function planworld_plan_gettext($m) { global $xmlrpcerruser; include_once 'plan_read.php'; $err = ""; // get the param values (should add integrity checking here) $lu = $m->getParam(0); $ru = $m->getParam(1); $sn = $m->getParam(2); // $ar=$m->getParam(3); $localuser = $lu->scalarval(); $remoteuser = $ru->scalarval(); $snitch = $sn->scalarval(); list($localuser, $archives) = explode("___", $localuser); // $archives = $ar->scalarval(); // TODO:(v4.5) think about what to do with the archives variable $localuser = str_replace("@planwatch.org", '', $localuser); plan_get_owner_info($localuser); $_SERVER['USER'] = $remoteuser; $_SERVER['USERINFO_ARRAY']['snitchlevel'] = $snitch + 1; $_SERVER['REMOTENODE'] = strstr($remoteuser, '@'); if ($archives == 'archives') { $plan = plan_read_archives($localuser); } else { $plan = plan_read($localuser, $archives); } if (isset($_SERVER['PLANOWNER_INFO'])) { $plan .= "<!--planowner info set-->"; } $plan = "<!--plan styles--><style type='text/css'>{$_SERVER['PLANOWNER_INFO']['css']}</style>" . $plan; // if we generated an error, create an error return response if ($err) { return new xmlrpcresp(0, $xmlrpcerruser, $err); } else { // otherwise, we create the right response // with the state name return new xmlrpcresp(new xmlrpcval($plan, 'base64')); } }
function output_build_reader_toolbar_mobile($content) { if ($_SERVER['URL_ARRAY'][3] == 'bio') { $is_bio = TRUE; } elseif ($_SERVER['URL_ARRAY'][1] == 'send') { $is_send = TRUE; } elseif (in_array('archives', $_SERVER['URL_ARRAY'])) { $is_archives = TRUE; } else { $is_plan = TRUE; } $planwatchlist = file_get_contents("{$_SERVER['USER_ROOT']}/watchedlist.txt"); if ($is_send) { $_SERVER['PLANOWNER'] = $_SERVER['URL_ARRAY'][2]; plan_get_owner_info($_SERVER['PLANOWNER']); } if (user_is_valid($_SERVER['USERINFO_ARRAY']['username'], $_SERVER['USERINFO_ARRAY']['userpass']) && $_SERVER['PLANOWNER'] && !strstr($content, '<h1>Plan Read Failed</h1>')) { profile('reader_toolbar', 'begin'); if ($is_plan || $is_bio || $is_archives || $is_send && $_SERVER['URL_ARRAY'][2]) { // bio if ((file_exists("{$_SERVER['PWUSERS_DIR']}/{$_SERVER['PLANOWNER']}/bio.txt") || (strpos($_SERVER['PLANOWNER_REAL_LOCATION'], 'diaryland') || strpos($_SERVER['PLANOWNER_REAL_LOCATION'], 'livejournal'))) && !$is_bio) { $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/read/{$_SERVER['PLANOWNER_REAL_LOCATION']}/bio'>bio</a>"; } // send if ((strpos($_SERVER['PLANOWNER_REAL_LOCATION'], 'planworld.net') || strpos($_SERVER['PLANOWNER_REAL_LOCATION'], 'amherst.edu') || plan_is_local($_SERVER['PLANOWNER'])) && $_SERVER['PLANOWNER'] != $_SERVER['USER'] && !$is_send) { $send_files = files_list("{$_SERVER['USER_ROOT']}/sends", files_encode_safe_name("{$_SERVER['PLANOWNER']}") . "*"); if (is_array($send_files)) { $lastsend = formattime(filemtime("{$_SERVER['USER_ROOT']}/sends/" . end($send_files))); if (strstr(end($send_files), '.new')) { $lastsend .= " <b>NEW</b>"; } $lastsend = "({$lastsend})"; } $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/send/{$_SERVER['PLANOWNER_REAL_LOCATION']}/'>send</a>"; } // planread if ($is_send || $is_bio) { $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/read/{$_SERVER['PLANOWNER_REAL_LOCATION']}/'>plan</a>"; } // archives if (plan_has_archives($_SERVER['PLANOWNER_REAL_LOCATION'])) { if (!