Пример #1
0
 function show($e_code, $pages = 1)
 {
     global $_CONF;
     $errmsg = array("0001" => "Could not connect to the forums database.", "0002" => "The forum you selected does not exist. Please go back and try again.", "0003" => "Password Incorrect.", "0004" => "Could not query the topics database.", "0005" => "Error getting messages from the database.", "0006" => "Please enter the Nickname and the Password.", "0007" => "You are not the Moderator of this forum therefore you can't perform this function.", "0008" => "You did not enter the correct password, please go back and try again.", "0009" => "Could not remove posts from the database.", "0010" => "Could not move selected topic to selected forum. Please go back and try again.", "0011" => "Could not lock the selected topic. Please go back and try again.", "0012" => "Could not unlock the selected topic. Please go back and try again.", "0013" => "Could not query the database. <BR>Error: " . DB_error() . "", "0014" => "No such user or post in the database.", "0015" => "Search Engine was unable to query the forums database.", "0016" => "That user does not exist. Please go back and search again.", "0017" => "You must type a subject to post. You can't post an empty subject. Go back and enter the subject", "0018" => "You must choose message icon to post. Go back and choose message icon.", "0019" => "You must type a message to post. You can't post an empty message. Go back and enter a message.", "0020" => "Could not enter data into the database. Please go back and try again.", "0021" => "Can't delete the selected message.", "0022" => "An error ocurred while querying the database.", "0023" => "Selected message was not found in the forum database.", "0024" => "You can't reply to that message. It wasn't sent to you.", "0025" => "You can't post a reply to this topic, it has been locked. Contact the administrator if you have any question.", "0026" => "The forum or topic you are attempting to post to does not exist. Please try again.", "0027" => "You must enter your username and password. Go back and do so.", "0028" => "You have entered an incorrect password. Go back and try again.", "0029" => "Couldn't update post count.", "0030" => "The forum you are attempting to post to does not exist. Please try again.", "0031" => "Unknown Error", "0035" => "You can't edit a post that's not yours.", "0036" => "You do not have permission to edit this post.", "0037" => "You did not supply the correct password or do not have permission to edit this post. Please go back and try again.", "1001" => "Please enter value for Title.", "1002" => "Please enter value for Phone.", "1003" => "Please enter value for Summary.", "1004" => "Please enter value for Address.", "1005" => "Please enter value for City.", "1006" => "Please enter value for State/Province.", "1007" => "Please enter value for Zipcode.", "1008" => "Please enter value for Description.", "1009" => "Vote for the selected resource only once.<br>All votes are logged and reviewed.", "1010" => "You cannot vote on the resource you submitted.<br>All votes are logged and reviewed.", "1011" => "No rating selected - no vote tallied.", "1013" => "Please enter a search query.", "1016" => "Please enter value for Filename.", "1017" => "The file was not uploaded - reported filesize of 0 bytes.", "1101" => "Upload approval Error: The temporary file was not found. Check error.log", "1102" => "Upload submit Error: The temporary filestore file was not created. Check error.log", "1103" => "The download info you provided is already in the database!", "1104" => "The download info was not complete - Need to enter a title for the new file", "1105" => "The download info was not complete - Need to enter a description for the new file", "1106" => "Upload Add Error: The new file was not created. Check error.log", "1107" => "Upload Add Error: The temporary file was not found. Check error.log", "1108" => "Duplicate file - already existing in filestore", "1109" => "File type not allowed", "1110" => "You must define and select a category for the uploaded file", "9999" => "Unknown Error");
     // determine the destination of this request
     $destination = COM_getCurrentURL();
     // validate the destination is not blank and is part of our site...
