function reg_user($user) { global $Cfg, $Paths, $Current_weblog; $name_md5 = strtolower(md5(strtolower($user['name']))); if (save_serialize($Paths['pivot_path'] . 'db/users/' . $name_md5 . '.php', $user)) { printf("<h2>%s</h2>\n\n", lang('commentuser', 'user_stored')); } else { printf("<h2>%s</h2>\n\n", lang('commentuser', 'user_stored_failed')); } $self = $Paths['host'] . $_SERVER['PHP_SELF']; $mail1 = lang('commentuser', 'registered') . "\n\n"; $mail2 = lang('commentuser', 'reg_verify_long') . "\n\n"; $url = sprintf("%s?func=verify&name=%s&code=%s&w=%s", $self, urlencode($user['name']), md5($user['pass'] . "email"), para_weblog($Current_weblog)); $mail = sprintf($mail1 . $mail2, $Cfg['sitename'], $url); if (!mail($user['email'], "[Pivot] " . lang('commentuser', 'reg_confirmation'), $mail, "From: " . $user['email'])) { $mail2 = '<a href="%s">' . lang('commentuser', 'reg_verify_short') . '</a>'; $mail = sprintf($mail1 . $mail2, $Cfg['sitename'], $url); echo "\n<br />" . nl2br($mail) . "<br />\n"; } else { echo sprintf(lang('commentuser', 'reg_verification'), $user['email']); } notify_new('visitor_registration', array('add', $user['name'])); }
/** * The screen you'll see after submitting an entry. It stores the entry, updates the indices (pivot's * content indices, and the search index), rebuilds the frontpage and XML & Atom feeds, and then it * displays a list of the latest entries. * */ function entrysubmit_screen() { global $db, $config_array, $Pivot_Vars, $entry, $Cfg, $Users, $Paths, $Weblogs, $filtered_words; // check against unauthorised direct access. check_csrf(); $db = new db(); $entry = get_entry_from_post(); if (!$entry['title'] == "" || !$entry['introduction'] == "" || !$entry['user'] == "") { // in this part, we remove the entry from the categories in which // the current user is not allowed to post entries foreach ($entry['category'] as $my_cat) { $allowed = explode("|", $Cfg['cat-' . $my_cat]); if (in_array($Pivot_Vars['user'], $allowed)) { $allowed_cats[] = $my_cat; } else { $message .= '<br />'; $message .= sprintf(lang('entries', 'entry_catnopost'), $m_cat); debug("not in category: " . $my_cat); } } $entry['category'] = $allowed_cats; $db->set_entry($entry); if ($db->save_entry(TRUE)) { $message = sprintf(lang('entries', 'entry_saved_ok') . $message, '<i>' . trimtext($entry['title'], 25) . '</i>'); } else { $message = sprintf(lang('entries', 'entry_saved_ok'), '<i>' . trimtext($entry['title'], 25) . '</i>'); } // only trigger the ping if it's a new entry.. if ($entry['code'] == ">" && $entry['status'] == "publish") { $ping = TRUE; } else { $ping = FALSE; } // only notify if entry is published, and is either new or status changed to publish. if ($entry['status'] == "publish") { if ($entry['code'] == ">" || $entry['oldstatus'] != "publish") { $notified = notify_new('entry', $db->entry); $notified = "<br /><br />" . $notified; } } // if the global index as they are made var is set - can continue if ('1' == $Cfg['search_index']) { /* 2004/10/16 =*=*= JM an entry should only be indexed if both are true: - 'publish'==$entry['status'] - current date is at least equal to $entry['publish_date'] I lie, there is another case... it is conceivable that this is a timed publish AND the time has come I will leave this to timed publish routines - if I can find them... -> pvLib ... it's flagged and of course, providing that there is at least one category where it would be indexed... something else that can't be tested... if the user changes a normal publish to a timed-publish, or puts on hold when it was previously normal. user should reindex in this case */ // check status and date if ('publish' == $entry['status'] || 'timed' == $entry['status'] && $entry['publish_date'] <= date('Y-m-d-H-i')) { // categories... if (can_search_cats(cfg_cat_nosearchindex(), $entry['category'])) { include_once 'modules/module_search.php'; update_index($db->entry); debug('update search index: ' . $db->entry['code']); } } } // perhaps send a trackback ping. if ($Pivot_Vars['tb_url'] != "" && $entry['status'] == "publish") { debug("tburl: " . $Pivot_Vars['tb_url']); require_once 'includes/send_trackback.php'; $weblogs = find_weblogs_with_cat($db->entry['category']); if (isset($Weblogs[$weblogs[0]])) { $my_url = $Paths['host'] . make_filelink($db->entry['code'], $weblogs[0], ''); $weblog_title = $Weblogs[$weblogs[0]]['name']; debug("TRACKBACK ping: {$my_url}"); $message .= '<br />'; $message .= sprintf(lang('entries', 'entry_ping_sent'), $Pivot_Vars['tb_url']); $tb_urls = explode("\n", $Pivot_Vars['tb_url']); // make the contents of what to send with the trackback.. $tb_contents = parse_step4($entry['introduction']); if ($Pivot_Vars['convert_lb'] == 2) { $tb_contents = pivot_textile($tb_contents); } else { if ($Pivot_Vars['convert_lb'] == 3 || $Pivot_Vars['convert_lb'] == 4) { $tb_contents = pivot_markdown($tb_contents, $Pivot_Vars['convert_lb']); } } $tb_contents = trimtext(strip_tags($tb_contents), 255); foreach ($tb_urls as $tb_url) { $tb_url = trim($tb_url); if (isurl($tb_url)) { trackback_send($Pivot_Vars['tb_url'], $my_url, $entry['title'], $weblog_title, $tb_contents); } } } } // Update the tags for this entry if it's published and remove the old tags if not if ($db->entry['status'] == 'publish') { writeTags($db->entry['keywords'], $_POST['f_keywords_old'], $db->entry['code']); } else { deleteTags($_POST['f_keywords_old'], $db->entry['code']); } } generate_pages($db->entry['code'], TRUE, TRUE, TRUE, $ping); entries_screen($message . $notified); }
function send_mail_comm() { global $Cfg, $db, $my_comment, $ip, $date, $Weblogs, $Current_weblog, $Paths, $Users, $i18n_use; $cat_weblogs = find_weblogs_with_cat($db->entry['category']); $addr_arr = array(); foreach ($cat_weblogs as $this_weblog) { if ($Weblogs[$this_weblog]['comment_sendmail'] == 1) { $addr_arr = array_merge($addr_arr, explode(",", $Weblogs[$this_weblog]['comment_emailto'])); } } // make a nice title for the mail.. if (strlen($db->entry['title']) > 2) { $title = $db->entry['title']; $title = strip_tags($title); } else { $title = substr($db->entry['introduction'], 0, 300); $title = strip_tags($title); $title = str_replace("\n", "", $title); $title = str_replace("\r", "", $title); $title = substr($title, 0, 60); } if (!$i18n_use) { $title = utf8_encode($title); } // maybe send some mail to authors.. if (count($addr_arr) > 0) { $adminurl = $Paths['host'] . $Paths['pivot_url'] . "index.php?"; $id = safe_string($my_comment["name"], TRUE) . "-" . format_date($my_comment["date"], "%ye%%month%%day%%hour24%%minute%"); $editlink = $adminurl . "menu=entries&func=editcomments&id=" . $db->entry['code']; $approvelink = $adminurl . "menu=moderate_comments&" . urlencode($id) . "=1"; $deletelink = $adminurl . "menu=moderate_comments&" . urlencode($id) . "=2"; $blocklink = $adminurl . "menu=entries&func=editcomments&id=" . $db->entry['code'] . "&blocksingle=" . $my_comment['ip']; $comment = $my_comment['comment']; // $comment = unentify($comment); $body = sprintf(lang('comment', 'email_posted_comm') . ":\n\n", unentify($my_comment['name'])); $body .= sprintf("%s", $comment); $body .= sprintf("\n\n-------------\n"); $body .= sprintf(lang('weblog_text', 'name') . ": %s\n", unentify($my_comment['name'])); $body .= sprintf(lang('weblog_text', 'ip') . ": %s\n", $my_comment['ip']); $body .= sprintf(lang('weblog_text', 'date') . ": %s\n", $my_comment['date']); $body .= trim(sprintf(lang('weblog_text', 'email') . ": %s", $my_comment['email'])) . "\n"; $body .