function blocks_ephem_block($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$currentlang = pnUserGetLang();
if (!pnSecAuthAction(0, 'Ephemeridsblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
if (pnConfigGetVar('multilingual') == 1) {
$column =& $pntable['ephem_column'];
$querylang = "AND ({$column['elanguage']}='" . pnVarPrepForStore($currentlang) . "' OR {$column['elanguage']}='')";
} else {
$querylang = "";
}
$today = getdate();
$eday = $today['mday'];
$emonth = $today['mon'];
$column =& $pntable['ephem_column'];
$result = $dbconn->Execute("SELECT {$column['yid']}, {$column['content']}\n FROM {$pntable['ephem']}\n WHERE {$column['did']}='" . pnVarPrepForStore($eday) . "' AND {$column['mid']}='" . pnVarPrepForStore($emonth) . "' {$querylang}");
$boxstuff = '<span class="pn-normal"><b>' . _ONEDAY . '</b></span><br />';
while (list($yid, $content) = $result->fields) {
$result->MoveNext();
$boxstuff .= '<br /><br />';
$boxstuff .= '<b>' . pnVarPrepForDisplay($yid) . '</b><br />' . pnVarPrepHTMLDisplay(nl2br($content)) . '';
}
if (empty($row['title'])) {
$row['title'] = _EPHEMERIDS;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
function blocks_thelang_block($row)
{
$currentlang = pnUserGetLang();
if (!pnSecAuthAction(0, 'Languageblock::', "{$row['title']}::", ACCESS_OVERVIEW)) {
return;
}
if (!pnConfigGetVar('multilingual')) {
return;
}
$currentURL = $_SERVER['REQUEST_URI'];
if ($currentURL === "") {
$currentURL = "index.php";
}
$pattern = '/\\?newlang=.../';
$currentURL = preg_replace($pattern, '', $currentURL);
$pattern = '/\\&newlang=.../';
$currentURL = pnVarPrepForDisplay(preg_replace($pattern, '', $currentURL));
$append = "&";
if (strpos($currentURL, '?') === false) {
$append = "?";
}
$lang = languagelist();
$handle = opendir('language');
while ($f = readdir($handle)) {
if (is_dir("language/{$f}") && !empty($lang[$f])) {
$langlist[$f] = $lang[$f];
$sel_lang[$f] = '';
}
}
asort($langlist);
$content = '<center><font class="pn-normal">' . _SELECTGUILANG . '</font><br><br>';
if (pnConfigGetVar('useflags')) {
$i = 1;
foreach ($langlist as $k => $v) {
if ($i > 3) {
$content .= "<br>\n";
$i = 1;
}
$imgsize = @getimagesize("images/flags/flag-{$k}.png");
$content .= "<a href=\"{$currentURL}" . $append . "newlang={$k}\"><img src=\"images/flags/flag-{$k}.png\" border=\"0\" alt=\"{$lang[$k]}\" hspace=\"3\" vspace=\"3\" {$imgsize['3']}></a>";
$i++;
}
$content .= '</center>';
} else {
$content .= '<form method="post" action="index.php"><select class="pn-text" name="newlanguage" onChange="top.location.href=this.options[this.selectedIndex].value">';
$sel_lang[$currentlang] = ' selected';
foreach ($langlist as $k => $v) {
$content .= "<option value=\"{$currentURL}" . $append . "newlang={$k}\"{$sel_lang[$k]}>{$v}</option>\n";
}
$content .= '</select></form></center>';
}
if (empty($row['title'])) {
$row['title'] = _SELECTLANGUAGE;
}
$row['content'] = $content;
return themesideblock($row);
}
function blocks_topic_block($row)
{
//global $topic, $catid;
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$currentlang = pnUserGetLang();
if (!pnSecAuthAction(0, 'Topicblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
$language = pnConfigGetVar('language');
$topic = "";
$catid = "";
if (pnConfigGetVar('multilingual') == 1) {
$column =& $pntable['stories_column'];
$querylang = "AND ({$column['alanguage']}='{$currentlang}' OR {$column['alanguage']}='')";
/* the OR is needed to display stories who are posted to ALL languages */
} else {
$querylang = '';
}
$column =& $pntable['topics_column'];
$result = $dbconn->Execute("SELECT {$column['topicid']} AS topicid, {$column['topicname']} as topicname FROM {$pntable['topics']} ORDER BY topicname");
if ($result->EOF) {
return;
} else {
$boxstuff = '<span class="pn-normal">';
if ($topic == "") {
$boxstuff .= "<strong><big>·</big></strong> <b><a href=\"modules.php?op=modload&name=Topics&file=index\">" . _ALL_TOPICS . "</a></b><br>";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name=News&file=index&catid={$catid}\">" . _ALL_TOPICS . "</a><br>";
}
while (!$result->EOF) {
$srow = $result->GetRowAssoc(false);
$result->MoveNext();
if (pnSecAuthAction(0, 'Topics::Topic', "{$srow['topicname']}::{$srow['topicid']}", ACCESS_READ)) {
$column =& $pntable['stories_column'];
$result2 = $dbconn->Execute("SELECT {$column['time']} AS unixtime FROM {$pntable['stories']} WHERE {$column['topic']}={$srow['topicid']} {$querylang} ORDER BY {$column['time']} DESC");
if (!$result2->EOF) {
$story = $result2->GetRowAssoc(false);
$story['unixtime'] = $result2->UnixTimeStamp($story['unixtime']);
$sdate = ml_ftime(_DATEBRIEF, $story['unixtime']);
if ($topic == $srow['topicid']) {
$boxstuff .= "<strong><big>·</big></strong> <span class=\"pn-title\"><b>{$srow['topicname']}</b></span> <span class=\"pn-sub\">({$sdate})</span><br>";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=index&catid={$catid}&topic={$srow['topicid']}\">{$srow['topicname']}</a> <span class=\"pn-sub\">({$sdate})</span><br>";
}
}
}
}
}
$boxstuff .= '</span>';
if (empty($row['title'])) {
$row['title'] = _TOPICS;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
function blocks_category_block($row)
{
global $topic, $catid;
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!pnSecAuthAction(0, 'Categoryblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
if (pnConfigGetVar('multilingual') == 1) {
$column =& $pntable['stories_column'];
$querylang = "AND ({$column['alanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$column['alanguage']}='')";
/* the OR is needed to display stories who are posted to ALL languages */
} else {
$querylang = '';
}
$column =& $pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT {$column['catid']} as catid, {$column['title']} as title FROM {$pntable['stories_cat']} ORDER BY {$column['title']}");
if ($result->EOF) {
return;
} else {
$boxstuff = '<span class="pn-normal">';
if ($catid == "") {
// $boxstuff .= '<strong><big>·</big></strong> <b>'._ALL_CATEGORIES.'</b><br />';
$boxstuff .= "";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name=News&file=index&topic={$topic}\">" . _ALL_CATEGORIES . "</a><br />";
}
for (; !$result->EOF; $result->MoveNext()) {
$srow = $result->GetRowAssoc(false);
if (pnSecAuthAction(0, 'Stories::Category', "{$srow['title']}::{$srow['catid']}", ACCESS_READ)) {
$column =& $pntable['stories_column'];
$result2 = $dbconn->Execute("SELECT {$column['time']} AS unixtime\n FROM {$pntable['stories']}\n WHERE {$column['catid']}=" . pnVarPrepForStore($srow['catid']) . " {$querylang}\n ORDER BY {$column['time']} DESC");
if (!$result2->EOF) {
$story = $result2->GetRowAssoc(false);
$story['unixtime'] = $result2->UnixTimeStamp($story['unixtime']);
$sdate = ml_ftime(_DATEBRIEF, $story['unixtime']);
if ($catid == $srow['catid']) {
$boxstuff .= "<strong><big>·</big></strong> <span class=\"pn-title\"><b>" . pnVarPrepForDisplay($srow['title']) . "</b></span> <span class=\"pn-sub\">(" . pnVarPrepForDisplay($sdate) . ")</span><br />";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=index&catid={$srow['catid']}&topic={$topic}\">" . pnVarPrepForDisplay($srow['title']) . "</a> <span class=\"pn-sub\">(" . pnVarPrepForDisplay($sdate) . ")</span><br />";
}
}
}
}
}
$boxstuff .= '</span>';
if (empty($row['title'])) {
$row['title'] = _CATEGORIES;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
/**
* initialise a module
*/
function modules_adminapi_initialise($args)
{
// Get arguments from argument array
extract($args);
// Argument check
if (!isset($mid) || !is_numeric($mid)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Get module information
$modinfo = pnModGetInfo($mid);
if (empty($modinfo)) {
pnSessionSetVar('errormsg', _MODNOSUCHMOD);
return false;
}
// Get module database info
pnModDBInfoLoad($modinfo['name'], $modinfo['directory']);
// Module initialisation function
$osdir = pnVarPrepForOS($modinfo['directory']);
@(include "modules/{$osdir}/pninit.php");
@(include "modules/{$osdir}/pnlang/" . pnVarPrepForOS(pnUserGetLang()) . "/init.php");
$func = $modinfo['name'] . '_init';
if (function_exists($func)) {
if ($func() != true) {
return false;
}
}
// Update state of module
if (!modules_adminapi_setstate(array('mid' => $mid, 'state' => _PNMODULE_STATE_INACTIVE))) {
pnSessionSetVar('errormsg', _MODCHANGESTATEFAILED);
return false;
}
// Success
return true;
}
function draw_menu()
{
global $hlpfile;
$currentlang = pnVarCleanFromInput('currentlang');
OpenTable();
echo '<center>' . "\n";
if (count($this->options) == 0) {
$this->title_file = '';
}
if ($this->title_file != '') {
echo '<a href="' . $this->title_file . '" class="pn-title">';
}
echo '<font class="pn-title"><b>' . pnVarPrepForDisplay($this->title_text) . '</b></font>';
if ($this->title_file != '') {
echo '</a></center>';
}
echo "\n" . '<br>' . "\n";
// if (($this->detail_menu) or ($GLOBALS['module']=='oldway'))
// {
// if (isset($this->help_file))
// {
$currentlang = pnUserGetLang();
// fixed bug [ #357 ] empty pop up window
if (file_exists($file = "modules/" . $GLOBALS['module'] . "/lang/" . pnVarPrepForOS($currentlang) . "/manual.html")) {
$hlpfile = $file;
echo '<center>[ <a href="javascript:openwindow(' . ')" class="pn-normal">' . _ONLINEMANUAL . '</a> ]' . "</center>\n";
}
// }
// }
if ($this->detail_menu) {
if (count($this->options) == 0) {
echo _ADMIN_NO_OPTION . "\n";
} else {
echo '<br><br>' . "\n" . '<table border="0" width="100%" cellspacing="1">' . "\n";
if ($this->graphic_menu) {
$this->draw_options_graphic();
} else {
$this->draw_options();
}
echo '</table>' . "\n";
}
}
CloseTable();
}
function search_reviews()
{
list($active_reviews, $startnum, $total, $bool, $q) = pnVarCleanFromInput('active_reviews', 'startnum', 'total', 'bool', 'q');
if (empty($active_reviews)) {
return;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$output = new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
if (!isset($startnum) || !is_numeric($startnum)) {
$startnum = 1;
}
if (isset($total) && !is_numeric($total)) {
unset($total);
}
$w = search_split_query($q);
$flag = false;
$revcol =& $pntable['reviews_column'];
$comcol =& $pntable['reviews_comments_column'];
$query = "SELECT DISTINCT {$revcol['id']} as id, {$revcol['title']} as title, {$revcol['score']} as score, {$revcol['hits']} as hits, {$revcol['reviewer']} as reviewer, {$revcol['date']} AS fdate\n FROM {$pntable['reviews']} LEFT JOIN {$pntable['reviews_comments']} ON {$comcol['rid']}={$revcol['id']}\n WHERE \n";
foreach ($w as $word) {
if ($flag) {
switch ($bool) {
case 'AND':
$query .= ' AND ';
break;
case 'OR':
default:
$query .= ' OR ';
break;
}
}
$query .= '(';
// reviews
$query .= "{$revcol['title']} LIKE '{$word}' OR \n";
$query .= "{$revcol['text']} LIKE '{$word}' OR \n";
$query .= "{$revcol['reviewer']} LIKE '{$word}' OR \n";
$query .= "{$revcol['cover']} LIKE '{$word}' OR \n";
$query .= "{$revcol['url']} LIKE '{$word}' OR \n";
$query .= "{$revcol['url_title']} LIKE '{$word}' OR \n";
// reviews_comments
$query .= "{$comcol['comments']} LIKE '{$word}'\n";
$query .= ')';
$flag = true;
}
if (pnConfigGetVar('multilingual') == 1) {
$query .= " AND ({$revcol['rlanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$revcol['rlanguage']}='')";
}
$query .= " ORDER BY {$revcol['date']}";
// get the total count with permissions!
