/** * Sets the current language for phpMyFAQ user session * * @param bool $config_detection Configuration detection * @param string $config_language Language from configuration * @return string */ public function setLanguage($config_detection, $config_language) { global $sid; $_lang = array(); self::_getUserAgentLanguage(); // Get language from: _POST, _GET, _COOKIE, phpMyFAQ configuration and the automatic language detection $_lang['post'] = PMF_Filter::filterInput(INPUT_POST, 'language', FILTER_SANITIZE_STRING); if (!is_null($_lang['post']) && !self::isASupportedLanguage($_lang['post'])) { $_lang['post'] = null; } // Get the user language $_lang['get'] = PMF_Filter::filterInput(INPUT_GET, 'lang', FILTER_SANITIZE_STRING); if (!is_null($_lang['get']) && !self::isASupportedLanguage($_lang['get'])) { $_lang['get'] = null; } // Get the faq record language $_lang['artget'] = PMF_Filter::filterInput(INPUT_GET, 'artlang', FILTER_SANITIZE_STRING); if (!is_null($_lang['artget']) && !self::isASupportedLanguage($_lang['artget'])) { $_lang['get'] = null; } // Get the language from the session if (isset($_SESSION['pmf_lang']) && self::isASupportedLanguage($_SESSION['pmf_lang'])) { $_lang['session'] = trim($_SESSION['pmf_lang']); } // Get the language from the config if (isset($config_language)) { $confLangCode = str_replace(array("language_", ".php"), "", $config_language); if (self::isASupportedLanguage($confLangCode)) { $_lang['config'] = $confLangCode; } } // Detect the browser's language if (true === $config_detection && self::isASupportedLanguage($this->acceptedLanguage)) { $_lang['detection'] = $this->acceptedLanguage; } // Select the language if (isset($_lang['post'])) { self::$language = $_lang['post']; $_lang = null; unset($_lang); } elseif (isset($_lang['get'])) { self::$language = $_lang['get']; } elseif (isset($_lang['session'])) { self::$language = $_lang['session']; $_lang = null; unset($_lang); } elseif (isset($_lang['detection'])) { self::$language = $_lang['detection']; $_lang = null; unset($_lang); } elseif (isset($_lang['config'])) { self::$language = $_lang['config']; $_lang = null; unset($_lang); } else { self::$language = 'en'; // just a fallback } return $_SESSION['pmf_lang'] = self::$language; }
function sendAskedQuestion($username, $usermail, $usercat, $content) { global $IDN, $category, $PMF_LANG, $faq, $faqconfig; $retval = false; $cat = new PMF_Category(); $categories = $cat->getAllCategories(); if ($faqconfig->get('records.enableVisibilityQuestions')) { $visibility = 'N'; } else { $visibility = 'Y'; } $questionData = array('ask_username' => $username, 'ask_usermail' => $IDN->encode($usermail), 'ask_category' => $usercat, 'ask_content' => $content, 'ask_date' => date('YmdHis'), 'is_visible' => $visibility); list($user, $host) = explode("@", $questionData['ask_usermail']); if (PMF_Filter::filterVar($questionData['ask_usermail'], FILTER_VALIDATE_EMAIL) != false) { $faq->addQuestion($questionData); $questionMail = "User: "******", mailto:" . $questionData['ask_usermail'] . "\n" . $PMF_LANG["msgCategory"] . ": " . $categories[$questionData['ask_category']]["name"] . "\n\n" . wordwrap($content, 72); $userId = $category->getCategoryUser($questionData['ask_category']); $oUser = new PMF_User(); $oUser->getUserById($userId); $userEmail = $oUser->getUserData('email'); $mainAdminEmail = $faqconfig->get('main.administrationMail'); $mail = new PMF_Mail(); $mail->unsetFrom(); $mail->setFrom($questionData['ask_usermail'], $questionData['ask_username']); $mail->addTo($mainAdminEmail); // Let the category owner get a copy of the message if ($userEmail && $mainAdminEmail != $userEmail) { $mail->addCc($userEmail); } $mail->subject = '%sitename%'; $mail->message = $questionMail; $retval = $mail->send(); } return $retval; }
/** * Tracks the user and log what he did * * @param string $action Action string * @param integer $id Current ID * * @return void */ public function userTracking($action, $id = 0) { global $sid, $user, $botBlacklist; if ($this->_config->get('main.enableUserTracking')) { $bots = 0; $banned = false; $agent = $_SERVER['HTTP_USER_AGENT']; $sid = PMF_Filter::filterInput(INPUT_GET, PMF_GET_KEY_NAME_SESSIONID, FILTER_VALIDATE_INT); $sidc = PMF_Filter::filterInput(INPUT_COOKIE, self::PMF_COOKIE_NAME_SESSIONID, FILTER_VALIDATE_INT); if (!is_null($sidc)) { $sid = $sidc; } if ($action == 'old_session') { $sid = null; } foreach ($botBlacklist as $bot) { if ((bool) PMF_String::strstr($agent, $bot)) { $bots++; } } $network = new PMF_Network($this->_config); // if we're running behind a reverse proxy like nginx/varnish, fix the client IP $remoteAddr = $_SERVER['REMOTE_ADDR']; $localAddresses = array('127.0.0.1', '::1'); if (in_array($remoteAddr, $localAddresses) && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $remoteAddr = $_SERVER['HTTP_X_FORWARDED_FOR']; } // clean up as well $remoteAddr = preg_replace('([^0-9a-z:\\.]+)i', '', $remoteAddr); if (!$network->checkIp($remoteAddr)) { $banned = true; } if (0 == $bots && false == $banned) { if (!isset($sid)) { $sid = $this->_config->getDb()->nextId(PMF_Db::getTablePrefix() . 