     if ($destination == '') {
         $destination = $_CONF['site_url'] . '/filemgmt/index.php';
     }
     if (substr($destination, 0, strlen($_CONF['site_url'])) != $_CONF['site_url']) {
         $destination = $_CONF['site_url'] . '/filemgmt/index.php';
     }
     $errorno = array_keys($errmsg);
     if (!in_array($e_code, $errorno)) {
         $e_code = '9999';
     }
     include_once $_CONF['path'] . 'plugins/filemgmt/include/header.php';
     $display = COM_siteHeader('menu');
     $display .= '<table width="100%" class="plugin" border="0" cellspacing="0" cellpadding="1">';
     $display .= '<tr><td class="pluginAlert" style="text-align:right;padding:5px;">File Management Plugin</td>';
     $display .= "<td class=\"pluginAlert\" width=\"50%\" style=\"padding:5px 0px 5px 10px;\">Error Code: {$e_code}</td></tr>";
     $display .= "<tr><td colspan=\"2\" class=\"pluginInfo\"><b>ERROR:</b> {$errmsg[$e_code]}</td></tr>";
     $display .= '<tr><td colspan="2" class="pluginInfo" style="text-align:center;padding:10px;">';
     $display .= '[ <a href="' . $destination . '">Go Back</a> ]</td></tr></table>';
     $display .= COM_siteFooter();
     echo $display;
     die("");
 }
Пример #2
0
function ZERO_alertMessage($alertText = '')
{
    global $_CONF, $_ZZ_CONF, $LANG_ZZ00;
    $display = COM_siteHeader('menu', $LANG_ZZ00['title']);
    $T = new Template($_CONF['path'] . 'plugins/zero/templates/');
    $T->set_file(array('message' => 'zero_alertmsg.thtml'));
    $T->set_var(array('alert_title' => $LANG_ZZ00['title'] . $LANG_ZZ00['error'], 'alert_text' => $alertText));
    $T->parse('output', 'message');
    $display .= $T->finish($T->get_var('output'));
    $display .= COM_siteFooter();
    echo $display;
    return;
}
Пример #3
0
function FF_siteFooter()
{
    global $_FF_CONF;
    $retval = '';
    if ($_FF_CONF['showblocks'] == 'noblocks' or $_FF_CONF['showblocks'] == 'leftblocks') {
        $retval .= COM_siteFooter(false);
    } elseif ($_FF_CONF['showblocks'] == 'rightblocks') {
        if ($_FF_CONF['usermenu'] == 'blockmenu') {
            $retval .= COM_siteFooter(true, array('forum_showBlocks', $_FF_CONF['leftblocks']));
        } else {
            $retval .= COM_siteFooter(true);
        }
    } elseif ($_FF_CONF['showblocks'] == 'allblocks') {
        $retval .= COM_siteFooter(true);
    } else {
        $retval .= COM_siteFooter();
    }
    return $retval;
}
Пример #4
0
 function show($e_code, $pages = 1)
 {
     global $_CONF;
     $errmsg = array("0001" => "Could not connect to the forums database.", "0002" => "The forum you selected does not exist. Please go back and try again.", "0003" => "Password Incorrect.", "0004" => "Could not query the topics database.", "0005" => "Error getting messages from the database.", "0006" => "Please enter the Nickname and the Password.", "0007" => "You are not the Moderator of this forum therefore you can't perform this function.", "0008" => "You did not enter the correct password, please go back and try again.", "0009" => "Could not remove posts from the database.", "0010" => "Could not move selected topic to selected forum. Please go back and try again.", "0011" => "Could not lock the selected topic. Please go back and try again.", "0012" => "Could not unlock the selected topic. Please go back and try again.", "0013" => "Could not query the database. <br" . XHTML . ">Error: " . mysql_error(), "0014" => "No such user or post in the database.", "0015" => "Search Engine was unable to query the forums database.", "0016" => "That user does not exist. Please go back and search again.", "0017" => "You must type a subject to post. You can't post an empty subject. Go back and enter the subject", "0018" => "You must choose message icon to post. Go back and choose message icon.", "0019" => "You must type a message to post. You can't post an empty message. Go back and enter a message.", "0020" => "Could not enter data into the database. Please go back and try again.", "0021" => "Can't delete the selected message.", "0022" => "An error ocurred while querying the database.", "0023" => "Selected message was not found in the forum database.", "0024" => "You can't reply to that message. It wasn't sent to you.", "0025" => "You can't post a reply to this topic, it has been locked. Contact the administrator if you have any question.", "0026" => "The forum or topic you are attempting to post to does not exist. Please try again.", "0027" => "You must enter your username and password. Go back and do so.", "0028" => "You have entered an incorrect password. Go back and try again.", "0029" => "Couldn't update post count.", "0030" => "The forum you are attempting to post to does not exist. Please try again.", "0031" => "Unknown Error", "0035" => "You can't edit a post that's not yours.", "0036" => "You do not have permission to edit this post.", "0037" => "You did not supply the correct password or do not have permission to edit this post. Please go back and try again.", "1001" => "Please enter value for Title.", "1002" => "Please enter value for Phone.", "1003" => "Please enter value for Summary.", "1004" => "Please enter value for Address.", "1005" => "Please enter value for City.", "1006" => "Please enter value for State/Province.", "1007" => "Please enter value for Zipcode.", "1008" => "Please enter value for Description.", "1009" => "Vote for the selected resource only once.