if (empty($total)) {
$total = 0;
$countres = $dbconn->Execute($query);
while (!$countres->EOF) {
$row = $countres->GetRowAssoc(false);
if (pnSecAuthAction(0, "Reviews::", "{$row['title']}::{$row['id']}", ACCESS_READ)) {
$total++;
}
$countres->MoveNext();
}
}
$result = $dbconn->SelectLimit($query, 10, $startnum - 1);
if (!$result->EOF) {
$output->Text(_REVIEWS . ': ' . $total . ' ' . _SEARCHRESULTS);
$output->SetInputMode(_PNH_VERBATIMINPUT);
// Rebuild the search string from previous information
$url = "modules.php?op=modload&name=Search&file=index&action=search&active_reviews=1&bool={$bool}&q={$q}";
$output->Text("<ul>");
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
$row['fdate'] = ml_ftime(_DATELONG, $result->UnixTimeStamp($row['fdate']));
if (pnSecAuthAction(0, "Reviews::", "{$row['title']}::{$row['id']}", ACCESS_READ)) {
$output->Text("<li><a class=\"pn-normal\" href=\"modules.php?op=modload&name=Reviews&file=index&req=showcontent&id={$row['id']}\">{$row['title']}</a> <font class=\"pn-sub\">(score: {$row['score']} - hits: {$row['hits']})</font><br>{$row['reviewer']}<br>{$row['fdate']}</li>");
}
$result->MoveNext();
}
$output->Text("</ul>");
// Munge URL for template
$urltemplate = $url . "&startnum=%%&total={$total}";
$output->Pager($startnum, $total, $urltemplate, 10);
} else {
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text('<font class="pn-normal">' . _SEARCH_NO_REVIEWS . '</font>');
$output->SetInputMode(_PNH_PARSEINPUT);
}
$output->Linebreak(3);
return $output->GetOutput();
}
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
include 'includes/pnAPI.php';
pnInit();
// Get all parameters from input space
list($stop, $minage, $module, $op) = pnVarCleanFromInput('stop', 'minage', 'module', 'op');
// treat all user.php functions as a module for later checks - markwest
define('LOADED_AS_MODULE', '1');
// load languages
if (file_exists($currentlangfile = 'language/' . pnVarPrepForOS(pnUserGetLang()) . '/user.php')) {
include $currentlangfile;
} elseif (file_exists($defaultlangfile = 'language/' . pnVarPrepForOS(pnConfigGetVar('language')) . '/user.php')) {
include $defaultlangfile;
}
// set module and op respective to the different cases
if (!pnUserLoggedIn() && empty($op)) {
$module = 'User';
$op = 'getlogin';
}
if (isset($op) && $op == 'userinfo') {
$module = 'User';
}
if (pnUserLoggedIn() and (empty($op) or $op == 'adminMain')) {
$module = 'User';
$op = 'main';
/**
* display block
*/
function admin_messages_messagesblock_display($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!isset($row['title'])) {
$row['title'] = '';
}
if (!pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::", ACCESS_READ)) {
return;
}
$messagestable = $pntable['message'];
$messagescolumn =& $pntable['message_column'];
if (pnConfigGetVar('multilingual') == 1) {
$currentlang = pnUserGetLang();
$querylang = "AND ({$messagescolumn['mlanguage']}='{$currentlang}' OR {$messagescolumn['mlanguage']}='')";
} else {
$querylang = '';
}
$sql = "SELECT {$messagescolumn['mid']},\n {$messagescolumn['title']},\n {$messagescolumn['content']},\n {$messagescolumn['date']},\n {$messagescolumn['view']}\n FROM {$messagestable}\n WHERE {$messagescolumn['active']} = 1 \n AND ( {$messagescolumn['expire']} > unix_timestamp(now())\n OR {$messagescolumn['expire']} = 0)\n {$querylang}\n ORDER by {$messagescolumn['mid']} DESC";
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
return;
}
$output = new pnHTML();
while (list($mid, $title, $content, $date, $view) = $result->fields) {
$result->MoveNext();
$show = 0;
if (pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::{$mid}", ACCESS_READ)) {
switch ($view) {
case 1:
// Message for everyone
$show = 1;
break;
case 2:
// Message for users
if (pnUserLoggedIn()) {
$show = 1;
}
break;
case 3:
// Messages for non-users
if (!pnUserLoggedIn()) {
$show = 1;
}
break;
case 4:
// Messages for administrators of any description
if (pnSecAuthAction(0, '::', '::', ACCESS_ADMIN)) {
$show = 1;
}
break;
}
}
if ($show) {
list($title, $content) = pnModCallHooks('item', 'transform', '', array($title, $content));
$output->TableStart('', '', 0);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$ttitle = $output->Linebreak();
$ttitle .= $output->Text($title);
$ttitle .= $output->Linebreak(2);
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->TableAddRow(array("<font class=\"pn-title\">" . pnVarPrepHTMLDisplay($ttitle) . "</font>"), 'center');
$output->TableAddRow(array("<font class=\"pn-normal\">" . pnVarPrepHTMLDisplay($content) . "</font>"), 'left');
$output->SetInputMode(_PNH_PARSEINPUT);
$output->TableEnd();
}
}
if ($output->output != "") {
// Don't want a title
$row['title'] = '';
$row['content'] = $output->GetOutput();
return themesideblock($row);
}
}
function search_faqs()
{
list($q, $bool, $startnum, $total, $active_faqs) = pnVarCleanFromInput('q', 'bool', 'startnum', 'total', 'active_faqs');
if (empty($active_faqs)) {
return;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$output = new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
if (!isset($startnum) || !is_numeric($startnum)) {
$startnum = 1;
}
if (isset($total) && !is_numeric($total)) {
unset($total);
}
$w = search_split_query($q);
$flag = false;
$column =& $pntable['faqanswer_column'];
$faqcatcol =& $pntable['faqcategories_column'];
$query = "SELECT {$column['id_cat']} as id_cat, \n \t\t\t\t{$column['question']} as question, \n \t\t\t\t{$column['answer']} as answer,\n \t\t\t\t{$faqcatcol['categories']} as categories\n FROM {$pntable['faqanswer']} \n LEFT JOIN {$pntable['faqcategories']} ON {$column['id_cat']}={$faqcatcol['id_cat']}\n WHERE \n";
foreach ($w as $word) {
if ($flag) {
switch ($bool) {
case 'AND':
$query .= ' AND ';
break;
case 'OR':
default:
$query .= ' OR ';
break;
}
}
$query .= '(';
// faqs
$query .= "{$column['question']} LIKE '{$word}' OR \n";
$query .= "{$column['answer']} LIKE '{$word}'\n";
$query .= ')';
$flag = true;
}
if (pnConfigGetVar('multilingual') == 1) {
$query .= " AND ({$faqcatcol['flanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$faqcatcol['flanguage']}='')";
}
$query .= " ORDER BY {$column['id']}";
// get the total count with permissions!
