
$config->var_id = sanitize($_REQUEST['var_id'], 3);
$config->read();
// Check if template exists
if ($config->var_name == '$thetemp' && $config->var_value != js_urldecode($_REQUEST['var_value'])) {
if (!file_exists('../templates/' . js_urldecode($_REQUEST['var_value']))) {
print "alert('" . $main_smarty->get_config_vars('PLIGG_Visual_AdminPanel_NoTemplate') . "')";
exit;
} else {
if (file_exists('../templates/' . js_urldecode($_REQUEST['var_value']) . '/template_details.php')) {
include '../templates/' . js_urldecode($_REQUEST['var_value']) . '/template_details.php';
}
if ($template_info['designed_for_pligg_version'] < pligg_version() && !$_REQUEST['force']) {
if (!$template_info['designed_for_pligg_version']) {
$template_info['designed_for_pligg_version'] = 'unknown';
}
print sprintf("if (confirm('" . $main_smarty->get_config_vars('PLIGG_Visual_AdminPanel_Template_Version') . "')) {XMLHttpRequestObject.open('GET', '?action=save&var_id={$config->var_id}&var_value=" . urlencode($_REQUEST['var_value']) . "&force=1', true); XMLHttpRequestObject.send(null);}", $template_info['designed_for_pligg_version'], pligg_version());
exit;
}
}
}
$config->var_value = $db->escape(js_urldecode($_REQUEST['var_value']));
$config->store(false);
}
}
}
<?php
include_once 'internal/Smarty.class.php';
$main_smarty = new Smarty();
include 'config.php';
include mnminclude . 'html1.php';
include_once mnminclude . 'smartyvariables.php';
$type = sanitize($_REQUEST['type'], 2);
$name = js_urldecode($_POST["name"]);
switch ($type) {
case 'username':
if (utf8_strlen($name) < 3) {
// if username is less than 3 characters
echo $main_smarty->get_config_vars("PLIGG_Visual_CheckField_UserShort");
return;
}
if (preg_match('/\\pL/u', 'a')) {
// Check if PCRE was compiled with UTF-8 support
if (!preg_match('/^[_\\-\\d\\p{L}\\p{M}]+$/iu', $name)) {
// if username contains invalid characters
echo $main_smarty->get_config_vars("PLIGG_Visual_CheckField_InvalidChars");
return;
}
} else {
if (!preg_match('/^[^~`@%&=\\/;:\\.,<>!"\\\'\\^\\.\\[\\]\\$\\(\\)\\|\\*\\+\\-\\?\\{\\}\\\\]+$/', $name)) {
// if username contains invalid characters
echo $main_smarty->get_config_vars("PLIGG_Visual_CheckField_InvalidChars");
return;
}
}
if (user_exists($name)) {
$cansend = 0;
$addresses = explode(", ", sanitize($_POST['email_address'], 3));
for ($i = 0; $i < count($addresses); $i++) {
if ($addresses[$i] != "") {
if (!check_email_address($addresses[$i])) {
$cansend = -100;
echo '<br>Error: ' . $addresses[$i] . ' is not a valid email address.<br>';
} else {
$cansend = $cansend + 10;
$headers .= "Bcc: " . $addresses[$i] . "\n";
}
}
}
$headers .= "Content-Type: text/plain; charset=utf-8\n";
$subject = isset($_POST['email_subject']) && sanitize($_POST['email_subject'], 3) != '' ? sanitize(js_urldecode($_POST['email_subject']), 3) : Email_Subject . $link->title;
$message = isset($_POST['email_message']) && sanitize($_POST['email_message'], 3) != '' ? sanitize(js_urldecode($_POST['email_message']), 3) : Default_Message;
if ($current_user->user_login) {
$body = $message . "\r\n\r\n" . Included_Text_Part1 . " " . $current_user->user_login . "," . Included_Text_Part2 . "\r\n\r\n" . $link->title . " - " . strip_tags($link->content) . "\r\n\r\n" . $main_smarty->get_config_vars('PLIGG_Visual_Email_Tell_A_Friend') . $link_url;
} else {
$body = $message . "\r\n\r\n" . Included_Text_Part1 . " Anonymous," . Included_Text_Part2 . "\r\n\r\n" . $link->title . " - " . strip_tags($link->content) . "\r\n\r\n" . $main_smarty->get_config_vars('PLIGG_Visual_Email_Tell_A_Friend') . $link_url;
