/** * Function: submit * Submits a post to the blog owner. */ public function route_submit() { if (!Visitor::current()->group->can("submit_article")) { show_403(__("Access Denied"), __("You do not have sufficient privileges to submit articles.")); } if (!empty($_POST)) { if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey) { show_403(__("Access Denied"), __("Invalid security key.")); } if (empty($_POST['body'])) { Flash::notice(__("Post body can't be empty!"), redirect("/")); } if (!isset($_POST['draft'])) { $_POST['draft'] = "true"; } $_POST['body'] = "{$_POST['body']}\n\n\n{$_POST['name']}\n{$_POST['email']}\n"; $post = Feathers::$instances[$_POST['feather']]->submit(); if (!in_array(false, $post)) { Flash::notice(__("Thank you for your submission. ", "submission"), "/"); } } if (Theme::current()->file_exists("forms/post/submit")) { MainController::current()->display("forms/post/submit", array("feather" => $feather), __("Submit a Text Post")); } else { require "pages/submit.php"; } }
public function delete_link($text = null, $before = null, $after = null, $classes = "") { if (!$this->deletable()) { return false; } fallback($text, __("Delete")); $name = strtolower(get_class($this)); echo $before . '<a href="' . url("delete_attachment/" . $this->id, MainController::current()) . '" title="Delete" class="' . ($classes ? $classes . " " : '') . $name . '_delete_link delete_link" id="' . $name . '_delete_' . $this->id . '">' . $text . '</a>' . $after; }
public function pingback_ping($args) { $config = Config::current(); $linked_from = str_replace('&', '&', $args[0]); $linked_to = str_replace('&', '&', $args[1]); $cleaned_url = str_replace(array("http://www.", "http://"), "", $config->url); if ($linked_to == $linked_from) { return new IXR_ERROR(0, __("The from and to URLs cannot be the same.")); } if (!substr_count($linked_to, $cleaned_url)) { return new IXR_Error(0, __("There doesn't seem to be a valid link in your request.")); } if (preg_match("/url=([^&#]+)/", $linked_to, $url)) { $post = new Post(array("url" => $url[1])); } else { $post = MainController::current()->post_from_url(null, str_replace(rtrim($config->url, "/"), "/", $linked_to), true); } if (!$post) { return new IXR_Error(33, __("I can't find a post from that URL.")); } # Wait for the "from" server to publish sleep(1); $from = parse_url($linked_from); if (empty($from["host"])) { return false; } if (empty($from["scheme"]) or $from["scheme"] != "http") { $linked_from = "http://" . $linked_from; } # Grab the page that linked here. $content = get_remote($linked_from); # Get the title of the page. preg_match("/<title>([^<]+)<\\/title>/i", $content, $title); $title = $title[1]; if (empty($title)) { return new IXR_Error(32, __("There isn't a title on that page.")); } $content = strip_tags($content, "<a>"); $url = preg_quote($linked_to, "/"); if (!preg_match("/<a[^>]*{$url}[^>]*>([^>]*)<\\/a>/", $content, $context)) { $url = str_replace("&", "&", preg_quote($linked_to, "/")); if (!preg_match("/<a[^>]*{$url}[^>]*>([^>]*)<\\/a>/", $content, $context)) { $url = str_replace("&", "&", preg_quote($linked_to, "/")); if (!preg_match("/<a[^>]*{$url}[^>]*>([^>]*)<\\/a>/", $content, $context)) { return false; } } } $context[1] = truncate($context[1], 100, "...", true); $excerpt = strip_tags(str_replace($context[0], $context[1], $content)); $match = preg_quote($context[1], "/"); $excerpt = preg_replace("/.*?\\s(.{0,100}{$match}.{0,100})\\s.*/s", "\\1", $excerpt); $excerpt = "[...] " . trim(normalize($excerpt)) . " [...]"; Trigger::current()->call("pingback", $post, $linked_to, $linked_from, $title, $excerpt); return _f("Pingback from %s to %s registered!", array($linked_from, $linked_to)); }
<?php if (defined('AJAX') and AJAX or isset($_POST['ajax'])) { foreach ($backtrace as $trace) { $body .= "\n" . _f("%s on line %d", array($trace["file"], fallback($trace["line"], 0))); } exit($body . "HEY_JAVASCRIPT_THIS_IS_AN_ERROR_JUST_SO_YOU_KNOW"); } $jquery = is_callable(array("Config", "current")) ? Config::current()->url . "/includes/lib/gz.php?file=jquery.js" : "http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js"; Route::current(MainController::current()); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <title>Chyrp: <?php echo $title; ?> </title> <script src="<?php echo $jquery; ?> " type="text/javascript" charset="utf-8"></script> <style type="text/css"> html, body, ul, ol, li, h1, h2, h3, h4, h5, h6, form, fieldset, a, p { margin: 0; padding: 0; border: 0;