if (empty($total)) {
$total = 0;
$countres = $dbconn->Execute($query);
while (!$countres->EOF) {
$row = $countres->GetRowAssoc(false);
if (pnSecAuthAction(0, "FAQ::", "{$row['categories']}::{$row['id_cat']}", ACCESS_READ)) {
$total++;
}
$countres->MoveNext();
}
}
$result = $dbconn->SelectLimit($query, 10, $startnum - 1);
if (!$result->EOF) {
$output->Text(_FAQ . ': ' . $total . ' ' . _SEARCHRESULTS);
$output->SetInputMode(_PNH_VERBATIMINPUT);
// Rebuild the search string from previous information
$url = "modules.php?op=modload&name=Search&file=index&action=search&active_faqs=1&bool={$bool}&q={$q}";
$output->Text("<ul>");
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
if (pnSecAuthAction(0, "FAQ::", "{$row['categories']}::{$row['id_cat']}", ACCESS_READ)) {
$output->Text("<li><a class=\"pn-normal\" href=\"modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat={$row['id_cat']}\">{$row['question']}</a><br>Answer: " . nl2br($row[answer]) . "</li>");
}
$result->MoveNext();
}
$output->Text('</ul>');
// Munge URL for template
$urltemplate = $url . "&startnum=%%&total={$total}";
$output->Pager($startnum, $total, $urltemplate, 10);
} else {
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text('<font class="pn-normal">' . _SEARCH_NO_FAQS . '</font>');
$output->SetInputMode(_PNH_PARSEINPUT);
}
$output->Linebreak(3);
return $output->GetOutput();
}
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* To read the license please visit http://www.gnu.org/copyleft/gpl.html
* ----------------------------------------------------------------------
* Original Author of file: larsneo
* Purpose of file: Error Handling
* Usage: Set up the redirection in your .htaccess with
* ErrorDocument 404 http://www.yoursite.com/error.php
* Note: REDIRECT_URL won't be available but
* due to subfolders one can't use a relative path :-/
* ----------------------------------------------------------------------
**/
include_once 'includes/pnAPI.php';
pnInit();
$currentlang = pnUserGetLang();
$currentlang = pnVarPrepForOS($currentlang);
if (file_exists("language/{$currentlang}/error.php")) {
include "language/{$currentlang}/error.php";
} elseif (file_exists("language/eng/error.php")) {
include "language/eng/error.php";
}
$reportlevel = pnConfigGetVar('reportlevel');
$funtext = pnConfigGetVar('funtext');
header('HTTP/1.1 404 Not Found');
include 'header.php';
if ($funtext == 0) {
echo "<h2>" . _ERROR404_HEAD . "</h2>\n" . "<br /><br />\n" . "<strong>" . _ERROR404_TRY . "</strong><br />\n" . _ERROR404_TRY1 . "<br />\n" . "<a href=\"index.php\">" . _ERROR404_TRY2 . "</a><br />\n" . _ERROR404_TRY3 . "<br />\n" . _ERROR404_TRY4 . "\n";
if (pnModAvailable('Search')) {
echo '<br /><a href="' . pnVarPrepForDisplay(pnModURL('Search')) . '">' . _ERROR404_TRY5 . "</a>\n";
}
/**
* load a block
* @param the module name
* @param the name of the block
*/
function pnBlockLoad($modname, $block)
{
global $blocks_modules;
static $loaded = array();
if (isset($loaded["{$modname}{$block}"])) {
return true;
}
if (empty($modname) || $modname == 'Core') {
$modname = 'Core';
$moddir = 'includes/blocks';
$langdir = 'includes/language/blocks';
} else {
$modinfo = pnModGetInfo(pnModGetIdFromName($modname));
$moddir = 'modules/' . pnVarPrepForOS($modinfo['directory']) . '/pnblocks';
$langdir = 'modules/' . pnVarPrepForOS($modinfo['directory']) . '/pnlang';
}
// Load the block
$incfile = $block . ".php";
$filepath = $moddir . '/' . pnVarPrepForOS($incfile);
if (!file_exists($filepath)) {
return false;
}
include_once $filepath;
$loaded["{$modname}{$block}"] = 1;
// Load the block language files
$currentlangfile = $langdir . '/' . pnVarPrepForOS(pnUserGetLang()) . '/' . pnVarPrepForOS($incfile);
$defaultlangfile = $langdir . '/' . pnVarPrepForOS(pnConfigGetVar('language')) . '/' . pnVarPrepForOS($incfile);
if (file_exists($currentlangfile)) {
include $currentlangfile;
} elseif (file_exists($defaultlangfile)) {
include "{$defaultlangfile}";
}
// Initialise block if required (new-style)
$initfunc = "{$modname}_{$block}block_init";
if (function_exists($initfunc)) {
$initfunc();
}
return true;
}
function pollList()
{
if (!pnSecAuthAction(0, 'Polls::', "::", ACCESS_OVERVIEW)) {
return;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$currentlang = pnUserGetLang();
$commentoptions = pnUserGetCommentOptions();
if (pnConfigGetVar('multilingual') == 1) {
$column =& $pntable['poll_desc_column'];
$querylang = "WHERE ({$column['planguage']}='" . pnVarPrepForStore($currentlang) . "' OR {$column['planguage']}='')";
} else {
$querylang = "";
}
$column =& $pntable['poll_desc_column'];
$result = $dbconn->Execute("SELECT {$column['pollid']}, {$column['polltitle']}, {$column['timestamp']}, {$column['voters']} FROM {$pntable['poll_desc']} {$querylang} ORDER BY {$column['timestamp']}");
OpenTable();
OpenTable();
echo "<p style=\"text-align:center\"><span class=\"pn-title\"><b>" . _PASTSURVEYS . "</b></span></p>";
CloseTable();
echo "<table border=\"0\" cellpadding=\"8\"><tr><td>";
echo "<span class=\"pn-normal\">";
$counter = 0;
$resultArray = array();
while ($thisresult = $result->fields) {
$result->MoveNext();
$resultArray[$counter] = $thisresult;
$counter++;
}
for ($count = 0; $count < count($resultArray); $count++) {
$id = $resultArray[$count][0];
$pollTitle = $resultArray[$count][1];
$voters = $resultArray[$count][3];
$column =& $pntable['poll_data_column'];
$result2 = $dbconn->Execute("SELECT SUM({$column['optioncount']}) AS sum FROM {$pntable['poll_data']} WHERE {$column['pollid']}=" . pnVarPrepForStore($id) . "");
list($sum) = $result2->fields;
echo "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=NS-Polls&file=index&pollID={$id}\">" . pnVarPrepForDisplay(stripslashes($pollTitle)) . "</a> ";
echo "(<a class=\"pn-normal\" href=\"modules.php?op=modload&name=NS-Polls&file=index&req=results&pollID={$id}&{$commentoptions}\">" . _RESULTS . "</a> - {$sum} " . _LVOTES . ")<br />\n";
}
echo '</span></td></tr></table>';
CloseTable();
}
function user_dynamic_data()
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$currentlangfile = 'language/' . pnVarPrepForOS(pnUserGetLang()) . '/user.php';
$defaultlangfile = 'language/' . pnVarPrepForOS(pnConfigGetVar('language')) . '/user.php';
if (file_exists($currentlangfile)) {
include $currentlangfile;
} elseif (file_exists($defaultlangfile)) {
include $defaultlangfile;
}
include "header.php";
GraphicAdmin();
OpenTable();
echo "<center><font class=\"pn-title\"><b>" . _USERADMIN . "</b></font></center>";
CloseTable();
// This section displays the dynamic fields
// and the order in which they are displayed
OpenTable();
print '<center><font size="3" class="pn-title"><b>' . _DYNAMICDATA . '</b></font></center><br>' . '<table class=\'pn-normal\' border=\'1\' width=\'100%\'>' . '<tr>' . '<th>' . _FIELDACTIVE . '</th>' . '<th colspan=\'2\'>' . _FIELDLABEL . '</th>' . '<th>' . _FIELDWEIGHT . '</th>' . '<th>' . _FIELDTYPE . '</th>' . '<th>' . _FIELDLENGTH . '</th>' . '<th>' . _DELETE . '</th>' . '</tr>';
$column =& $pntable['user_property_column'];
$result = $dbconn->Execute("SELECT {$column['prop_id']}, {$column['prop_label']},{$column['prop_dtype']},\n {$column['prop_length']}, {$column['prop_weight']}, {$column['prop_validation']}\n FROM {$pntable['user_property']} ORDER BY {$column['prop_weight']}");
if ($dbconn->ErrorNo() != 0) {
echo $dbconn->ErrorNo() . "List User Properties: " . $dbconn->ErrorMsg() . "<br>";
error_log($dbconn->ErrorNo() . "List User Properties: " . $dbconn->ErrorMsg() . "<br>");
return;
}
$active_count = 0;
$true_count = 0;
$total_count = $result->PO_RecordCount();
$prop_weight = 0;
while (list($prop_id, $prop_label, $prop_dtype, $prop_length, $prop_weight, $prop_validation) = $result->fields) {
$result->MoveNext();
$true_count++;
if ($prop_weight != 0) {
$active_count++;
$next_prop_weight = $active_count + 1;
}
$eval_cmd = "\$prop_label_text={$prop_label};";
@eval($eval_cmd);
// display the proper icom and link to enable or disable the field
switch (true) {
// Mandatory Images can't be disabled
case $prop_dtype == _UDCONST_MANDATORY:
$img_cmd = '<img src="images/global/green_dot.gif" border=0 ALT="' . _FIELD_REQUIRED . '">';
break;
case $prop_weight != 0:
$img_cmd = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=deactivate_property&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/green_dot.gif" border=0 ALT="' . _FIELD_DEACTIVATE . '">' . '</a>';
break;
default:
$img_cmd = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=activate_property&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/red_dot.gif" border=0 ALT="' . _FIELD_ACTIVATE . '">' . '</a>';
}
switch ($prop_dtype) {
case _UDCONST_MANDATORY:
