fclose($fp);
$linkurl = script_path . 'index.php';
$tpl_blog = addslashes($tpl_blog);
$tpl_blog = str_replace("%HOME%", $HOME_TEXT, $tpl_blog);
$tpl_blog = str_replace("%HOME_LINK%", $linkurl, $tpl_blog);
$tpl_profile = addslashes($tpl_profile);
$tpl_profile = str_replace("%HOME%", $HOME_TEXT, $tpl_profile);
$tpl_profile = str_replace("%HOME_LINK%", $linkurl, $tpl_profile);
$tpl_friends = addslashes($tpl_friends);
$tpl_friends = str_replace("%HOME%", $HOME_TEXT, $tpl_friends);
$tpl_friends = str_replace("%HOME_LINK%", $linkurl, $tpl_friends);
$db = new sqldb2($DB_CONFIG_v2);
// get users
$name_id = array();
$all_users = array();
$t = $db->query('SELECT * FROM nlb_users;');
while ($row = mysql_fetch_assoc($t)) {
$all_users[] = $row;
$name_id[$row['username']] = $row['id'];
}
// get blogs
$all_blogs = $db->getAllArray('SELECT * FROM nlb_blogs;');
// get comments
$all_com = $db->getAllArray('SELECT * FROM nlb_comments;');
$db->clear();
$db->setConfig($DB_CONFIG_v3);
$db->connect();
$now = time();
$past = 458895600;
//
// INSERT USERS
* V A L I D A T E U S E R
* =======================================
*/
// validate a users email address.
$ets->page_body = "";
$USESKIN = skin_basic;
if ($user->isLogedIn || !isset($_PATH['code'])) {
$ets->page_body .= $l['validate_failed'];
} else {
$code = $_PATH['code'];
$info = $db->getArray('SELECT * FROM ' . db_validate . ' WHERE code="' . $code . '" LIMIT 1;');
if (empty($info)) {
$ets->page_body .= $l['validate_failed'];
} else {
// validate the user & remove the row.
$db->query('UPDATE ' . db_users . ' SET valid=1 WHERE user_id=' . $info['owner_id'] . ' LIMIT 1;');
$db->query('DELETE FROM ' . db_validate . ' WHERE validate_id=' . $info['validate_id'] . ' LIMIT 1;');
$ets->page_body .= $l['validate_good'];
}
}
$ets_outter->main_title = $config->get('site_name') . ': ' . $l['title-validate'];
$ets_outter->page_title = $l['title-validate'];
break;
}
$ets_outter->sitenav = buildMainNav($l, $user);
$ets_outter->recent_blogs = $b->getRecent($config);
$ets_outter->query_count = $db->getquerycount();
$ets_outter->script_path = $script_path;
$ets_outter->gen_time = mymicrotime($start, 5);
$ets_outter->welcome[] = $user->getWelcomeTags();
printt($ets_outter, skin_header);
$timezone = $c['timezone'] - 13;
$new = array('username' => $c['username'], 'password' => md5($c['password']), 'email' => $c['email'], 'access' => $config->get('default_access'), 'registered' => time(), 'last_login' => time(), 'ip' => $_SERVER['REMOTE_ADDR'], 'blog_count' => 0, 'timezone' => $timezone, 'bio' => "", 'custom' => $c['custom'], 'date_format' => $config->get('default_date_format'), 'birthday' => "", 'perpage' => 10, 'gender' => 0);
$check_email = $config->get('validate_email');
if ($check_email == "true") {
// include mail class thing.
$new['valid'] = 0;
} else {
$new['valid'] = 1;
}
$id = $user->newUser($new);
unset($user);
$user = new nlb_user($db, $id);
// add template into DB.
$date = 1000000;
// make the cache in the past so ETS will update it.
$db->query('INSERT INTO ' . db_source . " ( \r\n\t\t`owner_id` , `blog` , `blog_updated` , `friends` , `friends_updated` , `profile` , `profile_updated` )\r\n\t\tVALUES (\r\n\t\t'{$id}', 'empty', '{$date}', 'empty', '{$date}', 'empty', '{$date}'\r\n\t\t);");
$db->query('INSERT INTO ' . db_cache . " ( \r\n\t\t`owner_id` , `blog` , `blog_updated` , `friends` , `friends_updated` , `profile` , `profile_updated` )\r\n\t\tVALUES (\r\n\t\t'{$id}', 'empty', '{$date}', 'empty', '{$date}', 'empty', '{$date}'\r\n\t\t);");
$user->setTemplateSource($clean['template'], $config->get('home_text'));
// did the first user just register?
if ($id == 1) {
$user->grant('admin');
$user->updateDB();
}
$sent = $user->validateEmail($config);
$ets->page_body = $l['reg-done'];
if ($sent) {
$ets->page_body .= $l['reg-checkmail'];
}
}
}
if (empty($_POST) || $baddata) {
// are that someone is just trying to make an error appear.
}
$userid = addslashes($path['id']);
$home_url = full_url . build_link('blog.php', array('user' => $userid));
$db = new sqldb2($DB_CONFIG);
// user exists?