<br" . XHTML . ">All votes are logged and reviewed.", "1010" => "You cannot vote on the resource you submitted.<br" . XHTML . ">All votes are logged and reviewed.", "1011" => "No rating selected - no vote tallied.", "1013" => "Please enter a search query.", "1016" => "Please enter value for Filename.", "1017" => "The file was not uploaded - reported filesize of 0 bytes.", "1101" => "Upload approval Error: The temporary file was not found. Check error.log", "1102" => "Upload submit Error: The temporary filestore file was not created. Check error.log", "1103" => "The download info you provided is already in the database!", "1104" => "The download info was not complete - Need to enter a title for the new file", "1105" => "The download info was not complete - Need to enter a description for the new file", "1106" => "Upload Add Error: The new file was not created. Check error.log", "1107" => "Upload Add Error: The temporary file was not found. Check error.log", "1108" => "Duplicate file - already existing in filestore", "9999" => "OOPS! God Knows");
     $errorno = array_keys($errmsg);
     if (!in_array($e_code, $errorno)) {
         $e_code = '9999';
     }
     include_once $_CONF[path_html] . "filemgmt/include/header.php";
     $display = '';
     $display .= '<table class="plugin" border="0" cellspacing="0" cellpadding="1" style="width:100%;">';
     $display .= '<tr><td class="pluginAlert" style="text-align:right; padding:5px;">File Management Plugin</td>';
     $display .= '<td class="pluginAlert" style="width:50%; padding:5px 0px 5px 10px;">Error Code: ' . $e_code . '</td></tr>';
     $display .= '<tr><td colspan="2" class="pluginInfo"><b>ERROR:</b> ' . $errmsg[$e_code] . '</td></tr>';
     $display .= '<tr><td colspan="2" class="pluginInfo" style="text-align:center;padding:10px;">';
     $display .= '[ <a href="javascript:history.go(-' . $pages . ')">Go Back</a> ]</td></tr></table>';
     if (function_exists('COM_createHTMLDocument')) {
         $display = COM_createHTMLDocument($display);
     } else {
         $display = COM_siteHeader() . $display . COM_siteFooter();
     }
     COM_output($display);
     die("");
 }
Пример #5
0
/**
* Mails the contents of the contact form to that user
*
* @param    int     $uid            User ID of person to send email to
* @param    string  $author         The name of the person sending the email
* @param    string  $authoremail    Email address of person sending the email
* @param    string  $subject        Subject of email
* @param    string  $message        Text of message to send
* @return   string                  Meta redirect or HTML for the contact form
*/
function contactemail($uid, $author, $authoremail, $subject, $message)
{
    global $_CONF, $_TABLES, $_USER, $LANG04, $LANG08;
    $retval = '';
    // check for correct $_CONF permission
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailuserloginrequired'] == 1) && $uid != 2) {
        return COM_refresh($_CONF['site_url'] . '/index.php?msg=85');
    }
    // check for correct 'to' user preferences
    $result = DB_query("SELECT emailfromadmin,emailfromuser FROM {$_TABLES['userprefs']} WHERE uid = '{$uid}'");
    $P = DB_fetchArray($result);
    if (SEC_inGroup('Root') || SEC_hasRights('user.mail')) {
        $isAdmin = true;
    } else {
        $isAdmin = false;
    }
    if ($P['emailfromadmin'] != 1 && $isAdmin || $P['emailfromuser'] != 1 && !$isAdmin) {
        return COM_refresh($_CONF['site_url'] . '/index.php?msg=85');
    }
    // check mail speedlimit
    COM_clearSpeedlimit($_CONF['speedlimit'], 'mail');
    if (COM_checkSpeedlimit('mail') > 0) {
        return COM_refresh($_CONF['site_url'] . '/index.php?msg=85');
    }
    if (!empty($author) && !empty($subject) && !empty($message)) {
        if (COM_isemail($authoremail) && strpos($authoremail, '@') === false) {
            $result = DB_query("SELECT username,fullname,email FROM {$_TABLES['users']} WHERE uid = {$uid}");
            $A = DB_fetchArray($result);
            // Append the user's signature to the message
            $sig = '';
            if (!COM_isAnonUser()) {
                $sig = DB_getItem($_TABLES['users'], 'sig', "uid={$_USER['uid']}");
                if (!empty($sig)) {
                    $sig = strip_tags(COM_stripslashes($sig));
                    $sig = "\n\n-- \n" . $sig;
                }
            }
            $subject = COM_stripslashes($subject);
            $message = COM_stripslashes($message);
            // do a spam check with the unfiltered message text and subject
            $mailtext = $subject . "\n" . $message . $sig;
            $result = PLG_checkforSpam($mailtext, $_CONF['spamx']);
            if ($result > 0) {
                COM_updateSpeedlimit('mail');
                COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden');
            }
            $msg = PLG_itemPreSave('contact', $message);
            if (!empty($msg)) {
                $retval .= COM_siteHeader('menu', '') . COM_errorLog($msg, 2) . contactform($uid, $subject, $message) . COM_siteFooter();
                return $retval;
            }
            $subject = strip_tags($subject);
            $subject = substr($subject, 0, strcspn($subject, "\r\n"));
            $message = strip_tags($message) . $sig;
            if (!empty($A['fullname'])) {
                $to = COM_formatEmailAddress($A['fullname'], $A['email']);
            } else {