$data_type_text = _UDT_MANDATORY;
$data_length_text = _FIELD_NA;
break;
case _UDCONST_CORE:
$data_type_text = _UDT_CORE;
$data_length_text = _FIELD_NA;
break;
case _UDCONST_STRING:
$data_type_text = _UDT_STRING;
$data_length_text = $prop_length;
break;
case _UDCONST_TEXT:
$data_type_text = _UDT_TEXT;
$data_length_text = _FIELD_NA;
break;
case _UDCONST_FLOAT:
$data_type_text = _UDT_FLOAT;
$data_length_text = _FIELD_NA;
break;
case _UDCONST_INTEGER:
$data_type_text = _UDT_INTEGER;
$data_length_text = _FIELD_NA;
break;
default:
$data_length_text = "";
$data_type_text = "";
}
switch (true) {
case $active_count == 0:
$arrows = " ";
break;
case $active_count == 1:
$arrows = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=increase_weight&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/down.gif" alt="' . _DOWN . '" border="0">' . '</a>';
break;
case $true_count == $total_count:
$arrows = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=decrease_weight&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/up.gif" alt="' . _UP . '" border="0">' . '</a>';
break;
default:
$arrows = '<img src="images/global/up.gif" alt="' . _UP . '"> <img src="images/global/down.gif" alt="' . _DOWN . '">';
$arrows = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=decrease_weight&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/up.gif" border="0" alt="' . _UP . '">' . '</a> ' . "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=increase_weight&property={$prop_id}&weight={$prop_weight}\">" . '<img src="images/global/down.gif" border="0" alt="' . _DOWN . '">' . '</a>';
}
if ($prop_dtype == _UDCONST_MANDATORY || $prop_dtype == _UDCONST_CORE) {
$del_text = _FIELD_NA;
} else {
$del_text = "<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=delete_property&property={$prop_id}\">" . _DELETE . '</a>';
}
// .'<img src=\'images/global/green_dot.gif\'>'
print '<tr><td width=\'5%\' align=\'center\'>' . "{$img_cmd}" . '</td>' . '<td width=\'12%\'>' . $prop_label . '</td>' . '<td width=\'12%\'>' . $prop_label_text . '</td>' . '<td width=\'10%\' align=\'center\'>' . $arrows . '</td>' . '<td width=\'15%\' align=\'center\'>' . $data_type_text . '</td>' . '<td width=\'10%\' align=\'center\'>' . $data_length_text . '</td>' . '<td width=\'10%\' align=\'center\'>' . $del_text . '</td>' . '</tr>';
}
print '</table>';
CloseTable();
print "<br>";
OpenTable();
print '<center><font size="3" class="pn-title"><b>' . _ADDFIELD . '</b></font></center><br>' . '<form action="admin.php" method="post">' . '<table class=\'pn-normal\'>' . '<tr>' . '<th align=\'left\'>' . _FIELDLABEL . ':</th>' . '<td>' . '<input type="text" name="label" value="" size="20" maxlength="20" class="pn-normal">' . ' ' . _ADDINSTRUCTIONS . '</td>' . '</tr>' . '<tr>' . '<th align=\'left\'>' . _FIELDTYPE . ':</th>' . '<td>' . '<select name="dtype" class="pn-normal">' . '<option value="' . _UDCONST_STRING . '">' . _UDT_STRING . '</option>' . "\n" . '<option value="' . _UDCONST_TEXT . '">' . _UDT_TEXT . '</option>' . "\n" . '<option value="' . _UDCONST_FLOAT . '">' . _UDT_FLOAT . '</option>' . "\n" . '<option value="' . _UDCONST_INTEGER . '">' . _UDT_INTEGER . '</option>' . "\n" . '</select>' . '</td>' . '</tr>' . '<tr>' . '<th align=\'left\'>' . _FIELDLENGTH . ':</th>' . '<td>' . '<input type="text" name="prop_len" value="" size="3" maxlength="3" class="pn-normal">' . ' ' . _STRING_INSTRUCTIONS . '</td>' . '</tr>' . '<tr><td></td><td>' . "<input type=\"hidden\" name=\"module\" value=\"" . $GLOBALS['module'] . "\">" . "<input type=\"hidden\" name=\"op\" value=\"addDynamic\">" . "<input type=\"submit\" value=\"" . _SUBMIT . "\">" . '</td></tr>' . '</table>' . '<input type="hidden" name="prop_weight" value="' . $next_prop_weight . '">' . '<input type="hidden" name="validation" value="">' . "<input type=\"hidden\" name=\"authid\" value=\"" . pnSecGenAuthKey() . "\">" . '<input type="hidden" name="op" value="add_property">' . '</form>';
CloseTable();
include "footer.php";
}
function blocks_stories_block($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$currentlang = pnUserGetLang();
if (!pnSecAuthAction(0, 'Storiesblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
// Break out options from our content field
$vars = pnBlockVarsFromContent($row['content']);
// Defaults
if (!isset($vars['storiestype'])) {
$vars['storiestype'] = 2;
}
if (!isset($vars['topic'])) {
$vars['topic'] = -1;
}
if (!isset($vars['category'])) {
$vars['category'] = -1;
}
if (!isset($vars['limit'])) {
$vars['limit'] = 10;
}
$row['content'] = "";
$query_started = false;
// Base query
$storiescolumn = $pntable['stories_column'];
$storiescatcolumn = $pntable['stories_cat_column'];
$topicscolumn = $pntable['topics_column'];
$query = "SELECT {$storiescolumn['aid']} AS \"aid\",\n {$storiescolumn['catid']} AS \"cid\",\n {$storiescatcolumn['title']} AS \"cattitle\",\n {$storiescolumn['sid']} AS \"sid\",\n {$topicscolumn['topicid']} AS \"tid\",\n {$storiescolumn['time']} AS \"time\",\n {$storiescolumn['title']} AS \"title\",\n {$topicscolumn['topicname']} AS \"topicname\"\n\t\t\tFROM \t{$pntable['stories']}";
// Assume mysql start
$query .= " LEFT JOIN {$pntable['stories_cat']} ON {$storiescolumn['catid']} = {$storiescatcolumn['catid']}\n\t\t\t\tLEFT JOIN {$pntable['topics']} ON {$storiescolumn['topic']} = {$topicscolumn['topicid']}";
// Assume mysql end
// $query .= " WHERE";
$wherearray = array();
// check language
if (pnConfigGetVar('multilingual') == 1) {
// $query_started = true;
// $query .= " ($storiescolumn[alanguage]='" . pnUserGetLang() . "' OR $storiescolumn[alanguage]='')";
$wherearray[] = " ({$storiescolumn['alanguage']}='" . pnUserGetLang() . "' OR {$storiescolumn['alanguage']}='')";
}
// Qualifier for front-page/not front-page news
// storiestype = 3 - front-page news
// storiestype = 1 - not front-page news
// storiestype = 2 - all news
if ($vars['storiestype'] == '1') {
// where clause already started?
// if ($query_started == true) {
// $query .= " AND";
// }
// $query_started = true;
// $query .= " $storiescolumn[ihome]=1";
$wherearray[] = " {$storiescolumn['ihome']}=1";
}
if ($vars['storiestype'] == '3') {
// where clause already started?
// if ($query_started == true) {
// $query .= " AND";
// }
// $query_started = true;
// $query .= " $storiescolumn[ihome]=0";
$wherearray[] = " {$storiescolumn['ihome']}=0";
}
// Qualifier for particular topic
// topic = -1 - all topics?
if ($vars['topic'] != -1) {
// where clause already started?
// if ($query_started == true) {
// $query .= " AND";
// }
// $query_started = true;
// $query .= " $storiescolumn[topic]=" . pnVarPrepForStore($vars['topic']);
$wherearray[] = " {$storiescolumn['topic']}=" . pnVarPrepForStore($vars['topic']);
}
// Qualifier for particular category
// category = -1 - all categories
if ($vars['category'] != -1) {
// where clause already started?
// if ($query_started = true) {
// $query .= " AND";
// }
// $query .= " $storiescolumn[cid]=" . pnVarPrepForStore($vars['category']);
$wherearray[] = " {$storiescolumn['cid']}=" . pnVarPrepForStore($vars['category']);
}
if ($wherearray) {
$query .= " WHERE " . implode(" AND ", $wherearray);
}
// Qualifier for how many stories
$query .= " ORDER BY {$storiescolumn['time']} DESC";
// we can't use a limit query since permissions might take effect...
//$result = $dbconn->SelectLimit($query, pnVarPrepForStore($vars['limit']));
$result = $dbconn->Execute($query);
// Error checking -- jn
if ($dbconn->ErrorNo() != 0) {
return false;
}
$shown_results = 0;
$postmax = $vars['limit'];
while ((list($aid, $cid, $cattitle, $sid, $tid, $time, $title, $topicname) = $result->FetchRow()) && $shown_results < $postmax) {
$time = $result->UnixTimeStamp($time);
if (!isset($aid)) {
$aid = '';
}
if ($catid == 0) {
// Default category
$cattitle = "" . _ARTICLES . "";
}
if (pnSecAuthAction(0, 'Stories::Story', "{$aid}:{$cattitle}:{$sid}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$topicname}::{$tid}", ACCESS_READ)) {
$row['content'] .= "<strong><big>·</big></strong> <font class=\"pn-sub\"><a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=article&sid=" . pnVarPrepForDisplay($sid) . "\">" . pnVarPrepForDisplay($title) . "</a>\n (" . ml_ftime(_DATEBRIEF, $time) . ")</font><br>\n";
$shown_results++;
}
// removed uncessary MoveNext; FetchRow() from above moves the record set pointer - markwest
// Credit rembert http://forums.postnuke.com/index.php?name=PNphpBB2&file=viewtopic&t=14182
// $result->MoveNext();
}
if (!empty($row['content'])) {
return themesideblock($row);
}
}
/**
* add core data to the template
*
* This function adds some basic data to the template depending on the
* current user and the PN settings.