$is_archives) { $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/read/{$_SERVER['PLANOWNER']}/archives' >archives</a>"; } else { $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/read/{$_SERVER['PLANOWNER']}' >plan</a>"; } } // If the reader isn't watching the writer, offer the option if (!stristr($planwatchlist, $_SERVER['PLANOWNER']) && $is_plan) { $readertoolbar[] = "<span id='watch_link'><a href=\"javascript:loadXMLDoc('{$_SERVER['WEB_ROOT']}/lists/add_ajax/watched/!{$_SERVER['PLANOWNER_REAL_LOCATION']}:{$_SERVER['PLANOWNER_DISPLAY_NAME']}!',null,'planwatch');void(null);\" title='add {$_SERVER['PLANOWNER_DISPLAY_NAME']} to your watched list' >watch</a></span>"; } // if writer isn't a blog or the same as reader, offer the option of // blocking, unblocking, allowing, or disallowing access to reader's plan if ($_SERVER['PLANOWNER'] != $_SERVER['USER'] && !strpos($_SERVER['PLANOWNER'], '://')) { // offer administrators a link to masquerade as writer // this is so it's easy to follow up on plan-reported bugs if (user_is_administrator() && file_exists("{$_SERVER['PWUSERS_DIR']}/{$_SERVER['PLANOWNER']}/userinfo.dat")) { $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/masq/on/{$_SERVER['PLANOWNER']}'>masq</a>"; } if ($is_plan) { $readertoolbar[] = "<a href='/lists/unread/{$_SERVER['PLANOWNER']}'>unread</a>"; } if ($is_send) { $readertoolbar[] = "<a href='/send/{$_SERVER['PLANOWNER']}/unread'>unread</a>"; } } // make the links into a string for output. $readertoolbar = "<li class='toolbutton'>" . implode("</li><li class='toolbutton'>", $readertoolbar) . "</li>\n"; $readertoolbar = str_replace("<li class='toolbutton'></li>", "", $readertoolbar); if (($lasttime = plan_get_last_update($_SERVER['PLANOWNER'])) && $is_plan) { $readertoolbar = "<li class='plan_data_block'>Last Update: " . formattime($lasttime) . "</li>" . $readertoolbar; } if ($lastlogin = plan_get_last_login($_SERVER['PLANOWNER'])) { if ($lastlogin > 1) { $readertoolbar = "<li class='plan_data_block' id='lastaction'>Last Action: " . formattime($lastlogin) . "</li>" . $readertoolbar; } } } profile('reader_toolbar', 'end'); } return $readertoolbar; }
function cache_clear($planowner) { if ($_SERVER['PLANOWNER_INFO_ARRAY']['username'] != $planowner) { plan_get_owner_info($planowner); } exec("rm -f {$_SERVER['FILE_ROOT']}/temp/*" . base64_encode($planowner) . "*.cache"); exec("rm -f {$_SERVER['FILE_ROOT']}/../temp/*{$planowner}*.cache"); exec("rm -f {$_SERVER['FILE_ROOT']}/temp/{$_SERVER['PLANOWNER_INFO_ARRAY']['salt']}*.cache"); }
function plan_read($planowner, $threshhold = FALSE, $begindate = FALSE, $unformatted = FALSE, $remotesnitch = FALSE) { if ($planowner == 'invite' || $planowner == '*****@*****.**') { return plan_read_invite($reader); } if ($planowner == 'backup' || $planowner == '*****@*****.**') { return plan_read_backup($reader); } if ($planowner == 'backup_archives' || $planowner == '*****@*****.