}
$backup = isset($_POST['backup']) && is_numeric($_POST['backup']) ? $_POST['backup'] : 2;
if ($cansend >= 10) {
$addresses = explode(", ", sanitize($_POST['email_address'], 3));
mailer_start();
$mailer = new PliggMailer($subject, $body, Send_From_Email, $addresses);
if ($mailer->send()) {
$sql = 'UPDATE `' . table_users . '` SET `last_email_friend` = FROM_UNIXTIME(' . time() . ') WHERE `user_login` = "' . $current_user->user_login . '"';
$db->query($sql);
echo "<br>Sent! <br><br>";
if ($backup > 0) {
function admin_language_showpage()
{
global $main_smarty, $the_template;
include_once 'config.php';
include_once mnminclude . 'html1.php';
include_once mnminclude . 'link.php';
include_once mnminclude . 'tags.php';
include_once mnminclude . 'smartyvariables.php';
$main_smarty = do_sidebar($main_smarty);
force_authentication();
$canIhaveAccess = 0;
$canIhaveAccess = $canIhaveAccess + checklevel('god');
if ($canIhaveAccess == 1) {
if ($_REQUEST['var_id'] != "") {
$lines = file('./languages/lang_' . pligg_language . '.conf');
$filename = './languages/lang_' . pligg_language . '.conf';
if ($handle = fopen($filename, 'w')) {
foreach ($lines as $line_num => $line) {
if (substr($line, 0, 2) != "//") {
if (strlen(trim($line)) > 2) {
$x = strpos($line, "=");
if (trim(substr($line, 0, $x)) == str_replace('emptytext_', '', $_REQUEST["var_id"])) {
$y = trim(substr($line, $x + 1, 10000));
$y = str_replace('"', '', $y);
$line = trim(substr($line, 0, $x)) . ' = "' . $_REQUEST["var_value"] . '"' . "\n";
$returnVal = $_REQUEST["var_value"];
}
}
}
if (fwrite($handle, $line)) {
} else {
echo "<b>Could not write to '{$filename}' file</b>";
}
}
fclose($handle);
//header('Location: admin_modifylanguage.php');
} else {
echo "<b>Could not open '{$filename}' file for writing</b>";
}
echo $returnVal;
die;
}
$canContinue = 1;
$canContinue = isWriteable($canContinue, './languages/lang_' . pligg_language . '.conf', 0777, './languages/lang_' . pligg_language . '.conf');
if (!$canContinue) {
echo 'File is not writeable. Please CHMOD /languages/lang_' . pligg_language . '.conf to 777 and refresh this page.<br /><br /><br />';
die;
}
$lines = file('./languages/lang_' . pligg_language . '.conf');
$section = "x";
$lastsection = "";
$tabA = " ";
if (isset($_GET["mode"])) {
if ($_GET["mode"] == "edit") {
$outputHtml[] = "<form>";
$outputHtml[] = "<table class='listing'>";
$outputHtml[] = "Editing <b>" . sanitize($_GET["edit"], 1) . "</b><br /><br />";
foreach ($lines as $line_num => $line) {
if (substr($line, 0, 2) != "//") {
if (strlen(trim($line)) > 2) {
$x = strpos($line, "=");
if (trim(substr($line, 0, $x)) == $_GET["edit"]) {
$y = trim(substr($line, $x + 1, 10000));
$y = str_replace('"', "", $y);
$outputHtml[] = "Current Value: " . $y . "<br />";
$outputHtml[] = '<input type = "hidden" name = "edit" value = "' . $_GET["edit"] . '">';
$outputHtml[] = '<input type = "hidden" name = "mode" value = "save">';
$outputHtml[] = '<input name = "newvalue" value = "' . $y . '" size=75><br />';
$outputHtml[] = '<input type = "submit" name = "save" value = "save" class = "log2">';
}
}
}
}
}
if ($_GET["mode"] == "save") {
//print_r($_GET);
//print "New: ".js_urldecode($_GET["newvalue"]);
$_GET["newvalue"] = js_urldecode($_GET["newvalue"]);
$outputHtml[] = "saving <b>" . $_GET["edit"] . "</b><br />";
