function blocks_ephem_block($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $currentlang = pnUserGetLang(); if (!pnSecAuthAction(0, 'Ephemeridsblock::', "{$row['title']}::", ACCESS_READ)) { return; } if (pnConfigGetVar('multilingual') == 1) { $column =& $pntable['ephem_column']; $querylang = "AND ({$column['elanguage']}='" . pnVarPrepForStore($currentlang) . "' OR {$column['elanguage']}='')"; } else { $querylang = ""; } $today = getdate(); $eday = $today['mday']; $emonth = $today['mon']; $column =& $pntable['ephem_column']; $result = $dbconn->Execute("SELECT {$column['yid']}, {$column['content']}\n FROM {$pntable['ephem']}\n WHERE {$column['did']}='" . pnVarPrepForStore($eday) . "' AND {$column['mid']}='" . pnVarPrepForStore($emonth) . "' {$querylang}"); $boxstuff = '<span class="pn-normal"><b>' . _ONEDAY . '</b></span><br />'; while (list($yid, $content) = $result->fields) { $result->MoveNext(); $boxstuff .= '<br /><br />'; $boxstuff .= '<b>' . pnVarPrepForDisplay($yid) . '</b><br />' . pnVarPrepHTMLDisplay(nl2br($content)) . ''; } if (empty($row['title'])) { $row['title'] = _EPHEMERIDS; } $row['content'] = $boxstuff; return themesideblock($row); }
function blocks_thelang_block($row) { $currentlang = pnUserGetLang(); if (!pnSecAuthAction(0, 'Languageblock::', "{$row['title']}::", ACCESS_OVERVIEW)) { return; } if (!pnConfigGetVar('multilingual')) { return; } $currentURL = $_SERVER['REQUEST_URI']; if ($currentURL === "") { $currentURL = "index.php"; } $pattern = '/\\?newlang=.../'; $currentURL = preg_replace($pattern, '', $currentURL); $pattern = '/\\&newlang=.../'; $currentURL = pnVarPrepForDisplay(preg_replace($pattern, '', $currentURL)); $append = "&"; if (strpos($currentURL, '?') === false) { $append = "?"; } $lang = languagelist(); $handle = opendir('language'); while ($f = readdir($handle)) { if (is_dir("language/{$f}") && !empty($lang[$f])) { $langlist[$f] = $lang[$f]; $sel_lang[$f] = ''; } } asort($langlist); $content = '<center><font class="pn-normal">' . _SELECTGUILANG . '</font><br><br>'; if (pnConfigGetVar('useflags')) { $i = 1; foreach ($langlist as $k => $v) { if ($i > 3) { $content .= "<br>\n"; $i = 1; } $imgsize = @getimagesize("images/flags/flag-{$k}.png"); $content .= "<a href=\"{$currentURL}" . $append . "newlang={$k}\"><img src=\"images/flags/flag-{$k}.png\" border=\"0\" alt=\"{$lang[$k]}\" hspace=\"3\" vspace=\"3\" {$imgsize['3']}></a>"; $i++; } $content .= '</center>'; } else { $content .= '<form method="post" action="index.php"><select class="pn-text" name="newlanguage" onChange="top.location.href=this.options[this.selectedIndex].value">'; $sel_lang[$currentlang] = ' selected'; foreach ($langlist as $k => $v) { $content .= "<option value=\"{$currentURL}" . $append . "newlang={$k}\"{$sel_lang[$k]}>{$v}</option>\n"; } $content .= '</select></form></center>'; } if (empty($row['title'])) { $row['title'] = _SELECTLANGUAGE; } $row['content'] = $content; return themesideblock($row); }
function blocks_topic_block($row) { //global $topic, $catid; list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $currentlang = pnUserGetLang(); if (!pnSecAuthAction(0, 'Topicblock::', "{$row['title']}::", ACCESS_READ)) { return; } $language = pnConfigGetVar('language'); $topic = ""; $catid = ""; if (pnConfigGetVar('multilingual') == 1) { $column =& $pntable['stories_column']; $querylang = "AND ({$column['alanguage']}='{$currentlang}' OR {$column['alanguage']}='')"; /* the OR is needed to display stories who are posted to ALL languages */ } else { $querylang = ''; } $column =& $pntable['topics_column']; $result = $dbconn->Execute("SELECT {$column['topicid']} AS topicid, {$column['topicname']} as topicname FROM {$pntable['topics']} ORDER BY topicname"); if ($result->EOF) { return; } else { $boxstuff = '<span class="pn-normal">'; if ($topic == "") { $boxstuff .= "<strong><big>·</big></strong> <b><a href=\"modules.php?op=modload&name=Topics&file=index\">" . _ALL_TOPICS . "</a></b><br>"; } else { $boxstuff .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name=News&file=index&catid={$catid}\">" . _ALL_TOPICS . "</a><br>"; } while (!$result->EOF) { $srow = $result->GetRowAssoc(false); $result->MoveNext(); if (pnSecAuthAction(0, 'Topics::Topic', "{$srow['topicname']}::{$srow['topicid']}", ACCESS_READ)) { $column =& $pntable['stories_column']; $result2 = $dbconn->Execute("SELECT {$column['time']} AS unixtime FROM {$pntable['stories']} WHERE {$column['topic']}={$srow['topicid']} {$querylang} ORDER BY {$column['time']} DESC"); if (!$result2->EOF) { $story = $result2->GetRowAssoc(false); $story['unixtime'] = $result2->UnixTimeStamp($story['unixtime']); $sdate = ml_ftime(_DATEBRIEF, $story['unixtime']); if ($topic == $srow['topicid']) { $boxstuff .= "<strong><big>·</big></strong> <span class=\"pn-title\"><b>{$srow['topicname']}</b></span> <span class=\"pn-sub\">({$sdate})</span><br>"; } else { $boxstuff .= "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=index&catid={$catid}&topic={$srow['topicid']}\">{$srow['topicname']}</a> <span class=\"pn-sub\">({$sdate})</span><br>"; } } } } } $boxstuff .= '</span>'; if (empty($row['title'])) { $row['title'] = _TOPICS; } $row['content'] = $boxstuff; return themesideblock($row); }
function blocks_category_block($row) { global $topic, $catid; list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, 'Categoryblock::', "{$row['title']}::", ACCESS_READ)) { return; } if (pnConfigGetVar('multilingual') == 1) { $column =& $pntable['stories_column']; $querylang = "AND ({$column['alanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$column['alanguage']}='')"; /* the OR is needed to display stories who are posted to ALL languages */ } else { $querylang = ''; } $column =& $pntable['stories_cat_column']; $result = $dbconn->Execute("SELECT {$column['catid']} as catid, {$column['title']} as title FROM {$pntable['stories_cat']} ORDER BY {$column['title']}"); if ($result->EOF) { return; } else { $boxstuff = '<span class="pn-normal">'; if ($catid == "") { // $boxstuff .= '<strong><big>·</big></strong> <b>'._ALL_CATEGORIES.'</b><br />'; $boxstuff .= ""; } else { $boxstuff .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name=News&file=index&topic={$topic}\">" . _ALL_CATEGORIES . "</a><br />"; } for (; !$result->EOF; $result->MoveNext()) { $srow = $result->GetRowAssoc(false); if (pnSecAuthAction(0, 'Stories::Category', "{$srow['title']}::{$srow['catid']}", ACCESS_READ)) { $column =& $pntable['stories_column']; $result2 = $dbconn->Execute("SELECT {$column['time']} AS unixtime\n FROM {$pntable['stories']}\n WHERE {$column['catid']}=" . pnVarPrepForStore($srow['catid']) . " {$querylang}\n ORDER BY {$column['time']} DESC"); if (!$result2->EOF) { $story = $result2->GetRowAssoc(false); $story['unixtime'] = $result2->UnixTimeStamp($story['unixtime']); $sdate = ml_ftime(_DATEBRIEF, $story['unixtime']); if ($catid == $srow['catid']) { $boxstuff .= "<strong><big>·</big></strong> <span class=\"pn-title\"><b>" . pnVarPrepForDisplay($srow['title']) . "</b></span> <span class=\"pn-sub\">(" . pnVarPrepForDisplay($sdate) . ")</span><br />"; } else { $boxstuff .= "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=index&catid={$srow['catid']}&topic={$topic}\">" . pnVarPrepForDisplay($srow['title']) . "</a> <span class=\"pn-sub\">(" . pnVarPrepForDisplay($sdate) . ")</span><br />"; } } } } } $boxstuff .= '</span>'; if (empty($row['title'])) { $row['title'] = _CATEGORIES; } $row['content'] = $boxstuff; return themesideblock($row); }
/** * initialise a module */ function modules_adminapi_initialise($args) { // Get arguments from argument array extract($args); // Argument check if (!isset($mid) || !is_numeric($mid)) { pnSessionSetVar('errormsg', _MODARGSERROR); return false; } // Get module information $modinfo = pnModGetInfo($mid); if (empty($modinfo)) { pnSessionSetVar('errormsg', _MODNOSUCHMOD); return false; } // Get module database info pnModDBInfoLoad($modinfo['name'], $modinfo['directory']); // Module initialisation function $osdir = pnVarPrepForOS($modinfo['directory']); @(include "modules/{$osdir}/pninit.php"); @(include "modules/{$osdir}/pnlang/" . pnVarPrepForOS(pnUserGetLang()) . "/init.php"); $func = $modinfo['name'] . '_init'; if (function_exists($func)) { if ($func() != true) { return false; } } // Update state of module if (!modules_adminapi_setstate(array('mid' => $mid, 'state' => _PNMODULE_STATE_INACTIVE))) { pnSessionSetVar('errormsg', _MODCHANGESTATEFAILED); return false; } // Success return true; }