                $to = COM_formatEmailAddress($A['username'], $A['email']);
            }
            $from = COM_formatEmailAddress($author, $authoremail);
            $sent = COM_mail($to, $subject, $message, $from);
            if ($sent && isset($_POST['cc']) && $_POST['cc'] == 'on') {
                $ccmessage = sprintf($LANG08[38], COM_getDisplayName($uid, $A['username'], $A['fullname']));
                $ccmessage .= "\n------------------------------------------------------------\n\n" . $message;
                $sent = COM_mail($from, $subject, $ccmessage, $from);
            }
            COM_updateSpeedlimit('mail');
            $retval .= COM_refresh($_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $uid . '&amp;msg=' . ($sent ? '27' : '85'));
        } else {
            $subject = strip_tags($subject);
            $subject = substr($subject, 0, strcspn($subject, "\r\n"));
            $subject = htmlspecialchars(trim($subject), ENT_QUOTES);
            $retval .= COM_siteHeader('menu', $LANG04[81]) . COM_errorLog($LANG08[3], 2) . contactform($uid, $subject, $message) . COM_siteFooter();
        }
    } else {
        $subject = strip_tags($subject);
        $subject = substr($subject, 0, strcspn($subject, "\r\n"));
        $subject = htmlspecialchars(trim($subject), ENT_QUOTES);
        $retval .= COM_siteHeader('menu', $LANG04[81]) . COM_errorLog($LANG08[4], 2) . contactform($uid, $subject, $message) . COM_siteFooter();
    }
    return $retval;
}
Пример #6
0
// | modify it under the terms of the GNU General Public License               |
// | as published by the Free Software Foundation; either version 2            |
// | of the License, or (at your option) any later version.                    |
// |                                                                           |
// | This program is distributed in the hope that it will be useful,           |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of            |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the             |
// | GNU General Public License for more details.                              |
// |                                                                           |
// | You should have received a copy of the GNU General Public License         |
// | along with this program; if not, write to the Free Software Foundation,   |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.           |
// |                                                                           |
// +---------------------------------------------------------------------------+
/**
* @package Test
*/
require_once '../lib-common.php';
// take user back to the homepage if the plugin is not active
if (!in_array('test', $_PLUGINS)) {
    echo COM_refresh($_CONF['site_url'] . '/index.php');
    exit;
}
$display = '';
// MAIN
$display .= COM_siteHeader('menu', $LANG_TEST_1['plugin_name']);
$display .= COM_startBlock($LANG_TEST_1['plugin_name']);
$display .= '<p>Welcome to the ' . $LANG_TEST_1['plugin_name'] . ' plugin, ' . $_USER['username'] . '!</p>';
$display .= COM_endBlock();
$display .= COM_siteFooter();
echo $display;
Пример #7
0
// | but WITHOUT ANY WARRANTY; without even the implied warranty of           |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            |
// | GNU General Public License for more details.                             |
// |                                                                          |
// | You should have received a copy of the GNU General Public License        |
// | along with this program; if not, write to the Free Software Foundation,  |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.          |
// |                                                                          |
// +--------------------------------------------------------------------------+
require_once '../../../lib-common.php';
require_once $_CONF['path'] . '/plugins/calendar/autoinstall.php';
USES_lib_install();
if (!SEC_inGroup('Root')) {
    // Someone is trying to illegally access this page
    COM_errorLog("Someone has tried to illegally access the Calendar install/uninstall page.  User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
    $display = COM_siteHeader('menu', $LANG_ACCESS['accessdenied']) . COM_startBlock($LANG_ACCESS['accessdenied']) . $LANG_ACCESS['plugin_access_denied_msg'] . COM_endBlock() . COM_siteFooter();
    echo $display;
    exit;
}
/**
* Main Function
*/
if (SEC_checkToken()) {
    $action = COM_applyFilter($_GET['action']);
    if ($action == 'install') {
        if (plugin_install_calendar()) {
            // Redirects to the plugin editor
            echo COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=44');
            exit;
        } else {
            echo COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=72');
Пример #8
0
$album_id = COM_applyFilter($_GET['aid'], true);
$media_id = COM_applyFilter($_GET['mid']);
$T = new Template(MG_getTemplatePath($album_id));
$T->set_file('page', 'view_image.thtml');
$T->set_var('header', $LANG_MG00['plugin']);
$T->set_var('site_url', $_CONF['site_url']);
$T->set_var('plugin', 'mediagallery');
//
// -- Verify that image really does belong to this album
//
$sql = "SELECT * FROM " . $_TABLES['mg_media_albums'] . " WHERE media_id='" . DB_escapeString($mid) . "' AND album_id='" . intval($aid) . "'";
$result = DB_query($sql);
if (DB_numRows($result) < 1) {
    die("ERROR #2");
}
// Get Album Info...
