function makemedia($mediatype, $url, $width, $height) { global $template, $lnc, $config; $mediatype = strtolower($mediatype); $id = rand(1000, 99999); $typedesc = array('wmp' => 'Windows Media Player', 'swf' => 'Flash Player', 'real' => 'Real Player', 'flv' => 'Flash Video Player'); $mediapic = array('wmp' => 'wmp.gif', 'swf' => 'swf.gif', 'real' => 'real.gif', 'flv' => 'swf.gif'); $url = $mediatype == 'flv' ? urlconvert($url, $config['blogurl'] . '/') : $url; $str = "<div class=\"quote mediabox\"><div class=\"quote-title\"><img src=\"{$template['images']}/{$mediapic[$mediatype]}\" alt=\"\"/>{$typedesc[$mediatype]}{$lnc[268]}</div><div class=\"quote-content\"><a href=\"javascript: playmedia('player{$id}', '{$mediatype}', '{$url}', '{$width}', '{$height}');\">{$lnc[269]}</a><div id='player{$id}' style='display:none;'></div></div></div>"; return $str; }
} session_cache_limiter("private, must-revalidate"); session_start(); if ($securitycode == '' || strtolower($securitycode) != strtolower($_SESSION['code'])) { catcherror($lnc[165]); } } $sitename = safe_convert(trimplus($sitename)); $siteurl = safe_convert(trimplus($siteurl)); $sitelogo = safe_convert(trimplus($sitelogo)); $siteintro = safe_convert(trimplus($siteintro)); if (!$sitename || !$siteurl) { catcherror($lnc[179]); } $siteurl = urlconvert($siteurl); $sitelogo = urlconvert($sitelogo); $siteid = time() . rand(0, 10); if (preg_search($sitename, $forbidden['banword']) || preg_search($siteintro, $forbidden['banword']) || preg_search($siteurl, $forbidden['banword']) || preg_search($sitename, $forbidden['suspect']) || preg_search($siteintro, $forbidden['suspect']) || preg_search($siteurl, $forbidden['suspect'])) { catcherror($lnc[214]); } $addline = "<?PHP exit();?><|>{$siteid}<|>{$sitename}<|>{$siteurl}<|>{$sitelogo}<|>{$siteintro}<|>\n"; $filename = "data/cache_applylinks.php"; $oldcontent = @readfromfile($filename); $content = $addline . $oldcontent; if (!writetofile($filename, $content)) { catcherror($lnc[7] . $filename); } else { catchsuccess($lnc[180], "{$lnc[163]}|index.php"); } } if ($job == 'ajaxverify') {
if ($job == 'save') { acceptrequest('newlinkname,newlinkurl,newlinklogo,newlinkdesc,newlinkgptoid,newisdisplay,linkid,tomodify,alsodel'); if ($newlinkname == '' || $newlinkurl == '' || $newlinkgptoid == '') { $cancel = $lna[241]; } if ($tomodify == '1' && $linkid == '') { $cancel = $lna[241]; } catcherror($cancel); $newlinkname = safe_convert(stripslashes($newlinkname)); $newlinkurl = safe_convert(stripslashes($newlinkurl)); $newlinklogo = safe_convert(stripslashes($newlinklogo)); $newlinkdesc = safe_convert(stripslashes($newlinkdesc)); if ($mbcon['anticorrupturl'] == 1) { $newlinkurl = urlconvert($newlinkurl); $newlinklogo = urlconvert($newlinklogo); } if ($tomodify) { $blog->query("UPDATE `{$db_prefix}links` SET `linkname`='{$newlinkname}', `linkurl`='{$newlinkurl}', `linklogo`='{$newlinklogo}', `linkdesc`='{$newlinkdesc}', `linkgptoid`='{$newlinkgptoid}', `isdisplay`='{$newisdisplay}' WHERE `linkid`='{$linkid}'"); $return_display = 'detail'; } else { $new_link_id = $maxrecord['maxlinkid'] + 1; $blog->query("INSERT INTO `{$db_prefix}links` VALUES ({$new_link_id}, '{$newlinkname}', '{$newlinkurl}', '{$newlinklogo}', '{$newlinkdesc}', '{$newlinkgptoid}', {$new_link_id}, '{$newisdisplay}', '', '')"); $blog->query("UPDATE `{$db_prefix}maxrec` SET `maxlinkid`='{$new_link_id}'"); $return_display = 'add'; } if (!empty($alsodel)) { $filename = "data/cache_applylinks.php"; if (file_exists($filename)) { $wlink = @file($filename); for ($i = 0; $i < count($wlink); $i++) {
session_start(); if ($v_security == '' || strtolower($v_security) != strtolower($_SESSION['code'])) { $cancel = $lnc[165]; } else { //Delete current session session_destroy(); } } $v_repurl = safe_convert(trimplus($v_repurl)); $v_repemail = safe_convert(trimplus($v_repemail)); $v_reppsw = trimplus($v_reppsw); if ($v_reppsw != '') { $v_reppsw = md5($v_reppsw); } if ($mbcon['anticorrupturl'] == 1) { $v_repurl = urlconvert($v_repurl); } if ($stat_property == 1 || $originblog['property'] == 2) { $reproperty = 1; } else { $reproperty = 0; } if ($logstat == 1) { $replier = $userdetail['username']; $replierid = $userdetail['userid']; } else { $v_password = md5($v_password); $v_replier_checker = mystrtolower($v_replier); $userchecker = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$v_replier_checker}'"); if (mystrtolower($userchecker['username']) == $v_replier_checker && $v_password == $userchecker['userpsw']) { $replier = $userchecker['username'];