function clean_txt_array($array)
{
foreach ($array as $i => $key) {
$array[$i] = clean_txt($key);
}
return $array;
}
function protect($text)
{
$return = htmlspecialchars(stripslashes(clean_txt($text)));
return $return;
}
function clean_txt_array($array)
{
foreach ($array as $i => $key) {
if (is_array($array[$i])) {
clean_txt_array($key);
} else {
$array[$i] = clean_txt($key);
}
}
return $array;
}
function fichier_prefs()
{
$fichier_prefs = '../' . $GLOBALS['dossier_config'] . '/prefs.php';
if (!empty($_POST['_verif_envoi'])) {
$lang = (isset($_POST['langue']) and preg_match('#^[a-z]{2}$#', $_POST['langue'])) ? $_POST['langue'] : 'fr';
$auteur = clean_txt(htmlspecialchars($_POST['auteur']));
$email = clean_txt(htmlspecialchars($_POST['email']));
$nomsite = clean_txt(htmlspecialchars($_POST['nomsite']));
$description = clean_txt(htmlspecialchars($_POST['description']));
$keywords = clean_txt(htmlspecialchars($_POST['keywords']));
$racine = addslashes(trim(htmlspecialchars($_POST['racine'])));
$max_bill_acceuil = htmlspecialchars($_POST['nb_maxi']);
$max_bill_admin = htmlspecialchars($_POST['nb_list']);
$max_comm_admin = htmlspecialchars($_POST['nb_list_com']);
$format_date = htmlspecialchars($_POST['format_date']);
$format_heure = htmlspecialchars($_POST['format_heure']);
$fuseau_horaire = addslashes(clean_txt(htmlspecialchars($_POST['fuseau_horaire'])));
$global_com_rule = htmlspecialchars($_POST['global_comments']);
$connexion_captcha = htmlspecialchars($_POST['connexion_captcha']);
$activer_categories = htmlspecialchars($_POST['activer_categories']);
$afficher_rss = htmlspecialchars($_POST['aff_onglet_rss']);
$afficher_liens = htmlspecialchars($_POST['aff_onglet_liens']);
$theme_choisi = addslashes(clean_txt(htmlspecialchars($_POST['theme'])));
$comm_defaut_status = htmlspecialchars($_POST['comm_defaut_status']);
$automatic_keywords = htmlspecialchars($_POST['auto_keywords']);
$require_email = htmlspecialchars($_POST['require_email']);
$auto_check_updates = htmlspecialchars($_POST['check_update']);
// linx
// $autoriser_liens_public = $_POST['allow_public_linx'];
// $linx_defaut_status = $_POST['linx_defaut_status'];
$auto_dl_liens_fichiers = htmlspecialchars($_POST['dl_link_to_files']);
$nombre_liens_admin = htmlspecialchars($_POST['nb_list_linx']);
} else {
$lang = (isset($_POST['langue']) and preg_match('#^[a-z]{2}$#', $_POST['langue'])) ? $_POST['langue'] : 'fr';
$auteur = clean_txt($GLOBALS['identifiant']);
$email = '*****@*****.**';
$nomsite = 'Blogotext';
$description = clean_txt($GLOBALS['lang']['go_to_pref']);
$keywords = 'blog, blogotext';
$racine = clean_txt(trim(htmlspecialchars($_POST['racine'])));
$max_bill_acceuil = '10';
// $max_linx_accueil = '50';
// $max_comm_encart = '5';