$sql = "SELECT * FROM " . $_TABLES['mg_albums'] . " WHERE album_id=" . intval($album_id);
$result = DB_query($sql);
$row = DB_fetchArray($result);
// Check access rights
$access = SEC_hasAccess($row['owner_id'], $row['group_id'], $row['perm_owner'], $row['perm_group'], $row['perm_members'], $row['perm_anon']);
if ($access == 0) {
    $display .= COM_siteHeader('menu') . COM_showMessageText($LANG_MG00['access_denied_msg'], $LANG_ACCESS['accessdenied'], true) . COM_siteFooter();
    echo $display;
    exit;
}
$sql = "SELECT * FROM " . $_TABLES['mg_media'] . " WHERE media_id='" . DB_escapeString($media_id) . "'";
$result = DB_query($sql);
$row = DB_fetchArray($result);
echo '<img src="' . $_MG_CONF['mediaobjects_url'] . '/disp/' . $row['media_filename'][0] . '/' . $row['media_filename'] . '.jpg' . '">';
exit;
Пример #9
0
/**
* Show main plugin screen: installed and uninstalled plugins, upload form
*
* @param    string  $message    (optional) message to display
* @param    string  $token      an optional csrf token
* @return   string              HTML for the plugin screen
*
*/
function plugin_main($message = '', $token = '')
{
    global $LANG32;
    $retval = '';
    $retval .= COM_siteHeader('menu', $LANG32[5]);
    if (!empty($message)) {
        $retval .= COM_showMessageText($message);
    } else {
        $retval .= COM_showMessageFromParameter();
    }
    if (empty($token)) {
        $token = SEC_createToken();
    }
    $retval .= listplugins($token);
    if (SEC_hasRights('plugin.install')) {
        $retval .= show_newplugins($token);
    }
    // Show the upload form or an error message
    $retval .= plugin_show_uploadform($token);
    $retval .= COM_siteFooter();
    return $retval;
}
Пример #10
0
/**
* Create the banner list depending on the category given
*
* @param    array   $message    message(s) to display
* @return   string              the banner page
*
*/
function banner_list($message)
{
    global $_CONF, $_TABLES, $_BAN_CONF, $LANG_BANNER_ADMIN, $LANG_BANNER, $LANG_BANNER_STATS;
    $cid = $_BAN_CONF['root'];
    $display = '';
    if (isset($_GET['category'])) {
        $cid = strip_tags(COM_stripslashes($_GET['category']));
    } elseif (isset($_POST['category'])) {
        $cid = strip_tags(COM_stripslashes($_POST['category']));
    }
    $cat = addslashes($cid);
    $page = 0;
    if (isset($_GET['page'])) {
        $page = COM_applyFilter($_GET['page'], true);
    }
    if ($page == 0) {
        $page = 1;
    }
    if (empty($cid)) {
        if ($page > 1) {
            $page_title = sprintf($LANG_BANNER[114] . ' (%d)', $page);
        } else {
            $page_title = $LANG_BANNER[114];
        }
    } else {
        if ($cid == $_BAN_CONF['root']) {
            $category = $LANG_BANNER['root'];
        } else {
            $category = DB_getItem($_TABLES['bannercategories'], 'category', "cid = '{$cat}'");
        }
        if ($page > 1) {
            $page_title = sprintf($LANG_BANNER[114] . ': %s (%d)', $category, $page);
        } else {
            $page_title = sprintf($LANG_BANNER[114] . ': %s', $category);
        }
    }
    // Check has access to this category
    if ($cid != $_BAN_CONF['root']) {
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['bannercategories']} WHERE cid='{$cat}'");
        $A = DB_fetchArray($result);
        if (SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) < 2) {
            $display .= COM_siteHeader('menu', $page_title);
            $display .= COM_showMessage(5, 'banner');
            $display .= COM_siteFooter();
            echo $display;
            exit;
        }
    }
    $display .= COM_siteHeader('menu', $page_title);
    if (is_array($message) && !empty($message[0])) {
        $display .= COM_startBlock($message[0], '', COM_getBlockTemplate('_msg_block', 'header'));
        $display .= $message[1];
        $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
    } else {
        if (isset($_REQUEST['msg'])) {
            $msg = COM_applyFilter($_REQUEST['msg'], true);
            if ($msg > 0) {
                $display .= COM_showMessage($msg, 'banner');
            }
        }
    }