*
* @param list of module names. all mod vars of these modules will be included too
The mod vars of the current module will always be included
* @return boolean true if ok, otherwise false
* @access public
*/
function add_core_data()
{
$pncore = array();
$pncore['version_num'] = _PN_VERSION_NUM;
$pncore['version_id'] = _PN_VERSION_ID;
$pncore['version_sub'] = _PN_VERSION_SUB;
$pncore['logged_in'] = pnUserLoggedIn();
$pncore['language'] = pnUserGetLang();
$pncore['themeinfo'] = pnThemeInfo(pnUserGetTheme());
pnThemeLoad($pncore['themeinfo']['name']);
$colors = array();
$colors['bgcolor1'] = pnThemeGetVar('bgcolor1');
$colors['bgcolor2'] = pnThemeGetVar('bgcolor2');
$colors['bgcolor3'] = pnThemeGetVar('bgcolor3');
$colors['bgcolor4'] = pnThemeGetVar('bgcolor4');
$colors['bgcolor5'] = pnThemeGetVar('bgcolor5');
$colors['sepcolor'] = pnThemeGetVar('sepcolor');
$colors['textcolor1'] = pnThemeGetVar('textcolor1');
$colors['textcolor2'] = pnThemeGetVar('textcolor2');
// add userdata
$pncore['user'] = pnUserGetVars(pnSessionGetVar('uid'));
// add modvars of current module
$pncore[$this->module] = pnModGetVar($this->module);
// add mod vars of all modules supplied as parameter
foreach (func_get_args() as $modulename) {
// if the modulename is empty do nothing
if (!empty($modulename) && !is_array($modulename) && $modulename != $this->module) {
// check if user wants to have /PNConfig
if ($modulename == _PN_CONFIG_MODULE) {
$pnconfig = pnModGetVar(_PN_CONFIG_MODULE);
foreach ($pnconfig as $key => $value) {
// unserialize all config vars
$pncore['pnconfig'][$key] = @unserialize($value);
}
} else {
$pncore[$modulename] = pnModGetVar($modulename);
}
}
}
$this->assign('pncore', $pncore);
$this->assign($colors);
return true;
}
/**
* load a block
*
* @param string $modname module name
* @param string $block name of the block
* @return bool true on successful load, false otherwise
*/
function pnBlockLoad($modname, $block)
{
static $loaded = array();
if (empty($modname) || $modname == 'Core' || $modname == 'Blocks') {
$modname = 'Core';
$moddir = 'includes/blocks';
$langdir = 'includes/language/blocks';
} else {
$modinfo = pnModGetInfo(pnModGetIdFromName($modname));
$moddir = 'modules/' . pnVarPrepForOS($modinfo['directory']) . '/pnblocks';
$langdir = 'modules/' . pnVarPrepForOS($modinfo['directory']) . '/pnlang';
}
if (isset($loaded["{$modname}/{$block}"])) {
return true;
}
// Load the block
$incfile = $block . '.php';
$filepath = $moddir . '/' . pnVarPrepForOS($incfile);
if (!file_exists($filepath)) {
return false;
}
include_once $filepath;
$loaded["{$modname}/{$block}"] = 1;
// Load the block language files
$currentlangfile = $langdir . '/' . pnVarPrepForOS(pnUserGetLang()) . '/' . pnVarPrepForOS($incfile);
$defaultlangfile = $langdir . '/' . pnVarPrepForOS(pnConfigGetVar('language')) . '/' . pnVarPrepForOS($incfile);
if (file_exists($currentlangfile)) {
include $currentlangfile;
} elseif (file_exists($defaultlangfile)) {
include $defaultlangfile;
}
// get the block info
$infofunc = "{$modname}_{$block}block_info";
if (function_exists($infofunc)) {
$blocks_modules[$block] = $infofunc();
}
// set the module and keys for the new block
$blocks_modules[$block]['bkey'] = $block;
if (!isset($blocks_modules[$block]['module'])) {
$blocks_modules[$block]['module'] = $modname;
}
$blocks_modules[$block]['mid'] = pnModGetIDFromName($blocks_modules[$block]['module']);
// merge the blockinfo in the global list of blocks
if (!isset($GLOBALS['blocks_modules'])) {
$GLOBALS['blocks_modules'] = array();
}
$GLOBALS['blocks_modules'][$blocks_modules[$block]['mid']][$block] = $blocks_modules[$block];
// Initialise block if required (new-style)
$initfunc = "{$modname}_{$block}block_init";
if (function_exists($initfunc)) {
$initfunc();
}
return true;
}
function search_stories()
{
list($startnum, $active_stories, $total, $stories_topics, $stories_cat, $stories_author, $q, $bool) = pnVarCleanFromInput('startnum', 'active_stories', 'total', 'stories_topics', 'stories_cat', 'stories_author', 'q', 'bool');
if (!isset($active_stories) || !$active_stories) {
return;
}
if (!pnModAvailable('News')) {
return;
}
$output =& new pnHTML();
if (!isset($startnum) || !is_numeric($startnum)) {
$startnum = 1;
}
if (isset($total) && !is_numeric($total)) {
unset($total);
}
$dbconn =& pnDBGetConn(true);
$pntable =& pnDBGetTables();
if (empty($bool)) {
$bool = 'OR';
}
$flag = false;
$storcol =& $pntable['stories_column'];
$stcatcol =& $pntable['stories_cat_column'];
$topcol =& $pntable['topics_column'];
$query = '';
$query1 = "SELECT {$storcol['sid']} as sid,\n {$topcol['tid']} as topicid,\n {$topcol['topicname']} as topicname,\n {$topcol['topictext']} as topictext,\n {$storcol['catid']} as catid,\n {$storcol['time']} AS fdate,\n {$storcol['title']} AS story_title,\n {$storcol['aid']} AS aid,\n {$stcatcol['title']} AS cat_title\n FROM {$pntable['stories']}\n LEFT JOIN {$pntable['stories_cat']} ON ({$storcol['catid']}={$stcatcol['catid']})\n LEFT JOIN {$pntable['topics']} ON ({$storcol['topic']}={$topcol['tid']})\n WHERE ";
// hack to get this to work, but much better than what we had before
//$query .= " 1 = 1 ";
// words
$w = search_split_query($q);
if (isset($w)) {
foreach ($w as $word) {
if ($flag) {
switch ($bool) {
case 'AND':
$query .= ' AND ';
break;
case 'OR':
default:
$query .= ' OR ';
break;
}
}
$query .= '(';
$query .= "{$storcol['title']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
$query .= "{$storcol['hometext']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
$query .= "{$storcol['bodytext']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
//$query .= "$storcol[comments] LIKE '".pnVarPrepForStore($word)."' OR ";
$query .= "{$storcol['informant']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
$query .= "{$storcol['notes']} LIKE '" . pnVarPrepForStore($word) . "'";
$query .= ')';
$flag = true;
$no_flag = false;
}
} else {
$no_flag = true;
}
// topics
if (isset($stories_topics) && !empty($stories_topics)) {
$flag = false;
$start_flag = false;
// dont set AND/OR if nothing is in front
foreach ($stories_topics as $v) {
if (empty($v)) {
continue;
}
if (!$no_flag and !$start_flag) {
$query .= ' AND (';
$start_flag = true;
}
if ($flag) {
$query .= ' OR ';
}
$query .= "{$storcol['topic']}='" . pnVarPrepForStore($v) . "'";
$flag = true;
}
if (!$no_flag and $start_flag) {
$query .= ') ';
$no_flag = false;
}
}
// categories
if (!is_array($stories_cat)) {
$stories_cat[0] = '';
}
if (isset($stories_cat[0]) && !empty($stories_cat[0])) {
if (!$no_flag) {
$query .= ' AND (';
}
$flag = false;
foreach ($stories_cat as $v) {
if ($flag) {
$query .= ' OR ';
}
$query .= "{$stcatcol['catid']}='" . pnVarPrepForStore($v) . "'";
$flag = true;
}
if (!$no_flag) {
$query .= ') ';
$no_flag = false;
}
}
// authors
if (isset($stories_author) && $stories_author != '') {
if (!$no_flag) {
$query .= ' AND (';
}
$query .= "{$storcol['informant']}='" . pnVarPrepForStore($stories_author) . "'";
$result =& $dbconn->Execute("SELECT {$pntable['users_column']['uid']} as pn_uid FROM {$pntable['users']} WHERE {$pntable['users_column']['uname']} LIKE '%" . pnVarPrepForStore($stories_author) . "%' OR {$pntable['users_column']['name']} LIKE '%" . pnVarPrepForStore($stories_author) . "%'");
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
$query .= " OR {$storcol['aid']}={$row['pn_uid']}";
$result->MoveNext();
}
if (!$no_flag) {
$query .= ') ';
$no_flag = false;
}
} else {
$stories_author = '';
}
if (pnConfigGetVar('multilingual') == 1) {
if (!empty($query)) {
$query .= ' AND';
}
$query .= " ({$storcol['alanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$storcol['alanguage']}='')";
}
if (empty($query)) {
$query = '1';
}
$query .= " ORDER BY {$storcol['time']} DESC";
$query = $query1 . $query;
// get the total count with permissions!
