/** * Adds a new member * * @static */ function create($name, $realname, $password, $email, $url, $admin, $canlogin, $notes) { if (!isValidMailAddress($email)) { return _ERROR_BADMAILADDRESS; } if (!isValidDisplayName($name)) { return _ERROR_BADNAME; } if (MEMBER::exists($name)) { return _ERROR_NICKNAMEINUSE; } if (!$realname) { return _ERROR_REALNAMEMISSING; } if (!$password) { return _ERROR_PASSWORDMISSING; } # replaced eregi() below with preg_match(). ereg* functions are deprecated in PHP 5.3.0 # original eregi: !eregi("^https?://", $url) // begin if: sometimes user didn't prefix the URL with http:// or https://, this cause a malformed URL. Let's fix it. if (!preg_match('#^https?://#', $url)) { $url = 'http://' . $url; } // end if $name = sql_real_escape_string($name); $realname = sql_real_escape_string($realname); $password = sql_real_escape_string(md5($password)); $email = sql_real_escape_string($email); $url = sql_real_escape_string($url); $admin = intval($admin); $canlogin = intval($canlogin); $notes = sql_real_escape_string($notes); if ($admin && !$canlogin) { return _ERROR; } $query = 'INSERT INTO ' . sql_table('member') . " (MNAME,MREALNAME,MPASSWORD,MEMAIL,MURL, MADMIN, MCANLOGIN, MNOTES) " . "VALUES ('{$name}','{$realname}','{$password}','{$email}','{$url}',{$admin}, {$canlogin}, '{$notes}')"; sql_query($query); ACTIONLOG::add(INFO, _ACTIONLOG_NEWMEMBER . ' ' . $name); return 1; }
function addTeamMember($memberid, $admin) { global $manager; $memberid = intval($memberid); $admin = intval($admin); // check if member is already a member $tmem = MEMBER::createFromID($memberid); if ($tmem->isTeamMember($this->getID())) { return 0; } $manager->notify('PreAddTeamMember', array('blog' => &$this, 'member' => &$tmem, 'admin' => &$admin)); // add to team $query = 'INSERT INTO ' . sql_table('team') . ' (TMEMBER, TBLOG, TADMIN) ' . 'VALUES (' . $memberid . ', ' . $this->getID() . ', "' . $admin . '")'; sql_query($query); $manager->notify('PostAddTeamMember', array('blog' => &$this, 'member' => &$tmem, 'admin' => $admin)); $logMsg = sprintf(_TEAM_ADD_NEWTEAMMEMBER, $tmem->getDisplayName(), $memberid, $this->getName()); ACTIONLOG::add(INFO, $logMsg); return 1; }
/** * @todo document this */ function disallow() { ACTIONLOG::add(WARNING, _ACTIONLOG_DISALLOWED . serverVar('REQUEST_URI')); $this->error(_ERROR_DISALLOWED); }
public function event_CustomLogin(&$data) { if ($this->enable_security == 'yes' && $this->max_failed_login > 0) { global $_SERVER; $login = $data['login']; $ip = $_SERVER['REMOTE_ADDR']; sql_query("DELETE FROM " . sql_table('plug_securityenforcer') . " WHERE lastfail < " . (time() - $this->login_lockout * 60)); $query = "SELECT fails as result FROM " . sql_table('plug_securityenforcer') . " "; $query .= "WHERE login='******'"; $flogin = quickQuery($query); $query = "SELECT fails as result FROM " . sql_table('plug_securityenforcer') . " "; $query .= "WHERE login='******'"; $fip = quickQuery($query); if ($flogin >= $this->max_failed_login || $fip >= $this->max_failed_login) { $data['success'] = 0; $data['allowlocal'] = 0; $info = sprintf(_SECURITYENFORCER_LOGIN_DISALLOWED, htmlspecialchars($login), htmlspecialchars($ip)); ACTIONLOG::add(INFO, $info); } } return; }
public function sendPings($data) { if (!class_exists('xmlrpcmsg')) { include_libs('xmlrpc.inc.php'); } $this->myBlogId = $data['blogid']; $ping_result = ''; if ($this->getOption('pingpong_pingomatic') == 'yes') { $ping_result .= _PINGING . "Ping-o-matic:\n"; $ping_result .= $this->pingPingomatic(); $ping_result .= " | "; } if ($this->getOption('pingpong_weblogs') == 'yes') { $ping_result .= _PINGING . "Weblogs.com:\n"; $ping_result .= $this->pingWeblogs(); $ping_result .= " | "; } if ($this->getOption('pingpong_technorati') == 'yes') { $ping_result .= _PINGING . "Technorati:\n"; $ping_result .= $this->pingTechnorati(); $ping_result .= " | "; } if ($this->getOption('pingpong_blogrolling') == 'yes') { $ping_result .= _PINGING . "Blogrolling.com:\n"; $ping_result .= $this->pingBlogRollingDotCom(); $ping_result .= " | "; } if ($this->getOption('pingpong_blogs') == 'yes') { $ping_result .= _PINGING . "Blog.gs:\n"; $ping_result .= $this->pingBloGs(); $ping_result .= " | "; } if ($this->getOption('pingpong_weblogues') == 'yes') { $ping_result .= _PINGING . "Weblogues.com:\n"; $ping_result .= $this->pingWebloguesDotCom(); $ping_result .= " | "; } if ($this->getOption('pingpong_bloggde') == 'yes') { $ping_result .= _PINGING . "Blog.de:\n"; $ping_result .= $this->pingBloggDe(); $ping_result .= " | "; } ACTIONLOG::add(INFO, $ping_result); return; }
function disallow() { ACTIONLOG::add(WARNING, _ACTIONLOG_DISALLOWED . serverVar('REQUEST_URI')); $msg = array(0, _CURL_ERROR_DISALLOWED, '***', _DISALLOWED_MSG); $this->error($msg); }
