/** * Install routine for the Sidebar-Box plugin * * @access private * @author Alexander Mieland * @copyright 2000- by Alexander 'dma147' Mieland */ function install() { /** globalising of the needed variables, objects and arrays */ global $db, $apcms; $selsort = $db->unbuffered_query_first("SELECT MAX(`sort`) FROM `" . $apcms['table']['global']['rightsidebar'] . "`"); if (isset($selsort) && intval($selsort[0]) >= 1) { $sort = intval($selsort[0]) + 1; } else { $sort = 1; } $boxcont = "[php]\$apcms['PLUGIN']['apcms_sidebar_poweredby']->ShowBox();[/php]"; $query = "INSERT INTO `" . $apcms['table']['global']['rightsidebar'] . "` \n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t`title`,\n\t\t\t\t\t\t\t\t\t`content`,\n\t\t\t\t\t\t\t\t\t`sort`,\n\t\t\t\t\t\t\t\t\t`hidden`,\n\t\t\t\t\t\t\t\t\t`plugin`\n\t\t\t\t\t) VALUES \t(\n\t\t\t\t\t\t\t\t\t'" . $apcms['LANGUAGE']['GLOBAL_POWEREDBY'] . "',\n\t\t\t\t\t\t\t\t\t'" . apcms_ESC($boxcont) . "',\n\t\t\t\t\t\t\t\t\t'" . $sort . "',\n\t\t\t\t\t\t\t\t\t'0',\n\t\t\t\t\t\t\t\t\t'apcms_sidebar_poweredby'\n\t\t\t\t\t\t\t\t);"; $db->unbuffered_query($query); }
/*)\ \(*/ /** * Exit the script when IN_apcms is not defined */ if (!defined('IN_apcms')) { exit; } $PAGE_TITLE = $apcms['LANGUAGE']['ACTIVATE_TITLE']; $PAGE_SUBTITLE = $apcms['LANGUAGE']['ACTIVATE_SUBTITLE']; $smarty->caching = false; $smarty->cache_lifetime = 1800; $template = "main"; if (isset($_GET['key']) && trim($_GET['key']) != "" && strlen($_GET['key']) <= 32) { $key = apcms_Strip($_GET['key']); $ret = $db->unbuffered_query_first("SELECT `id`, `active` FROM `" . $apcms['table']['global']['users'] . "` WHERE `actkey`='" . apcms_ESC($key) . "'"); if (isset($ret[0]) && intval($ret[0]) >= 1) { if (intval(intval($ret[1])) <= 0) { $query = "UPDATE `" . $apcms['table']['global']['users'] . "` SET `active`='1' WHERE `id`='" . intval($ret[0]) . "'"; $db->unbuffered_query($query); $success = $apcms['LANGUAGE']['SUCCESS_ACCOUNT_ACTIVATED']; $apcms['redirect_url'] = $apcms['baseURL']; $apcms['redirect_time'] = 3; } else { $error = $apcms['LANGUAGE']['ERROR_ACTIVATE_ALREADY_ACTIVATED']; $apcms['redirect_url'] = $apcms['baseURL']; $apcms['redirect_time'] = 3; } } else { $error = $apcms['LANGUAGE']['ERROR_ACTIVATE_NOT_EXIST']; $apcms['redirect_url'] = $apcms['baseURL'];
$val = true; } elseif ($val == "bno") { $val = false; } $newconfig[trim($key)] = $val; } $config_items = $apcms['PLUGIN'][$name]->config_items; $config = array(); foreach ($config_items as $key => $val) { if (!in_array($key, $newconfig)) { $config[$key] = $config_items[$key]['default']; } else { $config[$key] = $newconfig[$key]; } } $query = "UPDATE `" . $apcms['table']['global']['plugins'] . "` SET `config`='" . apcms_ESC(serialize($config)) . "' WHERE `id`='" . $pid . "'"; $db->unbuffered_query($query); $success = $apcms['LANGUAGE']['SUCCESS_SAVED']; unset($config); } $retplugin = $db->unbuffered_query_first("SELECT * FROM `" . $apcms['table']['global']['plugins'] . "` WHERE `id`='" . $pid . "'"); if (isset($retplugin[1]) && trim($retplugin[1]) != "") { $name = trim($retplugin[1]); $config = unserialize(stripslashes(trim($retplugin[4]))); } $AOUT .= "\n<div id=\"adminmain1\">\n"; $AOUT .= "\t<table width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"3\">\n"; $AOUT .= "\t\t<tr class=\"adminmain2\">\n"; $AOUT .= "\t\t\t<td>\n"; $AOUT .= "\t\t\t\t" . $apcms['LANGUAGE']['ADMIN_PCONFIG_DESC'] . " " . $name . "\n"; $AOUT .= "\t\t\t</td>\n";