'faqsessions', 'sid'); // Sanity check: force the session cookie to contains the current $sid if (!is_null($sidc) && !$sidc != $sid) { self::setCookie(self::PMF_COOKIE_NAME_SESSIONID, $sid); } $query = sprintf("\n INSERT INTO \n %sfaqsessions\n (sid, user_id, ip, time)\n VALUES\n (%d, %d, '%s', %d)", PMF_Db::getTablePrefix(), $sid, $user ? $user->getUserId() : -1, $remoteAddr, $_SERVER['REQUEST_TIME']); $this->_config->getDb()->query($query); } $data = $sid . ';' . str_replace(';', ',', $action) . ';' . $id . ';' . $remoteAddr . ';' . str_replace(';', ',', isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '') . ';' . str_replace(';', ',', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '') . ';' . str_replace(';', ',', urldecode($_SERVER['HTTP_USER_AGENT'])) . ';' . $_SERVER['REQUEST_TIME'] . ";\n"; $file = './data/tracking' . date('dmY'); if (is_writeable($file)) { file_put_contents($file, $data, FILE_APPEND); } else { throw new PMF_Exception('Cannot write to ' . $file); } } } }
/** * Tracks the user and log what he did * * @param string $action Action string * @param integer $id Current ID * * @return void */ public function userTracking($action, $id = 0) { global $sid, $user, $botBlacklist; if (PMF_Configuration::getInstance()->get('main.enableUserTracking')) { $bots = 0; $banned = false; $agent = $_SERVER['HTTP_USER_AGENT']; $sid = PMF_Filter::filterInput(INPUT_GET, PMF_GET_KEY_NAME_SESSIONID, FILTER_VALIDATE_INT); $sidc = PMF_Filter::filterInput(INPUT_COOKIE, PMF_COOKIE_NAME_SESSIONID, FILTER_VALIDATE_INT); if (!is_null($sidc)) { $sid = $sidc; } if ($action == 'old_session') { $sid = null; } foreach ($botBlacklist as $bot) { if ((bool) PMF_String::strstr($agent, $bot)) { $bots++; } } $network = new PMF_Network(); if (!$network->checkIp($_SERVER['REMOTE_ADDR'])) { $banned = true; } if (0 == $bots && false == $banned) { if (!isset($sid)) { $sid = $this->db->nextID(SQLPREFIX . 'faqsessions', 'sid'); // Sanity check: force the session cookie to contains the current $sid if (!is_null($sidc) && !$sidc != $sid) { self::setCookie($sid); } $query = sprintf("\n INSERT INTO \n %sfaqsessions\n (sid, user_id, ip, time)\n VALUES\n (%d, %d, '%s', %d)", SQLPREFIX, $sid, $user ? $user->getUserId() : -1, $_SERVER['REMOTE_ADDR'], $_SERVER['REQUEST_TIME']); $this->db->query($query); } $data = $sid . ';' . str_replace(';', ',', $action) . ';' . $id . ';' . $_SERVER['REMOTE_ADDR'] . ';' . str_replace(';', ',', $_SERVER['QUERY_STRING']) . ';' . str_replace(';', ',', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '') . ';' . str_replace(';', ',', urldecode($_SERVER['HTTP_USER_AGENT'])) . ';' . $_SERVER['REQUEST_TIME'] . ";\n"; $file = './data/tracking' . date('dmY'); file_put_contents($file, $data, FILE_APPEND); } } }
function sendAskedQuestion($username, $usermail, $usercat, $content) { global $PMF_LANG, $faq; $retval = false; $faqconfig = PMF_Configuration::getInstance(); $categoryNode = new PMF_Category_Node(); if ($faqconfig->get('records.enableVisibilityQuestions')) { $visibility = 'N'; } else { $visibility = 'Y'; } $questionData = array('id' => null, 'username' => $username, 'email' => $usermail, 'category_id' => $usercat, 'question' => $content, 'date' => date('YmdHis'), 'is_visible' => $visibility); list($user, $host) = explode("@", $questionData['email']); if (PMF_Filter::filterVar($questionData['email'], FILTER_VALIDATE_EMAIL) != false) { $faqQuestions = new PMF_Faq_Questions(); $faqQuestions->create($questionData); $categoryData = $categoryNode->fetch($questionData['category_id']); $questionMail = "User: "******", mailto:" . $questionData['email'] . "\n" . $PMF_LANG["msgCategory"] . ": " . $categoryData->name . "\n\n" . wordwrap($content, 72); $userId = $categoryData->user_id; $oUser = new PMF_User(); $oUser->getUserById($userId); $userEmail = $oUser->getUserData('email'); $mainAdminEmail = $faqconfig->get('main.administrationMail'); $mail = new PMF_Mail(); $mail->unsetFrom(); $mail->setFrom($questionData['email'], $questionData['username']); $mail->addTo($mainAdminEmail); // Let the category owner get a copy of the message if ($userEmail && $mainAdminEmail != $userEmail) { $mail->addCc($userEmail); } $mail->subject = '%sitename%'; $mail->message = $questionMail; $retval = $mail->send(); } return $retval; }
* compliance with the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the * License for the specific language governing rights and limitations * under the License. */ if (!defined('IS_VALID_PHPMYFAQ_ADMIN') || !$permission['editconfig']) { header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $ajax_action = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING); $stopword_id = PMF_Filter::filterInput(INPUT_GET, 'stopword_id', FILTER_VALIDATE_INT); $stopword = PMF_Filter::filterInput(INPUT_GET, 'stopword', FILTER_SANITIZE_STRING); $stopwords_lang = PMF_Filter::filterInput(INPUT_GET, 'stopwords_lang', FILTER_SANITIZE_STRING); switch ($ajax_action) { case 'load_stop_words_by_lang': if (PMF_Language::isASupportedLanguage($stopwords_lang)) { $stop_words_list = PMF_Stopwords::getInstance()->getByLang($stopwords_lang); header('Content-Type: application/json'); print json_encode($stop_words_list); } break; case 'delete_stop_word': if (null != $stopword_id && PMF_Language::isASupportedLanguage($stopwords_lang)) { $pmf_sw = PMF_Stopwords::getInstance(); $pmf_sw->setLanguage($stopwords_lang); $pmf_sw->remove($stopword_id); } break;