<?php require dirname(__FILE__) . '/../../../config.php'; include_libs('PLUGINADMIN.php'); // create a object of the plugin via Plugin Admin $oPluginAdmin = new PluginAdmin('Ping'); ACTIONLOG::add(INFO, 'NP_Ping: Sending ping (from background)'); $blogid = intval($argv[1]); if ($blogid > 0) { $oPluginAdmin->plugin->sendPings($blogid); } else { ACTIONLOG::add(WARNING, 'NP_Ping: invalid blogid, background ping abort'); }
/** * Remove the technoratitags rows for the specified post, as well as from del.icio.us */ function event_PostDeleteItem($data) { $itemid = $data['itemid']; sql_query('DELETE FROM ' . $this->tablename . ' WHERE itemid = ' . $itemid); if ($this->getOption('DelIcioUs') == "yes") { // get user/password $user = $this->getMemberOption($this->delaid, 'DeliciousUser'); $password = $this->getMemberOption($this->delaid, 'DeliciousPassword'); if ($user != '' && $password != '') { $oPhpDelicious = new PhpDelicious($user, $password); $oPhpDelicious->DeletePost($this->delurl); ACTIONLOG::add(INFO, 'delurl: ' . $this->delurl); } } }
function addToLog($level, $msg) { ACTIONLOG::add($level, $msg); }
/** * Parse skinvar commentform */ function parse_commentform($destinationurl = '') { global $blog, $itemid, $member, $CONF, $manager, $DIR_LIBS, $errormessage; // warn when trying to provide a actionurl (used to be a parameter in Nucleus <2.0) if (stristr($destinationurl, 'action.php')) { $args = func_get_args(); $destinationurl = $args[1]; ACTIONLOG::add(WARNING, _ACTIONURL_NOTLONGER_PARAMATER); } $actionurl = $CONF['ActionURL']; // if item is closed, show message and do nothing $item =& $manager->getItem($itemid, 0, 0); if ($item['closed'] || !$blog->commentsEnabled()) { $this->doForm('commentform-closed'); return; } if (!$blog->isPublic() && !$member->isLoggedIn()) { $this->doForm('commentform-closedtopublic'); return; } if (!$destinationurl) { $destinationurl = createLink('item', array('itemid' => $itemid, 'title' => $item['title'], 'timestamp' => $item['timestamp'], 'extra' => $this->linkparams)); // note: createLink returns an HTML encoded URL } else { // HTML encode URL $destinationurl = htmlspecialchars($destinationurl, ENT_QUOTES); } // values to prefill $user = cookieVar($CONF['CookiePrefix'] . 'comment_user'); if (!$user) { $user = postVar('user'); } $userid = cookieVar($CONF['CookiePrefix'] . 'comment_userid'); if (!$userid) { $userid = postVar('userid'); } $email = cookieVar($CONF['CookiePrefix'] . 'comment_email'); if (!$email) { $email = postVar('email'); } $body = postVar('body'); $this->formdata = array('destinationurl' => $destinationurl, 'actionurl' => htmlspecialchars($actionurl, ENT_QUOTES), 'itemid' => $itemid, 'user' => htmlspecialchars($user, ENT_QUOTES), 'userid' => htmlspecialchars($userid, ENT_QUOTES), 'email' => htmlspecialchars($email, ENT_QUOTES), 'body' => htmlspecialchars($body, ENT_QUOTES), 'membername' => $member->getDisplayName(), 'rememberchecked' => cookieVar($CONF['CookiePrefix'] . 'comment_user') ? 'checked="checked"' : ''); if (!$member->isLoggedIn()) { $this->doForm('commentform-notloggedin'); } else { $this->doForm('commentform-loggedin'); } }
/** * A helper function to load a plugin * * private */ function _loadPlugin($name) { if (!class_exists($name)) { global $DIR_PLUGINS; $fileName = $DIR_PLUGINS . $name . '.php'; if (!file_exists($fileName)) { if (!defined('_MANAGER_PLUGINFILE_NOTFOUND')) { define('_MANAGER_PLUGINFILE_NOTFOUND', 'Plugin %s was not loaded (File not found)'); } ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOTFOUND, $name)); return 0; } // load plugin include $fileName; // check if class exists (avoid errors in eval'd code) if (!class_exists($name)) { if (!defined('_MANAGER_PLUGINFILE_NOCLASS')) { define('_MANAGER_PLUGINFILE_NOCLASS', "Plugin %s was not loaded (Class not found in file, possible parse error)"); } ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOCLASS, $name)); return 0; } // add to plugin array eval('$this->plugins[$name] =& new ' . $name . '();'); // get plugid $this->plugins[$name]->plugid = $this->getPidFromName($name); // unload plugin if a prefix is used and the plugin cannot handle this^ global $MYSQL_PREFIX; if ($MYSQL_PREFIX != '' && !$this->plugins[$name]->supportsFeature('SqlTablePrefix')) { unset($this->plugins[$name]); ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINTABLEPREFIX_NOTSUPPORT, $name)); return 0; } // unload plugin if using non-mysql handler and plugin does not support it global $MYSQL_HANDLER; if (!in_array('mysql', $MYSQL_HANDLER) && !$this->plugins[$name]->supportsFeature('SqlApi')) { unset($this->plugins[$name]); ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINSQLAPI_NOTSUPPORT, $name)); return 0; } // call init method $this->plugins[$name]->init(); } }