*/ if (!defined('IN_apcms_admin')) { exit; } /** * Sets the Subtitle of the page */ $PAGE_SUBTITLE = $apcms['LANGUAGE']['ADMIN_GENERAL_CONFIG']; $AOUT .= "<h3>.: " . $apcms['LANGUAGE']['ADMIN_GENERAL_CONFIG'] . " :.</h3><br />\n"; if (isset($_POST['save']) && intval($_POST['save']) >= 1) { $KEYS = ""; foreach ($apcms['POST'] as $key => $val) { if ($KEYS != "") { $KEYS .= ", "; } $KEYS .= "`" . apcms_ESC(apcms_Strip($key)) . "`='" . apcms_ESC(apcms_Strip($val)) . "'"; } $UPDATE = "UPDATE `" . $apcms['table']['global']['config'] . "` SET " . $KEYS; $db->unbuffered_query($UPDATE); $success = $apcms['LANGUAGE']['SUCCESS_SAVED']; $apcms['redirect_url'] = $apcms['baseURL'] . "?c=admin"; $apcms['redirect_time'] = 4; $retconf = $db->unbuffered_query_first("SELECT * FROM `" . $apcms['table']['global']['config'] . "`"); $apcms['title'] = htmlspecialchars(stripslashes(trim($retconf[0]))); $apcms['subtitle'] = htmlspecialchars(stripslashes(trim($retconf[1]))); $apcms['description'] = htmlspecialchars(stripslashes(trim($retconf[2]))); $apcms['sesslifetime'] = intval($retconf[3]); $apcms['emailfrom'] = stripslashes(trim($retconf[4])); $apcms['emailadress'] = stripslashes(trim($retconf[5])); } $AOUT .= "\n<div id=\"adminmain1\">\n";
function ReadNews($newsid) { /** globalising of the needed variables, objects and arrays */ global $db, $apcms, $hook; $NOUT = ''; $retnews = $db->unbuffered_query_first("SELECT * FROM `" . $this->newstable . "` WHERE `id`='" . intval($newsid) . "'"); if (isset($retnews) && count($retnews) >= 1) { $postdate = intval($retnews[2]); $title = apcms_Strip($retnews[3]); if ($this->config['use_bbcode'] === true) { $body = apcms_TextOut(stripslashes($retnews[4])); $extbody = apcms_TextOut(stripslashes($retnews[5])); } else { $body = apcms_simpleTextOut(stripslashes($retnews[4])); $extbody = apcms_simpleTextOut(stripslashes($retnews[5])); } $views = intval($retnews[6]) + 1; $authorname = ""; $db->unbuffered_query("UPDATE `" . $this->newstable . "` SET `views`='" . $views . "' WHERE `id`='" . intval($newsid) . "'"); if ($this->config['show_author'] === true) { $retuser = $db->unbuffered_query_first("SELECT `nickname` FROM `" . $apcms['table']['global']['users'] . "` WHERE `id`='" . intval($retnews[1]) . "'"); if (isset($retuser[0]) && trim($retuser[0]) != "") { $authorname .= " @ " . apcms_Strip($retuser[0]); } else { $authorname .= " @ " . $apcms['LANGUAGE']['GLOBAL_UNKNOWN']; } } $retcnum = $db->unbuffered_query_first("SELECT COUNT(*) FROM `" . $this->commentstable . "` WHERE `nid`='" . intval($newsid) . "'"); $commentnum = intval($retcnum[0]); /** Include the Smarty class */ require_once $apcms['path'] . "/libs/smarty.class.php"; if ($this->config['use_bbcode'] === true) { $mainbox_head = apcms_Strip($retnews[3]); $mainbox_content = apcms_TextOut(stripslashes($retnews[4])); if (trim(stripslashes($retnews[5])) != "") { $mainbox_content .= "\n<br />" . apcms_TextOut(stripslashes($retnews[5])); } } else { $mainbox_head = apcms_simpleTextOut($retnews[3]); $mainbox_content = apcms_simpleTextOut(stripslashes($retnews[4])); if (trim(stripslashes($retnews[5])) != "") { $mainbox_content .