$filename = './languages/lang_' . pligg_language . '.conf';
if ($handle = fopen($filename, 'w')) {
foreach ($lines as $line_num => $line) {
if (substr($line, 0, 2) != "//") {
if (strlen(trim($line)) > 2) {
$x = strpos($line, "=");
if (trim(substr($line, 0, $x)) == $_GET["edit"]) {
$y = trim(substr($line, $x + 1, 10000));
$y = str_replace('"', '', $y);
$line = trim(substr($line, 0, $x)) . ' = "' . addslashes($_GET["newvalue"]) . '"' . "\n";
}
}
}
if (fwrite($handle, $line)) {
} else {
$outputHtml[] = "<b>Could not write to '{$filename}' file</b>";
}
}
fclose($handle);
exit;
// header('Location: admin_modifylanguage.php');
} else {
$outputHtml[] = "<b>Could not open '{$filename}' file for writing</b>";
}
}
} else {
$outputHtml = array();
$outputHtml[] = '<table id="mytable" class="listing">';
foreach ($lines as $line_num => $line) {
if (substr($line, 0, 2) == "//") {
$x = strpos($line, "<LANG>");
if ($x === false) {
} else {
$y = strpos($line, "</LANG>");
$lang = substr($line, $x + 6, $y);
}
$x = strpos($line, "<TITLE>");
if ($x === false) {
} else {
$y = strpos($line, "</TITLE>");
$outputHtml[] = "<tr><td bgcolor = BFBFBF><b>Title:</b>" . substr($line, $x + 7, $y) . "</td></tr>";
}
$x = strpos($line, "<SECTION>");
if ($x > 0) {
$y = strpos($line, '</SECTION>');
$section = substr($line, $x + 9, $y - $x);
if ($section != $lastsection) {
$lastsection = $section;
$outputHtml[] = '<tr id="row_ASDFGHJK"><td></td></tr>';
$outputHtml[] = '<tr id="row_ASDFGHJK"><td></td></tr>';
$outputHtml[] = '<tr id="row_ASDFGHJK"><td></td></tr>';
$outputHtml[] = '<tr id="row_ASDFGHJK"><th><b>Section</b>: ' . $section . '</th></tr>';
}
}
$x = strpos($line, "<VERSION>");
if ($x === false) {
} else {
$y = strpos($line, "</VERSION>");
$version = substr($line, $x + 9, $y);
}
$x = strpos($line, "<ADDED>");
if ($x === false) {
} else {
$y = strpos($line, "</ADDED>");
$added = substr($line, $x + 7, $y) * 1;
}
} else {
if (strlen(trim($line)) > 2) {
$x = strpos($line, "=");
$outputHtml[] = '<tr id = "row_' . str_replace('"', '', trim(substr($line, $x + 1, 10000))) . '"><td><form onsubmit="return false"><fieldset>';
$grey = "grey1";
$outputHtml[] = "<b>" . $tabA . trim(substr($line, 0, $x));
$outputHtml[] = "</b><br />";
$outputHtml[] = "" . $tabA . $tabA;
$ID = trim(substr($line, 0, $x));
$VALUE = htmlspecialchars(trim(substr(stripslashes($line), $x + 1, 10000), " \t\n\r\"\\'"));
// $VALUE = htmlspecialchars(str_replace('"', '', trim(substr($line, $x + 1, 10000))));
if (function_exists("iconv") && detect_encoding($VALUE) != 'utf-8') {
$VALUE = iconv('', 'UTF-8//IGNORE', $VALUE);
}
$outputHtml[] = "Value: <span class=\"emptytext\" id=\"editme{$ID}\" onclick=\"show_edit('{$ID}')\">{$VALUE}</span>";
$outputHtml[] = "<span id=\"showme{$ID}\" style=\"display:none;\">";
$outputHtml[] = "<input type=\"text\" name=\"var_value\" value=\"{$VALUE}\">";
$outputHtml[] = "<br><div style='margin:5px 0 0 75px;'><input type=\"submit\" value=\"Save\" onclick=\"save_changes('{$ID}',this.form)\">";
$outputHtml[] = "<input type=\"reset\" value=\"Cancel\" onclick=\"hide_edit('{$ID}')\"></span></div><br>";
$outputHtml[] = "</fieldset></form>";
$outputHtml[] = "</td></tr>";
}
}
}
}
$outputHtml[] = "</table>";
$main_smarty->assign('outputHtml', $outputHtml);
// breadcrumbs
$navwhere['text1'] = $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel');
$navwhere['link1'] = getmyurl('admin', '');
$navwhere['text2'] = "Modify Language";
$navwhere['link2'] = my_pligg_base . "/module.php?module=admin_language";