    $bannerlist = new Template($_CONF['path'] . 'plugins/banner/templates/');
    $bannerlist->set_file(array('bannerlist' => 'banner.thtml', 'catbanner' => 'categorybanner.thtml', 'banner' => 'bannerdetails.thtml', 'catnav' => 'categorynavigation.thtml', 'catrow' => 'categoryrow.thtml', 'catcol' => 'categorycol.thtml', 'actcol' => 'categoryactivecol.thtml', 'pagenav' => 'pagenavigation.thtml', 'catdrop' => 'categorydropdown.thtml'));
    $bannerlist->set_var('xhtml', XHTML);
    $bannerlist->set_var('blockheader', COM_startBlock($LANG_BANNER[114]));
    $bannerlist->set_var('layout_url', $_CONF['layout_url']);
    if ($_BAN_CONF['bannercols'] > 0) {
        // Create breadcrumb trail
        $bannerlist->set_var('breadcrumbs', banner_breadcrumbs($_BAN_CONF['root'], $cid));
        // Set dropdown for category jump
        $bannerlist->set_var('lang_go', $LANG_BANNER[124]);
        $bannerlist->set_var('banner_dropdown', banner_select_box(2, $cid));
        // Show categories
        $sql = "SELECT cid,pid,category,description FROM {$_TABLES['bannercategories']} WHERE pid='{$cat}'";
        $sql .= COM_getLangSQL('cid', 'AND');
        $sql .= COM_getPermSQL('AND') . " ORDER BY category";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
        if ($nrows > 0) {
            $bannerlist->set_var('lang_categories', $LANG_BANNER_ADMIN[14]);
            for ($i = 1; $i <= $nrows; $i++) {
                $C = DB_fetchArray($result);
                // Get number of child banner user can see in this category
                $ccid = addslashes($C['cid']);
                $result1 = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['banner']} WHERE cid='{$ccid}'" . COM_getPermSQL('AND'));
                $D = DB_fetchArray($result1);
                // Get number of child categories user can see in this category
                $result2 = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['bannercategories']} WHERE pid='{$ccid}'" . COM_getPermSQL('AND'));
                $E = DB_fetchArray($result2);
                // Format numbers for display
                $display_count = '';
                // don't show zeroes
                if ($E['count'] > 0) {
                    $display_count = COM_numberFormat($E['count']);
                }
                if ($E['count'] > 0 && $D['count'] > 0) {
                    $display_count .= ', ';
                }
                if ($D['count'] > 0) {
                    $display_count .= COM_numberFormat($D['count']);
                }
                // add brackets if child items exist
                if ($display_count != '') {
                    $display_count = '(' . $display_count . ')';
                }
                $bannerlist->set_var('category_name', $C['category']);
                if ($_BAN_CONF['show_category_descriptions']) {
                    $bannerlist->set_var('category_description', $C['description']);
                } else {
                    $bannerlist->set_var('category_description', '');
                }
                $bannerlist->set_var('category_link', $_CONF['site_url'] . '/banner/index.php?category=' . urlencode($C['cid']));
                $bannerlist->set_var('category_count', $display_count);
                $bannerlist->set_var('width', floor(100 / $_BAN_CONF['bannercols']));
                if (!empty($cid) && $cid == $C['cid']) {
                    $bannerlist->parse('category_col', 'actcol', true);
                } else {
                    $bannerlist->parse('category_col', 'catcol', true);
                }
                if ($i % $_BAN_CONF['bannercols'] == 0) {
                    $bannerlist->parse('category_row', 'catrow', true);
                    $bannerlist->set_var('category_col', '');
                }
            }
            if ($nrows % $_BAN_CONF['bannercols'] != 0) {
                $bannerlist->parse('category_row', 'catrow', true);
            }
            $bannerlist->parse('category_navigation', 'catnav', true);
        } else {
            $bannerlist->set_var('category_navigation', '');
        }
    } else {
        $bannerlist->set_var('category_navigation', '');
    }
    if ($_BAN_CONF['bannercols'] == 0) {