= trim(sprintf(lang('weblog_text', 'url') . ": %s\n", $my_comment['url'])) . "\n"; $body .= sprintf("\n" . lang('comment', 'email_comm_on') . "\n", $title); if (count($notify_arr) > 0) { $body .= sprintf(lang('comment', 'notifications') . ": %s\n", implode(", ", array_keys($notify_arr))); } $body .= sprintf("-------------\n"); if ($Cfg['moderate_comments'] == 1) { $body .= sprintf(lang('comment', 'email_allow_comm') . ":\n%s\n", $approvelink); $body .= sprintf("\n" . lang('comment', 'email_delete_comm') . ":\n%s\n", $deletelink); } $body .= sprintf("\n%s:\n%s%s\n", lang('comment', 'email_view_entry'), $Paths['host'], make_filelink("", "", "")); $body .= sprintf("\n%s:\n%s%s\n", lang('comment', 'email_view_comm'), $Paths['host'], make_filelink("", "", $id)); $body .= sprintf("\n%s:\n%s\n", lang('comment', 'email_edit_comm'), $editlink); $body .= sprintf("\n%s:\n%s\n", lang('comment', 'email_block_ip'), $blocklink); if (!$i18n_use) { $body = utf8_encode($body); } $name = $my_comment['name']; if (!$i18n_use) { $name = utf8_encode($name); } $comment_name = '=?UTF-8?B?' . base64_encode($name) . '?='; if (isemail($my_comment['email'])) { $add_header = sprintf("From: \"%s\" <%s>\n", $comment_name, $my_comment['email']); } else { $add_header = sprintf("From: \"'%s'\" <%s>\n", $comment_name, $addr_arr[0]); } $add_header .= "MIME-Version: 1.0\n"; $add_header .= "Content-Type: text/plain; charset=UTF-8; format=flowed\n"; $add_header .= "Content-Transfer-Encoding: 8bit\n"; $subject = lang('comment', 'email_subject_comm') . " Re: {$title}"; $subject = '=?UTF-8?B?' . base64_encode($subject) . '?='; $addr_arr = array_unique($addr_arr); foreach ($addr_arr as $addr) { $addr = trim($addr); @mail($addr, $subject, $body, $add_header); debug("Send Mail to {$addr} for '" . $my_comment['name'] . "'"); } } // Handle the users that want to be notified via email.. notify_new('comment', array($db->entry, $my_comment, $Cfg['moderate_comments'])); }
function timedpublishcheck() { global $serialize_cache, $Cfg, $Paths; $temp_db = new db(); if (isset($Cfg['check_for_timed_publish']) && $Cfg['check_for_timed_publish'] > 0) { $amount = $Cfg['check_for_timed_publish']; } else { $amount = 10; } $entries = $temp_db->getlist(-$amount, 0, "", "", false, "date"); $date = date("Y-m-d-H-i", get_current_date()); $regen = false; foreach ($entries as $entry) { if ($entry['status'] == "timed") { $entry = $temp_db->read_entry($entry['code']); if ($entry['publish_date'] <= $date) { debug("toggle"); $entry['date'] = $entry['publish_date']; $entry['status'] = "publish"; $temp_db->set_entry($entry); $temp_db->save_entry(TRUE); notify_new('entry', $entry); $regen = TRUE; // 2004/10/17 =*=*= JM // can only do this if we know Cfg['search_index'] status... if (isset($Cfg)) { // if the global index as they are made var is set - can continue // the rest is copied from 'entrysubmit_screen()' in pv_core.php if ('1' == $Cfg['search_index'] && can_search_cats(cfg_cat_nosearchindex(), $entry['category'])) { include_once 'modules/module_search.php'; update_index($temp_db->entry); debug('update search index: ' . $temp_db->entry['code']); } } } } } if ($regen) { buildfrontpage_function(); return TRUE; } else { return FALSE; } }
function do_verify() { global $input, $message; if ($user = load_user($input['name'])) { $verify_code = md5($user['pass'] . "email"); //echo "code: $verify_code ?= ".$input['code']."<br />"; if ($verify_code == $input['code']) { $user['verified'] = 1; save_user($user); $message = lang('commentuser', 'verified'); notify_new('visitor_registration', array('verify', $user['name'])); do_show_login(); } else { echo lang('commentuser', 'not_verified'); } } else { echo lang('commentuser', 'oops'); } }