function draw_menu() { global $hlpfile; $currentlang = pnVarCleanFromInput('currentlang'); OpenTable(); echo '<center>' . "\n"; if (count($this->options) == 0) { $this->title_file = ''; } if ($this->title_file != '') { echo '<a href="' . $this->title_file . '" class="pn-title">'; } echo '<font class="pn-title"><b>' . pnVarPrepForDisplay($this->title_text) . '</b></font>'; if ($this->title_file != '') { echo '</a></center>'; } echo "\n" . '<br>' . "\n"; // if (($this->detail_menu) or ($GLOBALS['module']=='oldway')) // { // if (isset($this->help_file)) // { $currentlang = pnUserGetLang(); // fixed bug [ #357 ] empty pop up window if (file_exists($file = "modules/" . $GLOBALS['module'] . "/lang/" . pnVarPrepForOS($currentlang) . "/manual.html")) { $hlpfile = $file; echo '<center>[ <a href="javascript:openwindow(' . ')" class="pn-normal">' . _ONLINEMANUAL . '</a> ]' . "</center>\n"; } // } // } if ($this->detail_menu) { if (count($this->options) == 0) { echo _ADMIN_NO_OPTION . "\n"; } else { echo '<br><br>' . "\n" . '<table border="0" width="100%" cellspacing="1">' . "\n"; if ($this->graphic_menu) { $this->draw_options_graphic(); } else { $this->draw_options(); } echo '</table>' . "\n"; } } CloseTable(); }
function search_reviews() { list($active_reviews, $startnum, $total, $bool, $q) = pnVarCleanFromInput('active_reviews', 'startnum', 'total', 'bool', 'q'); if (empty($active_reviews)) { return; } list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $output = new pnHTML(); $output->SetInputMode(_PNH_VERBATIMINPUT); if (!isset($startnum) || !is_numeric($startnum)) { $startnum = 1; } if (isset($total) && !is_numeric($total)) { unset($total); } $w = search_split_query($q); $flag = false; $revcol =& $pntable['reviews_column']; $comcol =& $pntable['reviews_comments_column']; $query = "SELECT DISTINCT {$revcol['id']} as id, {$revcol['title']} as title, {$revcol['score']} as score, {$revcol['hits']} as hits, {$revcol['reviewer']} as reviewer, {$revcol['date']} AS fdate\n FROM {$pntable['reviews']} LEFT JOIN {$pntable['reviews_comments']} ON {$comcol['rid']}={$revcol['id']}\n WHERE \n"; foreach ($w as $word) { if ($flag) { switch ($bool) { case 'AND': $query .= ' AND '; break; case 'OR': default: $query .= ' OR '; break; } } $query .= '('; // reviews $query .= "{$revcol['title']} LIKE '{$word}' OR \n"; $query .= "{$revcol['text']} LIKE '{$word}' OR \n"; $query .= "{$revcol['reviewer']} LIKE '{$word}' OR \n"; $query .= "{$revcol['cover']} LIKE '{$word}' OR \n"; $query .= "{$revcol['url']} LIKE '{$word}' OR \n"; $query .= "{$revcol['url_title']} LIKE '{$word}' OR \n"; // reviews_comments $query .= "{$comcol['comments']} LIKE '{$word}'\n"; $query .= ')'; $flag = true; } if (pnConfigGetVar('multilingual') == 1) { $query .= " AND ({$revcol['rlanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$revcol['rlanguage']}='')"; } $query .= " ORDER BY {$revcol['date']}"; // get the total count with permissions! if (empty($total)) { $total = 0; $countres = $dbconn->Execute($query); while (!$countres->EOF) { $row = $countres->GetRowAssoc(false); if (pnSecAuthAction(0, "Reviews::", "{$row['title']}::{$row['id']}", ACCESS_READ)) { $total++; } $countres->MoveNext(); } } $result = $dbconn->SelectLimit($query, 10, $startnum - 1); if (!$result->EOF) { $output->Text(_REVIEWS . ': ' . $total . ' ' . _SEARCHRESULTS); $output->SetInputMode(_PNH_VERBATIMINPUT); // Rebuild the search string from previous information $url = "modules.php?op=modload&name=Search&file=index&action=search&active_reviews=1&bool={$bool}&q={$q}"; $output->Text("<ul>"); while (!$result->EOF) { $row = $result->GetRowAssoc(false); $row['fdate'] = ml_ftime(_DATELONG, $result->UnixTimeStamp($row['fdate'])); if (pnSecAuthAction(0, "Reviews::", "{$row['title']}::{$row['id']}", ACCESS_READ)) { $output->Text("<li><a class=\"pn-normal\" href=\"modules.php?op=modload&name=Reviews&file=index&req=showcontent&id={$row['id']}\">{$row['title']}</a> <font class=\"pn-sub\">(score: {$row['score']} - hits: {$row['hits']})</font><br>{$row['reviewer']}<br>{$row['fdate']}</li>"); } $result->MoveNext(); } $output->Text("</ul>"); // Munge URL for template $urltemplate = $url . "&startnum=%%&total={$total}"; $output->Pager($startnum, $total, $urltemplate, 10); } else { $output->SetInputMode(_PNH_VERBATIMINPUT); $output->Text('<font class="pn-normal">' . _SEARCH_NO_REVIEWS . '</font>'); $output->SetInputMode(_PNH_PARSEINPUT); } $output->Linebreak(3); return $output->GetOutput(); }
// // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // To read the license please visit http://www.gnu.org/copyleft/gpl.html // ---------------------------------------------------------------------- include 'includes/pnAPI.php'; pnInit(); // Get all parameters from input space list($stop, $minage, $module, $op) = pnVarCleanFromInput('stop', 'minage', 'module', 'op'); // treat all user.php functions as a module for later checks - markwest define('LOADED_AS_MODULE', '1'); // load languages if (file_exists($currentlangfile = 'language/' . pnVarPrepForOS(pnUserGetLang()) . '/user.php')) { include $currentlangfile; } elseif (file_exists($defaultlangfile = 'language/' . pnVarPrepForOS(pnConfigGetVar('language')) . '/user.php')) { include $defaultlangfile; } // set module and op respective to the different cases if (!pnUserLoggedIn() && empty($op)) { $module = 'User'; $op = 'getlogin'; } if (isset($op) && $op == 'userinfo') { $module = 'User'; } if (pnUserLoggedIn() and (empty($op) or $op == 'adminMain')) { $module = 'User'; $op = 'main';
/** * display block */ function admin_messages_messagesblock_display($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!isset($row['title'])) { $row['title'] = ''; } if (!pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::", ACCESS_READ)) { return; } $messagestable = $pntable['message']; $messagescolumn =& $pntable['message_column']; if (pnConfigGetVar('multilingual') == 1) { $currentlang = pnUserGetLang(); $querylang = "AND ({$messagescolumn['mlanguage']}='{$currentlang}' OR {$messagescolumn['mlanguage']}='')"; } else { $querylang = ''; } $sql = "SELECT {$messagescolumn['mid']},\n {$messagescolumn['title']},\n {$messagescolumn['content']},\n {$messagescolumn['date']},\n {$messagescolumn['view']}\n FROM {$messagestable}\n WHERE {$messagescolumn['active']} = 1 \n AND ( {$messagescolumn['expire']} > unix_timestamp(now())\n OR {$messagescolumn['expire']} = 0)\n {$querylang}\n ORDER by {$messagescolumn['mid']} DESC"; $result = $dbconn->Execute($sql); if ($dbconn->ErrorNo() != 0) { return; } $output = new pnHTML(); while (list($mid, $title, $content, $date, $view) = $result->fields) { $result->MoveNext(); $show = 0; if (pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::{$mid}", ACCESS_READ)) { switch ($view) { case 1: // Message for everyone $show = 1; break; case 2: // Message for users if (pnUserLoggedIn()) { $show = 1; } break; case 3: // Messages for non-users if (!pnUserLoggedIn()) { $show = 1; } break; case 4: // Messages for administrators of any description if (pnSecAuthAction(0, '::', '::', ACCESS_ADMIN)) { $show = 1; } break; } } if ($show) { list($title, $content) = pnModCallHooks('item', 'transform', '', array($title, $content)); $output->TableStart('', '', 0); $output->SetInputMode(_PNH_VERBATIMINPUT); $output->SetOutputMode(_PNH_RETURNOUTPUT); $ttitle = $output->Linebreak(); $ttitle .= $output->Text($title); $ttitle .= $output->Linebreak(2); $output->SetOutputMode(_PNH_KEEPOUTPUT); $output->TableAddRow(array("<font class=\"pn-title\">" . pnVarPrepHTMLDisplay($ttitle) . "</font>"), 'center'); $output->TableAddRow(array("<font class=\"pn-normal\">" . pnVarPrepHTMLDisplay($content) . "</font>"), 'left'); $output->SetInputMode(_PNH_PARSEINPUT); $output->TableEnd(); } } if ($output->output != "") { // Don't want a title $row['title'] = ''; $row['content'] = $output->GetOutput(); return themesideblock($row); } }
function search_faqs() { list($q, $bool, $startnum, $total, $active_faqs) = pnVarCleanFromInput('q', 'bool', 'startnum', 'total', 'active_faqs'); if (empty($active_faqs)) { return; } list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $output = new pnHTML(); $output->SetInputMode(_PNH_VERBATIMINPUT); if (!isset($startnum) || !is_numeric($startnum)) { $startnum = 1; } if (isset($total) && !is_numeric($total)) { unset($total); } $w = search_split_query($q); $flag = false; $column =& $pntable['faqanswer_column']; $faqcatcol =& $pntable['faqcategories_column']; $query = "SELECT {$column['id_cat']} as id_cat, \n \t\t\t\t{$column['question']} as question, \n \t\t\t\t{$column['answer']} as answer,\n \t\t\t\t{$faqcatcol['categories']} as categories\n FROM {$pntable['faqanswer']} \n LEFT JOIN {$pntable['faqcategories']} ON {$column['id_cat']}={$faqcatcol['id_cat']}\n WHERE \n"; foreach ($w as $word) { if ($flag) { switch ($bool) { case 'AND': $query .= ' AND '; break; case 'OR': default: $query .= ' OR '; break; } } $query .= '('; // faqs $query .= "{$column['question']} LIKE '{$word}' OR \n"; $query .= "{$column['answer']} LIKE '{$word}'\n"; $query .= ')'; $flag = true; } if (pnConfigGetVar('multilingual') == 1) { $query .= " AND ({$faqcatcol['flanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$faqcatcol['flanguage']}='')"; } $query .= " ORDER BY {$column['id']}"; // get the total count with permissions! if (empty($total)) { $total = 0; $countres = $dbconn->Execute($query); while (!$countres->EOF) { $row = $countres->GetRowAssoc(false); if (pnSecAuthAction(0, "FAQ::", "{$row['categories']}::{$row['id_cat']}", ACCESS_READ)) { $total++; } $countres->MoveNext(); } } $result = $dbconn->SelectLimit($query, 10, $startnum - 1); if (!$result->EOF) { $output->Text(_FAQ . ': ' . $total . ' ' . _SEARCHRESULTS); $output->SetInputMode(_PNH_VERBATIMINPUT); // Rebuild the search string from previous information $url = "modules.php?op=modload&name=Search&file=index&action=search&active_faqs=1&bool={$bool}&q={$q}"; $output->Text("<ul>"); while (!$result->EOF) { $row = $result->GetRowAssoc(false); if (pnSecAuthAction(0, "FAQ::", "{$row['categories']}::{$row['id_cat']}", ACCESS_READ)) { $output->Text("<li><a class=\"pn-normal\" href=\"modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat={$row['id_cat']}\">{$row['question']}</a><br>Answer: " . nl2br($row[answer]) . "</li>"); } $result->MoveNext(); } $output->Text('</ul>'); // Munge URL for template $urltemplate = $url . "&startnum=%%&total={$total}"; $output->Pager($startnum, $total, $urltemplate, 10); } else { $output->SetInputMode(_PNH_VERBATIMINPUT); $output->Text('<font class="pn-normal">' . _SEARCH_NO_FAQS . '</font>'); $output->SetInputMode(_PNH_PARSEINPUT); } $output->Linebreak(3); return $output->GetOutput(); }