        $bannerlist->set_var('category_dropdown', '');
    } else {
        $bannerlist->parse('category_dropdown', 'catdrop', true);
    }
    $bannerlist->set_var('site_url', $_CONF['site_url']);
    $bannerlist->set_var('cid', $cid);
    $bannerlist->set_var('cid_plain', $cid);
    $bannerlist->set_var('cid_encoded', urlencode($cid));
    $bannerlist->set_var('lang_addabanner', $LANG_BANNER[116]);
    // Build SQL for banner
    $sql = 'SELECT bid,cid,url,description,title,hits,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon';
    $from_where = " FROM {$_TABLES['banner']}";
    if ($_BAN_CONF['bannercols'] > 0) {
        if (!empty($cid)) {
            $from_where .= " WHERE cid='" . addslashes($cid) . "'";
        } else {
            $from_where .= " WHERE cid=''";
        }
        $from_where .= ' AND (publishstart IS NULL OR publishstart < NOW()) and (publishend IS NULL OR publishend > NOW())';
        $from_where .= COM_getPermSQL('AND');
    } else {
        $from_where .= COM_getPermSQL();
    }
    $order = ' ORDER BY cid ASC,title';
    $limit = '';
    if ($_BAN_CONF['bannerperpage'] > 0) {
        if ($page < 1) {
            $start = 0;
        } else {
            $start = ($page - 1) * $_BAN_CONF['bannerperpage'];
        }
        $limit = ' LIMIT ' . $start . ',' . $_BAN_CONF['bannerperpage'];
    }
    $result = DB_query($sql . $from_where . $order . $limit);
    $nrows = DB_numRows($result);
    if ($nrows == 0) {
        if ($cid == $_BAN_CONF['root'] && $page <= 1 && $_BAN_CONF['show_top10']) {
            $result = DB_query("SELECT bid,url,title,description,hits,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['banner']} WHERE (hits > 0) AND (publishstart IS NULL OR publishstart < NOW()) and (publishend IS NULL OR publishend > NOW())" . COM_getPermSQL('AND') . " ORDER BY hits DESC LIMIT 10");
            $nrows = DB_numRows($result);
            if ($nrows > 0) {
                $bannerlist->set_var('banner_details', '');
                $bannerlist->set_var('banner_category', $LANG_BANNER_STATS['stats_headline']);
                for ($i = 0; $i < $nrows; $i++) {
                    $A = DB_fetchArray($result);
                    prepare_banner_item($A, $bannerlist);
                    $bannerlist->parse('banner_details', 'banner', true);
                }
                $bannerlist->parse('category_banner', 'catbanner', true);
            }
        }
        $bannerlist->set_var('page_navigation', '');
    } else {
        $currentcid = '';
        for ($i = 0; $i < $nrows; $i++) {
            $A = DB_fetchArray($result);
            if (strcasecmp($A['cid'], $currentcid) != 0) {
                // print the category and banner
                if ($i > 0) {
                    $bannerlist->parse('category_banner', 'catbanner', true);
                    $bannerlist->set_var('banner_details', '');
                }
                $currentcid = $A['cid'];
                $currentcategory = DB_getItem($_TABLES['bannercategories'], 'category', "cid = '" . addslashes($currentcid) . "'");
                $bannerlist->set_var('banner_category', $currentcategory);
            }
            prepare_banner_item($A, $bannerlist);
            $bannerlist->parse('banner_details', 'banner', true);
        }
        $bannerlist->parse('category_banner', 'catbanner', true);
        $result = DB_query('SELECT COUNT(*) AS count ' . $from_where);
        list($numbanner) = DB_fetchArray($result);
        $pages = 0;
        if ($_BAN_CONF['bannerperpage'] > 0) {
            $pages = (int) ($numbanner / $_BAN_CONF['bannerperpage']);
            if ($numbanner % $_BAN_CONF['bannerperpage'] > 0) {
                $pages++;
            }
        }
        if ($pages > 0) {
            if ($_BAN_CONF['bannercols'] > 0 && !empty($currentcid)) {
                $catbanner = '?category=' . urlencode($currentcid);
            } else {
                $catbanner = '';
            }
            $bannerlist->set_var('page_navigation', COM_printPageNavigation($_CONF['site_url'] . '/banner/index.php' . $catbanner, $page, $pages));
        } else {
            $bannerlist->set_var('page_navigation', '');