= "\n<br />" . apcms_simpleTextOut(stripslashes($retnews[5])); } } $mainbox_foot = "<table class=\"apcms_mainboxfoot\" width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tr>\n<td class=\"apcms_mainboxfoot\">\n"; $mainbox_foot .= date($this->config['dateformat'], intval($retnews[2])) . $authorname; $mainbox_foot .= "\n</td>\n<td width=\"50%\" class=\"apcms_mainboxfoot\" align=\"right\">\n"; $mainbox_foot .= "[ " . intval($retnews[6]) . " " . $apcms['LANGUAGE']['apcms_plugin_newsmanagement']['VIEWS'] . " | " . $commentnum . " <a href=\"" . $apcms['baseURL'] . "?news[action]=read&news[id]=" . intval($retnews[0]) . "\">" . $apcms['LANGUAGE']['apcms_plugin_newsmanagement']['COMMENTS'] . "</a> ]"; $mainbox_foot .= "\n</td>\n</tr>\n</table>\n"; $mbox = new APC_Smarty($apcms['themesdir'] . '/' . $apcms['theme']); $mbox->assign('mainbox_head', $mainbox_head); $mbox->assign('mainbox_content', $mainbox_content); $mbox->assign('mainbox_foot', $mainbox_foot); $mbout = $mbox->fetch('mainbox.tpl'); $NOUT .= $mbout . "\n<a name=\"comments\"></a>\n\n<hr size=\"1\" noshade=\"noshade\" /><b><u>" . $apcms['LANGUAGE']['apcms_plugin_newsmanagement']['COMMENTS'] . "</u></b>\n<br />\n<br />\n"; /** Save the comment */ if (isset($_POST['news']['action']) && trim($_POST['news']['action']) == "comment") { if (isset($_SESSION['isloggedin']) && intval($_SESSION['isloggedin']) >= 1) { $_POST['news']['username'] = $_SESSION['nickname']; $_POST['news']['email'] = $_SESSION['email']; $uid = $_SESSION['userid']; } else { $uid = 0; } if (!isset($_POST['news']['username']) || trim($_POST['news']['username']) == "") { $error = $apcms['LANGUAGE']['apcms_plugin_newsmanagement']['ERROR_NO_USERNAME']; } elseif (!isset($_POST['news']['email']) || trim($_POST['news']['email']) == "") { $error = $apcms['LANGUAGE']['apcms_plugin_newsmanagement']['ERROR_NO_EMAIL']; } elseif (!isset($_POST['news']['comment']) || trim($_POST['news']['comment']) == "") { $error = $apcms['LANGUAGE']['apcms_plugin_newsmanagement']['ERROR_NO_TEXT']; } else { $query = "INSERT INTO `" . $this->commentstable . "` (`nid`, `uid`, `postdate`, `title`, `body`) VALUES (\n\t\t\t\t\t\t\t\t\t'" . intval($_POST['news']['nid']) . "', \n\t\t\t\t\t\t\t\t\t'" . intval($uid) . "', \n\t\t\t\t\t\t\t\t\t'" . time() . "', \n\t\t\t\t\t\t\t\t\t'" . apcms_ESC(apcms_Strip($_POST['news']['title'])) . "', \n\t\t\t\t\t\t\t\t\t'" . apcms_ESC(trim($_POST['news']['comment'])) . "' \n\t\t\t\t\t\t\t\t)"; $db->unbuffered_query($query); $success = $apcms['LANGUAGE']['apcms_plugin_newsmanagement']['SUCCESS_COMMENT_SAVED']; } } $retcomments = $db->unbuffered_GetAll_row("SELECT * FROM `" . $this->commentstable . "` WHERE `nid`='" . intval($newsid) . "' ORDER BY `postdate`"); if (isset($retcomments) && count($retcomments) >= 1) { for ($a = 0; $a < count($retcomments); $a++) { $mainbox_head = apcms_Strip($retcomments[$a][4]); $mainbox_content = apcms_TextOut(stripslashes($retcomments[$a][5])); $authorname = ""; if ($this->config['show_author'] === true) { $retuser = $db->unbuffered_query_first("SELECT `nickname` FROM `" . $apcms['table']['global']['users'] . "` WHERE `id`='" . intval($retcomments[$a][2]) . "'"); if (isset($retuser[0]) && trim($retuser[0]) != "") { $authorname .= " @ " . apcms_Strip($retuser[0]); } else { $authorname .