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * To read the license please visit http://www.gnu.org/copyleft/gpl.html * ---------------------------------------------------------------------- * Original Author of file: larsneo * Purpose of file: Error Handling * Usage: Set up the redirection in your .htaccess with * ErrorDocument 404 http://www.yoursite.com/error.php * Note: REDIRECT_URL won't be available but * due to subfolders one can't use a relative path :-/ * ---------------------------------------------------------------------- **/ include_once 'includes/pnAPI.php'; pnInit(); $currentlang = pnUserGetLang(); $currentlang = pnVarPrepForOS($currentlang); if (file_exists("language/{$currentlang}/error.php")) { include "language/{$currentlang}/error.php"; } elseif (file_exists("language/eng/error.php")) { include "language/eng/error.php"; } $reportlevel = pnConfigGetVar('reportlevel'); $funtext = pnConfigGetVar('funtext'); header('HTTP/1.1 404 Not Found'); include 'header.php'; if ($funtext == 0) { echo "<h2>" . _ERROR404_HEAD . "</h2>\n" . "<br /><br />\n" . "<strong>" . _ERROR404_TRY . "</strong><br />\n" . _ERROR404_TRY1 . "<br />\n" . "<a href=\"index.php\">" . _ERROR404_TRY2 . "</a><br />\n" . _ERROR404_TRY3 . "<br />\n" . _ERROR404_TRY4 . "\n"; if (pnModAvailable('Search')) { echo '<br /><a href="' . pnVarPrepForDisplay(pnModURL('Search')) . '">' . _ERROR404_TRY5 . "</a>\n"; }
/** * load a block * @param the module name * @param the name of the block */ function pnBlockLoad($modname, $block) { global $blocks_modules; static $loaded = array(); if (isset($loaded["{$modname}{$block}"])) { return true; } if (empty($modname) || $modname == 'Core') { $modname = 'Core'; $moddir = 'includes/blocks'; $langdir = 'includes/language/blocks'; } else { $modinfo = pnModGetInfo(pnModGetIdFromName($modname)); $moddir = 'modules/' . pnVarPrepForOS($modinfo['directory']) . '/pnblocks'; $langdir = 'modules/' . pnVarPrepForOS($modinfo['directory']) . '/pnlang'; } // Load the block $incfile = $block . ".php"; $filepath = $moddir . '/' . pnVarPrepForOS($incfile); if (!file_exists($filepath)) { return false; } include_once $filepath; $loaded["{$modname}{$block}"] = 1; // Load the block language files $currentlangfile = $langdir . '/' . pnVarPrepForOS(pnUserGetLang()) . '/' . pnVarPrepForOS($incfile); $defaultlangfile = $langdir . '/' . pnVarPrepForOS(pnConfigGetVar('language')) . '/' . pnVarPrepForOS($incfile); if (file_exists($currentlangfile)) { include $currentlangfile; } elseif (file_exists($defaultlangfile)) { include "{$defaultlangfile}"; } // Initialise block if required (new-style) $initfunc = "{$modname}_{$block}block_init"; if (function_exists($initfunc)) { $initfunc(); } return true; }
function pollList() { if (!pnSecAuthAction(0, 'Polls::', "::", ACCESS_OVERVIEW)) { return; } list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $currentlang = pnUserGetLang(); $commentoptions = pnUserGetCommentOptions(); if (pnConfigGetVar('multilingual') == 1) { $column =& $pntable['poll_desc_column']; $querylang = "WHERE ({$column['planguage']}='" . pnVarPrepForStore($currentlang) . "' OR {$column['planguage']}='')"; } else { $querylang = ""; } $column =& $pntable['poll_desc_column']; $result = $dbconn->Execute("SELECT {$column['pollid']}, {$column['polltitle']}, {$column['timestamp']}, {$column['voters']} FROM {$pntable['poll_desc']} {$querylang} ORDER BY {$column['timestamp']}"); OpenTable(); OpenTable(); echo "<p style=\"text-align:center\"><span class=\"pn-title\"><b>" . _PASTSURVEYS . "</b></span></p>"; CloseTable(); echo "<table border=\"0\" cellpadding=\"8\"><tr><td>"; echo "<span class=\"pn-normal\">"; $counter = 0; $resultArray = array(); while ($thisresult = $result->fields) { $result->MoveNext(); $resultArray[$counter] = $thisresult; $counter++; } for ($count = 0; $count < count($resultArray); $count++) { $id = $resultArray[$count][0]; $pollTitle = $resultArray[$count][1]; $voters = $resultArray[$count][3]; $column =& $pntable['poll_data_column']; $result2 = $dbconn->Execute("SELECT SUM({$column['optioncount']}) AS sum FROM {$pntable['poll_data']} WHERE {$column['pollid']}=" . pnVarPrepForStore($id) . ""); list($sum) = $result2->fields; echo "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=NS-Polls&file=index&pollID={$id}\">" . pnVarPrepForDisplay(stripslashes($pollTitle)) . "</a> "; echo "(<a class=\"pn-normal\" href=\"modules.php?op=modload&name=NS-Polls&file=index&req=results&pollID={$id}&{$commentoptions}\">" . _RESULTS . "</a> - {$sum} " . _LVOTES . ")<br />\n"; } echo '</span></td></tr></table>'; CloseTable(); }
function user_dynamic_data() { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $currentlangfile = 'language/' . pnVarPrepForOS(pnUserGetLang()) . '/user.php'; $defaultlangfile = 'language/' . pnVarPrepForOS(pnConfigGetVar('language')) . '/user.php'; if (file_exists($currentlangfile)) { include $currentlangfile; } elseif (file_exists($defaultlangfile)) { include $defaultlangfile; } include "header.php"; GraphicAdmin(); OpenTable(); echo "<center><font class=\"pn-title\"><b>" . _USERADMIN . "</b></font></center>"; CloseTable(); // This section displays the dynamic fields // and the order in which they are displayed OpenTable(); print '<center><font size="3" class="pn-title"><b>' . _DYNAMICDATA . '</b></font></center><br>' . '<table class=\'pn-normal\' border=\'1\' width=\'100%\'>' . '<tr>' . '<th>' . _FIELDACTIVE . '</th>' . '<th colspan=\'2\'>' . _FIELDLABEL . '</th>' . '<th>' . _FIELDWEIGHT . '</th>' . '<th>' . _FIELDTYPE . '</th>' . '<th>' . _FIELDLENGTH . '</th>' . '<th>' . _DELETE . '</th>' . '</tr>'; $column =& $pntable['user_property_column']; $result = $dbconn->Execute("SELECT {$column['prop_id']}, {$column['prop_label']},{$column['prop_dtype']},\n {$column['prop_length']}, {$column['prop_weight']}, {$column['prop_validation']}\n FROM {$pntable['user_property']} ORDER BY {$column['prop_weight']}"); if ($dbconn->ErrorNo() != 0) { echo $dbconn->ErrorNo() . "List User Properties: " . $dbconn->ErrorMsg() . "<br>"; error_log($dbconn->ErrorNo() . "List User Properties: " . $dbconn->ErrorMsg() . "<br>"); return; } $active_count = 0; $true_count = 0; $total_count = $result->PO_RecordCount(); $prop_weight = 0; while (list($prop_id, $prop_label, $prop_dtype, $prop_length, $prop_weight, $prop_validation) = $result->fields) { $result->MoveNext(); $true_count++; if ($prop_weight != 0) { $active_count++; $next_prop_weight = $active_count + 1; } $eval_cmd = "\$prop_label_text={$prop_label};"; @eval($eval_cmd); // display the proper icom and link to enable or disable the field switch (true) { // Mandatory Images can't be disabled case $prop_dtype == _UDCONST_MANDATORY: $img_cmd = '<img src="images/global/green_dot.gif" border=0 ALT="' . _FIELD_REQUIRED . '">'; break; case $prop_weight != 0: $img_cmd = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=deactivate_property&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/green_dot.gif" border=0 ALT="' . _FIELD_DEACTIVATE . '">' . '</a>'; break; default: $img_cmd = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=activate_property&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/red_dot.gif" border=0 ALT="' . _FIELD_ACTIVATE . '">' . '</a>'; } switch ($prop_dtype) { case _UDCONST_MANDATORY: $data_type_text = _UDT_MANDATORY; $data_length_text = _FIELD_NA; break; case _UDCONST_CORE: $data_type_text = _UDT_CORE; $data_length_text = _FIELD_NA; break; case _UDCONST_STRING: $data_type_text = _UDT_STRING; $data_length_text = $prop_length; break; case _UDCONST_TEXT: $data_type_text = _UDT_TEXT; $data_length_text = _FIELD_NA; break; case _UDCONST_FLOAT: $data_type_text = _UDT_FLOAT; $data_length_text = _FIELD_NA; break; case _UDCONST_INTEGER: $data_type_text = _UDT_INTEGER; $data_length_text = _FIELD_NA; break; default: $data_length_text = ""; $data_type_text = ""; } switch (true) { case $active_count == 0: $arrows = " "; break; case $active_count == 1: $arrows = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=increase_weight&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/down.gif" alt="' . _DOWN . '" border="0">' . '</a>'; break; case $true_count == $total_count: $arrows = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=decrease_weight&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/up.gif" alt="' . _UP . '" border="0">' . '</a>'; break; default: $arrows = '<img src="images/global/up.gif" alt="' . _UP . '"> <img src="images/global/down.gif" alt="' . _DOWN . '">'; $arrows = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=decrease_weight&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/up.gif" border="0" alt="' . _UP . '">' . '</a> ' . "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=increase_weight&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/down.gif" border="0" alt="' . _DOWN . '">' . '</a>'; } if ($prop_dtype == _UDCONST_MANDATORY || $prop_dtype == _UDCONST_CORE) { $del_text = _FIELD_NA; } else { $del_text = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=delete_property&property={$prop_id}\">" . _DELETE . '</a>'; } // .'<img src=\'images/global/green_dot.gif\'>' print '<tr><td width=\'5%\' align=\'center\'>' . "{$img_cmd}" . '</td>' . '<td width=\'12%\'>' . $prop_label . '</td>' . '<td width=\'12%\'>' . $prop_label_text . '</td>' . '<td width=\'10%\' align=\'center\'>' . $arrows . '</td>' . '<td width=\'15%\' align=\'center\'>' . $data_type_text . '</td>' . '<td width=\'10%\' align=\'center\'>' . $data_length_text . '</td>' . '<td width=\'10%\' align=\'center\'>' . $del_text . '</td>' . '</tr>'; } print '</table>'; CloseTable(); print "<br>"; OpenTable(); print '<center><font size="3" class="pn-title"><b>' . _ADDFIELD . '</b></font></center><br>' . '<form action="admin.php" method="post">' . '<table class=\'pn-normal\'>' . '<tr>' . '<th align=\'left\'>' . _FIELDLABEL . ':</th>' . '<td>' . '<input type="text" name="label" value="" size="20" maxlength="20" class="pn-normal">' . ' ' . _ADDINSTRUCTIONS . '</td>' . '</tr>' . '<tr>' . '<th align=\'left\'>' . _FIELDTYPE . ':</th>' . '<td>' . '<select name="dtype" class="pn-normal">' . '<option value="' . _UDCONST_STRING . '">' . _UDT_STRING . '</option>' . "\n" . '<option value="' . _UDCONST_TEXT . '">' . _UDT_TEXT . '</option>' . "\n" . '<option value="' . _UDCONST_FLOAT . '">' . _UDT_FLOAT . '</option>' . "\n" . '<option value="' . _UDCONST_INTEGER . '">' . _UDT_INTEGER . '</option>' . "\n" . '</select>' . '</td>' . '</tr>' . '<tr>' . '<th align=\'left\'>' . _FIELDLENGTH . ':</th>' . '<td>' . '<input type="text" name="prop_len" value="" size="3" maxlength="3" class="pn-normal">' . ' ' . _STRING_INSTRUCTIONS . '</td>' . '</tr>' . '<tr><td></td><td>' . "<input type=\"hidden\" name=\"module\" value=\"" . $GLOBALS['module'] . "\">" . "<input type=\"hidden\" name=\"op\" value=\"addDynamic\">" . "<input type=\"submit\" value=\"" . _SUBMIT . "\">" . '</td></tr>' . '</table>' . '<input type="hidden" name="prop_weight" value="' . $next_prop_weight . '">' . '<input type="hidden" name="validation" value="">' . "<input type=\"hidden\" name=\"authid\" value=\"" . pnSecGenAuthKey() . "\">" . '<input type="hidden" name="op" value="add_property">' . '</form>'; CloseTable(); include "footer.php"; }
function blocks_stories_block($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $currentlang = pnUserGetLang(); if (!pnSecAuthAction(0, 'Storiesblock::', "{$row['title']}::", ACCESS_READ)) { return; } // Break out options from our content field $vars = pnBlockVarsFromContent($row['content']); // Defaults if (!isset($vars['storiestype'])) { $vars['storiestype'] = 2; } if (!isset($vars['topic'])) { $vars['topic'] = -1; } if (!isset($vars['category'])) { $vars['category'] = -1; } if (!isset($vars['limit'])) { $vars['limit'] = 10; } $row['content'] = ""; $query_started = false; // Base query $storiescolumn = $pntable['stories_column']; $storiescatcolumn = $pntable['stories_cat_column']; $topicscolumn = $pntable['topics_column']; $query = "SELECT {$storiescolumn['aid']} AS \"aid\",\n {$storiescolumn['catid']} AS \"cid\",\n {$storiescatcolumn['title']} AS \"cattitle\",\n {$storiescolumn['sid']} AS \"sid\",\n {$topicscolumn['topicid']} AS \"tid\",\n {$storiescolumn['time']} AS \"time\",\n {$storiescolumn['title']} AS \"title\",\n {$topicscolumn['topicname']} AS \"topicname\"\n\t\t\tFROM \t{$pntable['stories']}"; // Assume mysql start $query .= " LEFT JOIN {$pntable['stories_cat']} ON {$storiescolumn['catid']} = {$storiescatcolumn['catid']}\n\t\t\t\tLEFT JOIN {$pntable['topics']} ON {$storiescolumn['topic']} = {$topicscolumn['topicid']}"; // Assume mysql end // $query .= " WHERE"; $wherearray = array(); // check language if (pnConfigGetVar('multilingual') == 1) { // $query_started = true; // $query .= " ($storiescolumn[alanguage]='" . pnUserGetLang() . "' OR $storiescolumn[alanguage]='')"; $wherearray[] = " ({$storiescolumn['alanguage']}='" . pnUserGetLang() . "' OR {$storiescolumn['alanguage']}='')"; } // Qualifier for front-page/not front-page news // storiestype = 3 - front-page news // storiestype = 1 - not front-page news // storiestype = 2 - all news if ($vars['storiestype'] == '1') { // where clause already started? // if ($query_started == true) { // $query .= " AND"; // } // $query_started = true; // $query .= " $storiescolumn[ihome]=1"; $wherearray[] = " {$storiescolumn['ihome']}=1"; } if ($vars['storiestype'] == '3') { // where clause already started? // if ($query_started == true) { // $query .= " AND"; // } // $query_started = true; // $query .= " $storiescolumn[ihome]=0"; $wherearray[] = " {$storiescolumn['ihome']}=0"; } // Qualifier for particular topic // topic = -1 - all topics? if ($vars['topic'] != -1) { // where clause already started? // if ($query_started == true) { // $query .= " AND"; // } // $query_started = true; // $query .= " $storiescolumn[topic]=" . pnVarPrepForStore($vars['topic']); $wherearray[] = " {$storiescolumn['topic']}=" . pnVarPrepForStore($vars['topic']); } // Qualifier for particular category // category = -1 - all categories if ($vars['category'] != -1) { // where clause already started? // if ($query_started = true) { // $query .= " AND"; // } // $query .= " $storiescolumn[cid]=" . pnVarPrepForStore($vars['category']); $wherearray[] = " {$storiescolumn['cid']}=" . pnVarPrepForStore($vars['category']); } if ($wherearray) { $query .= " WHERE " . implode(" AND ", $wherearray); } // Qualifier for how many stories $query .= " ORDER BY {$storiescolumn['time']} DESC"; // we can't use a limit query since permissions might take effect... //$result = $dbconn->SelectLimit($query, pnVarPrepForStore($vars['limit'])); $result = $dbconn->Execute($query); // Error checking -- jn if ($dbconn->ErrorNo() != 0) { return false; } $shown_results = 0; $postmax = $vars['limit']; while ((list($aid, $cid, $cattitle, $sid, $tid, $time, $title, $topicname) = $result->FetchRow()) && $shown_results < $postmax) { $time = $result->UnixTimeStamp($time); if (!isset($aid)) { $aid = ''; } if ($catid == 0) { // Default category $cattitle = "" . _ARTICLES . ""; } if (pnSecAuthAction(0, 'Stories::Story', "{$aid}:{$cattitle}:{$sid}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$topicname}::{$tid}", ACCESS_READ)) { $row['content'] .= "<strong><big>·</big></strong> <font class=\"pn-sub\"><a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=article&sid=" . pnVarPrepForDisplay($sid) . "\">" . pnVarPrepForDisplay($title) . "</a>\n (" . ml_ftime(_DATEBRIEF, $time) . ")</font><br>\n"; $shown_results++; } // removed uncessary MoveNext; FetchRow() from above moves the record set pointer - markwest // Credit rembert http://forums.postnuke.com/index.php?name=PNphpBB2&file=viewtopic&t=14182 // $result->MoveNext(); } if (!empty($row['content'])) { return themesideblock($row); } }