$user_check = $db->getArray('SELECT count(user_id) AS c FROM ' . db_users . ' WHERE user_id="' . $userid . '";');
if ($user_check['c'] != 1) {
// die('Invalid User');
jsRedirect(script_path . 'index.php');
}
$user = $db->getArray('SELECT username FROM ' . db_users . ' WHERE user_id="' . $userid . '";');
$USER = $user['username'];
$blogs = $db->query('SELECT u.username AS author, b.*
FROM ' . db_users . ' AS u, ' . db_blogs . ' AS b
WHERE b.author_id = ' . $userid . ' AND b.author_id = u.user_id AND b.access = ' . access_public . '
ORDER BY b.date DESC
LIMIT 0, 10');
// print first part of rss
echo '<rss version="2.0">
<channel>
<title>Public blogs posted by ' . $USER . '</title>
<link>' . $home_url . '</link>
<description>The 10 most recent public blogs by ' . $USER . '</description>
<pubDate>' . date('r', time()) . '</pubDate>
<generator>NewLife Blogger v' . nlb_version . '</generator>';
// now print blog items
while ($blog = mysql_fetch_assoc($blogs)) {
foreach ($blog as $key => $val) {
$val = stripslashes($val);
$val = htmlspecialchars($val);
if ($db->getRowCount() == 0) {
// This user has no friends.
$ets->blog[0]->body = $l['no-friends'];
$ets->blog[0]->comments = false;
$ets->blog[0]->author = $u->get('username');
$ets->blog[0]->date = date('M jS, Y g:i a');
} else {
// this user does have friends.
// build it into an IN() paramater
$in = '';
foreach ($list as $row) {
$in .= $row['friend_id'] . ', ';
}
$in = substr($in, 0, -2);
// get avatars of friends.
$results = $db->query('SELECT owner_id, file, isCustom, type FROM ' . db_avatars . ' WHERE owner_id IN(' . $in . ') AND type IN(2,1);');
$avatars = array();
while ($row = mysql_fetch_assoc($results)) {
// do we already have an avatar for this user?
$id = $row['owner_id'];
if (isset($avatars[$id]) && $avatars[$id]['type'] != 2) {
$avatars[$id] = $row;
}
if (!isset($avatars[$id])) {
$avatars[$id] = $row;
}
}
// list of user names for linking
$results = $db->query('SELECT user_id, username FROM ' . db_users . ' WHERE user_id IN(' . $in . ');');
$i = 0;
while ($row = mysql_fetch_assoc($results)) {
jsRedirect(build_link('index.php', array('action' => 'comment', 'id' => $blog_id)));
}
if ($thisblog['access'] == access_private && !$user->isLogedIn) {
jsRedirect(script_path . 'index.php');
}
if ($thisblog['access'] == access_private && $user->isLogedIn && $user->id != $thisblog['author_id']) {
jsRedirect(script_path . 'index.php');
}
if ($thisblog['access'] == access_friendsonly && !$user->isLogedIn) {
jsRedirect(script_path . 'index.php');
}
if ($thisblog['access'] == access_friendsonly && $user->isLogedIn) {
$isAFriend = false;
// get list of blog owners' friends
// This should probally be a method of nlb_users, but I only have to do this once...
$f = $db->query('SELECT friend_id FROM ' . db_friends . ' WHERE owner_id=' . $thisblog['author_id'] . ';');
while ($row = mysql_fetch_assoc($f)) {
if ($row['friend_id'] == $user->id) {
$isAFriend = true;
break;
}
}
if (!$isAFriend) {
// Can't see this blog :(
jsRedirect(script_path . 'index.php');
}
}
$blog->setData($thisblog);
$blog->setDate($thisblog['date_format']);
if ($user->isLogedIn) {
$blog->setDateOffset($config->get('server_timezone'), $user->get('timezone'));
}
$parent = $_POST['parent'];
// get some info about this blog
$info = $db->getArray('SELECT access, comments FROM ' . db_blogs . ' WHERE blog_id="' . $parent . '" LIMIT 1;');
// if anything goes wrong, decide where we will go.
if ($info['access'] == access_news) {
$go = build_link('index.php', array('action' => 'comment', 'id' => $parent));
} else {
$go = build_link('blog.php', array('id' => $parent));
}
// are we alowed to blog here?
if ($info['comments'] == -1) {
jsRedirect($go);
}
// do we have any data to submit?
if (!isset($_POST['body']) || empty($_POST['body'])) {
jsRedirect($go);
}
$body = slash_if_needed($_POST['body']);
// add to db.
$ip = $_SERVER['REMOTE_ADDR'];
$date = time();
if ($user->isLogedIn) {
$userid = $user->id;
} else {
$userid = -1;
}
$db->query("INSERT INTO `" . db_comments . "` ( `comment_id` , `parent_id` , `author_id` , `date` , `body` , `ip` )\r\r\nVALUES (\r\r\n'', '{$parent}', '{$userid}', '{$date}', '{$body}', '{$ip}'\r\r\n);");
$db->query('UPDATE ' . db_blogs . ' SET comments = comments + 1 WHERE blog_id = ' . $parent . ';');
// we are done.
jsRedirect($go);
-----------------------------------------
Nick F <*****@*****.**>
www.sevengraff.com
-----------------------------------------
This product is distributed under the GNU
GPL liscense. A copy of that liscense
should be packaged with this product.
-----------------------------------------
*/
require_once 'config.php';
require_once 'system/functions.php';
require_once 'system/ets_file.php';
require_once 'system/sqldb2.class.php';
require_once 'ets.php';
$db = new sqldb2($DB_CONFIG);
$smiles = $db->query("SELECT * FROM " . db_smiles . ";");
$i = 0;
while ($row = mysql_fetch_assoc($smiles)) {
$ets->items[$i]->img = script_path . 'smiles/' . $row['image'];
$ets->items[$i]->code = $row['code'];
$ets->items[$i]->desc = $row['desc'];
$i++;
}
$ets->java_script = <<<END_OF_JS
<script language="JavaScript" type="text/javascript">
<!--
function insertItem(text) {
\topener.document.new_entry.body.value += ' ' + text + ' ';
}
//-->