= " @ " . $apcms['LANGUAGE']['GLOBAL_UNKNOWN']; } } $mainbox_foot = "<table class=\"apcms_mainboxfoot\" width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tr>\n<td class=\"apcms_mainboxfoot\">\n"; $mainbox_foot .= date($this->config['dateformat'], intval($retcomments[$a][3])) . $authorname; $mainbox_foot .= "\n</td>\n</tr>\n</table>\n"; $mbox = new APC_Smarty($apcms['themesdir'] . '/' . $apcms['theme']); $mbox->assign('mainbox_head', $mainbox_head); $mbox->assign('mainbox_content', $mainbox_content); $mbox->assign('mainbox_foot', $mainbox_foot); $mbout = $mbox->fetch('mainbox.tpl'); $NOUT .= $mbout . "\n\n<hr size=\"1\" noshade=\"noshade\" />"; } } else { /** FIXME */ /** maybe create something better looking...? */ $NOUT .= "<br /><br /><div align=\"center\">" . $apcms['LANGUAGE']['apcms_plugin_newsmanagement']['NO_COMMENTS'] . "</div>\n\n<hr size=\"1\" noshade=\"noshade\" />"; } if (isset($error) && trim($error) != "") { $NOUT .= "<div id=\"error\">" . $error . "</div>"; $error = ""; } if (isset($success) && trim($success) != "") { $NOUT .= "<div id=\"success\">" . $success . "</div>"; $success = ""; } if (isset($_SESSION['isloggedin']) && intval($_SESSION['isloggedin']) >= 1 || $this->config['guest_comments'] === true) { $NOUT .= "\n<br />\n<div id=\"content1\">\n"; $NOUT .= "<form name=\"commentform\" action=\"" . $apcms['baseURL'] . "?news[action]=read&news[id]=" . intval($newsid) . "#comments\" method=\"post\">\n"; $NOUT .= "<input type=\"hidden\" name=\"news[action]\" value=\"comment\" />\n"; $NOUT .= "<input type=\"hidden\" name=\"news[nid]\" value=\"" . intval($newsid) . "\" />\n"; $NOUT .= "\t<table width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"3\">\n"; if (isset($_SESSION['isloggedin']) && intval($_SESSION['isloggedin']) >= 1) { $NOUT .= "\t\t<tr class=\"content2\">\n"; $NOUT .= "\t\t\t<td valign=\"top\">\n"; $NOUT .= "\t\t\t\t<label for=\"username\" accesskey=\"u\" tabindex=\"-1\">" . $apcms['LANGUAGE']['GLOBAL_USERNAME'] . "</label>\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t\t<td width=\"330\" align=\"right\" valign=\"top\">\n"; $NOUT .= "\t\t\t\t<input id=\"username\" type=\"text\" name=\"news[username]\" value=\"" . $_SESSION['nickname'] . "\" disabled=\"disabled\" readonly=\"readonly\" style=\"width:100%\" />\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t</tr>\n"; $NOUT .= "\t\t<tr class=\"content2\">\n"; $NOUT .= "\t\t\t<td valign=\"top\">\n"; $NOUT .= "\t\t\t\t<label for=\"email\" accesskey=\"e\" tabindex=\"-1\">" . $apcms['LANGUAGE']['GLOBAL_EMAIL'] . "</label>\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t\t<td width=\"330\" align=\"right\" valign=\"top\">\n"; $NOUT .= "\t\t\t\t<input id=\"email\" type=\"text\" name=\"news[email]\" value=\"" . $_SESSION['email'] . "\" disabled=\"disabled\" readonly=\"readonly\" style=\"width:100%\" />\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t</tr>\n"; } else { $NOUT .= "\t\t<tr class=\"content2\">\n"; $NOUT .= "\t\t\t<td valign=\"top\">\n"; $NOUT .= "\t\t\t\t<label for=\"username\" accesskey=\"u\" tabindex=\"1\">" . $apcms['LANGUAGE']['GLOBAL_USERNAME'] . "</label>\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t\t<td width=\"330\" align=\"right\" valign=\"top\">\n"; $NOUT .