$main_smarty->assign('navbar_where', $navwhere);
$main_smarty->assign('posttitle', " | " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
// breadcrumbs
//Method for identifying modules rather than pagename
define('modulename', 'admin_language');
$main_smarty->assign('modulename', modulename);
define('pagename', 'admin_modifylanguage');
$main_smarty->assign('pagename', pagename);
$main_smarty->assign('editinplace_init', $editinplace_init);
$main_smarty->assign('tpl_center', admin_language_tpl_path . 'admin_language_main');
$main_smarty->display($template_dir . '/admin/admin.tpl');
} else {
header("Location: " . getmyurl('login', $_SERVER['REQUEST_URI']));
}
}
function admin_language_showpage()
{
global $main_smarty, $the_template;
include_once 'config.php';
include_once mnminclude . 'html1.php';
include_once mnminclude . 'link.php';
include_once mnminclude . 'tags.php';
include_once mnminclude . 'smartyvariables.php';
$main_smarty = do_sidebar($main_smarty);
force_authentication();
$canIhaveAccess = 0;
$canIhaveAccess = $canIhaveAccess + checklevel('admin');
if ($canIhaveAccess == 1) {
// Lines from all language files
$files = new LangFiles();
// Update a line
if ($_GET["mode"] == "save") {
#echo "ankan";
if ($error = $files->set($_REQUEST['edit'], js_urldecode($_REQUEST['newvalue']), $_REQUEST['file'])) {
echo "<strong>{$error}</strong>";
}
// Display the list of all lines
} else {
$lines = array();
$oldmodule = '';
// All lines from all files here
foreach ($files as $lnum => $line) {
$l = array();
// Extract filename
list($file, $pos) = explode('#', $lnum);
$l['file'] = $file;
// Add SECTION line for a new module
if ($files->getName($file) != $oldmodule) {
$l['section'] = $oldmodule = $files->getName($file);
$lines[] = $l;
unset($l['section']);
}
// Commented lines (auxiliary info)
if (substr($line, 0, 2) == "//") {
if (preg_match('/<TITLE>(.+)<\\/TITLE>/', $line, $m)) {
$l['title'] = $m[1];
} elseif (preg_match('/<SECTION>(.+)<\\/SECTION>/', $line, $m)) {
$l['section'] = $m[1];
} else {
continue;
}
} elseif (strlen(trim($line)) > 2) {
if (preg_match('/^([^=]+)\\s*=\\s*"?(.+)"?$/', trim($line), $m)) {
$l['id'] = trim($m[1]);
$l['value'] = htmlspecialchars(str_replace('"', '', trim($m[2])));
if (function_exists("iconv") && detect_encoding($l['value']) != 'utf-8') {
$l['value'] = iconv('', 'UTF-8//IGNORE', $l['value']);
}
} else {
$l['error'] = "Can't parse {$line}";
}
} else {
continue;
}
$lines[] = $l;
}
$main_smarty->assign('lines', $lines);
// breadcrumbs
$navwhere['text1'] = $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel');
$navwhere['link1'] = getmyurl('admin', '');
$navwhere['text2'] = "Modify Language";
$navwhere['link2'] = my_pligg_base . "/module.php?module=admin_language";
$main_smarty->assign('navbar_where', $navwhere);
$main_smarty->assign('posttitle', " | " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
// breadcrumbs
//Method for identifying modules rather than pagename
define('modulename', 'admin_language');
$main_smarty->assign('modulename', modulename);
define('pagename', 'admin_modifylanguage');
$main_smarty->assign('pagename', pagename);
$main_smarty->assign('editinplace_init', $editinplace_init);
$main_smarty->assign('tpl_center', admin_language_tpl_path . 'admin_language_main');
$main_smarty->display($template_dir . '/admin/admin.tpl');
}
} else {
header("Location: " . getmyurl('login', $_SERVER['REQUEST_URI']));
}
}