/** * Function: show_404 * Shows a 404 error message and immediately exits. * * Parameters: * $scope - An array of values to extract into the scope. */ function show_404() { header("HTTP/1.1 404 Not Found"); if (!defined('CHYRP_VERSION')) { exit("404 Not Found"); } $theme = Theme::current(); $main = MainController::current(); Trigger::current()->call("not_found"); if ($theme->file_exists("pages/404")) { $main->display("pages/404", array(), "404"); } else { error(__("404 Not Found"), __("The requested page could not be located.")); } exit; }
public function ajax_tag_post() { if (empty($_POST['name']) or empty($_POST['post'])) { exit("{}"); } $sql = SQL::current(); $post = new Post($_POST['post']); $tag = $_POST['name']; if (!$post->editable()) { exit("{}"); } $tags = $sql->select("post_attributes", "value", array("name" => "tags", "post_id" => $post->id)); if ($tags and $value = $tags->fetchColumn()) { $tags = YAML::load($value); } else { $tags = array(); } $tags[$tag] = sanitize($tag); $sql->replace("post_attributes", array("post_id", "name"), array("name" => "tags", "value" => YAML::dump($tags), "post_id" => $post->id)); exit("{ url: \"" . url("tag/" . $tags[$tag], MainController::current()) . "\", tag: \"" . $_POST['name'] . "\" }"); }
<?php define('AJAX', true); require_once "common.php"; # Prepare the controller. $main = MainController::current(); # Parse the route. $route = Route::current($main); if (!$visitor->group->can("view_site")) { if ($trigger->exists("can_not_view_site")) { $trigger->call("can_not_view_site"); } else { show_403(__("Access Denied"), __("You are not allowed to view this site.")); } } switch ($_POST['action']) { case "edit_post": if (!isset($_POST['id'])) { error(__("No ID Specified"), __("Please specify an ID of the post you would like to edit.")); } $post = new Post($_POST['id'], array("filter" => false, "drafts" => true)); if ($post->no_results) { header("HTTP/1.1 404 Not Found"); $trigger->call("not_found"); exit; } if (!$post->editable()) { show_403(__("Access Denied"), __("You do not have sufficient privileges to edit posts.")); } $title = $post->title(); $theme_file = THEME_DIR . "/forms/feathers/" . $post->feather . ".php";
echo _f("%s on line %d", array($trace["file"], fallback($trace["line"], 0))); ?> </code></li> <?php } ?> </ol> <?php } ?> <div class="clear"></div> <?php if (class_exists("Route") and !logged_in() and $body != __("Route was initiated without a Controller.")) { ?> <a href="<?php echo url("login", MainController::current()); ?> " class="big login"><?php echo __("Log In"); ?> →</a> <?php } ?> <div class="clear last"></div> </div> </div> <?php if (defined("CHYRP_VERSION")) { ?> <p class="footer">Chyrp <?php
static function ajax() { header("Content-Type: application/x-javascript", true); $config = Config::current(); $sql = SQL::current(); $trigger = Trigger::current(); $visitor = Visitor::current(); $theme = Theme::current(); $main = MainController::current(); switch ($_POST['action']) { case "reload_comments": $post = new Post($_POST['post_id']); if ($post->no_results) { break; } if ($post->latest_comment > $_POST['last_comment']) { $new_comments = $sql->select("comments", "id, created_at", array("post_id" => $_POST['post_id'], "created_at >" => $_POST['last_comment'], "status not" => "spam", "status != 'denied' OR (\n (\n user_id != 0 AND\n user_id = :visitor_id\n ) OR (\n id IN " . self::visitor_comments() . "\n )\n )"), "created_at ASC", array(":visitor_id" => $visitor->id)); $ids = array(); $last_comment = ""; while ($the_comment = $new_comments->fetchObject()) { $ids[] = $the_comment->id; if (strtotime($last_comment) < strtotime($the_comment->created_at)) { $last_comment = $the_comment->created_at; } } ?> { comment_ids: [ <?php echo implode(", ", $ids); ?> ], last_comment: "<?php echo $last_comment; ?> " } <?php } break; case "show_comment": $comment = new Comment($_POST['comment_id']); $trigger->call("show_comment", $comment); $main->display("content/comment", array("comment" => $comment)); break; case "delete_comment": $comment = new Comment($_POST['id']); if (!$comment->deletable()) { break; } Comment::delete($_POST['id']); break; case "edit_comment": $comment = new Comment($_POST['comment_id'], array("filter" => false)); if (!$comment->editable()) { break; } if ($theme->file_exists("forms/comment/edit")) { $main->display("forms/comment/edit", array("comment" => $comment)); } else { require "edit_form.php"; } break; } }
/** * Function: url * Returns a page's URL. */ public function url() { if ($this->no_results) { return false; } $config = Config::current(); if (!$config->clean_urls) { return $config->url . "/?action=page&url=" . urlencode($this->url); } $url = array("", urlencode($this->url)); $page = $this; while (isset($page->parent_id) and $page->parent_id) { $url[] = urlencode($page->parent->url); $page = $page->parent; } return url("page/" . implode("/", array_reverse($url)), MainController::current()); }