* @link http://www.phpmyfaq.de * @since 2002-08-29 */ if (!defined('IS_VALID_PHPMYFAQ')) { header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $captcha = new PMF_Captcha($db, $Language); $captcha->setSessionId($sids); $type = PMF_Filter::filterInput(INPUT_POST, 'type', FILTER_SANITIZE_STRING); $code = PMF_Filter::filterInput(INPUT_POST, 'captcha', FILTER_SANITIZE_STRING); $faqid = PMF_Filter::filterInput(INPUT_POST, 'id', FILTER_VALIDATE_INT, 0); $newsid = PMF_Filter::filterInput(INPUT_POST, 'newsid', FILTER_VALIDATE_INT); $user = PMF_Filter::filterInput(INPUT_POST, 'user', FILTER_SANITIZE_STRING); $mail = PMF_Filter::filterInput(INPUT_POST, 'mail', FILTER_VALIDATE_EMAIL); $comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRIPPED); $message = ''; switch ($type) { case 'news': $id = $newsid; $msgWriteComment = $PMF_LANG['newsWriteComment']; break; case 'faq': default: $id = $faqid; $msgWriteComment = $PMF_LANG['msgWriteComment']; break; } // If e-mail address is set to optional if (!PMF_Configuration::getInstance()->get('main.optionalMailAddress') && is_null($mail)) { $mail = PMF_Configuration::getInstance()->get('main.administrationMail');
} $userError = $user->error(); if ($userError != "") { $message .= sprintf('<p class="alert alert-danger">%s</p>', $userError); } } } if ($groupAction == 'addsave' && $user->perm->checkRight($user->getUserId(), 'addgroup')) { $user = new PMF_User($faqConfig); $message = ''; $messages = []; $group_name = PMF_Filter::filterInput(INPUT_POST, 'group_name', FILTER_SANITIZE_STRING, ''); $group_description = PMF_Filter::filterInput(INPUT_POST, 'group_description', FILTER_SANITIZE_STRING, ''); $group_auto_join = PMF_Filter::filterInput(INPUT_POST, 'group_auto_join', FILTER_SANITIZE_STRING, ''); $csrfOkay = true; $csrfToken = PMF_Filter::filterInput(INPUT_POST, 'csrf', FILTER_SANITIZE_STRING); if (!isset($_SESSION['phpmyfaq_csrf_token']) || $_SESSION['phpmyfaq_csrf_token'] !== $csrfToken) { $csrfOkay = false; } // check group name if ($group_name == '') { $messages[] = $PMF_LANG['ad_group_error_noName']; } // ok, let's go if (count($messages) == 0 && $csrfOkay) { // create group $group_data = array('name' => $group_name, 'description' => $group_description, 'auto_join' => $group_auto_join); if ($user->perm->addGroup($group_data) <= 0) { $messages[] = $PMF_LANG['ad_adus_dberr']; } }
if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } ?> <header> <h2><i class="icon-wrench"></i> <?php echo $PMF_LANG['ad_menu_instances']; ?> </h2> </header> <?php if ($permission['editinstances']) { $instanceId = PMF_Filter::filterInput(INPUT_GET, 'instance_id', FILTER_VALIDATE_INT); $instance = new PMF_Instance($faqConfig); $instanceData = $instance->getInstanceById($instanceId); ?> <form class="form-horizontal" action="?action=updateinstance" method="post" accept-charset="utf-8"> <input type="hidden" name="instance_id" value="<?php echo $instanceData->id; ?> " /> <div class="control-group"> <label class="control-label"><?php echo $PMF_LANG["ad_instance_url"]; ?> :</label> <div class="controls"> <input type="url" name="url" id="url" required="required" value="<?php
* Version 1.1 (the "License"); you may not use this file except in * compliance with the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the * License for the specific language governing rights and limitations * under the License. */ if (!defined('IS_VALID_PHPMYFAQ_ADMIN')) { header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $ajax_action = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING); $user_id = PMF_Filter::filterInput(INPUT_GET, 'user_id', FILTER_VALIDATE_INT); $usersearch = PMF_Filter::filterInput(INPUT_GET, 'q', FILTER_SANITIZE_STRING); if ($permission['adduser'] || $permission['edituser'] || $permission['deluser']) { $user = new PMF_User(); if ('get_user_list' == $ajax_action) { foreach ($user->searchUsers($usersearch) as $single_user) { print $single_user['login'] . '|' . $single_user['user_id'] . "\n"; } } $user->getUserById($user_id); // Return the user data if ('get_user_data' == $ajax_action) { $userdata = array(); $userdata = $user->userdata->get('*'); $userdata['status'] = $user->getStatus(); print json_encode(array_map('utf8_encode', $userdata)); }
<h1 id="header">phpMyFAQ <?php print NEWVERSION; ?> Update</h1> <?php if (version_compare(PHP_VERSION, MINIMUM_PHP_VERSION, '<')) { printf("<p class=\"center\">Sorry, but you need PHP %s or later!</p>\n", MINIMUM_PHP_VERSION); HTMLFooter(); die; } require_once PMF_ROOT_DIR . '/inc/autoLoader.php'; require_once PMF_ROOT_DIR . '/config/constants.php'; $step = PMF_Filter::filterInput(INPUT_GET, 'step', FILTER_VALIDATE_INT, 1); $version = PMF_Filter::filterInput(INPUT_POST, 'version', FILTER_SANITIZE_STRING); $query = array(); $templateDir = '../template'; /** * Print out the HTML Footer * * @return void */ function HTMLFooter() { printf('<p class="center">%s</p></body></html>', COPYRIGHT); } if (!is_readable(PMF_ROOT_DIR . '/inc/data.php') && !is_readable(PMF_ROOT_DIR . '/config/database.php')) { print '<p class="center">It seems you never run a version of phpMyFAQ.<br />' . 'Please use the <a href="setup.php">install script</a>.</p>'; HTMLFooter(); die;