/** * add core data to the template * * This function adds some basic data to the template depending on the * current user and the PN settings. * * @param list of module names. all mod vars of these modules will be included too The mod vars of the current module will always be included * @return boolean true if ok, otherwise false * @access public */ function add_core_data() { $pncore = array(); $pncore['version_num'] = _PN_VERSION_NUM; $pncore['version_id'] = _PN_VERSION_ID; $pncore['version_sub'] = _PN_VERSION_SUB; $pncore['logged_in'] = pnUserLoggedIn(); $pncore['language'] = pnUserGetLang(); $pncore['themeinfo'] = pnThemeInfo(pnUserGetTheme()); pnThemeLoad($pncore['themeinfo']['name']); $colors = array(); $colors['bgcolor1'] = pnThemeGetVar('bgcolor1'); $colors['bgcolor2'] = pnThemeGetVar('bgcolor2'); $colors['bgcolor3'] = pnThemeGetVar('bgcolor3'); $colors['bgcolor4'] = pnThemeGetVar('bgcolor4'); $colors['bgcolor5'] = pnThemeGetVar('bgcolor5'); $colors['sepcolor'] = pnThemeGetVar('sepcolor'); $colors['textcolor1'] = pnThemeGetVar('textcolor1'); $colors['textcolor2'] = pnThemeGetVar('textcolor2'); // add userdata $pncore['user'] = pnUserGetVars(pnSessionGetVar('uid')); // add modvars of current module $pncore[$this->module] = pnModGetVar($this->module); // add mod vars of all modules supplied as parameter foreach (func_get_args() as $modulename) { // if the modulename is empty do nothing if (!empty($modulename) && !is_array($modulename) && $modulename != $this->module) { // check if user wants to have /PNConfig if ($modulename == _PN_CONFIG_MODULE) { $pnconfig = pnModGetVar(_PN_CONFIG_MODULE); foreach ($pnconfig as $key => $value) { // unserialize all config vars $pncore['pnconfig'][$key] = @unserialize($value); } } else { $pncore[$modulename] = pnModGetVar($modulename); } } } $this->assign('pncore', $pncore); $this->assign($colors); return true; }
/** * load a block * * @param string $modname module name * @param string $block name of the block * @return bool true on successful load, false otherwise */ function pnBlockLoad($modname, $block) { static $loaded = array(); if (empty($modname) || $modname == 'Core' || $modname == 'Blocks') { $modname = 'Core'; $moddir = 'includes/blocks'; $langdir = 'includes/language/blocks'; } else { $modinfo = pnModGetInfo(pnModGetIdFromName($modname)); $moddir = 'modules/' . pnVarPrepForOS($modinfo['directory']) . '/pnblocks'; $langdir = 'modules/' . pnVarPrepForOS($modinfo['directory']) . '/pnlang'; } if (isset($loaded["{$modname}/{$block}"])) { return true; } // Load the block $incfile = $block . '.php'; $filepath = $moddir . '/' . pnVarPrepForOS($incfile); if (!file_exists($filepath)) { return false; } include_once $filepath; $loaded["{$modname}/{$block}"] = 1; // Load the block language files $currentlangfile = $langdir . '/' . pnVarPrepForOS(pnUserGetLang()) . '/' . pnVarPrepForOS($incfile); $defaultlangfile = $langdir . '/' . pnVarPrepForOS(pnConfigGetVar('language')) . '/' . pnVarPrepForOS($incfile); if (file_exists($currentlangfile)) { include $currentlangfile; } elseif (file_exists($defaultlangfile)) { include $defaultlangfile; } // get the block info $infofunc = "{$modname}_{$block}block_info"; if (function_exists($infofunc)) { $blocks_modules[$block] = $infofunc(); } // set the module and keys for the new block $blocks_modules[$block]['bkey'] = $block; if (!isset($blocks_modules[$block]['module'])) { $blocks_modules[$block]['module'] = $modname; } $blocks_modules[$block]['mid'] = pnModGetIDFromName($blocks_modules[$block]['module']); // merge the blockinfo in the global list of blocks if (!isset($GLOBALS['blocks_modules'])) { $GLOBALS['blocks_modules'] = array(); } $GLOBALS['blocks_modules'][$blocks_modules[$block]['mid']][$block] = $blocks_modules[$block]; // Initialise block if required (new-style) $initfunc = "{$modname}_{$block}block_init"; if (function_exists($initfunc)) { $initfunc(); } return true; }
function search_stories() { list($startnum, $active_stories, $total, $stories_topics, $stories_cat, $stories_author, $q, $bool) = pnVarCleanFromInput('startnum', 'active_stories', 'total', 'stories_topics', 'stories_cat', 'stories_author', 'q', 'bool'); if (!isset($active_stories) || !$active_stories) { return; } if (!pnModAvailable('News')) { return; } $output =& new pnHTML(); if (!isset($startnum) || !is_numeric($startnum)) { $startnum = 1; } if (isset($total) && !is_numeric($total)) { unset($total); } $dbconn =& pnDBGetConn(true); $pntable =& pnDBGetTables(); if (empty($bool)) { $bool = 'OR'; } $flag = false; $storcol =& $pntable['stories_column']; $stcatcol =& $pntable['stories_cat_column']; $topcol =& $pntable['topics_column']; $query = ''; $query1 = "SELECT {$storcol['sid']} as sid,\n {$topcol['tid']} as topicid,\n {$topcol['topicname']} as topicname,\n {$topcol['topictext']} as topictext,\n {$storcol['catid']} as catid,\n {$storcol['time']} AS fdate,\n {$storcol['title']} AS story_title,\n {$storcol['aid']} AS aid,\n {$stcatcol['title']} AS cat_title\n FROM {$pntable['stories']}\n LEFT JOIN {$pntable['stories_cat']} ON ({$storcol['catid']}={$stcatcol['catid']})\n LEFT JOIN {$pntable['topics']} ON ({$storcol['topic']}={$topcol['tid']})\n WHERE "; // hack to get this to work, but much better than what we had before //$query .= " 1 = 1 "; // words $w = search_split_query($q); if (isset($w)) { foreach ($w as $word) { if ($flag) { switch ($bool) { case 'AND': $query .= ' AND '; break; case 'OR': default: $query .= ' OR '; break; } } $query .= '('; $query .= "{$storcol['title']} LIKE '" . pnVarPrepForStore($word) . "' OR "; $query .= "{$storcol['hometext']} LIKE '" . pnVarPrepForStore($word) . "' OR "; $query .= "{$storcol['bodytext']} LIKE '" . pnVarPrepForStore($word) . "' OR "; //$query .= "$storcol[comments] LIKE '".pnVarPrepForStore($word)."' OR "; $query .= "{$storcol['informant']} LIKE '" . pnVarPrepForStore($word) . "' OR "; $query .= "{$storcol['notes']} LIKE '" . pnVarPrepForStore($word) . "'"; $query .= ')'; $flag = true; $no_flag = false; } } else { $no_flag = true; } // topics if (isset($stories_topics) && !empty($stories_topics)) { $flag = false; $start_flag = false; // dont set AND/OR if nothing is in front foreach ($stories_topics as $v) { if (empty($v)) { continue; } if (!$no_flag and !$start_flag) { $query .= ' AND ('; $start_flag = true; } if ($flag) { $query .= ' OR '; } $query .= "{$storcol['topic']}='" . pnVarPrepForStore($v) . "'"; $flag = true; } if (!$no_flag and $start_flag) { $query .= ') '; $no_flag = false; } } // categories if (!is_array($stories_cat)) { $stories_cat[0] = ''; } if (isset($stories_cat[0]) && !empty($stories_cat[0])) { if (!$no_flag) { $query .= ' AND ('; } $flag = false; foreach ($stories_cat as $v) { if ($flag) { $query .= ' OR '; } $query .= "{$stcatcol['catid']}='" . pnVarPrepForStore($v) . "'"; $flag = true; } if (!$no_flag) { $query .= ') '; $no_flag = false; } } // authors if (isset($stories_author) && $stories_author != '') { if (!$no_flag) { $query .= ' AND ('; } $query .= "{$storcol['informant']}='" . pnVarPrepForStore($stories_author) . "'"; $result =& $dbconn->Execute("SELECT {$pntable['users_column']['uid']} as pn_uid FROM {$pntable['users']} WHERE {$pntable['users_column']['uname']} LIKE '%" . pnVarPrepForStore($stories_author) . "%' OR {$pntable['users_column']['name']} LIKE '%" . pnVarPrepForStore($stories_author) . "%'"); while (!$result->EOF) { $row = $result->GetRowAssoc(false); $query .= " OR {$storcol['aid']}={$row['pn_uid']}"; $result->MoveNext(); } if (!$no_flag) { $query .= ') '; $no_flag = false; } } else { $stories_author = ''; } if (pnConfigGetVar('multilingual') == 1) { if (!empty($query)) { $query .= ' AND'; } $query .= " ({$storcol['alanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$storcol['alanguage']}='')"; } if (empty($query)) { $query = '1'; } $query .= " ORDER BY {$storcol['time']} DESC"; $query = $query1 . $query; // get the total count with permissions! if (empty($total)) { $total = 0; $countres =& $dbconn->Execute($query); // check for a db error if ($dbconn->ErrorNo() != 0) { return; } while (!$countres->EOF) { $row = $countres->GetRowAssoc(false); if (pnSecAuthAction(0, 'Stories::Story', "{$row['aid']}:{$row['cat_title']}:{$row['sid']}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$row['topicname']}::{$row['topicid']}", ACCESS_READ)) { $total++; } $countres->MoveNext(); } } $result = $dbconn->SelectLimit($query, 10, $startnum - 1); // check for a db error if ($dbconn->ErrorNo() != 0) { return; } if (!$result->EOF) { $output->Text(_STORIES_TOPICS . ': ' . $total . ' ' . _SEARCHRESULTS); $output->SetInputMode(_PNH_VERBATIMINPUT); // Rebuild the search string from previous information $url = 'index.php?name=Search&action=search&active_stories=1&stories_author=' . pnVarPrepForDisplay($stories_author); if (isset($stories_cat) && $stories_cat) { foreach ($stories_cat as $v) { $url .= "&stories_cat%5B%5D={$v}"; } } if (isset($stories_topics) && $stories_topics) { foreach ($stories_topics as $v) { $url .= "&stories_topics%5B%5D={$v}"; } } $url .= '&bool=' . pnVarPrepForDisplay($bool); if (isset($q)) { $url .= '&q=' . pnVarPrepForDisplay($q); } $output->Text('<dl>'); while (!$result->EOF) { $row = $result->GetRowAssoc(false); if (pnSecAuthAction(0, 'Stories::Story', "{$row['aid']}:{$row['cat_title']}:{$row['sid']}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$row['topicname']}::{$row['topicid']}", ACCESS_READ)) { $row['fdate'] = ml_ftime(_DATELONG, $result->UnixTimeStamp($row['fdate'])); $output->Text('<dt><a href="index.php?name=News&file=article&sid=' . pnVarPrepForDisplay($row['sid']) . '">' . pnVarPrepHTMLDisplay($row['story_title']) . '</a></dt>'); $output->Text('<dd>'); $output->Text(pnVarPrepForDisplay($row['fdate']) . ' ('); if (!empty($row['topicid'])) { $output->Text($row['topictext']); } if (!empty($row['catid'])) { $output->Text(' - ' . pnVarPrepHTMLDisplay($row['cat_title'])); } $output->Text(')</dd>'); } $result->MoveNext(); } $output->Text('</dl>'); // Munge URL for template $urltemplate = $url . "&startnum=%%&total={$total}"; $output->Pager($startnum, $total, $urltemplate, 10); } else { $output->SetInputMode(_PNH_VERBATIMINPUT); $output->Text(_SEARCH_NO_STORIES_TOPICS); $output->SetInputMode(_PNH_PARSEINPUT); } $output->Linebreak(3); return $output->GetOutput(); }
