<?php
/**
/news.php
(C) Giovanni Capuano 2012
*/
require_once 'core/class.Ocarina.php';
$ocarina = new Ocarina();
$titolo = isset($_GET['titolo']) ? $ocarina->purge($_GET['titolo']) : '';
$comment = isset($_POST['comment']) ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['comment'])) : '';
$ocarina->skin = $ocarina->isLogged() ? $ocarina->username[0]->skin : $ocarina->config[0]->skin;
if ($titolo == '') {
$ocarina->addValue('titolo', $ocarina->config[0]->nomesito);
$ocarina->addValue('error', $ocarina->getLanguage('news', 1));
} else {
if (!($news = $ocarina->getNews($titolo))) {
$ocarina->addValue('error', $ocarina->getLanguage('news', 2));
$ocarina->addValue('titolo', $ocarina->config[0]->nomesito);
} else {
$ocarina->addValue('description', $ocarina->getDescription($news[0]->contenuto));
$ocarina->addValue('news', $news);
$ocarina->addValue('titolo', $news[0]->titolo . $ocarina->getLanguage('title', 2) . $ocarina->config[0]->nomesito);
if (!($getComment = $ocarina->getComment($news[0]->minititolo))) {
$ocarina->addValue('commenti', $ocarina->getLanguage('news', 3));
} else {
$ocarina->addValue('commenti', $getComment);
}
if ($comment !== '' && $ocarina->isLogged()) {
$array = $ocarina->config[0]->approvacommenti == 0 ? array($ocarina->username[0]->nickname, $comment, $news[0]->minititolo, date('d-m-y'), date('G:m:s'), 1) : array($ocarina->username[0]->nickname, $comment, $news[0]->minititolo, date('d-m-y'), date('G:m:s'), 0);
if ($ocarina->config[0]->commenti == 0) {
$ocarina->addValue('commentsent', $ocarina->getLanguage('news', 4) . header('Refresh: 2; URL=' . $ocarina->config[0]->url_index . '/release/' . $titolo . '.html'));
/* Commenti */
$handler = fopen('comments.sql', 'r');
$comments = fread($handler, filesize('comments.sql'));
fclose($handler);
/* Elaborazione */
$news = unserialize($news);
$page = unserialize($page);
$comments = unserialize($comments);
$news_fail = 0;
$news_ok = 0;
$page_fail = 0;
$page_ok = 0;
$comments_fail = 0;
$comments_ok = 0;
foreach ($news as $v) {
$array = array($v->autore, $ocarina->purgeSlashes($ocarina->purgeByXSS($v->titolo)), $v->minititolo, $ocarina->purgeSlashes($ocarina->purgeByXSS($v->news)), $v->categoria, $v->data, $v->ora, 1);
if (!$ocarina->isCategory('news', $v->categoria)) {
$ocarina->createCategory('news', $v->categoria);
}
if ($ocarina->isNews($v->minititolo)) {
++$news_fail;
} else {
if ($ocarina->createNews($array)) {
++$news_ok;
} else {
++$news_fail;
}
}
}
foreach ($page as $v) {
$array = array($v->autore == '' ? $v->autoreultimamodifica : $v->autore, $ocarina->purgeSlashes($ocarina->purgeByXSS($v->titolo)), $v->minititolo, $ocarina->purgeSlashes($ocarina->purgeByXSS($v->contenuto)), $v->categoria, $v->datacreazione, '00:00', 1);
<?php
/**
/admin/modificapagina.php
(C) Giovanni Capuano 2011
*/
require_once '../core/class.Ocarina.php';
$ocarina = new Ocarina();
$titolo_pagina = isset($_POST['titolo']) && $_POST['titolo'] !== '' ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['titolo'])) : '';
$categoria_pagina = isset($_POST['categoria']) && $_POST['categoria'] !== '' ? $ocarina->purge($_POST['categoria']) : '';
$testo_pagina = isset($_POST['testo']) && $_POST['testo'] !== '' ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['testo'])) : '';
$selected = isset($_POST['selected']) && $_POST['selected'] !== '' ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['selected'])) : '';
$submit = isset($_POST['submit']) ? true : false;
$ocarina->skin = 'admin';
$ocarina->addValue('titolo', $ocarina->getLanguage('title', 23) . $ocarina->getLanguage('title', 2) . $ocarina->getLanguage('title', 10) . $ocarina->getLanguage('title', 2) . $ocarina->config[0]->nomesito);
if ($ocarina->isLogged() && $ocarina->username[0]->grado < 4) {
if (!$submit && $selected == '') {
$result = '<form action="" method="post">' . $ocarina->getLanguage('editpage', 0) . '<select name="selected">';
if ($ocarina->username[0]->grado == 3) {
$pageByUser = $ocarina->searchPageByUser($ocarina->username[0]->nickname);
if ($pageByUser !== false) {
foreach ($pageByUser as $v) {
$result .= '<option value="' . $v->minititolo . '">' . $v->titolo . '</option>';
}
}
} elseif ($ocarina->username[0]->grado < 3) {
$allPage = $ocarina->searchPage('', 'wildcard');
if ($allPage !== false) {
foreach ($allPage as $v) {
$result .= '<option value="' . $v->minititolo . '">' . $v->titolo . '</option>';
}
<?php
/**
/admin/creanews.php
(C) Giovanni Capuano 2011
*/
require_once '../core/class.Ocarina.php';
$ocarina = new Ocarina();
$titolo_news = isset($_POST['titolo']) && $_POST['titolo'] !== '' ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['titolo'])) : '';
$categoria_news = isset($_POST['categoria']) && $_POST['categoria'] !== '' ? $ocarina->purge($_POST['categoria']) : '';
$testo_news = isset($_POST['testo']) && $_POST['testo'] !== '' ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['testo'])) : '';
$submit = isset($_POST['submit']) ? true : false;
$ocarina->skin = 'admin';
$ocarina->addValue('titolo', $ocarina->getLanguage('title', 16) . $ocarina->getLanguage('title', 2) . $ocarina->getLanguage('title', 10) . $ocarina->getLanguage('title', 2) . $ocarina->config[0]->nomesito);
if ($ocarina->isLogged() && $ocarina->username[0]->grado <= 3) {
if (!$submit) {
$ocarina->addValue('categorie', $ocarina->getCategory('news'));
} else {
if ($titolo_news !== '' && $categoria_news !== '' && $testo_news !== '') {
if ($ocarina->username[0]->grado == 3) {
$approva_news = 0;
} else {
$approva_news = 1;
}
// approvato
$array = array($ocarina->username[0]->nickname, $titolo_news, $ocarina->permalink($titolo_news), $testo_news, $categoria_news, date('d-m-y'), date('G:m:i'), $approva_news);
if ($ocarina->isNews($ocarina->permalink($titolo_news))) {
$ocarina->addValue('result', $ocarina->getLanguage('createnews', 0));
} elseif ($ocarina->createNews($array)) {
if ($approva_news == 0) {
$ocarina->addValue('result', $ocarina->getLanguage('createnews', 1));