= "\t\t\t\t<input id=\"username\" type=\"text\" name=\"news[username]\" value=\"" . (isset($_POST['news']['username']) && trim($_POST['news']['username']) != "" ? apcms_Strip($_POST['news']['username']) : "") . "\" style=\"width:100%\" />\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t</tr>\n"; $NOUT .= "\t\t<tr class=\"content2\">\n"; $NOUT .= "\t\t\t<td valign=\"top\">\n"; $NOUT .= "\t\t\t\t<label for=\"email\" accesskey=\"e\" tabindex=\"2\">" . $apcms['LANGUAGE']['GLOBAL_EMAIL'] . "</label>\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t\t<td width=\"330\" align=\"right\" valign=\"top\">\n"; $NOUT .= "\t\t\t\t<input id=\"email\" type=\"text\" name=\"news[email]\" value=\"" . (isset($_POST['news']['email']) && trim($_POST['news']['email']) != "" ? apcms_Strip($_POST['news']['email']) : "") . "\" style=\"width:100%\" />\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t</tr>\n"; } $NOUT .= "\t\t<tr class=\"content2\">\n"; $NOUT .= "\t\t\t<td valign=\"top\">\n"; $NOUT .= "\t\t\t\t<label for=\"title\" accesskey=\"t\" tabindex=\"3\">" . $apcms['LANGUAGE']['apcms_plugin_newsmanagement']['COMMENT_TITLE'] . "</label>\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t\t<td width=\"330\" align=\"right\" valign=\"top\">\n"; $NOUT .= "\t\t\t\t<input id=\"title\" type=\"text\" name=\"news[title]\" value=\"" . (isset($_POST['news']['title']) && trim($_POST['news']['title']) != "" ? apcms_Strip($_POST['news']['title']) : "") . "\" style=\"width:100%\" />\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t</tr>\n"; $NOUT .= "\t\t<tr class=\"content2\">\n"; $NOUT .= "\t\t\t<td valign=\"top\">\n"; $NOUT .= "\t\t\t\t<label for=\"comment\" accesskey=\"c\" tabindex=\"4\">" . $apcms['LANGUAGE']['apcms_plugin_newsmanagement']['COMMENT_BODY'] . "</label>\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t\t<td width=\"330\" align=\"right\" valign=\"top\">\n"; $NOUT .= "\t\t\t\t<textarea id=\"comment\" name=\"news[comment]\" rows=\"6\" style=\"width:100%\">" . (isset($_POST['news']['comment']) && trim($_POST['news']['comment']) != "" ? trim($_POST['news']['comment']) : "") . "</textarea>\n"; $NOUT .= "\t\t\t</td>\n"; $NOUT .= "\t\t</tr>\n"; $NOUT .= "\t\t<tr>\n"; $NOUT .= "\t\t\t<td colspan=\"2\" align=\"center\">\n\t\t\t\t\t\t\t\t\t\t<label for=\"submit\" accesskey=\"s\" tabindex=\"4\">\n\t\t\t\t\t\t\t\t\t\t\t<input id=\"submit\" onfocus=\"formInUse=true;\" type=\"submit\" name=\"news[submit]\" value=\"" . $apcms['LANGUAGE']['apcms_plugin_newsmanagement']['COMMENT_SAVE'] . "\" />\n\t\t\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t\t\t</td>\n"; $NOUT .= "\t\t</tr>\n"; $NOUT .= "\t</table>\n"; $NOUT .= "</form>\n"; $NOUT .= "</div><br />\n"; $NOUT .= "\t<script type=\"text/javascript\">\n"; if (isset($_SESSION['isloggedin']) && intval($_SESSION['isloggedin']) >= 1) { $NOUT .= "\t\tdocument.getElementById('title').focus();\n"; } else { $NOUT .= "\t\tdocument.getElementById('username').focus();\n"; } $NOUT .= "\t</script>\n"; } } else { } /** Give the output to the Hook event of the mainpage (main.php) */ $hook->Set_MainContent($NOUT); }