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // To read the license please visit http://www.gnu.org/copyleft/gpl.html // ---------------------------------------------------------------------- // Original Author of file: // Purpose of file: // ---------------------------------------------------------------------- include 'includes/pnAPI.php'; pnInit(); include 'includes/legacy.php'; // eugenio themeover 20020413 // pnThemeLoad(); include 'modules/NS-User/tools.php'; include 'modules/NS-User/password.php'; $currentlangfile = 'language/' . pnVarPrepForOS(pnUserGetLang()) . '/user.php'; $defaultlangfile = 'language/' . pnVarPrepForOS(pnConfigGetVar('language')) . '/user.php'; if (file_exists($currentlangfile)) { include $currentlangfile; } elseif (file_exists($defaultlangfile)) { include $defaultlangfile; } global $stop, $minage, $module; if (!pnUserLoggedIn() && empty($op)) { $module = 'NS-User'; $op = 'getlogin'; } if (isset($op) && $op == 'userinfo') { $module = 'NS-User'; } // New module way
/** * load a module * @param name - name of module to load * @param type - type of functions to load * @returns string * @return name of module loaded, or false on failure */ function pnModLoad($modname, $type = 'user') { static $loaded = array(); if (empty($modname)) { return false; } list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $modulestable = $pntable['modules']; $modulescolumn =& $pntable['modules_column']; if (!empty($loaded["{$modname}{$type}"])) { // Already loaded from somewhere else return $modname; } $query = "SELECT {$modulescolumn['directory']},\n {$modulescolumn['state']}\n FROM {$modulestable}\n WHERE {$modulescolumn['name']} = '" . pnVarPrepForStore($modname) . "'"; $result = $dbconn->Execute($query); if ($dbconn->ErrorNo() != 0) { return; } if ($result->EOF) { return false; } list($directory, $state) = $result->fields; $result->Close(); // Load the module and module language files list($osdirectory, $ostype) = pnVarPrepForOS($directory, $type); $osfile = "modules/{$osdirectory}/pn{$ostype}.php"; if (!file_exists($osfile)) { // File does not exist return false; } // Load file include $osfile; $loaded["{$modname}{$type}"] = 1; $defaultlang = pnConfigGetVar('language'); if (empty($defaultlang)) { $defaultlang = 'eng'; } $currentlang = pnUserGetLang(); if (file_exists("modules/{$osdirectory}/pnlang/{$currentlang}/{$ostype}.php")) { include "modules/{$osdirectory}/pnlang/" . pnVarPrepForOS($currentlang) . "/{$ostype}.php"; } elseif (file_exists("modules/{$directory}/pnlang/{$defaultlang}/{$ostype}.php")) { include "modules/{$osdirectory}/pnlang/" . pnVarPrepForOS($defaultlang) . "/{$ostype}.php"; } // Load datbase info pnModDBInfoLoad($modname, $directory); // Return the module name return $modname; }
function search_sections() { list($active_sections, $startnum, $total, $bool, $q) = pnVarCleanFromInput('active_sections', 'startnum', 'total', 'bool', 'q'); if (empty($active_sections)) { return; } if (!pnModAvailable('Sections')) { return; } $dbconn =& pnDBGetConn(true); $pntable =& pnDBGetTables(); $output =& new pnHTML(); $output->SetInputMode(_PNH_VERBATIMINPUT); if (!isset($startnum) || !is_numeric($startnum)) { $startnum = 1; } if (isset($total) && !is_numeric($total)) { unset($total); } $w = search_split_query($q); $flag = false; $seccol =& $pntable['seccont_column']; $query = "SELECT {$seccol['artid']} as id, {$seccol['title']} as title, {$seccol['secid']} as secid, {$seccol['content']} as content\n FROM {$pntable['seccont']}\n WHERE \n"; foreach ($w as $word) { if ($flag) { switch ($bool) { case 'AND': $query .= ' AND '; break; case 'OR': default: $query .= ' OR '; break; } } $query .= '('; $query .= "{$seccol['title']} LIKE '" . pnVarPrepForStore($word) . "' OR \n"; $query .= "{$seccol['content']} LIKE '" . pnVarPrepForStore($word) . "')\n"; $flag = true; } if (pnConfigGetVar('multilingual') == 1) { $query .= " AND ({$seccol['slanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$seccol['slanguage']}='')"; } $query .= " ORDER BY {$seccol['artid']}"; // get the total count with permissions! if (empty($total)) { $total = 0; $countres =& $dbconn->Execute($query); // check for a db error if ($dbconn->ErrorNo() != 0) { return; } while (!$countres->EOF) { $row = $countres->GetRowAssoc(false); // we know about the section id so let's get the section name $column2 =& $pntable['sections_column']; $result2 =& $dbconn->Execute("SELECT {$column2['secname']} FROM {$pntable['sections']} WHERE {$column2['secid']}={$row['secid']}"); list($secname) = $result2->fields; if (pnSecAuthAction(0, "Sections::Section", "{$secname}::{$row['secid']}", ACCESS_READ) && pnSecAuthAction(0, "Sections::Article", "{$row['title']}:{$secname}:{$row['id']}", ACCESS_READ)) { $total++; } $countres->MoveNext(); } } $result = $dbconn->SelectLimit($query, 10, $startnum - 1); // check for a db error if ($dbconn->ErrorNo() != 0) { return; } if (!$result->EOF) { $output->Text(_SECTIONS . ': ' . $total . ' ' . _SEARCHRESULTS); $output->SetInputMode(_PNH_VERBATIMINPUT); // Rebuild the search string from previous information $url = "index.php?name=Search&action=search&active_sections=1&bool={$bool}&q={$q}"; $output->Text('<dl>'); while (!$result->EOF) { $row = $result->GetRowAssoc(false); // we know about the section id so let's get the section name $column2 =& $pntable['sections_column']; $result2 =& $dbconn->Execute("SELECT {$column2['secname']} FROM {$pntable['sections']} WHERE {$column2['secid']}={$row['secid']}"); list($secname) = $result2->fields; if (pnSecAuthAction(0, "Sections::Section", "{$secname}::{$row['secid']}", ACCESS_READ) && pnSecAuthAction(0, "Sections::Article", "{$row['title']}:{$secname}:{$row['id']}", ACCESS_READ)) { $row['content'] = strip_tags($row['content']); if (strlen($row['content']) > 128) { $row['content'] = substr($row['content'], 0, 125) . '...'; } $output->Text("<dt><a href=\"index.php?name=Sections&req=viewarticle&artid={$row['id']}\">" . pnVarPrepForDisplay($row[title]) . "</a></dt>"); $output->Text("<dd>" . pnVarPrepForDisplay($row[content]) . "</dd>"); } $result->MoveNext(); } $output->Text('</dl>'); // Munge URL for template $urltemplate = $url . "&startnum=%%&total={$total}"; $output->Pager($startnum, $total, $urltemplate, 10); } else { $output->SetInputMode(_PNH_VERBATIMINPUT); $output->Text(_SEARCH_NO_SECTIONS); $output->SetInputMode(_PNH_PARSEINPUT); } $output->Linebreak(3); return $output->GetOutput(); }
/** * pnModLangLoad * loads the language files for a module * * @author Mark West * @link http://www.markwest.me.uk * @param modname - name of the module * @param type - type of the language file to load e.g. user, admin * @param api - load api lang file or gui lang file */ function pnModLangLoad($modname, $type = 'user', $api = false) { // define input, all numbers and booleans to strings $modname = isset($modname) ? (string) $modname : ''; // validate if (!pnVarValidate($modname, 'mod')) { return false; } // get the module info $modinfo = isset($modname) ? pnModGetInfo(pnModGetIDFromName($modname)) : false; if (!$modinfo) { return false; } // create variables for the OS preped version of the directory list($osdirectory, $ostype) = pnVarPrepForOS($modinfo['directory'], $type); $defaultlang = pnConfigGetVar('language'); if (empty($defaultlang)) { $defaultlang = 'eng'; } $osapi = ''; if ($api) { $osapi = 'api'; } $currentlang = pnUserGetLang(); if (file_exists("modules/{$osdirectory}/pnlang/{$currentlang}/{$ostype}{$osapi}.php")) { include_once "modules/{$osdirectory}/pnlang/" . pnVarPrepForOS($currentlang) . "/{$ostype}{$osapi}.php"; } elseif (file_exists("modules/{$osdirectory}/pnlang/{$defaultlang}/{$ostype}{$osapi}.php")) { include_once "modules/{$osdirectory}/pnlang/" . pnVarPrepForOS($defaultlang) . "/{$ostype}{$osapi}.php"; } return; }