if (empty($total)) {
$total = 0;
$countres =& $dbconn->Execute($query);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
while (!$countres->EOF) {
$row = $countres->GetRowAssoc(false);
if (pnSecAuthAction(0, 'Stories::Story', "{$row['aid']}:{$row['cat_title']}:{$row['sid']}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$row['topicname']}::{$row['topicid']}", ACCESS_READ)) {
$total++;
}
$countres->MoveNext();
}
}
$result = $dbconn->SelectLimit($query, 10, $startnum - 1);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
if (!$result->EOF) {
$output->Text(_STORIES_TOPICS . ': ' . $total . ' ' . _SEARCHRESULTS);
$output->SetInputMode(_PNH_VERBATIMINPUT);
// Rebuild the search string from previous information
$url = 'index.php?name=Search&action=search&active_stories=1&stories_author=' . pnVarPrepForDisplay($stories_author);
if (isset($stories_cat) && $stories_cat) {
foreach ($stories_cat as $v) {
$url .= "&stories_cat%5B%5D={$v}";
}
}
if (isset($stories_topics) && $stories_topics) {
foreach ($stories_topics as $v) {
$url .= "&stories_topics%5B%5D={$v}";
}
}
$url .= '&bool=' . pnVarPrepForDisplay($bool);
if (isset($q)) {
$url .= '&q=' . pnVarPrepForDisplay($q);
}
$output->Text('<dl>');
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
if (pnSecAuthAction(0, 'Stories::Story', "{$row['aid']}:{$row['cat_title']}:{$row['sid']}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$row['topicname']}::{$row['topicid']}", ACCESS_READ)) {
$row['fdate'] = ml_ftime(_DATELONG, $result->UnixTimeStamp($row['fdate']));
$output->Text('<dt><a href="index.php?name=News&file=article&sid=' . pnVarPrepForDisplay($row['sid']) . '">' . pnVarPrepHTMLDisplay($row['story_title']) . '</a></dt>');
$output->Text('<dd>');
$output->Text(pnVarPrepForDisplay($row['fdate']) . ' (');
if (!empty($row['topicid'])) {
$output->Text($row['topictext']);
}
if (!empty($row['catid'])) {
$output->Text(' - ' . pnVarPrepHTMLDisplay($row['cat_title']));
}
$output->Text(')</dd>');
}
$result->MoveNext();
}
$output->Text('</dl>');
// Munge URL for template
$urltemplate = $url . "&startnum=%%&total={$total}";
$output->Pager($startnum, $total, $urltemplate, 10);
} else {
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text(_SEARCH_NO_STORIES_TOPICS);
$output->SetInputMode(_PNH_PARSEINPUT);
}
$output->Linebreak(3);
return $output->GetOutput();
}
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file:
// Purpose of file:
// ----------------------------------------------------------------------
include 'includes/pnAPI.php';
pnInit();
include 'includes/legacy.php';
// eugenio themeover 20020413
// pnThemeLoad();
include 'modules/NS-User/tools.php';
include 'modules/NS-User/password.php';
$currentlangfile = 'language/' . pnVarPrepForOS(pnUserGetLang()) . '/user.php';
$defaultlangfile = 'language/' . pnVarPrepForOS(pnConfigGetVar('language')) . '/user.php';
if (file_exists($currentlangfile)) {
include $currentlangfile;
} elseif (file_exists($defaultlangfile)) {
include $defaultlangfile;
}
global $stop, $minage, $module;
if (!pnUserLoggedIn() && empty($op)) {
$module = 'NS-User';
$op = 'getlogin';
}
if (isset($op) && $op == 'userinfo') {
$module = 'NS-User';
}
// New module way
/**
* load a module
* @param name - name of module to load
* @param type - type of functions to load
* @returns string
* @return name of module loaded, or false on failure
*/
function pnModLoad($modname, $type = 'user')
{
static $loaded = array();
if (empty($modname)) {
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$modulestable = $pntable['modules'];
$modulescolumn =& $pntable['modules_column'];
if (!empty($loaded["{$modname}{$type}"])) {
// Already loaded from somewhere else
return $modname;
}
$query = "SELECT {$modulescolumn['directory']},\n {$modulescolumn['state']}\n FROM {$modulestable}\n WHERE {$modulescolumn['name']} = '" . pnVarPrepForStore($modname) . "'";
$result = $dbconn->Execute($query);
if ($dbconn->ErrorNo() != 0) {
return;
}
if ($result->EOF) {
return false;
}
list($directory, $state) = $result->fields;
$result->Close();
// Load the module and module language files
list($osdirectory, $ostype) = pnVarPrepForOS($directory, $type);
$osfile = "modules/{$osdirectory}/pn{$ostype}.php";
if (!file_exists($osfile)) {
// File does not exist
return false;
}
// Load file
include $osfile;
$loaded["{$modname}{$type}"] = 1;
$defaultlang = pnConfigGetVar('language');
if (empty($defaultlang)) {
$defaultlang = 'eng';
}
$currentlang = pnUserGetLang();
if (file_exists("modules/{$osdirectory}/pnlang/{$currentlang}/{$ostype}.php")) {
include "modules/{$osdirectory}/pnlang/" . pnVarPrepForOS($currentlang) . "/{$ostype}.php";
} elseif (file_exists("modules/{$directory}/pnlang/{$defaultlang}/{$ostype}.php")) {
include "modules/{$osdirectory}/pnlang/" . pnVarPrepForOS($defaultlang) . "/{$ostype}.php";
}
// Load datbase info
pnModDBInfoLoad($modname, $directory);
// Return the module name
return $modname;
}
function search_sections()
{
list($active_sections, $startnum, $total, $bool, $q) = pnVarCleanFromInput('active_sections', 'startnum', 'total', 'bool', 'q');
if (empty($active_sections)) {
return;
}
if (!pnModAvailable('Sections')) {
return;
}
$dbconn =& pnDBGetConn(true);
$pntable =& pnDBGetTables();
$output =& new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
if (!isset($startnum) || !is_numeric($startnum)) {
$startnum = 1;
}
if (isset($total) && !is_numeric($total)) {
unset($total);
}
$w = search_split_query($q);
$flag = false;
$seccol =& $pntable['seccont_column'];
$query = "SELECT {$seccol['artid']} as id, {$seccol['title']} as title, {$seccol['secid']} as secid, {$seccol['content']} as content\n FROM {$pntable['seccont']}\n WHERE \n";
foreach ($w as $word) {
if ($flag) {
switch ($bool) {
case 'AND':
$query .= ' AND ';
break;
case 'OR':
default:
$query .= ' OR ';
break;
}
}
$query .= '(';
$query .= "{$seccol['title']} LIKE '" . pnVarPrepForStore($word) . "' OR \n";
$query .= "{$seccol['content']} LIKE '" . pnVarPrepForStore($word) . "')\n";
$flag = true;
}
if (pnConfigGetVar('multilingual') == 1) {
$query .= " AND ({$seccol['slanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$seccol['slanguage']}='')";
}
$query .= " ORDER BY {$seccol['artid']}";
// get the total count with permissions!
if (empty($total)) {
$total = 0;
$countres =& $dbconn->Execute($query);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
while (!$countres->EOF) {
$row = $countres->GetRowAssoc(false);
// we know about the section id so let's get the section name
$column2 =& $pntable['sections_column'];
$result2 =& $dbconn->Execute("SELECT {$column2['secname']} FROM {$pntable['sections']} WHERE {$column2['secid']}={$row['secid']}");
list($secname) = $result2->fields;
if (pnSecAuthAction(0, "Sections::Section", "{$secname}::{$row['secid']}", ACCESS_READ) && pnSecAuthAction(0, "Sections::Article", "{$row['title']}:{$secname}:{$row['id']}", ACCESS_READ)) {
$total++;
}
$countres->MoveNext();
}
}
$result = $dbconn->SelectLimit($query, 10, $startnum - 1);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
if (!$result->EOF) {
$output->Text(_SECTIONS . ': ' . $total . ' ' . _SEARCHRESULTS);
$output->SetInputMode(_PNH_VERBATIMINPUT);
// Rebuild the search string from previous information
$url = "index.php?name=Search&action=search&active_sections=1&bool={$bool}&q={$q}";
$output->Text('<dl>');
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
// we know about the section id so let's get the section name
$column2 =& $pntable['sections_column'];
$result2 =& $dbconn->Execute("SELECT {$column2['secname']} FROM {$pntable['sections']} WHERE {$column2['secid']}={$row['secid']}");
list($secname) = $result2->fields;
if (pnSecAuthAction(0, "Sections::Section", "{$secname}::{$row['secid']}", ACCESS_READ) && pnSecAuthAction(0, "Sections::Article", "{$row['title']}:{$secname}:{$row['id']}", ACCESS_READ)) {
$row['content'] = strip_tags($row['content']);
if (strlen($row['content']) > 128) {
$row['content'] = substr($row['content'], 0, 125) . '...';
}
$output->Text("<dt><a href=\"index.php?name=Sections&req=viewarticle&artid={$row['id']}\">" . pnVarPrepForDisplay($row[title]) . "</a></dt>");
$output->Text("<dd>" . pnVarPrepForDisplay($row[content]) . "</dd>");
}
$result->MoveNext();
}
$output->Text('</dl>');
// Munge URL for template
$urltemplate = $url . "&startnum=%%&total={$total}";
$output->Pager($startnum, $total, $urltemplate, 10);
} else {
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text(_SEARCH_NO_SECTIONS);
$output->SetInputMode(_PNH_PARSEINPUT);
}
$output->Linebreak(3);
return $output->GetOutput();
}
/**
* pnModLangLoad
* loads the language files for a module
*
* @author Mark West
* @link http://www.markwest.me.uk
* @param modname - name of the module
* @param type - type of the language file to load e.g. user, admin
* @param api - load api lang file or gui lang file
*/
function pnModLangLoad($modname, $type = 'user', $api = false)
{
// define input, all numbers and booleans to strings
$modname = isset($modname) ? (string) $modname : '';
// validate
if (!pnVarValidate($modname, 'mod')) {
return false;
}
// get the module info
$modinfo = isset($modname) ? pnModGetInfo(pnModGetIDFromName($modname)) : false;
if (!$modinfo) {
return false;
}
// create variables for the OS preped version of the directory
list($osdirectory, $ostype) = pnVarPrepForOS($modinfo['directory'], $type);
$defaultlang = pnConfigGetVar('language');
if (empty($defaultlang)) {
$defaultlang = 'eng';
}
$osapi = '';