* @since 2005-12-15 */ if (!defined('IS_VALID_PHPMYFAQ')) { $protocol = 'http'; if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } // Send headers $http = new PMF_Helper_Http(); $http->setContentType('application/json'); $http->addHeader(); $oTag = new PMF_Tags($faqConfig); $autoCompleteValue = PMF_Filter::filterInput(INPUT_GET, 'q', FILTER_SANITIZE_STRIPPED); if (!is_null($autoCompleteValue)) { if (strpos($autoCompleteValue, ',')) { $arrayOfValues = explode(',', $autoCompleteValue); $autoCompleteValue = end($arrayOfValues); } $tags = $oTag->getAllTags(strtolower($autoCompleteValue), PMF_TAGS_CLOUD_RESULT_SET_SIZE, true); } else { $tags = $oTag->getAllTags(); } if ($permission['editbt']) { $i = 0; $tagNames = array(); foreach ($tags as $tagName) { $i++; if ($i <= PMF_TAGS_AUTOCOMPLETE_RESULT_SET_SIZE) {
$sortby = null; $linkState = PMF_Filter::filterInput(INPUT_POST, 'linkstate', FILTER_SANITIZE_STRING); $searchcat = PMF_Filter::filterInput(INPUT_POST, 'searchcat', FILTER_VALIDATE_INT); $searchterm = PMF_Filter::filterInput(INPUT_POST, 'searchterm', FILTER_SANITIZE_STRIPPED); if (!is_null($linkState)) { $cond[SQLPREFIX . 'faqdata.links_state'] = 'linkbad'; $linkState = ' checked="checked" '; $internalSearch .= '&linkstate=linkbad'; } if (!is_null($searchcat)) { $internalSearch .= "&searchcat=" . $searchcat; $cond[SQLPREFIX . 'faqcategoryrelations.category_id'] = array_merge(array($searchcat), $category->getChildNodes($searchcat)); } $currentcategory = PMF_Filter::filterInput(INPUT_GET, 'category', FILTER_VALIDATE_INT); $orderby = PMF_Filter::filterInput(INPUT_GET, 'orderby', FILTER_SANITIZE_STRING, 1); $sortby = PMF_Filter::filterInput(INPUT_GET, 'sortby', FILTER_SANITIZE_STRING); if ($orderby != 1) { switch ($orderby) { case 'id': $orderby = 1; break; case 'title': $orderby = 2; break; case 'date': $orderby = 3; break; } } ?> <form action="?action=view" method="post">
?> </h2> </header> <?php if ($permission["passwd"]) { // If we have to save a new password, do that first $save = PMF_Filter::filterInput(INPUT_POST, 'save', FILTER_SANITIZE_STRING); if (!is_null($save)) { // Define the (Local/Current) Authentication Source $auth = new PMF_Auth($faqConfig); $authSource = $auth->selectAuth($user->getAuthSource('name')); $authSource->selectEncType($user->getAuthData('encType')); $authSource->setReadOnly($user->getAuthData('readOnly')); $oldPassword = PMF_Filter::filterInput(INPUT_POST, 'opass', FILTER_SANITIZE_STRING); $newPassword = PMF_Filter::filterInput(INPUT_POST, 'npass', FILTER_SANITIZE_STRING); $retypedPassword = PMF_Filter::filterInput(INPUT_POST, 'bpass', FILTER_SANITIZE_STRING); if ($authSource->checkPassword($user->getLogin(), $oldPassword) && $newPassword == $retypedPassword) { if (!$user->changePassword($newPassword)) { printf('<p class="alert alert-error">%s</p>', $PMF_LANG["ad_passwd_fail"]); } printf('<p class="alert alert-success">%s</p>', $PMF_LANG["ad_passwdsuc"]); } else { printf('<p class="alert alert-error">%s</p>', $PMF_LANG["ad_passwd_fail"]); } } ?> <form class="form-horizontal" action="?action=passwd" method="post" accept-charset="utf-8"> <input type="hidden" name="save" value="newpassword" /> <div class="control-group"> <label class="control-label" for="opass"><?php echo $PMF_LANG["ad_passwd_old"];
$faq->getRecordBySolutionId($solution_id); } $faqvisits = PMF_Visits::getInstance(); $faqvisits->logViews($faq->faqRecord['id']); $content = $faq->faqRecord['content']; $thema = $faq->getRecordTitle($faq->faqRecord['id']); // Add Glossary entries $content = $oGlossary->insertItemsIntoContent($content); $thema = $oGlossary->insertItemsIntoContent($thema); // Set the path of the current category $categoryName = $categoryLayout->renderBreadcrumb($categoryPath); $changeLanguagePath = PMF_Link::getSystemRelativeUri() . sprintf('?%saction=artikel&cat=%d&id=%d&artlang=%s', $sids, $currentCategory, $id, $LANGCODE); $oLink = new PMF_Link($changeLanguagePath); $oLink->itemTitle = $faq->getRecordTitle($record_id, false); $changeLanguagePath = $oLink->toString(); $highlight = PMF_Filter::filterInput(INPUT_GET, 'highlight', FILTER_SANITIZE_STRIPPED); if (!is_null($highlight) && $highlight != "/" && $highlight != "<" && $highlight != ">" && PMF_String::strlen($highlight) > 3) { $highlight = str_replace("'", "´", $highlight); $highlight = str_replace(array('^', '.', '?', '*', '+', '{', '}', '(', ')', '[', ']'), '', $highlight); $highlight = preg_quote($highlight, '/'); $searchItems = explode(' ', $highlight); $attributes = array('href', 'src', 'title', 'alt', 'class', 'style', 'id', 'name', 'face', 'size', 'dir', 'onclick', 'ondblclick', 'onmousedown', 'onmouseup', 'onmouseover', 'onmousemove', 'onmouseout', 'onkeypress', 'onkeydown', 'onkeyup'); foreach ($searchItems as $item) { $thema = PMF_String::preg_replace_callback('/' . '(' . $item . '="[^"]*")|' . '((' . implode('|', $attributes) . ')="[^"]*' . $item . '[^"]*")|' . '(\\s+)(' . $item . ')(\\s+)' . '/mis', 'highlight_no_links', $thema); $content = PMF_String::preg_replace_callback('/' . '(' . $item . '="[^"]*")|' . '((' . implode('|', $attributes) . ')="[^"]*' . $item . '[^"]*")|' . '(\\s+)(' . $item . ')(\\s+)' . '/mis', 'highlight_no_links', $content); } } // Hack: Apply the new SEO schema to those HTML anchors to // other faq records (Internal Links) added with WYSIWYG Editor: // href="index.php?action=artikel&cat=NNN&id=MMM&artlang=XYZ" // Search for href attribute links