**') { return plan_read_backup($reader, "archives"); } $reader = $_SERVER['USER']; if ($reader == 'cacheuser') { $utility = 1; } $plan_read_rand = rand(); if (!isset($_SERVER['PLANOWNER_INFO_ARRAY']) || $_SERVER['PLANOWNER'] != $planowner) { plan_get_owner_info($planowner); } profile("plan_read_{$plan_read_rand}"); profile("plan_read_head_{$plan_read_rand}"); if (plan_is_local($planowner)) { $islocal = TRUE; $planowner = plan_repair_local_name($planowner); } else { if (user_is_local($planowner)) { $localusernotplan = TRUE; $localusername = $planowner; } } include_once 'snitch.php'; include_once 'spiel.php'; if ($_SERVER['REMOTENODE']) { if (isset($_SERVER['PLANOWNER_INFO_ARRAY']['fingerpref']) && $_SERVER['PLANOWNER_INFO_ARRAY']['fingerpref'] == 0) { snitch_write($reader, $planowner, ' failed'); return "{$planowner}'s plan is not available for reading outside planwatch.org."; } } // tests the user against the planowner's privacy settings, // blocked list, and allowed list $plan_test_privacy = plan_test_privacy($reader, $planowner, $remotesnitch); $authorized = user_is_authorized($planowner, $reader); if (!$_SERVER['PLANOWNER_REAL_LOCATION']) { plan_get_owner_info($planowner); } if (user_is_local($planowner) && !plan_is_local($planowner)) { $localplan = plan_read_local($planowner, $threshhold, $begindate, $unformatted); } if ($_SERVER['PLANOWNER_REAL_LOCATION']) { $planowner = $_SERVER['PLANOWNER_REAL_LOCATION']; } profile("plan_read_head_{$plan_read_rand}"); // on with the show if ($plan_test_privacy) { if ($islocal) { $plan = plan_read_local($planowner, $threshhold, $begindate, $unformatted); } // elseif($localusernotplan) $localplan=plan_read_local($localusername,$threshhold,$begindate,$unformatted); if (strpos($planowner, '@') !== FALSE && !strpos($planowner, '://') && !$plan) { // if it comes from another planworld node (we used to fingertest in here too) list($xmlrpc_username, $xmlrpc_node) = explode('@', $planowner); $plan = plan_read_xmlrpc($xmlrpc_username, $xmlrpc_node); } if (strpos($planowner, '://') && !$plan) { // if it's a URL call plan_read_web() // plan_read_web passes it on to plan_read_rss_simplepie if necessary. $url = $planowner; $plan = plan_read_web($url); } // Valid snitches only get set here if ((!$threshhold || $threshhold == '2d' || $threshhold == $_SERVER['PLANOWNER_INFO_ARRAY']['defaultdays'] . "d") && !$begindate) { snitch_write($reader, $planowner); } else { snitch_write($reader, $planowner, " archives ( {$threshhold} {$_SERVER['PLANOWNER_INFO_ARRAY']['defaultdays']}{$begindate} )"); } if (file_exists("{$_SERVER['PWUSERS_DIR']}/{$_SERVER['USER']}/userinfo.dat")) { user_update_lastread($planowner); } $plan = trim($localplan) . $plan; } else { // if the privacy test didn't check out, display the blocked message $blocked_fn = "{$_SERVER['PWUSERS_DIR']}/{$planowner}/blockedmessage.txt"; if (file_exists($blocked_fn)) { $plan = stripslashes(stripslashes(file_get_contents($blocked_fn))); $plan = str_replace('MYUSER', $planowner, $plan); $plan = str_replace('READER', $reader, $plan); } else { if ($_SERVER['whitelist_passed'] === FALSE) { $plan = "<h1>Security Error</h1>Unverified readers from planworld.net are not allowed to read protected planwatch.org plans without\n\t\t\t\tspecific permission from the author. Please send the owner of this plan, or email <a href='mailto:help@planwatch.org'>help@planwatch.org</a>\n\t\t\t\tto be added to the list of verified readers. "; } else { $plan = "<h1>Error: No Such User</h1>No user found by that name. Please try again, {$reader}."; } } snitch_write($reader, $planowner, ' failed'); if (file_exists("{$_SERVER['PWUSERS_DIR']}/{$_SERVER['USER']}/userinfo.dat")) { user_update_lastread($planowner); } } profile("plan_format_{$plan_read_rand}"); if (!