if ($api) {
$osapi = 'api';
}
$currentlang = pnUserGetLang();
if (file_exists("modules/{$osdirectory}/pnlang/{$currentlang}/{$ostype}{$osapi}.php")) {
include_once "modules/{$osdirectory}/pnlang/" . pnVarPrepForOS($currentlang) . "/{$ostype}{$osapi}.php";
} elseif (file_exists("modules/{$osdirectory}/pnlang/{$defaultlang}/{$ostype}{$osapi}.php")) {
include_once "modules/{$osdirectory}/pnlang/" . pnVarPrepForOS($defaultlang) . "/{$ostype}{$osapi}.php";
}
return;
}
function __construct()
{
$theme = pnUserGetTheme();
$osTheme = pnVarPrepForOS($theme);
pnThemeLoad($theme);
global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5, $bgcolor6, $textcolor1, $textcolor2;
// call constructor
parent::__construct();
// gather module information
$pcModInfo = pnModGetInfo(pnModGetIDFromName(__POSTCALENDAR__));
$pcDir = pnVarPrepForOS($pcModInfo['directory']);
$pcDisplayName = $pcModInfo['displayname'];
unset($pcModInfo);
// setup up pcSmarty configs
$this->compile_check = true;
$this->force_compile = false;
$this->debugging = false;
$this->template_dir = "modules/{$pcDir}/pntemplates";
array_push($this->plugins_dir, "modules/{$pcDir}/pnincludes/Smarty/plugins");
array_push($this->plugins_dir, "modules/{$pcDir}/plugins");
$this->compile_dir = "modules/{$pcDir}/pntemplates/compiled";
$this->cache_dir = "modules/{$pcDir}/pntemplates/cache";
$this->caching = _SETTING_USE_CACHE;
$this->cache_lifetime = _SETTING_CACHE_LIFETIME;
$this->left_delimiter = '[-';
$this->right_delimiter = '-]';
//============================================================
// checks for safe mode
// i think it's safe to say we can do this automagically now
//============================================================
$safe_mode = ini_get('safe_mode');
$safe_mode_gid = ini_get('safe_mode_gid');
$open_basedir = ini_get('open_basedir');
$use_safe_mode = (bool) $safe_mode || (bool) $safe_mode_gid || !empty($open_basedir);
if ($use_safe_mode) {
$this->use_sub_dirs = false;
} else {
$this->use_sub_dirs = true;
}
unset($use_safe_mode, $safe_mode, $safe_mode_gid, $open_basedir);
$this->autoload_filters = array('output' => array('trimwhitespace'));
$lang = pnUserGetLang();
$func = pnVarCleanFromInput('func');
$print = pnVarCleanFromInput('print');
// assign theme globals
$this->assign_by_ref('BGCOLOR1', $bgcolor1);
$this->assign_by_ref('BGCOLOR2', $bgcolor2);
$this->assign_by_ref('BGCOLOR3', $bgcolor3);
$this->assign_by_ref('BGCOLOR4', $bgcolor4);
$this->assign_by_ref('BGCOLOR5', $bgcolor5);
$this->assign_by_ref('BGCOLOR6', $bgcolor6);
$this->assign_by_ref('TEXTCOLOR1', $textcolor1);
$this->assign_by_ref('TEXTCOLOR2', $textcolor2);
$this->assign_by_ref('USER_LANG', $lang);
$this->assign_by_ref('FUNCTION', $func);
$this->assign('PRINT_VIEW', $print);
$this->assign('USE_POPUPS', _SETTING_USE_POPUPS);
$this->assign('USE_TOPICS', _SETTING_DISPLAY_TOPICS);
$this->assign('USE_INT_DATES', _SETTING_USE_INT_DATES);
$this->assign('OPEN_NEW_WINDOW', _SETTING_OPEN_NEW_WINDOW);
$this->assign('EVENT_DATE_FORMAT', _SETTING_DATE_FORMAT);
$this->assign('HIGHLIGHT_COLOR', _SETTING_DAY_HICOLOR);
$this->assign('24HOUR_TIME', _SETTING_TIME_24HOUR);
$this->assign_by_ref('MODULE_NAME', $pcDisplayName);
$this->assign_by_ref('MODULE_DIR', $pcDir);
$this->assign('ACCESS_NONE', PC_ACCESS_NONE);
$this->assign('ACCESS_OVERVIEW', PC_ACCESS_OVERVIEW);
$this->assign('ACCESS_READ', PC_ACCESS_READ);
$this->assign('ACCESS_COMMENT', PC_ACCESS_COMMENT);
$this->assign('ACCESS_MODERATE', PC_ACCESS_MODERATE);
$this->assign('ACCESS_EDIT', PC_ACCESS_EDIT);
$this->assign('ACCESS_ADD', PC_ACCESS_ADD);
$this->assign('ACCESS_DELETE', PC_ACCESS_DELETE);
$this->assign('ACCESS_ADMIN', PC_ACCESS_ADMIN);
//=================================================================
// Find out what Template we're using
//=================================================================
$template_name = _SETTING_TEMPLATE;
if (!isset($template_name)) {
$template_name = 'default';
}
//=================================================================
// Find out what Template View to use
//=================================================================
$template_view = pnVarCleanFromInput('tplview');
if (!isset($template_view)) {
$template_view = 'default';
}
$this->config_dir = "modules/{$pcDir}/pntemplates/{$template_name}/config/";
$this->assign_by_ref('TPL_NAME', $template_name);
$this->assign_by_ref('TPL_VIEW', $template_view);
$this->assign('TPL_IMAGE_PATH', $GLOBALS['rootdir'] . "/main/calendar/modules/{$pcDir}/pntemplates/{$template_name}/images");
$this->assign('TPL_ROOTDIR', $GLOBALS['rootdir']);
$this->assign('TPL_STYLE_PATH', "modules/{$pcDir}/pntemplates/{$template_name}/style");
$this->assign('THEME_PATH', "themes/{$osTheme}");
}
function user_main_last10submit($uname)
{
$pntable = pnDBGetTables();
list($dbconn) = pnDBGetConn();
$column =& $pntable['stories_column'];
/**
* Fetch active laguage
*/
if (pnConfigGetVar('multilingual') == 1) {
$querylang = "AND (" . $column['alanguage'] . "='" . pnVarPrepForStore(pnUserGetLang()) . "' OR " . $column['alanguage'] . "='') ";
} else {
$querylang = '';
}
/**
* Build up SQL
*/
$query = "SELECT " . $column['sid'] . ", " . $column['title'] . " " . "FROM " . $pntable['stories'] . " " . "WHERE " . $column['informant'] . "='" . pnVarPrepForStore($uname) . "' " . $querylang . "ORDER BY " . $column['sid'] . " DESC";
/**
* Make limited select
*/
$result = $dbconn->SelectLimit($query, 10, 0);
/**
* Do output
*/
OpenTable();
echo "<font class=\"pn-title\">" . _LAST10SUBMISSIONS . " " . pnVarPrepForDisplay($uname) . ":</font><br><ul>";
while (list($sid, $title) = $result->fields) {
$result->MoveNext();
if (!$title) {
$title = '- no Title -';
}
echo "<li><a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=article&sid={$sid}\">" . pnVarPrepForDisplay($title) . "</a><br>";
}
echo "</ul>";
CloseTable();
}
define('PC_ACCESS_ADD', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_ADD));
define('PC_ACCESS_EDIT', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_EDIT));
define('PC_ACCESS_MODERATE', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_MODERATE));
define('PC_ACCESS_COMMENT', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_COMMENT));
define('PC_ACCESS_READ', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_READ));
define('PC_ACCESS_OVERVIEW', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_OVERVIEW));
define('PC_ACCESS_NONE', pnSecAuthAction(0, 'PostCalendar::', 'null::null', ACCESS_NONE));
//=========================================================================
// Require and Setup utility classes and functions
//=========================================================================
define('DATE_CALC_BEGIN_WEEKDAY', _SETTING_FIRST_DAY_WEEK);
require_once "modules/{$pcDir}/pnincludes/Date/Calc.php";
//=========================================================================
// grab the global language file
//=========================================================================
$userlang = pnUserGetLang();
if (file_exists("modules/{$pcDir}/pnlang/{$userlang}/global.php")) {
require_once "modules/{$pcDir}/pnlang/{$userlang}/global.php";
} else {
require_once "modules/{$pcDir}/pnlang/eng/global.php";
}
unset($userlang);
//=========================================================================
// Setup Smarty defines
//=========================================================================
if (!class_exists('Smarty')) {
define('_PC_SMARTY_LOADED', true);
define('SMARTY_DIR', "modules/{$pcDir}/pnincludes/Smarty/");
require_once SMARTY_DIR . '/Smarty.class.php';
}
require_once "modules/{$pcDir}/pcSmarty.class.php";
function messages()
{
//$bgcolor1 = $GLOBALS["bgcolor1"];
//$bgcolor2 = $GLOBALS["bgcolor2"];
$authid = pnSecGenAuthKey();
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
include "header.php";
$lang = languagelist();
GraphicAdmin();
OpenTable();
echo "<center><font class=\"pn-title\"><b>" . _MESSAGESADMIN . "</b></font></center>";
CloseTable();
// Current messages
if (pnSecAuthAction(0, 'Messages::', '::', ACCESS_EDIT)) {
OpenTable();
echo "<center><font class=\"pn-title\"><b>" . _ALLMESSAGES . "</b></font><br><br><table border=\"1\" width=\"100%\" bgcolor=\"" . $GLOBALS["bgcolor1"] . "\"<tr>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"><b><font class=\"pn-title\">" . _ID . "</font></b></td>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"><b><font class=\"pn-title\">" . _TITLE . "</font></b></td>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"> <b><font class=\"pn-title\">" . _LANGUAGE . "</font></b> </td>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"> <b><font class=\"pn-title\">" . _VIEW . "</font></b> </td>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"> <b><font class=\"pn-title\">" . _ACTIVE . "</font></b> </td>" . "<td bgcolor=\"" . $GLOBALS["bgcolor2"] . "\" align=\"center\"> <b><font class=\"pn-title\">" . _FUNCTIONS . "</font></b> </td></tr>";
$column =& $pntable['message_column'];
$result = $dbconn->Execute("SELECT {$column['mid']},\n {$column['title']},\n {$column['content']},\n {$column['date']},\n {$column['expire']},\n {$column['active']},\n {$column['view']},\n {$column['mlanguage']} \n FROM {$pntable['message']} ");
while (list($mid, $title, $content, $mdate, $expire, $active, $view, $mlanguage) = $result->fields) {
$result->MoveNext();
if (!pnSecAuthAction(0, 'Messages::', "{$title}::{$mid}", ACCESS_EDIT)) {
continue;
}
if ($active == 1) {
$mactive = "" . _YES . "";