* v. 2.0. If a copy of the MPL was not distributed with this file, You can * obtain one at http://mozilla.org/MPL/2.0/. * * @category phpMyFAQ * @package Administration * @author Thorsten Rinne <*****@*****.**> * @copyright 2011-2015 phpMyFAQ Team * @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 * @link http://www.phpmyfaq.de * @since 2011-08-24 */ if (!defined('IS_VALID_PHPMYFAQ')) { $protocol = 'http'; if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $ajaxAction = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING); $searchTerm = PMF_Filter::filterInput(INPUT_GET, 'searchterm', FILTER_SANITIZE_STRING); $search = new PMF_Search($faqConfig); switch ($ajaxAction) { case 'delete_searchterm': if ($search->deleteSearchTerm($searchTerm)) { print true; } else { print false; } break; }
$priority = sprintf('%.1f', PMF_SITEMAP_GOOGLE_PRIORITY_DEFAULT * (1 + ($item['visits'] - $visitMin) / ($visitsMax - $visitMin))); } // a. We use plain PMF urls w/o any SEO schema $link = str_replace($_SERVER['SCRIPT_NAME'], '/index.php', $item['url']); // b. We use SEO PMF urls if (PMF_SITEMAP_GOOGLE_USE_SEO) { if (isset($item['thema'])) { $oL = new PMF_Link($link); $oL->itemTitle = $item['thema']; $link = $oL->toString(); } } $sitemap .= buildSitemapNode(PMF_Link::getSystemUri('/sitemap.google.php') . $link, PMF_Date::createISO8601Date($item['date']), PMF_SITEMAP_GOOGLE_CHANGEFREQ_DAILY, $priority); } $sitemap .= '</urlset>'; $getgezip = PMF_Filter::filterInput(INPUT_GET, PMF_SITEMAP_GOOGLE_GET_GZIP, FILTER_VALIDATE_INT); if (!is_null($getgezip) && 1 == $getgezip) { if (function_exists('gzencode')) { $sitemapGz = gzencode($sitemap); header('Content-Type: application/x-gzip'); header('Content-Disposition: attachment; filename="' . PMF_SITEMAP_GOOGLE_FILENAME_GZ . '"'); header('Content-Length: ' . strlen($sitemapGz)); print $sitemapGz; } else { PMF_Helper_Http::getInstance()->printHTTPStatus404(); } } else { header('Content-Type: text/xml'); header('Content-Disposition: inline; filename="' . PMF_SITEMAP_GOOGLE_FILENAME . '"'); header('Content-Length: ' . PMF_String::strlen($sitemap)); print $sitemap;
} $plr = new PMF_Language_Plurals($PMF_LANG); PMF_String::init($language); // Set empty result $result = array(); // Handle actions switch ($action) { case 'getVersion': $result = array('version' => $faqconfig->get('main.currentVersion')); break; case 'getApiVersion': $result = array('apiVersion' => (int) $faqconfig->get('main.currentApiVersion')); break; case 'search': $search = new PMF_Search($db, $Language); $searchString = PMF_Filter::filterInput(INPUT_GET, 'q', FILTER_SANITIZE_STRIPPED); $result = $search->search($searchString, false); $url = $faqconfig->get('main.referenceURL') . '/index.php?action=artikel&cat=%d&id=%d&artlang=%s'; foreach ($result as &$data) { $data->answer = html_entity_decode(strip_tags($data->answer), ENT_COMPAT, 'utf-8'); $data->answer = PMF_Utils::makeShorterText($data->answer, 12); $data->link = sprintf($url, $data->category_id, $data->id, $data->lang); } break; case 'getCategories': $category = new PMF_Category($current_user, $current_groups, true); $result = $category->categories; break; case 'getFaqs': $faq = new PMF_Faq($current_user, $current_groups); $result = $faq->getAllRecordPerCategory($categoryId);
* @author Anatoliy Belsky <*****@*****.**> * @copyright 2010-2014 phpMyFAQ Team * @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 * @link http://www.phpmyfaq.de * @since 2010-12-20 */ use Symfony\Component\HttpFoundation\Response; if (!defined('IS_VALID_PHPMYFAQ')) { $protocol = 'http'; if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $ajaxAction = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING); $attId = PMF_Filter::filterInput(INPUT_GET, 'attId', FILTER_VALIDATE_INT); $att = PMF_Attachment_Factory::create($attId); $response = new Response(); if ($att) { switch ($ajaxAction) { case 'delete': if ($att->delete()) { $response->setContent($PMF_LANG['msgAttachmentsDeleted']); } else { $response->setContent($PMF_LANG['ad_att_delfail']); } break; } } $response->send();