function __construct() { $theme = pnUserGetTheme(); $osTheme = pnVarPrepForOS($theme); pnThemeLoad($theme); global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5, $bgcolor6, $textcolor1, $textcolor2; // call constructor parent::__construct(); // gather module information $pcModInfo = pnModGetInfo(pnModGetIDFromName(__POSTCALENDAR__)); $pcDir = pnVarPrepForOS($pcModInfo['directory']); $pcDisplayName = $pcModInfo['displayname']; unset($pcModInfo); // setup up pcSmarty configs $this->compile_check = true; $this->force_compile = false; $this->debugging = false; $this->template_dir = "modules/{$pcDir}/pntemplates"; array_push($this->plugins_dir, "modules/{$pcDir}/pnincludes/Smarty/plugins"); array_push($this->plugins_dir, "modules/{$pcDir}/plugins"); $this->compile_dir = "modules/{$pcDir}/pntemplates/compiled"; $this->cache_dir = "modules/{$pcDir}/pntemplates/cache"; $this->caching = _SETTING_USE_CACHE; $this->cache_lifetime = _SETTING_CACHE_LIFETIME; $this->left_delimiter = '[-'; $this->right_delimiter = '-]'; //============================================================ // checks for safe mode // i think it's safe to say we can do this automagically now //============================================================ $safe_mode = ini_get('safe_mode'); $safe_mode_gid = ini_get('safe_mode_gid'); $open_basedir = ini_get('open_basedir'); $use_safe_mode = (bool) $safe_mode || (bool) $safe_mode_gid || !empty($open_basedir); if ($use_safe_mode) { $this->use_sub_dirs = false; } else { $this->use_sub_dirs = true; } unset($use_safe_mode, $safe_mode, $safe_mode_gid, $open_basedir); $this->autoload_filters = array('output' => array('trimwhitespace')); $lang = pnUserGetLang(); $func = pnVarCleanFromInput('func'); $print = pnVarCleanFromInput('print'); // assign theme globals $this->assign_by_ref('BGCOLOR1', $bgcolor1); $this->assign_by_ref('BGCOLOR2', $bgcolor2); $this->assign_by_ref('BGCOLOR3', $bgcolor3); $this->assign_by_ref('BGCOLOR4', $bgcolor4); $this->assign_by_ref('BGCOLOR5', $bgcolor5); $this->assign_by_ref('BGCOLOR6', $bgcolor6); $this->assign_by_ref('TEXTCOLOR1', $textcolor1); $this->assign_by_ref('TEXTCOLOR2', $textcolor2); $this->assign_by_ref('USER_LANG', $lang); $this->assign_by_ref('FUNCTION', $func); $this->assign('PRINT_VIEW', $print); $this->assign('USE_POPUPS', _SETTING_USE_POPUPS); $this->assign('USE_TOPICS', _SETTING_DISPLAY_TOPICS); $this->assign('USE_INT_DATES', _SETTING_USE_INT_DATES); $this->assign('OPEN_NEW_WINDOW', _SETTING_OPEN_NEW_WINDOW); $this->assign('EVENT_DATE_FORMAT', _SETTING_DATE_FORMAT); $this->assign('HIGHLIGHT_COLOR', _SETTING_DAY_HICOLOR); $this->assign('24HOUR_TIME', _SETTING_TIME_24HOUR); $this->assign_by_ref('MODULE_NAME', $pcDisplayName); $this->assign_by_ref('MODULE_DIR', $pcDir); $this->assign('ACCESS_NONE', PC_ACCESS_NONE); $this->assign('ACCESS_OVERVIEW', PC_ACCESS_OVERVIEW); $this->assign('ACCESS_READ', PC_ACCESS_READ); $this->assign('ACCESS_COMMENT', PC_ACCESS_COMMENT); $this->assign('ACCESS_MODERATE', PC_ACCESS_MODERATE); $this->assign('ACCESS_EDIT', PC_ACCESS_EDIT); $this->assign('ACCESS_ADD', PC_ACCESS_ADD); $this->assign('ACCESS_DELETE', PC_ACCESS_DELETE); $this->assign('ACCESS_ADMIN', PC_ACCESS_ADMIN); //================================================================= // Find out what Template we're using //================================================================= $template_name = _SETTING_TEMPLATE; if (!isset($template_name)) { $template_name = 'default'; } //================================================================= // Find out what Template View to use //================================================================= $template_view = pnVarCleanFromInput('tplview'); if (!isset($template_view)) { $template_view = 'default'; } $this->config_dir = "modules/{$pcDir}/pntemplates/{$template_name}/config/"; $this->assign_by_ref('TPL_NAME', $template_name); $this->assign_by_ref('TPL_VIEW', $template_view); $this->assign('TPL_IMAGE_PATH', $GLOBALS['rootdir'] . "/main/calendar/modules/{$pcDir}/pntemplates/{$template_name}/images"); $this->assign('TPL_ROOTDIR', $GLOBALS['rootdir']); $this->assign('TPL_STYLE_PATH', "modules/{$pcDir}/pntemplates/{$template_name}/style"); $this->assign('THEME_PATH', "themes/{$osTheme}"); }
function user_main_last10submit($uname) { $pntable = pnDBGetTables(); list($dbconn) = pnDBGetConn(); $column =& $pntable['stories_column']; /** * Fetch active laguage */ if (pnConfigGetVar('multilingual') == 1) { $querylang = "AND (" . $column['alanguage'] . "='" . pnVarPrepForStore(pnUserGetLang()) . "' OR " . $column['alanguage'] . "='') "; } else { $querylang = ''; } /** * Build up SQL */ $query = "SELECT " . $column['sid'] . ", " . $column['title'] . " " . "FROM " . $pntable['stories'] . " " . "WHERE " . $column['informant'] . "='" . pnVarPrepForStore($uname) . "' " . $querylang . "ORDER BY " . $column['sid'] . " DESC"; /** * Make limited select */ $result = $dbconn->SelectLimit($query, 10, 0); /** * Do output */ OpenTable(); echo "<font class=\"pn-title\">" . _LAST10SUBMISSIONS . " " . pnVarPrepForDisplay($uname) . ":</font><br><ul>"; while (list($sid, $title) = $result->fields) { $result->MoveNext(); if (!$title) { $title = '- no Title -'; } echo "<li><a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=article&sid={$sid}\">" . pnVarPrepForDisplay($title) . "</a><br>"; } echo "</ul>"; CloseTable(); }
define('PC_ACCESS_ADD', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_ADD)); define('PC_ACCESS_EDIT', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_EDIT)); define('PC_ACCESS_MODERATE', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_MODERATE)); define('PC_ACCESS_COMMENT', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_COMMENT)); define('PC_ACCESS_READ', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_READ)); define('PC_ACCESS_OVERVIEW', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_OVERVIEW)); define('PC_ACCESS_NONE', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_NONE)); //========================================================================= // Require and Setup utility classes and functions //========================================================================= define('DATE_CALC_BEGIN_WEEKDAY', _SETTING_FIRST_DAY_WEEK); require_once "modules/{$pcDir}/pnincludes/Date/Calc.php"; //========================================================================= // grab the global language file //========================================================================= $userlang = pnUserGetLang(); if (file_exists("modules/{$pcDir}/pnlang/{$userlang}/global.php")) { require_once "modules/{$pcDir}/pnlang/{$userlang}/global.php"; } else { require_once "modules/{$pcDir}/pnlang/eng/global.php"; } unset($userlang); //========================================================================= // Setup Smarty defines //========================================================================= if (!class_exists('Smarty')) { define('_PC_SMARTY_LOADED', true); define('SMARTY_DIR', "modules/{$pcDir}/pnincludes/Smarty/"); require_once SMARTY_DIR . '/Smarty.class.php'; } require_once "modules/{$pcDir}/pcSmarty.class.php";
function messages() { //$bgcolor1 = $GLOBALS["bgcolor1"]; //$bgcolor2 = $GLOBALS["bgcolor2"]; $authid = pnSecGenAuthKey(); list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); include "header.php"; $lang = languagelist(); GraphicAdmin(); OpenTable(); echo "<center><font class=\"pn-title\"><b>" . _MESSAGESADMIN . "</b></font></center>"; CloseTable(); // Current messages if (pnSecAuthAction(0, 'Messages::', '::', ACCESS_EDIT)) { OpenTable(); echo "<center><font class=\"pn-title\"><b>" . _ALLMESSAGES . "</b></font><br><br><table border=\"1\" width=\"100%\" bgcolor=\"" . $GLOBALS["bgcolor1"] . "\"<tr>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"><b><font class=\"pn-title\">" . _ID . "</font></b></td>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"><b><font class=\"pn-title\">" . _TITLE . "</font></b></td>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"> <b><font class=\"pn-title\">" . _LANGUAGE . "</font></b> </td>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"> <b><font class=\"pn-title\">" . _VIEW . "</font></b> </td>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"> <b><font class=\"pn-title\">" . _ACTIVE . "</font></b> </td>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"> <b><font class=\"pn-title\">" . _FUNCTIONS . "</font></b> </td></tr>"; $column =& $pntable['message_column']; $result = $dbconn->Execute("SELECT {$column['mid']},\n {$column['title']},\n {$column['content']},\n {$column['date']},\n {$column['expire']},\n {$column['active']},\n {$column['view']},\n {$column['mlanguage']} \n FROM {$pntable['message']} "); while (list($mid, $title, $content, $mdate, $expire, $active, $view, $mlanguage) = $result->fields) { $result->MoveNext(); if (!pnSecAuthAction(0, 'Messages::', "{$title}::{$mid}", ACCESS_EDIT)) { continue; } if ($active == 1) { $mactive = "" . _YES . ""; } elseif ($active == 0) { $mactive = "" . _NO . ""; } switch ($view) { case "1": $mview = "" . _MVALL . ""; break; case "2": $mview = "" . _MVUSERS . ""; break; case "3": $mview = "" . _MVANON . ""; break; case "4": $mview = "" . _MVADMIN . ""; break; } if ($mlanguage == "") { $mlanguage = "" . _ALL . ""; } echo "<tr><td align=\"right\"><font class=\"pn-normal\"><b>" . pnVarPrepForDisplay($mid) . "</b>" . "</font></td><td align=\"left\" width=\"100%\"><font class=\"pn-normal\"><b>" . pnVarPrepForDisplay($title) . "</b>" . "</font></td><td