$max_bill_admin = '25';
$max_comm_admin = '50';
$format_date = '0';
$format_heure = '0';
$fuseau_horaire = 'UTC';
$global_com_rule = '0';
$connexion_captcha = '0';
$activer_categories = '1';
$afficher_rss = '1';
$afficher_liens = '1';
$theme_choisi = 'default';
$comm_defaut_status = '1';
$automatic_keywords = '1';
$require_email = '0';
$auto_check_updates = 1;
// linx
// $autoriser_liens_public = '0';
// $linx_defaut_status = '1';
$auto_dl_liens_fichiers = '0';
$nombre_liens_admin = '50';
}
$prefs = "<?php\n";
$prefs .= "\$GLOBALS['lang'] = '" . $lang . "';\n";
$prefs .= "\$GLOBALS['auteur'] = '" . $auteur . "';\n";
$prefs .= "\$GLOBALS['email'] = '" . $email . "';\n";
$prefs .= "\$GLOBALS['nom_du_site'] = '" . $nomsite . "';\n";
$prefs .= "\$GLOBALS['description'] = '" . $description . "';\n";
$prefs .= "\$GLOBALS['keywords'] = '" . $keywords . "';\n";
$prefs .= "\$GLOBALS['racine'] = '" . $racine . "';\n";
$prefs .= "\$GLOBALS['max_bill_acceuil'] = '" . $max_bill_acceuil . "';\n";
$prefs .= "\$GLOBALS['max_bill_admin'] = '" . $max_bill_admin . "';\n";
// $prefs .= "\$GLOBALS['max_comm_encart'] = '".$max_comm_encart."';\n";
$prefs .= "\$GLOBALS['max_comm_admin'] = '" . $max_comm_admin . "';\n";
// $prefs .= "\$GLOBALS['max_linx_acceuil'] = '".$max_linx_accueil."';\n";
$prefs .= "\$GLOBALS['format_date'] = '" . $format_date . "';\n";
$prefs .= "\$GLOBALS['format_heure'] = '" . $format_heure . "';\n";
$prefs .= "\$GLOBALS['fuseau_horaire'] = '" . $fuseau_horaire . "';\n";
$prefs .= "\$GLOBALS['connexion_captcha']= '" . $connexion_captcha . "';\n";
$prefs .= "\$GLOBALS['activer_categories']= '" . $activer_categories . "';\n";
$prefs .= "\$GLOBALS['onglet_rss']= '" . $afficher_rss . "';\n";
$prefs .= "\$GLOBALS['onglet_liens']= '" . $afficher_liens . "';\n";
$prefs .= "\$GLOBALS['theme_choisi']= '" . $theme_choisi . "';\n";
$prefs .= "\$GLOBALS['global_com_rule']= '" . $global_com_rule . "';\n";
$prefs .= "\$GLOBALS['comm_defaut_status']= '" . $comm_defaut_status . "';\n";
$prefs .= "\$GLOBALS['automatic_keywords']= '" . $automatic_keywords . "';\n";
$prefs .= "\$GLOBALS['require_email']= '" . $require_email . "';\n";
$prefs .= "\$GLOBALS['check_update']= '" . $auto_check_updates . "';\n";
// $prefs .= "\$GLOBALS['allow_public_linx']= '".$autoriser_liens_public."';\n";
// $prefs .= "\$GLOBALS['linx_defaut_status']= '".$linx_defaut_status."';\n";
$prefs .= "\$GLOBALS['max_linx_admin']= '" . $nombre_liens_admin . "';\n";
$prefs .= "\$GLOBALS['dl_link_to_files']= '" . $auto_dl_liens_fichiers . "';\n";
$prefs .= "?>";
if (file_put_contents($fichier_prefs, $prefs) === FALSE) {
return FALSE;
} else {
return TRUE;
}
}
function init_post_fichier()
{
//no $mode : it's always admin.