} //If it's a login or logout request, reload only the login box if ($true_request == "login" || $true_request == "logout") { $tpl->ajax_request = $true_request; } else { $tpl->ajax_request = $action; } } if (strstr($writeLangAdress, "&")) { $writeLangAdress .= '&change_lang=true'; } elseif (strstr($writeLangAdress, "?")) { $writeLangAdress .= 'change_lang=true'; } else { $writeLangAdress .= '?change_lang=true'; } $tpl->change_lang = PMF_Filter::filterInput(INPUT_POST, 'change_lang', FILTER_SANITIZE_STRING); //Associate a action request with template blocks $all_action = '(main|' . implode('|', array_keys($allowedVariables)) . ')'; $tpl->varAjax = array('showCategories' => 'ajax_init', 'title' => $all_action, 'writeContent' => $all_action, 'writeLangAdress' => $all_action, 'action' => $all_action, 'userOnline' => $all_action, 'loginBox' => '(login|logout)', 'rightBox' => 'artikel'); if (DEBUG) { $tpl->varAjax['debugMessages'] = $all_action; //If debug mode active reload also debug messages } //Init the ajax template map and store the data in session for better performance if (isset($_SESSION['parsedTemplates']) && $tpl->ajax_request) { $tpl->parsedTemplates = $_SESSION['parsedTemplates']; } else { $tpl->TemplateAjaxInit(); $_SESSION['parsedTemplates'] = $tpl->parsedTemplates; } }
* @author Thorsten Rinne <*****@*****.**> * @since 2002-09-16 * @version SVN: $Id$ * @copyright 2002-2009 phpMyFAQ Team * * The contents of this file are subject to the Mozilla Public License * Version 1.1 (the "License"); you may not use this file except in * compliance with the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the * License for the specific language governing rights and limitations * under the License. */ if (!defined('IS_VALID_PHPMYFAQ')) { header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $captcha = new PMF_Captcha($sids); if (!is_null($showCaptcha)) { $captcha->showCaptchaImg(); exit; } $faqsession->userTracking('send2friend', 0); $cat = PMF_Filter::filterInput(INPUT_GET, 'cat', FILTER_VALIDATE_INT); $id = PMF_Filter::filterInput(INPUT_GET, 'id', FILTER_VALIDATE_INT); $artlang = PMF_Filter::filterInput(INPUT_GET, 'artlang', FILTER_SANITIZE_STRING); $send2friendLink = sprintf('http://%s%s?action=artikel&cat=%d&id=%d&artlang=%s', $_SERVER['HTTP_HOST'], $_SERVER['PHP_SELF'], $cat, $id, urlencode($artlang)); $tpl->processTemplate('writeContent', array('msgSend2Friend' => $PMF_LANG['msgSend2Friend'], 'writeSendAdress' => $_SERVER['PHP_SELF'] . '?' . $sids . 'action=mailsend2friend', 'msgS2FReferrer' => 'link', 'msgS2FName' => $PMF_LANG['msgS2FName'], 'msgS2FEMail' => $PMF_LANG['msgS2FEMail'], 'defaultContentMail' => $user instanceof PMF_User_CurrentUser ? $user->getUserData('email') : '', 'defaultContentName' => $user instanceof PMF_User_CurrentUser ? $user->getUserData('display_name') : '', 'msgS2FFriends' => $PMF_LANG['msgS2FFriends'], 'msgS2FEMails' => $PMF_LANG['msgS2FEMails'], 'msgS2FText' => $PMF_LANG['msgS2FText'], 'send2friend_text' => PMF_htmlentities($PMF_CONF['main.send2friendText'], ENT_QUOTES, $PMF_LANG['metaCharset']), 'msgS2FText2' => $PMF_LANG['msgS2FText2'], 'send2friendLink' => $send2friendLink, 'msgS2FMessage' => $PMF_LANG['msgS2FMessage'], 'captchaFieldset' => printCaptchaFieldset($PMF_LANG['msgCaptcha'], $captcha->printCaptcha('send2friend'), $captcha->caplength), 'msgS2FButton' => $PMF_LANG['msgS2FButton'])); $tpl->includeTemplate('writeContent', 'index');
header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); header("Content-type: text/html"); header("Vary: Negotiate,Accept"); $linkverifier = new PMF_Linkverifier($user->getLogin()); if ($linkverifier->isReady() == false) { if (count(ob_list_handlers()) > 0) { ob_clean(); } print "disabled"; exit; } $linkverifier->loadConfigurationFromDB(); $id = PMF_Filter::filterInput(INPUT_GET, 'id', FILTER_VALIDATE_INT); $lang = PMF_Filter::filterInput(INPUT_GET, 'lang', FILTER_SANITIZE_STRING); $lookup = PMF_Filter::filterInput(INPUT_GET, 'lookup', FILTER_VALIDATE_INT); if (count(ob_list_handlers()) > 0) { ob_clean(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php print $PMF_LANG["metaLanguage"]; ?> " lang="<?php print $PMF_LANG["metaLanguage"]; ?> "> <head> <title><?php print $faqconfig->get('main.titleFAQ');
$protocol = 'http'; if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } // // GET Parameters Syntax: // export.file.php? // type={pdf|xhtml|xml} // [&dispos={inline|attachment}], default: attachment // [&catid=NN[&downwards=1]], default: all, downwards // $categoryId = PMF_Filter::filterInput(INPUT_POST, 'catid', FILTER_VALIDATE_INT); $downwards = PMF_Filter::filterInput(INPUT_POST, 'downwards', FILTER_VALIDATE_BOOLEAN, false); $inlineDisposition = PMF_Filter::filterInput(INPUT_POST, 'dispos', FILTER_SANITIZE_STRING); $type = PMF_Filter::filterInput(INPUT_POST, 'type', FILTER_SANITIZE_STRING, 'none'); $faq = new PMF_Faq($faqConfig); $category = new PMF_Category($faqConfig); $category->buildTree(); $tags = new PMF_Tags($faqConfig); $export = PMF_Export::create($faq, $category, $faqConfig, $type); $content = $export->generate($categoryId, $downwards); // Stream the file content $oHttpStreamer = new PMF_HttpStreamer(Response::create(), $type, $content); if ('inline' == $inlineDisposition) { $oHttpStreamer->send(PMF_HttpStreamer::HTTP_CONTENT_DISPOSITION_INLINE); } else { $oHttpStreamer->send(PMF_HttpStreamer::HTTP_CONTENT_DISPOSITION_ATTACHMENT); }