align=\"center\"><font class=\"pn-normal\">" . pnVarPrepForDisplay($mlanguage) . "</font></td><td align=\"center\" nowrap><font class=\"pn-normal\">" . pnVarPrepForDisplay($mview) . "</font></td><td align=\"center\"><font class=\"pn-normal\">" . pnVarPrepForDisplay($mactive) . "</font></td><td align=\"right\" nowrap><font class=\"pn-normal\">(<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=editmsg&mid={$mid}&authid={$authid}\">" . _EDIT . "</a></font>"; if (pnSecAuthAction(0, 'Messages::', "{$title}::{$mid}", ACCESS_DELETE)) { echo "-<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=deletemsg&mid={$mid}\">" . _DELETE . "</a>)"; } else { echo ")"; } echo "</td></tr>"; } echo "</table></center><br>"; } CloseTable(); // New message if (pnSecAuthAction(0, 'Messages::', '::', ACCESS_ADD)) { OpenTable(); echo "<center><font class=\"pn-title\"><b>" . _ADDMSG . "</b></font></center><br>"; echo "<form action=\"admin.php\" method=\"post\">"; echo "<b><font class=\"pn-normal\">" . _MESSAGETITLE . ":</font></b><br>" . "<input type=\"text\" name=\"add_title\" value=\"\" size=\"50\" maxlength=\"100\"><br><br>" . "<b><font class=\"pn-normal\">" . _MESSAGECONTENT . ":</font></b><br>" . "<textarea name=\"add_content\" rows=\"10\" cols=\"80\"></textarea><br><br><font class=\"pn-normal\">" . '<b>' . _LANGUAGE . ': </b></font>' . '<select name="add_mlanguage" size="1">' . '<option value="">' . _ALL . '</option>'; $sel_lang[pnUserGetLang()] = ' selected'; $handle = opendir('language'); while ($f = readdir($handle)) { if (is_dir("language/{$f}") && !empty($lang[$f])) { $langlist[$f] = $lang[$f]; } } asort($langlist); // a bit ugly, but it works in E_ALL conditions (Andy Varganov) foreach ($langlist as $k => $v) { echo '<option value="' . $k . '"'; if (isset($sel_lang[$k])) { echo ' selected'; } echo '>' . $v . '</option>'; } print '</select><br><br>'; $now = time(); //print '<b>'._EXPIRATION.':</b> <select name="add_expire">' //."<option value=\"86400\" >1 "._DAY."</option>" //."<option value=\"172800\" >2 "._DAYS."</option>" //."<option value=\"432000\" >5 "._DAYS."</option>" //."<option value=\"1296000\" >15 "._DAYS."</option>" //."<option value=\"2592000\" >30 "._DAYS."</option>" //."<option value=\"0\" >"._UNLIMITED."</option>" //."</select><br><br>" print "<font class=\"pn-normal\"><b>" . _ACTIVE . "?</b> <input type=\"radio\" name=\"add_active\" value=\"1\" checked>" . _YES . " " . "<input type=\"radio\" name=\"add_active\" value=\"0\" >" . _NO . "</font>"; echo "<br><br><b><font class=\"pn-normal\">" . _VIEWPRIV . "</font></b> <select name=\"add_view\">" . "<option value=\"1\" >" . _MVALL . "</option>" . "<option value=\"2\" >" . _MVUSERS . "</option>" . "<option value=\"3\" >" . _MVANON . "</option>" . "<option value=\"4\" >" . _MVADMIN . "</option>" . "</select><br><br>" . "<input type=\"hidden\" name=\"module\" value=\"" . $GLOBALS['module'] . "\">" . "<input type=\"hidden\" name=\"op\" value=\"addmsg\">" . "<input type=\"hidden\" name=\"add_mdate\" value=\"{$now}\">" . "<input type=\"hidden\" name=\"authid\" value=\"" . pnSecGenAuthKey() . "\">" . "<input type=\"submit\" value=\"" . _ADDMSG . "\">" . "</form>"; CloseTable(); } include "footer.php"; }
/** * send an email * @param to - recipient of the email * @param subject - title of the email * @param message - body of the email * @param headers - extra headers for the email * @param debug - if 1, echo mail content * @returns bool * @return true if the email was sent, false if not */ function pnMail($to, $subject, $message, $headers, $debug = 0) { // Language translations switch (pnUserGetLang()) { case 'rus': if (!empty($headers)) { $headers .= "\n"; } $headers .= "Content-Type: text/plain; charset=koi8-r"; $subject = convert_cyr_string($subject, "w", "k"); $message = convert_cyr_string($message, "w", "k"); $headers = convert_cyr_string($headers, "w", "k"); break; } // Debug if ($debug) { echo "Mail To: " . $to . "<br>"; echo "Mail Subject: " . $subject . "<br>"; echo "Mail Message: " . $message . "<br>"; echo "Mail Headers: " . $headers . "<br>"; } // Mail message // do not display error messages [class007] $return = @mail($to, $subject, $message, $headers); return $return; }
// ---------------------------------------------------------------------- /** * Function to display banners in all pages */ if (!function_exists('pnInit')) { include 'includes/pnAPI.php'; pnInit(); include 'includes/legacy.php'; // eugenio themeover 20020413 // pnThemeLoad(); } /** * Load lang file */ if (file_exists("language/" . pnVarPrepForOS(pnUserGetLang()) . "/banners.php")) { include "language/" . pnVarPrepForOS(pnUserGetLang()) . "/banners.php"; } elseif (file_exists("language/eng/banners.php")) { include "language/eng/banners.php"; } /** * Function to redirect the clicks to the * correct url and add 1 click */ function clickbanner() { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $bid = pnVarCleanFromInput('bid'); $column =& $pntable['banner_column']; $bresult = $dbconn->Execute("SELECT {$column['clickurl']}\n FROM {$pntable['banner']}\n WHERE {$column['bid']}='" . pnVarPrepForStore($bid) . "'"); list($clickurl) = $bresult->fields;
/** * Make common language selection dropdown * * @author Tim Litwiller */ function lang_dropdown() { $currentlang = pnUserGetLang(); echo "<select name=\"alanguage\" class=\"pn-text\" id=\"language\">"; $lang = languagelist(); print "<option value=\"\">" . _ALL . '</option>'; $handle = opendir('language'); while (false !== ($f = readdir($handle))) { if (is_dir("language/{$f}") && @$lang[$f]) { $langlist[$f] = $lang[$f]; } } asort($langlist); foreach ($langlist as $k => $v) { echo '<option value="' . $k . '"'; if ($currentlang == $k) { echo ' selected="selected"'; } echo '>' . pnVarPrepForDisplay($v) . '</option> '; } echo "</select>"; }
function search_faqs() { list($q, $bool, $startnum, $total, $active_faqs) = pnVarCleanFromInput('q', 'bool', 'startnum', 'total', 'active_faqs'); if (empty($active_faqs)) { return; } if (!pnModAvailable('FAQ')) { return; } $dbconn =& pnDBGetConn(true); $pntable =& pnDBGetTables(); $output =& new pnHTML(); $output->SetInputMode(_PNH_VERBATIMINPUT); if (!isset($startnum) || !is_numeric($startnum)) { $startnum = 1; } if (isset($total) && !is_numeric($total)) { unset($total); } $w = search_split_query($q); $flag = false; $column =& $pntable['faqanswer_column']; $faqcatcol =& $pntable['faqcategories_column']; $query = "SELECT {$column['id_cat']} as id_cat, \n \t\t\t\t{$column['question']} as question, \n \t\t\t\t{$column['answer']} as answer,\n \t\t\t\t{$faqcatcol['categories']} as categories\n FROM {$pntable['faqanswer']} \n LEFT JOIN {$pntable['faqcategories']} ON {$column['id_cat']}={$faqcatcol['id_cat']}\n WHERE {$column['answer']} != \"\" AND \n"; foreach ($w as $word) { if ($flag) { switch ($bool) { case 'AND': $query .= ' AND '; break; case 'OR': default: $query .= ' OR '; break; } } $query .= '('; // faqs $query .= "{$column['question']} LIKE '" . pnVarPrepForStore($word) . "' OR \n"; $query .= "{$column['answer']} LIKE '" . pnVarPrepForStore($word) . "'\n"; $query .= ')'; $flag = true; } if (pnConfigGetVar('multilingual') == 1) { $query .= " AND ({$faqcatcol['flanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$faqcatcol['flanguage']}='')"; } $query .= " ORDER BY {$column['id']}"; // get the total count with permissions! if (empty($total)) { $total = 0; $countres =& $dbconn->Execute($query); // check for a db error if ($dbconn->ErrorNo() != 0) { return; } while (!$countres->EOF) { $row = $countres->GetRowAssoc(false); if (pnSecAuthAction(0, "FAQ::", "{$row['categories']}::{$row['id_cat']}", ACCESS_READ)) { $total++; } $countres->MoveNext(); } } $result = $dbconn->SelectLimit($query, 10, $startnum - 1); // check for a db error if ($dbconn->ErrorNo() != 0) { return; } if (!$result->EOF) { $output->Text(_FAQ . ': ' . $total . ' ' . _SEARCHRESULTS); $output->SetInputMode(_PNH_VERBATIMINPUT); // Rebuild the search string from previous information $url = "index.php?name=Search&action=search&active_faqs=1&bool={$bool}&q={$q}"; $output->Text("<dl>"); while (!$result->EOF) { $row = $result->GetRowAssoc(false); if (pnSecAuthAction(0, "FAQ::", "{$row['categories']}::{$row['id_cat']}", ACCESS_READ)) { $row['answer'] = strip_tags($row['answer']); if (strlen($row['answer']) > 128) { $row['answer'] = substr($row['answer'], 0, 125) . '...'; } $output->Text("<dt><a href=\"index.php?name=FAQ&myfaq=yes&id_cat={$row['id_cat']}\">" . pnVarPrepForDisplay($row[question]) . "</a></dt>"); $output->Text("<dd>" . pnVarPrepForDisplay($row[answer]) . "</dd>"); } $result->MoveNext(); } $output->Text('</dl>'); // Munge URL for template $urltemplate = $url . "&startnum=%%&total={$total}"; $output->Pager($startnum, $total, $urltemplate, 10); } else { $output->SetInputMode(_PNH_VERBATIMINPUT); $output->Text(_SEARCH_NO_FAQS); $output->SetInputMode(_PNH_PARSEINPUT); } $output->Linebreak(3); return $output->GetOutput(); }