$utility && !$unformatted) { profile("plan_read_tail_{$plan_read_rand}"); $plan = plan_add_alias_links($plan, $planowner); if (!$_SERVER['REMOTENODE']) { $plan = spiel_format($plan, $planowner); $plan = plan_add_user_links($plan); } else { preg_replace("|!sp[ie][ie]l:(.*):(.*)!|", "<a href='http://{$_SERVER['HTTP_HOST']}{$_SERVER['WEB_ROOT']}/spiel/view/\\1'>\\2</a>", $plan); preg_replace("|!sp[ei][ie]l:(.*)!|", "<a href='http://{$_SERVER['HTTP_HOST']}{$_SERVER['WEB_ROOT']}/spiel/view/\\1'>\\1</a>", $plan); $plan = plan_process_directives($plan, TRUE); // turn on remotepatch to avoid processing directives other nodes will handle if (strstr($plan, "aside")) { $plan = "<style>aside.sidebar { float: right; width: 200px; margin-left: 20px; }</style>{$plan}"; } } if (strstr($plan, 'http://')) { $plan = plan_match_embed_urls($plan); } $plan = plan_embed_player($plan); $plan = str_replace(array("id=\"content\"", "id='content'"), "id='content2'", $plan); $plan = str_replace("#content", "#content2", $plan); $plan = str_replace("font-color:", "color:", $plan); $plan = str_replace("position: absolute", "position: relative;", $plan); $plan = hyperlink($plan); if (strpos($plan, "/read/{$_SERVER['USER']}")) { $plan = str_replace("<a target='_self' href='/read/{$_SERVER['USER']}'", "<a target='_self' id='snoop' href='/read/{$_SERVER['USER']}'", $plan); } $plan = str_replace("@note", "@amherst.edu", $plan); $plan = str_replace("@pwn", "@planworld.net", $plan); $remoteuser = str_replace($_SERVER['REMOTENODE'], "", $_SERVER['USER']); if (strpos($plan, "?id={$remoteuser}")) { $plan = str_replace("<a href='?id={$remoteuser}", "<a id='snoop' href='?id={$remoteuser}", $plan); } if (strpos($plan, "!{$_SERVER['USER']}")) { $plan = preg_replace("/!{$_SERVER['USER']}:([^!]+)!/", "<a id='snoop' href='?id={$remoteuser}'>\\1</a>", $plan); $plan = preg_replace("/!{$_SERVER['USER']}!/", "<a id='snoop' href='?id={$remoteuser}'>{$_SERVER['USER']}</a>", $plan); } if (strpos($plan, "id='snoop'")) { if ($_SERVER['OUTPUT_MODE'] == 'HTML') { $plan = "<a href='#snoop'>Find My Snoop</a><br />\n{$plan}"; } if ($_SERVER['OUTPUT_MODE'] == 'IPHONE' || $_SERVER['OUTPUT_MODE'] == 'MOBILE') { $plan = "<a href='javascript:alert(getRealTop(\"snoop\"));'>Find My Snoop</a><br />\n{$plan}"; } } if ($_SERVER['USERINFO_ARRAY']['strip_css'] == 1) { $plan = plan_strip_css($plan); } if ($_SERVER['USERINFO_ARRAY']['strip_css'] == 2) { $plan = plan_confine_css($plan); } } profile('encoding'); if (!$url) { $encoding = mb_detect_encoding($plan, 'UTF-8, ISO-8859-1'); if ($encoding !== 'UTF-8') { $plan = mb_convert_encoding($plan, 'UTF-8', $encoding); } } profile('encoding'); profile("plan_read_tail_{$plan_read_rand}"); profile("plan_read_{$plan_read_rand}"); profile("plan_format_{$plan_read_rand}"); return $plan; }