/** * Holds the EMail name of the page */ $apcms['emailfrom'] = stripslashes(trim($retconf[4])); /** * Holds the EMail address of the page */ $apcms['emailadress'] = stripslashes(trim($retconf[5])); } $userid = 0; if (defined('IS_installed')) { if (isset($apcms['COOKIE']['userid']) && intval($apcms['COOKIE']['userid']) >= 1) { $_SESSION['isloggedin'] = true; if (!isset($_SESSION['userid']) || intval($_SESSION['userid']) <= 0) { $cpassword = trim($apcms['COOKIE']['password']); $seluser = $db->unbuffered_query_first("SELECT * FROM `" . $apcms['table']['global']['users'] . "` WHERE `id`='" . intval($apcms['COOKIE']['userid']) . "' AND `nickname`='" . apcms_ESC($apcms['COOKIE']['nickname']) . "' AND `password`='" . apcms_ESC($cpassword) . "'"); if (isset($seluser[0]) && intval($seluser[0]) >= 1) { $userid = intval($seluser[0]); $nickname = stripslashes(trim($seluser[1])); $apcms['user']['id'] = $userid; $apcms['user']['nickname'] = $nickname; $apcms['user']['password'] = stripslashes(trim($seluser[2])); $apcms['user']['email'] = stripslashes(trim($seluser[3])); $apcms['user']['groups'] = unserialize(stripslashes(trim($seluser[4]))); $apcms['user']['theme'] = stripslashes(trim($seluser[5])); $apcms['user']['language'] = stripslashes(trim($seluser[6])); $_SESSION['isloggedin'] = true; $_SESSION['userid'] = $userid; $_SESSION['nickname'] = $nickname; $_SESSION['email'] = $apcms['user']['email']; $_SESSION['groups'] = $apcms['user']['groups'];
@ob_flush(); $fdir = opendir("./setup/sql"); while ($sql = readdir($fdir)) { if (is_file("./setup/sql/" . $sql)) { include "./setup/sql/" . $sql; @ob_flush(); usleep(100000); @ob_flush(); @ob_flush(); } @ob_flush(); } closedir($fdir); @ob_flush(); @ob_flush(); usleep(100000); @ob_flush(); $cpassword = apcms_CryptPasswd(trim($_SESSION['form']['admin_password'])); echo " <span style=\"font-weight:bolder;color:green\">*</span> " . $apcms['LANGUAGE']['DEF_INSERTING_ADIMIN'] . "...<br />"; $INSERT = "INSERT INTO `apcms_1_global_users` (\n\t\t\t\t\t\t`nickname`, \n\t\t\t\t\t\t`password`, \n\t\t\t\t\t\t`email`, \n\t\t\t\t\t\t`groups`, \n\t\t\t\t\t\t`theme`, \n\t\t\t\t\t\t`language`, \n\t\t\t\t\t\t`active`, \n\t\t\t\t\t\t`actkey`, \n\t\t\t\t\t\t`regdate`, \n\t\t\t\t\t\t`last_login`\n\t\t\t) VALUES (\n\t\t\t\t\t\t'" . apcms_ESC(apcms_Strip($_SESSION['form']['admin_username'])) . "', \n\t\t\t\t\t\t'" . $cpassword . "', \n\t\t\t\t\t\t'" . apcms_ESC(apcms_Strip($_SESSION['form']['admin_email'])) . "', \n\t\t\t\t\t\t'a:1:{i:0;i:1;}', \n\t\t\t\t\t\t'default', \n\t\t\t\t\t\t'" . $_SESSION['lang'] . "', \n\t\t\t\t\t\t1, \n\t\t\t\t\t\t'', \n\t\t\t\t\t\t'" . time() . "', \n\t\t\t\t\t\t0\n\t\t\t)"; $db->unbuffered_query($INSERT); @ob_flush(); usleep(100000); @ob_flush(); @ob_flush(); } @ob_flush(); include "./setup/footer." . $SUFFIX; @ob_flush(); } @ob_flush();
$AOUT .= "<input type=\"hidden\" name=\"install\" value=\"1\" />\n"; $AOUT .= "\t<table width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"3\">\n"; $AOUT .= "\t\t<tr>\n"; $AOUT .= "\t\t\t<td>\n"; $AOUT .= "\t\t\t\t<b><u>" . $apcms['LANGUAGE']['GLOBAL_PLUGIN'] . "</u></b>\n"; $AOUT .= "\t\t\t</td>\n"; $AOUT .= "\t\t\t<td width=\"100\" align=\"center\">\n"; $AOUT .= "\t\t\t\t<b><u>" . $apcms['LANGUAGE']['GLOBAL_OPTIONS'] . "</u></b>\n"; $AOUT .= "\t\t\t</td>\n"; $AOUT .