if ($user->perm instanceof PMF_Perm_Medium) { $current_groups = $user->perm->getUserGroups($current_user); } else { $current_groups = array(-1); } if (0 == count($current_groups)) { $current_groups = array(-1); } } else { $current_user = -1; $current_groups = array(-1); } if (!$faqConfig->get('main.enableRssFeeds')) { exit; } $category_id = PMF_Filter::filterInput(INPUT_GET, 'category_id', FILTER_VALIDATE_INT); $category = new PMF_Category($faqConfig); $category->setUser($current_user); $category->setGroups($current_groups); $faq = new PMF_Faq($faqConfig); $faq->setUser($current_user); $faq->setGroups($current_groups); $records = $faq->getAllRecordPerCategory($category_id, $faqConfig->get('records.orderby'), $faqConfig->get('records.sortby')); $rss = new XMLWriter(); $rss->openMemory(); $rss->setIndent(true); $rss->startDocument('1.0', 'utf-8'); $rss->startElement('rss'); $rss->writeAttribute('version', '2.0'); $rss->startElement('channel'); $rss->writeElement('title', $faqConfig->get('main.titleFAQ') . ' - ');
* * @category phpMyFAQ * @package Administration * @author Thorsten Rinne <*****@*****.**> * @copyright 2004-2011 phpMyFAQ Team * @license http://www.mozilla.org/MPL/MPL-1.1.html Mozilla Public License Version 1.1 * @link http://www.phpmyfaq.de * @since 2004-04-29 */ if (!defined('IS_VALID_PHPMYFAQ')) { header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } if ($permission["editcateg"]) { $id = PMF_Filter::filterInput(INPUT_GET, 'cat', FILTER_VALIDATE_INT); $parent_id = PMF_Filter::filterInput(INPUT_GET, 'parent_id', FILTER_VALIDATE_INT); $category = new PMF_Category($current_admin_user, $current_admin_groups, false); $categories = $category->getAllCategories(); $category->categories = null; unset($category->categories); $category->getCategories($parent_id, false); $category->buildTree($parent_id); $header = sprintf('%s: <em>%s</em>', $PMF_LANG['ad_categ_move'], $category->categories[$id]['name']); ?> <header> <h2><?php print $header; ?> </h2> </header> <form action="?action=changecategory" method="post">
*/ if (!defined('IS_VALID_PHPMYFAQ')) { $protocol = 'http'; if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } if ($user->perm->checkRight($user->getUserId(), 'editconfig')) { // actions defined by url: user_action= $userAction = PMF_Filter::filterInput(INPUT_GET, 'config_action', FILTER_SANITIZE_STRING, 'listConfig'); // Save the configuration if ('saveConfig' === $userAction) { $checks = array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_REQUIRE_ARRAY); $editData = PMF_Filter::filterInputArray(INPUT_POST, array('edit' => $checks)); $userAction = 'listConfig'; $oldConfigValues = $faqConfig->config; /* XXX the cache concept is designed to be able to activate only one cache engine per time so if there are more cache services implemented, respect it here*/ if (isset($editData['edit']['cache.varnishEnable']) && 'true' == $editData['edit']['cache.varnishEnable']) { if (!extension_loaded('varnish')) { throw new Exception('Varnish extension is not loaded'); } } // Set the new values $forbiddenValues = array('{', '}', '$'); $newConfigValues = []; foreach ($editData['edit'] as $key => $value) { $newConfigValues[$key] = str_replace($forbiddenValues, '', $value); $keyArray = array_values(explode('.', $key));
* @author Thorsten Rinne <*****@*****.**> * @copyright 2003-2014 phpMyFAQ Team * @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 * @link http://www.phpmyfaq.de * @since 2003-03-10 */ if (!defined('IS_VALID_PHPMYFAQ')) { $protocol = 'http'; if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } if ($user->perm->checkRight($user->getUserId(), 'editcateg')) { $categoryId = PMF_Filter::filterInput(INPUT_GET, 'cat', FILTER_VALIDATE_INT, 0); $category = new PMF_Category($faqConfig, [], false); $category->setUser($currentAdminUser); $category->setGroups($currentAdminGroups); $categories = $category->getAllCategories(); $userPermission = $category->getPermissions('user', array($categoryId)); $groupPermission = $category->getPermissions('group', array($categoryId)); $templateVars = array('PMF_LANG' => $PMF_LANG, 'allGroups' => $groupPermission[0] == -1, 'allUsers' => $userPermission[0] == -1, 'categoryId' => $categoryId, 'categoryDescription' => $categories[$categoryId]['description'], 'categoryLanguage' => $categories[$categoryId]['lang'], 'categoryName' => $categories[$categoryId]['name'], 'csrfToken' => $user->getCsrfTokenFromSession(), 'parentId' => $categories[$categoryId]['parent_id'], 'renderGroupPermissions' => false, 'restrictedGroups' => $groupPermission[0] != -1, 'restrictedUsers' => $userPermission[0] != -1, 'userOptionsOwner' => $user->getAllUserOptions($categories[$categoryId]['user_id']), 'userOptionsPermissions' => $user->getAllUserOptions($userPermission[0])); if ($faqConfig->get('security.permLevel') != 'basic') { $templateVars['renderGroupPermissions'] = true; $templateVars['groupOptions'] = $user->perm->getAllGroupsOptions($groupPermission); } $twig->loadTemplate('category/edit.twig')->display($templateVars); unset($templateVars, $categoryId, $category, $categories, $userPermission, $groupPermission); } else { require 'noperm.php';
