fclose($fp); $linkurl = script_path . 'index.php'; $tpl_blog = addslashes($tpl_blog); $tpl_blog = str_replace("%HOME%", $HOME_TEXT, $tpl_blog); $tpl_blog = str_replace("%HOME_LINK%", $linkurl, $tpl_blog); $tpl_profile = addslashes($tpl_profile); $tpl_profile = str_replace("%HOME%", $HOME_TEXT, $tpl_profile); $tpl_profile = str_replace("%HOME_LINK%", $linkurl, $tpl_profile); $tpl_friends = addslashes($tpl_friends); $tpl_friends = str_replace("%HOME%", $HOME_TEXT, $tpl_friends); $tpl_friends = str_replace("%HOME_LINK%", $linkurl, $tpl_friends); $db = new sqldb2($DB_CONFIG_v2); // get users $name_id = array(); $all_users = array(); $t = $db->query('SELECT * FROM nlb_users;'); while ($row = mysql_fetch_assoc($t)) { $all_users[] = $row; $name_id[$row['username']] = $row['id']; } // get blogs $all_blogs = $db->getAllArray('SELECT * FROM nlb_blogs;'); // get comments $all_com = $db->getAllArray('SELECT * FROM nlb_comments;'); $db->clear(); $db->setConfig($DB_CONFIG_v3); $db->connect(); $now = time(); $past = 458895600; // // INSERT USERS
* V A L I D A T E U S E R * ======================================= */ // validate a users email address. $ets->page_body = ""; $USESKIN = skin_basic; if ($user->isLogedIn || !isset($_PATH['code'])) { $ets->page_body .= $l['validate_failed']; } else { $code = $_PATH['code']; $info = $db->getArray('SELECT * FROM ' . db_validate . ' WHERE code="' . $code . '" LIMIT 1;'); if (empty($info)) { $ets->page_body .= $l['validate_failed']; } else { // validate the user & remove the row. $db->query('UPDATE ' . db_users . ' SET valid=1 WHERE user_id=' . $info['owner_id'] . ' LIMIT 1;'); $db->query('DELETE FROM ' . db_validate . ' WHERE validate_id=' . $info['validate_id'] . ' LIMIT 1;'); $ets->page_body .= $l['validate_good']; } } $ets_outter->main_title = $config->get('site_name') . ': ' . $l['title-validate']; $ets_outter->page_title = $l['title-validate']; break; } $ets_outter->sitenav = buildMainNav($l, $user); $ets_outter->recent_blogs = $b->getRecent($config); $ets_outter->query_count = $db->getquerycount(); $ets_outter->script_path = $script_path; $ets_outter->gen_time = mymicrotime($start, 5); $ets_outter->welcome[] = $user->getWelcomeTags(); printt($ets_outter, skin_header);
$timezone = $c['timezone'] - 13; $new = array('username' => $c['username'], 'password' => md5($c['password']), 'email' => $c['email'], 'access' => $config->get('default_access'), 'registered' => time(), 'last_login' => time(), 'ip' => $_SERVER['REMOTE_ADDR'], 'blog_count' => 0, 'timezone' => $timezone, 'bio' => "", 'custom' => $c['custom'], 'date_format' => $config->get('default_date_format'), 'birthday' => "", 'perpage' => 10, 'gender' => 0); $check_email = $config->get('validate_email'); if ($check_email == "true") { // include mail class thing. $new['valid'] = 0; } else { $new['valid'] = 1; } $id = $user->newUser($new); unset($user); $user = new nlb_user($db, $id); // add template into DB. $date = 1000000; // make the cache in the past so ETS will update it. $db->query('INSERT INTO ' . db_source . " ( \r\n\t\t`owner_id` , `blog` , `blog_updated` , `friends` , `friends_updated` , `profile` , `profile_updated` )\r\n\t\tVALUES (\r\n\t\t'{$id}', 'empty', '{$date}', 'empty', '{$date}', 'empty', '{$date}'\r\n\t\t);"); $db->query('INSERT INTO ' . db_cache . " ( \r\n\t\t`owner_id` , `blog` , `blog_updated` , `friends` , `friends_updated` , `profile` , `profile_updated` )\r\n\t\tVALUES (\r\n\t\t'{$id}', 'empty', '{$date}', 'empty', '{$date}', 'empty', '{$date}'\r\n\t\t);"); $user->setTemplateSource($clean['template'], $config->get('home_text')); // did the first user just register? if ($id == 1) { $user->grant('admin'); $user->updateDB(); } $sent = $user->validateEmail($config); $ets->page_body = $l['reg-done']; if ($sent) { $ets->page_body .= $l['reg-checkmail']; } } } if (empty($_POST) || $baddata) {
// are that someone is just trying to make an error appear. } $userid = addslashes($path['id']); $home_url = full_url . build_link('blog.php', array('user' => $userid)); $db = new sqldb2($DB_CONFIG); // user exists? $user_check = $db->getArray('SELECT count(user_id) AS c FROM ' . db_users . ' WHERE user_id="' . $userid . '";'); if ($user_check['c'] != 1) { // die('Invalid User'); jsRedirect(script_path . 'index.php'); } $user = $db->getArray('SELECT username FROM ' . db_users . ' WHERE user_id="' . $userid . '";'); $USER = $user['username']; $blogs = $db->query('SELECT u.username AS author, b.* FROM ' . db_users . ' AS u, ' . db_blogs . ' AS b WHERE b.author_id = ' . $userid . ' AND b.author_id = u.user_id AND b.access = ' . access_public . ' ORDER BY b.date DESC LIMIT 0, 10'); // print first part of rss echo '<rss version="2.0"> <channel> <title>Public blogs posted by ' . $USER . '</title> <link>' . $home_url . '</link> <description>The 10 most recent public blogs by ' . $USER . '</description> <pubDate>' . date('r', time()) . '</pubDate> <generator>NewLife Blogger v' . nlb_version . '</generator>'; // now print blog items while ($blog = mysql_fetch_assoc($blogs)) { foreach ($blog as $key => $val) { $val = stripslashes($val); $val = htmlspecialchars($val);