} elseif ($active == 0) {
$mactive = "" . _NO . "";
}
switch ($view) {
case "1":
$mview = "" . _MVALL . "";
break;
case "2":
$mview = "" . _MVUSERS . "";
break;
case "3":
$mview = "" . _MVANON . "";
break;
case "4":
$mview = "" . _MVADMIN . "";
break;
}
if ($mlanguage == "") {
$mlanguage = "" . _ALL . "";
}
echo "<tr><td align=\"right\"><font class=\"pn-normal\"><b>" . pnVarPrepForDisplay($mid) . "</b>" . "</font></td><td align=\"left\" width=\"100%\"><font class=\"pn-normal\"><b>" . pnVarPrepForDisplay($title) . "</b>" . "</font></td><td align=\"center\"><font class=\"pn-normal\">" . pnVarPrepForDisplay($mlanguage) . "</font></td><td align=\"center\" nowrap><font class=\"pn-normal\">" . pnVarPrepForDisplay($mview) . "</font></td><td align=\"center\"><font class=\"pn-normal\">" . pnVarPrepForDisplay($mactive) . "</font></td><td align=\"right\" nowrap><font class=\"pn-normal\">(<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=editmsg&mid={$mid}&authid={$authid}\">" . _EDIT . "</a></font>";
if (pnSecAuthAction(0, 'Messages::', "{$title}::{$mid}", ACCESS_DELETE)) {
echo "-<a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=deletemsg&mid={$mid}\">" . _DELETE . "</a>)";
} else {
echo ")";
}
echo "</td></tr>";
}
echo "</table></center><br>";
}
CloseTable();
// New message
if (pnSecAuthAction(0, 'Messages::', '::', ACCESS_ADD)) {
OpenTable();
echo "<center><font class=\"pn-title\"><b>" . _ADDMSG . "</b></font></center><br>";
echo "<form action=\"admin.php\" method=\"post\">";
echo "<b><font class=\"pn-normal\">" . _MESSAGETITLE . ":</font></b><br>" . "<input type=\"text\" name=\"add_title\" value=\"\" size=\"50\" maxlength=\"100\"><br><br>" . "<b><font class=\"pn-normal\">" . _MESSAGECONTENT . ":</font></b><br>" . "<textarea name=\"add_content\" rows=\"10\" cols=\"80\"></textarea><br><br><font class=\"pn-normal\">" . '<b>' . _LANGUAGE . ': </b></font>' . '<select name="add_mlanguage" size="1">' . '<option value="">' . _ALL . '</option>';
$sel_lang[pnUserGetLang()] = ' selected';
$handle = opendir('language');
while ($f = readdir($handle)) {
if (is_dir("language/{$f}") && !empty($lang[$f])) {
$langlist[$f] = $lang[$f];
}
}
asort($langlist);
// a bit ugly, but it works in E_ALL conditions (Andy Varganov)
foreach ($langlist as $k => $v) {
echo '<option value="' . $k . '"';
if (isset($sel_lang[$k])) {
echo ' selected';
}
echo '>' . $v . '</option>';
}
print '</select><br><br>';
$now = time();
//print '<b>'._EXPIRATION.':</b> <select name="add_expire">'
//."<option value=\"86400\" >1 "._DAY."</option>"
//."<option value=\"172800\" >2 "._DAYS."</option>"
//."<option value=\"432000\" >5 "._DAYS."</option>"
//."<option value=\"1296000\" >15 "._DAYS."</option>"
//."<option value=\"2592000\" >30 "._DAYS."</option>"
//."<option value=\"0\" >"._UNLIMITED."</option>"
//."</select><br><br>"
print "<font class=\"pn-normal\"><b>" . _ACTIVE . "?</b> <input type=\"radio\" name=\"add_active\" value=\"1\" checked>" . _YES . " " . "<input type=\"radio\" name=\"add_active\" value=\"0\" >" . _NO . "</font>";
echo "<br><br><b><font class=\"pn-normal\">" . _VIEWPRIV . "</font></b> <select name=\"add_view\">" . "<option value=\"1\" >" . _MVALL . "</option>" . "<option value=\"2\" >" . _MVUSERS . "</option>" . "<option value=\"3\" >" . _MVANON . "</option>" . "<option value=\"4\" >" . _MVADMIN . "</option>" . "</select><br><br>" . "<input type=\"hidden\" name=\"module\" value=\"" . $GLOBALS['module'] . "\">" . "<input type=\"hidden\" name=\"op\" value=\"addmsg\">" . "<input type=\"hidden\" name=\"add_mdate\" value=\"{$now}\">" . "<input type=\"hidden\" name=\"authid\" value=\"" . pnSecGenAuthKey() . "\">" . "<input type=\"submit\" value=\"" . _ADDMSG . "\">" . "</form>";
CloseTable();
}
include "footer.php";
}
/**
* send an email
* @param to - recipient of the email
* @param subject - title of the email
* @param message - body of the email
* @param headers - extra headers for the email
* @param debug - if 1, echo mail content
* @returns bool
* @return true if the email was sent, false if not
*/
function pnMail($to, $subject, $message, $headers, $debug = 0)
{
// Language translations
switch (pnUserGetLang()) {
case 'rus':
if (!empty($headers)) {
$headers .= "\n";
}
$headers .= "Content-Type: text/plain; charset=koi8-r";
$subject = convert_cyr_string($subject, "w", "k");
$message = convert_cyr_string($message, "w", "k");
$headers = convert_cyr_string($headers, "w", "k");
break;
}
// Debug
if ($debug) {
echo "Mail To: " . $to . "<br>";
echo "Mail Subject: " . $subject . "<br>";
echo "Mail Message: " . $message . "<br>";
echo "Mail Headers: " . $headers . "<br>";
}
// Mail message
// do not display error messages [class007]
$return = @mail($to, $subject, $message, $headers);
return $return;
}
// ----------------------------------------------------------------------
/**
* Function to display banners in all pages
*/
if (!function_exists('pnInit')) {
include 'includes/pnAPI.php';
pnInit();
include 'includes/legacy.php';
// eugenio themeover 20020413
// pnThemeLoad();
}
/**
* Load lang file
*/
if (file_exists("language/" . pnVarPrepForOS(pnUserGetLang()) . "/banners.php")) {
include "language/" . pnVarPrepForOS(pnUserGetLang()) . "/banners.php";
} elseif (file_exists("language/eng/banners.php")) {
include "language/eng/banners.php";
}
/**
* Function to redirect the clicks to the
* correct url and add 1 click
*/
function clickbanner()
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$bid = pnVarCleanFromInput('bid');
$column =& $pntable['banner_column'];
$bresult = $dbconn->Execute("SELECT {$column['clickurl']}\n FROM {$pntable['banner']}\n WHERE {$column['bid']}='" . pnVarPrepForStore($bid) . "'");
list($clickurl) = $bresult->fields;
/**
* Make common language selection dropdown
*
* @author Tim Litwiller
*/
function lang_dropdown()
{
$currentlang = pnUserGetLang();
echo "<select name=\"alanguage\" class=\"pn-text\" id=\"language\">";
$lang = languagelist();
print "<option value=\"\">" . _ALL . '</option>';
$handle = opendir('language');
while (false !== ($f = readdir($handle))) {
if (is_dir("language/{$f}") && @$lang[$f]) {
$langlist[$f] = $lang[$f];
}
}
asort($langlist);
foreach ($langlist as $k => $v) {
echo '<option value="' . $k . '"';
if ($currentlang == $k) {
echo ' selected="selected"';
}
echo '>' . pnVarPrepForDisplay($v) . '</option> ';
}
echo "</select>";
}
function search_faqs()
{
list($q, $bool, $startnum, $total, $active_faqs) = pnVarCleanFromInput('q', 'bool', 'startnum', 'total', 'active_faqs');
if (empty($active_faqs)) {
return;
}
if (!pnModAvailable('FAQ')) {
return;
}
$dbconn =& pnDBGetConn(true);
$pntable =& pnDBGetTables();
$output =& new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
if (!isset($startnum) || !is_numeric($startnum)) {
$startnum = 1;
}
if (isset($total) && !is_numeric($total)) {
unset($total);
}
$w = search_split_query($q);
$flag = false;
$column =& $pntable['faqanswer_column'];
$faqcatcol =& $pntable['faqcategories_column'];
$query = "SELECT {$column['id_cat']} as id_cat, \n \t\t\t\t{$column['question']} as question, \n \t\t\t\t{$column['answer']} as answer,\n \t\t\t\t{$faqcatcol['categories']} as categories\n FROM {$pntable['faqanswer']} \n LEFT JOIN {$pntable['faqcategories']} ON {$column['id_cat']}={$faqcatcol['id_cat']}\n WHERE {$column['answer']} != \"\" AND \n";
foreach ($w as $word) {
if ($flag) {
switch ($bool) {
case 'AND':
$query .= ' AND ';
break;
case 'OR':
default:
$query .= ' OR ';
break;
}
}
$query .= '(';
// faqs
$query .= "{$column['question']} LIKE '" . pnVarPrepForStore($word) . "' OR \n";
$query .= "{$column['answer']} LIKE '" . pnVarPrepForStore($word) . "'\n";
$query .= ')';
$flag = true;
}
if (pnConfigGetVar('multilingual') == 1) {
$query .= " AND ({$faqcatcol['flanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$faqcatcol['flanguage']}='')";
}
$query .= " ORDER BY {$column['id']}";
// get the total count with permissions!
if (empty($total)) {
$total = 0;
$countres =& $dbconn->Execute($query);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
while (!$countres->EOF) {
$row = $countres->GetRowAssoc(false);
if (pnSecAuthAction(0, "FAQ::", "{$row['categories']}::{$row['id_cat']}", ACCESS_READ)) {
$total++;
}
$countres->MoveNext();
}
}
$result = $dbconn->SelectLimit($query, 10, $startnum - 1);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
if (!$result->EOF) {
$output->Text(_FAQ . ': ' . $total . ' ' . _SEARCHRESULTS);
$output->SetInputMode(_PNH_VERBATIMINPUT);
// Rebuild the search string from previous information
$url = "index.php?name=Search&action=search&active_faqs=1&bool={$bool}&q={$q}";
$output->Text("<dl>");
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
if (pnSecAuthAction(0, "FAQ::", "{$row['categories']}::{$row['id_cat']}", ACCESS_READ)) {
$row['answer'] = strip_tags($row['answer']);
if (strlen($row['answer']) > 128) {
$row['answer'] = substr($row['answer'], 0, 125) . '...';
}
$output->Text("<dt><a href=\"index.php?name=FAQ&myfaq=yes&id_cat={$row['id_cat']}\">" . pnVarPrepForDisplay($row[question]) . "</a></dt>");
$output->Text("<dd>" . pnVarPrepForDisplay($row[answer]) . "</dd>");
}
$result->MoveNext();
}
$output->Text('</dl>');
// Munge URL for template
$urltemplate = $url . "&startnum=%%&total={$total}";
$output->Pager($startnum, $total, $urltemplate, 10);
} else {
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text(_SEARCH_NO_FAQS);
$output->SetInputMode(_PNH_PARSEINPUT);
}
$output->Linebreak(3);
return $output->GetOutput();
}