= "\t\t</tr>\n"; if (isset($ALLPLUGINS) && count($ALLPLUGINS['name']) >= 1) { for ($a = 0; $a < count($ALLPLUGINS['name']); $a++) { $plugin_name = apcms_Strip($ALLPLUGINS['name'][$a]); $vailable_version = apcms_Strip($ALLPLUGINS['version'][$a]); $plugin = apcms_Strip($ALLPLUGINS['plugin'][$a]); $retplugin = $db->unbuffered_query_first("SELECT * FROM `" . $apcms['table']['global']['plugins'] . "` WHERE `name`='" . apcms_ESC($plugin_name) . "'"); if (isset($retplugin[0]) && intval($retplugin[0]) >= 1) { /** Plugin is already installed */ $plugin_version = apcms_Strip($plugobj[trim($plugin_name)]->version); if (version_compare($plugin_version, $vailable_version, "<")) { /** installed Plugin is older than the official one from the server */ $installicon = "<a href=\"" . $apcms['baseURL'] . "?c=admin&act=plugins&install=" . $plugin_name . "&local=0&update=1\"><img src=\"" . $apcms['themesurl'] . "/images/admin/update.png\" width=\"66\" height=\"50\" alt=\"" . $apcms['LANGUAGE']['GLOBAL_UPDATE'] . "\" title=\"" . $apcms['LANGUAGE']['GLOBAL_UPDATE'] . "\" /></a>"; } elseif (version_compare($plugin_version, $vailable_version, "==")) { /** installed Plugin is the same version as the official one from the server */ $installicon = "<img src=\"" . $apcms['themesurl'] . "/images/admin/already.installed.png\" width=\"66\" height=\"50\" alt=\"" . $apcms['LANGUAGE']['GLOBAL_ALREADY_INSTALLED'] . "\" title=\"" . $apcms['LANGUAGE']['GLOBAL_ALREADY_INSTALLED'] . "\" /></a>"; } else { /** installed Plugin is newer than the official one from the server */ $installicon = "<img src=\"" . $apcms['themesurl'] . "/images/admin/already.installed.png\" width=\"66\" height=\"50\" alt=\"" . $apcms['LANGUAGE']['GLOBAL_ALREADY_INSTALLED'] . "\" title=\"" . $apcms['LANGUAGE']['GLOBAL_ALREADY_INSTALLED'] . "\" /></a>"; } } else { /** Plugin is NOT installed */
apcms_DeleteDirectory($apcms['path'] . "/plugins/" . $plugin_name); } require_once "Archive/Tar.php"; $tar = new Archive_Tar($apcms['path'] . "/plugins/" . $plugin_name . ".tar.gz"); $tar->extract($apcms['path'] . "/plugins/"); @unlink($apcms['path'] . "/plugins/" . $plugin_name . ".tar.gz"); apcms_ChmodDirectory($apcms['path'] . "/plugins/" . $plugin_name, 777); require_once $PATH . "/plugins/" . $plugin_name . "/" . $plugin_name . "." . $SUFFIX; $thisplugin = new $plugin_name(true); $thisplugin->install(); $config_items = $thisplugin->config_items; $config = array(); foreach ($config_items as $key => $val) { $config[$key] = $config_items[$key]['default']; } $query = "INSERT INTO `" . $apcms['table']['global']['plugins'] . "` \n\t\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t\t`name`,\n\t\t\t\t\t\t\t\t\t\t`md5`,\n\t\t\t\t\t\t\t\t\t\t`config`, \n\t\t\t\t\t\t\t\t\t\t`version`\n\t\t\t\t\t\t) VALUES \t(\n\t\t\t\t\t\t\t\t\t\t'" . apcms_ESC($plugin_name) . "',\n\t\t\t\t\t\t\t\t\t\t'" . md5(apcms_ESC($plugin_name)) . "',\n\t\t\t\t\t\t\t\t\t\t'" . addslashes(serialize($config)) . "', \n\t\t\t\t\t\t\t\t\t\t'" . apcms_ESC($thisplugin->version) . "'\n\t\t\t\t\t\t\t\t\t)"; $db->unbuffered_query($query); } } } $AOUT .= "<a href=\"" . $apcms['baseURL'] . "?c=admin&act=installplugins\"><img src=\"" . $apcms['themesurl'] . "/images/download.png\" width=\"50\" height=\"50\" alt=\"" . $apcms['LANGUAGE']['ADMIN_PLUGINS_INSTALL_NEW_PLUGINS'] . "\" title=\"" . $apcms['LANGUAGE']['ADMIN_PLUGINS_INSTALL_NEW_PLUGINS'] . "\" /></a> <a href=\"" . $apcms['baseURL'] . "?c=admin&act=installplugins\">" . $apcms['LANGUAGE']['ADMIN_PLUGINS_INSTALL_NEW_PLUGINS'] . "</a><br /><br />\n"; $AOUT .= "<form name=\"registerform\" action=\"" . $apcms['baseURL'] . "?c=admin&act=plugins\" method=\"post\">\n"; $AOUT .= "<input type=\"hidden\" name=\"save\" value=\"1\" />\n"; $AOUT .= "\t<table width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"3\">\n"; $AOUT .= "\t\t<tr>\n"; $AOUT .= "\t\t\t<td>\n"; $AOUT .= "\t\t\t\t<b><u>" . $apcms['LANGUAGE']['GLOBAL_PLUGIN'] . "</u></b>\n"; $AOUT .= "\t\t\t</td>\n"; $AOUT .= "\t\t\t<td width=\"120\" align=\"center\">\n"; $AOUT .= "\t\t\t\t<b><u>" . $apcms['LANGUAGE']['GLOBAL_OPTIONS'] . "</u></b>\n"; $AOUT .= "\t\t\t</td>\n";