if ($db->getRowCount() == 0) { // This user has no friends. $ets->blog[0]->body = $l['no-friends']; $ets->blog[0]->comments = false; $ets->blog[0]->author = $u->get('username'); $ets->blog[0]->date = date('M jS, Y g:i a'); } else { // this user does have friends. // build it into an IN() paramater $in = ''; foreach ($list as $row) { $in .= $row['friend_id'] . ', '; } $in = substr($in, 0, -2); // get avatars of friends. $results = $db->query('SELECT owner_id, file, isCustom, type FROM ' . db_avatars . ' WHERE owner_id IN(' . $in . ') AND type IN(2,1);'); $avatars = array(); while ($row = mysql_fetch_assoc($results)) { // do we already have an avatar for this user? $id = $row['owner_id']; if (isset($avatars[$id]) && $avatars[$id]['type'] != 2) { $avatars[$id] = $row; } if (!isset($avatars[$id])) { $avatars[$id] = $row; } } // list of user names for linking $results = $db->query('SELECT user_id, username FROM ' . db_users . ' WHERE user_id IN(' . $in . ');'); $i = 0; while ($row = mysql_fetch_assoc($results)) {
jsRedirect(build_link('index.php', array('action' => 'comment', 'id' => $blog_id))); } if ($thisblog['access'] == access_private && !$user->isLogedIn) { jsRedirect(script_path . 'index.php'); } if ($thisblog['access'] == access_private && $user->isLogedIn && $user->id != $thisblog['author_id']) { jsRedirect(script_path . 'index.php'); } if ($thisblog['access'] == access_friendsonly && !$user->isLogedIn) { jsRedirect(script_path . 'index.php'); } if ($thisblog['access'] == access_friendsonly && $user->isLogedIn) { $isAFriend = false; // get list of blog owners' friends // This should probally be a method of nlb_users, but I only have to do this once... $f = $db->query('SELECT friend_id FROM ' . db_friends . ' WHERE owner_id=' . $thisblog['author_id'] . ';'); while ($row = mysql_fetch_assoc($f)) { if ($row['friend_id'] == $user->id) { $isAFriend = true; break; } } if (!$isAFriend) { // Can't see this blog :( jsRedirect(script_path . 'index.php'); } } $blog->setData($thisblog); $blog->setDate($thisblog['date_format']); if ($user->isLogedIn) { $blog->setDateOffset($config->get('server_timezone'), $user->get('timezone'));
} $parent = $_POST['parent']; // get some info about this blog $info = $db->getArray('SELECT access, comments FROM ' . db_blogs . ' WHERE blog_id="' . $parent . '" LIMIT 1;'); // if anything goes wrong, decide where we will go. if ($info['access'] == access_news) { $go = build_link('index.php', array('action' => 'comment', 'id' => $parent)); } else { $go = build_link('blog.php', array('id' => $parent)); } // are we alowed to blog here? if ($info['comments'] == -1) { jsRedirect($go); } // do we have any data to submit? if (!isset($_POST['body']) || empty($_POST['body'])) { jsRedirect($go); } $body = slash_if_needed($_POST['body']); // add to db. $ip = $_SERVER['REMOTE_ADDR']; $date = time(); if ($user->isLogedIn) { $userid = $user->id; } else { $userid = -1; } $db->query("INSERT INTO `" . db_comments . "` ( `comment_id` , `parent_id` , `author_id` , `date` , `body` , `ip` )\r\r\nVALUES (\r\r\n'', '{$parent}', '{$userid}', '{$date}', '{$body}', '{$ip}'\r\r\n);"); $db->query('UPDATE ' . db_blogs . ' SET comments = comments + 1 WHERE blog_id = ' . $parent . ';'); // we are done. jsRedirect($go);
----------------------------------------- Nick F <*****@*****.**> www.sevengraff.com ----------------------------------------- This product is distributed under the GNU GPL liscense. A copy of that liscense should be packaged with this product. ----------------------------------------- */ require_once 'config.php'; require_once 'system/functions.php'; require_once 'system/ets_file.php'; require_once 'system/sqldb2.class.php'; require_once 'ets.php'; $db = new sqldb2($DB_CONFIG); $smiles = $db->query("SELECT * FROM " . db_smiles . ";"); $i = 0; while ($row = mysql_fetch_assoc($smiles)) { $ets->items[$i]->img = script_path . 'smiles/' . $row['image']; $ets->items[$i]->code = $row['code']; $ets->items[$i]->desc = $row['desc']; $i++; } $ets->java_script = <<<END_OF_JS <script language="JavaScript" type="text/javascript"> <!-- function insertItem(text) { \topener.document.new_entry.body.value += ' ' + text + ' '; } //-->