// on edit : get file info from form
if (isset($_POST['is_it_edit']) and $_POST['is_it_edit'] == 'yes') {
$file_id = htmlspecialchars($_POST['file_id']);
$filename = pathinfo(htmlspecialchars($_POST['filename']), PATHINFO_FILENAME);
$ext = strtolower(pathinfo(htmlspecialchars($_POST['filename']), PATHINFO_EXTENSION));
$checksum = htmlspecialchars($_POST['sha1_file']);
$size = htmlspecialchars($_POST['filesize']);
$type = detection_type_fichier($ext);
$dossier = htmlspecialchars($_POST['dossier']);
$path = htmlspecialchars($_POST['path']);
// on new post, get info from the file itself
} else {
$file_id = date('YmdHis');
$dossier = htmlspecialchars($_POST['dossier']);
// ajout de fichier par upload
if (!empty($_FILES['fichier']) and $_FILES['fichier']['error'] == 0) {
$filename = pathinfo($_FILES['fichier']['name'], PATHINFO_FILENAME);
$ext = strtolower(pathinfo($_FILES['fichier']['name'], PATHINFO_EXTENSION));
$checksum = sha1_file($_FILES['fichier']['tmp_name']);
$size = $_FILES['fichier']['size'];
$type = detection_type_fichier($ext);
$path = '';
// ajout par une URL d’un fichier distant
} elseif (!empty($_POST['fichier'])) {
$filename = pathinfo(parse_url($_POST['fichier'], PHP_URL_PATH), PATHINFO_FILENAME);
$ext = strtolower(pathinfo(parse_url($_POST['fichier'], PHP_URL_PATH), PATHINFO_EXTENSION));
$checksum = sha1_file($_POST['fichier']);
// works with URL files
$size = '';
// same (even if we could use "filesize" with the URL, it would over-use data-transfer)
$path = '';
$type = detection_type_fichier($ext);
} else {
// ERROR
redirection(basename($_SERVER['PHP_SELF']) . '?errmsg=error_image_add');
return FALSE;
}
}
// nom du fichier : si nom donné, sinon nom du fichier inchangé
$filename = diacritique(htmlspecialchars(!empty($_POST['nom_entree']) ? $_POST['nom_entree'] : $filename), '', '0') . '.' . $ext;
$statut = (isset($_POST['statut']) and $_POST['statut'] == 'on') ? '0' : '1';
$fichier = array('bt_id' => $file_id, 'bt_type' => $type, 'bt_fileext' => $ext, 'bt_filesize' => $size, 'bt_filename' => $filename, 'bt_content' => stripslashes(protect_markup(clean_txt($_POST['description']))), 'bt_wiki_content' => stripslashes(protect_markup(clean_txt($_POST['description']))), 'bt_checksum' => $checksum, 'bt_statut' => $statut, 'bt_dossier' => empty($dossier) ? 'default' : $dossier, 'bt_path' => empty($path) ? '/' . substr($checksum, 0, 2) : $path);
return $fichier;
}
function init_post_link2()
{
// second init : the whole link data needs to be stored
$id = htmlspecialchars(stripslashes(protect_markup(clean_txt($_POST['bt_id']))));
$author = htmlspecialchars(stripslashes(protect_markup(clean_txt($_POST['bt_author']))));
if (empty($_POST['url'])) {
$url = $GLOBALS['racine'] . '?mode=links&id=' . $id;
} else {
$url = htmlspecialchars(stripslashes(protect_markup(clean_txt($_POST['url']))));
}
$statut = isset($_POST['statut']) ? 0 : 1;
$link = array('bt_id' => $id, 'bt_type' => htmlspecialchars($_POST['type']), 'bt_content' => formatage_links(htmlspecialchars(stripslashes(protect_markup(clean_txt($_POST['description']))), ENT_NOQUOTES)), 'bt_wiki_content' => htmlspecialchars(stripslashes(protect_markup(clean_txt($_POST['description'])))), 'bt_author' => $author, 'bt_title' => htmlspecialchars(stripslashes(protect_markup(clean_txt($_POST['title'])))), 'bt_link' => $url, 'bt_tags' => htmlspecialchars(traiter_tags($_POST['categories'])), 'bt_statut' => $statut);
if (isset($_POST['ID']) and is_numeric($_POST['ID'])) {
// ID only added on edit.
$link['ID'] = $_POST['ID'];
}
return $link;
}