* @since 2003-02-23 */ if (!defined('IS_VALID_PHPMYFAQ')) { $protocol = 'http'; if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $logging = new PMF_Logging($faqConfig); if ($user->perm->checkRight($user->getUserId(), 'adminlog') && 'adminlog' == $action) { $date = new PMF_Date($faqConfig); $perpage = 15; $pages = PMF_Filter::filterInput(INPUT_GET, 'pages', FILTER_VALIDATE_INT); $page = PMF_Filter::filterInput(INPUT_GET, 'page', FILTER_VALIDATE_INT, 1); if (is_null($pages)) { $pages = round(($logging->getNumberOfEntries() + $perpage / 3) / $perpage, 0); } $start = ($page - 1) * $perpage; $ende = $start + $perpage; $baseUrl = sprintf('%s?action=adminlog&page=%d', PMF_Link::getSystemRelativeUri(), $page); // Pagination options $options = array('baseUrl' => $baseUrl, 'total' => $logging->getNumberOfEntries(), 'perPage' => $perpage, 'pageParamName' => 'page'); $pagination = new PMF_Pagination($faqConfig, $options); $loggingData = $logging->getAll(); ?> <header> <h2 class="page-header"> <i class="fa fa-tasks"></i> <?php echo $PMF_LANG["ad_menu_adminlog"];
$tags = PMF_Filter::filterInput(INPUT_POST, 'tags', FILTER_SANITIZE_STRING); $active = PMF_Filter::filterInput(INPUT_POST, 'active', FILTER_SANITIZE_STRING); $sticky = PMF_Filter::filterInput(INPUT_POST, 'sticky', FILTER_SANITIZE_STRING); $content = PMF_Filter::filterInput(INPUT_POST, 'answer', FILTER_SANITIZE_SPECIAL_CHARS); $keywords = PMF_Filter::filterInput(INPUT_POST, 'keywords', FILTER_SANITIZE_STRING); $author = PMF_Filter::filterInput(INPUT_POST, 'author', FILTER_SANITIZE_STRING); $email = PMF_Filter::filterInput(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL); $comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING); $record_id = PMF_Filter::filterInput(INPUT_POST, 'record_id', FILTER_VALIDATE_INT); $solution_id = PMF_Filter::filterInput(INPUT_POST, 'solution_id', FILTER_VALIDATE_INT); $revision_id = PMF_Filter::filterInput(INPUT_POST, 'revision_id', FILTER_VALIDATE_INT); $changed = PMF_Filter::filterInput(INPUT_POST, 'changed', FILTER_SANITIZE_STRING); $user_permission = PMF_Filter::filterInput(INPUT_POST, 'userpermission', FILTER_SANITIZE_STRING); $restricted_users = 'all' == $user_permission ? -1 : PMF_Filter::filterInput(INPUT_POST, 'restricted_users', FILTER_VALIDATE_INT); $group_permission = PMF_Filter::filterInput(INPUT_POST, 'grouppermission', FILTER_SANITIZE_STRING); $restricted_groups = 'all' == $group_permission ? -1 : PMF_Filter::filterInput(INPUT_POST, 'restricted_groups', FILTER_VALIDATE_INT); if (!is_null($question) && !is_null($categories)) { $tagging = new PMF_Tags($faqConfig); $category = new PMF_Category($faqConfig, [], false); $category->setUser($currentAdminUser); $category->setGroups($currentAdminGroups); if (!isset($categories['rubrik'])) { $categories['rubrik'] = []; } $recordData = array('id' => $record_id, 'lang' => $record_lang, 'revision_id' => $revision_id, 'active' => $active, 'sticky' => !is_null($sticky) ? 1 : 0, 'thema' => html_entity_decode($question), 'content' => html_entity_decode($content), 'keywords' => $keywords, 'author' => $author, 'email' => $email, 'comment' => !is_null($comment) ? 'y' : 'n', 'date' => empty($date) ? date('YmdHis') : str_replace(array('-', ':', ' '), '', $date), 'dateStart' => empty($dateStart) ? '00000000000000' : str_replace('-', '', $dateStart) . '000000', 'dateEnd' => empty($dateEnd) ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959', 'linkState' => '', 'linkDateCheck' => 0); if ('saveentry' == $do || $record_id) { /* Create a revision anyway, it's autosaving */ $faq->addNewRevision($record_id, $record_lang); $revision_id++; $faq->createChangeEntry($record_id, $user->getUserId(), nl2br($changed), $record_lang, $revision_id); $visits = new PMF_Visits($faqConfig);
* * @category phpMyFAQ * @package Frontend * @author Thorsten Rinne <*****@*****.**> * @copyright 2002-2010 phpMyFAQ Team * @license http://www.mozilla.org/MPL/MPL-1.1.html Mozilla Public License Version 1.1 * @link http://www.phpmyfaq.de * @since 2002-09-16 */ if (!defined('IS_VALID_PHPMYFAQ')) { header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $recordId = PMF_Filter::filterInput(INPUT_POST, 'artikel', FILTER_VALIDATE_INT, 0); $vote = PMF_Filter::filterInput(INPUT_POST, 'vote', FILTER_VALIDATE_INT); $userIp = PMF_Filter::filterVar($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP); if (isset($vote) && $faq->votingCheck($recordId, $userIp) && $vote > 0 && $vote < 6) { $faqsession->userTracking('save_voting', $recordId); $voting = new PMF_Rating(); $votingData = array('id' => null, 'record_id' => $recordId, 'vote' => $vote, 'date' => $_SERVER['REQUEST_TIME'], 'user_ip' => $userIp); if (!$voting->fetch($recordId)) { $voting->create($votingData); } else { $voting->update($recordId, $votingData); } $tpl->processTemplate('writeContent', array('msgVoteThanks' => $PMF_LANG['msgVoteThanks'])); } elseif (isset($voting) && !$faq->votingCheck($recordId, $userIp)) { $faqsession->userTracking('error_save_voting', $recordId); $tpl->processTemplate('writeContent', array('msgVoteThanks' => $PMF_LANG['err_VoteTooMuch'])); } else { $faqsession->userTracking('error_save_voting', $recordId);