/** * Checks if the given groups have access * * @access private * @return void * @author Alexander Mieland * @copyright 2000- by Alexander 'dma147' Mieland */ function apcms_CheckAccess($action, $groups = array()) { global $db, $apcms; $selact = $db->unbuffered_query_first("SELECT * FROM `" . $apcms['table']['global']['rights'] . "` WHERE `action`='" . apcms_ESC($action) . "'"); if (isset($selact) && count($selact) >= 1) { $allowed_groups = unserialize(stripslashes(trim($selact[2]))); for ($a = 0; $a < count($groups); $a++) { if (in_array(intval($groups[$a]), $allowed_groups)) { return true; } } return false; } else { return true; } }
if (isset($sel[0]) && intval($sel[0]) >= 1) { $error = $apcms['LANGUAGE']['ERROR_NICK_ALREADY_REGISTERED']; $c = "register"; $include = "register"; $includefile = $PATH . "/includes/register.inc.php"; } else { $sel = $db->unbuffered_query_first("SELECT * FROM `" . $apcms['table']['global']['users'] . "` WHERE `email`='" . apcms_ESC($apcms['POST']['email']) . "'"); if (isset($sel[0]) && intval($sel[0]) >= 1) { $error = $apcms['LANGUAGE']['ERROR_EMAIL_ALREADY_REGISTERED']; $c = "register"; $include = "register"; $includefile = $PATH . "/includes/register.inc.php"; } else { $cpassword = apcms_CryptPasswd(trim($apcms['POST']['password1'])); $actkey = apcms_GenRandomString(8); $INSERT = "INSERT INTO `" . $apcms['table']['global']['users'] . "` \n\t\t\t\t\t\t\t\t\t\t\t (\n\t\t\t\t\t\t\t\t\t\t\t\t`nickname`, \n\t\t\t\t\t\t\t\t\t\t\t\t`password`, \n\t\t\t\t\t\t\t\t\t\t\t\t`email`, \n\t\t\t\t\t\t\t\t\t\t\t\t`groups`, \n\t\t\t\t\t\t\t\t\t\t\t\t`actkey`,\n\t\t\t\t\t\t\t\t\t\t\t\t`regdate` \n\t\t\t\t\t\t\t\t\t) VALUES ( \n\t\t\t\t\t\t\t\t\t\t\t\t'" . apcms_ESC($apcms['POST']['username']) . "', \n\t\t\t\t\t\t\t\t\t\t\t\t'" . apcms_ESC($cpassword) . "', \n\t\t\t\t\t\t\t\t\t\t\t\t'" . apcms_ESC($apcms['POST']['email']) . "', \n\t\t\t\t\t\t\t\t\t\t\t\t'a:1:{i:0;i:3;}', \n\t\t\t\t\t\t\t\t\t\t\t\t'" . apcms_ESC($actkey) . "', \n\t\t\t\t\t\t\t\t\t\t\t\t'" . time() . "' \n\t\t\t\t\t\t\t\t\t) "; $db->unbuffered_query($INSERT); $fromname = apcms_Strip($apcms['emailfrom']); $frommail = apcms_Strip($apcms['emailadress']); $toname = apcms_Strip($apcms['POST']['username']); $tomail = apcms_Strip($apcms['POST']['email']); $subject = str_replace("{username}", apcms_Strip($apcms['POST']['username']), $apcms['LANGUAGE']['REGISTER_ACTMAIL_SUBJECT']); $subject = str_replace("{baseurl}", $apcms['baseURL'], $subject); $body = $apcms['LANGUAGE']['REGISTER_ACTMAIL_BODY']; $body = str_replace("{username}", apcms_Strip($apcms['POST']['username']), $body); $body = str_replace("{acturl}", $apcms['baseURL'] . "?c=activate&key=" . $actkey, $body); $from = "{$fromname} <{$frommail}>"; $to = "{$toname} <{$tomail}>"; $headers = "From: {$from}\r\n"; $headers .= "Reply-To: {$frommail}\r\n"; $headers .= 'X-Mailer: PHP/' . phpversion() . "\r\n\r\n";