        }
    }
    $bannerlist->set_var('blockfooter', COM_endBlock());
    $bannerlist->parse('output', 'bannerlist');
    $display .= $bannerlist->finish($bannerlist->get_var('output'));
    return $display;
}
Пример #11
0
function CLASSIFIEDS_saveImage($ad, $FILES, $clid)
{
    global $_CONF, $_CLASSIFIEDS_CONF, $_TABLES, $LANG24;
    $args =& $ad;
    // Handle Magic GPC Garbage:
    while (list($key, $value) = each($args)) {
        if (!is_array($value)) {
            $args[$key] = COM_stripslashes($value);
        } else {
            while (list($subkey, $subvalue) = each($value)) {
                $value[$subkey] = COM_stripslashes($subvalue);
            }
        }
    }
    // Delete any images if needed
    if (array_key_exists('delete', $args)) {
        $delete = count($args['delete']);
        for ($i = 1; $i <= $delete; $i++) {
            $pi_filename = DB_getItem($_TABLES['cl_pic'], 'pi_filename', 'pi_pid = ' . $clid . ' AND pi_img_num = ' . key($args['delete']));
            CLASSIFIEDS_deleteImage($pi_filename);
            DB_query("DELETE FROM {$_TABLES['cl_pic']} WHERE pi_pid = " . $clid . " AND pi_img_num = " . key($args['delete']));
            next($args['delete']);
        }
    }
    // OK, let's upload any pictures with the ad
    if (DB_count($_TABLES['cl_pic'], 'pi_pid', $clid) > 0) {
        $index_start = DB_getItem($_TABLES['cl_pic'], 'max(pi_img_num)', "pi_pid = '" . $clid . "'") + 1;
    } else {
        $index_start = 1;
    }
    if (count($FILES) > 0 and $_CLASSIFIEDS_CONF['max_images_per_ad'] > 0) {
        require_once $_CONF['path_system'] . 'classes/upload.class.php';
        $upload = new upload();
        //Debug with story debug function
        if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
            $upload->setLogFile($_CONF['path'] . 'logs/error.log');
            $upload->setDebug(true);
        }
        $upload->setMaxFileUploads($_CLASSIFIEDS_CONF['max_images_per_ad']);
        if (!empty($_CONF['image_lib'])) {
            if ($_CONF['image_lib'] == 'imagemagick') {
                // Using imagemagick
                $upload->setMogrifyPath($_CONF['path_to_mogrify']);
            } elseif ($_CONF['image_lib'] == 'netpbm') {
                // using netPBM
                $upload->setNetPBM($_CONF['path_to_netpbm']);
            } elseif ($_CONF['image_lib'] == 'gdlib') {
                // using the GD library
                $upload->setGDLib();
            }
            $upload->setAutomaticResize(true);
            $upload->keepOriginalImage(false);
            if (isset($_CONF['jpeg_quality'])) {
                $upload->setJpegQuality($_CONF['jpeg_quality']);
            }
        }
        $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
        if (!$upload->setPath($_CLASSIFIEDS_CONF['path_images'])) {
            $output = COM_siteHeader('menu', $LANG24[30]);
            $output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
            $output .= $upload->printErrors(false);
            $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            $output .= COM_siteFooter();
            echo $output;
            exit;
        }
        // NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
        // force any images bigger than the passed dimensions to be resized.
        // If mogrify is not set, any images larger than these dimensions
        // will get validation errors
        $upload->setMaxDimensions($_CLASSIFIEDS_CONF['max_image_width'], $_CLASSIFIEDS_CONF['max_image_height']);
        $upload->setMaxFileSize($_CLASSIFIEDS_CONF['max_image_size']);
        // size in bytes, 1048576 = 1MB
        // Set file permissions on file after it gets uploaded (number is in octal)
        $upload->setPerms('0644');
        $filenames = array();
        $end_index = $index_start + $upload->numFiles() - 1;
        for ($z = $index_start; $z <= $end_index; $z++) {
            $curfile = current($FILES);
            if (!empty($curfile['name'])) {
                $pos = strrpos($curfile['name'], '.') + 1;
                $fextension = substr($curfile['name'], $pos);
                $filenames[] = $clid . '_' . $z . '.' . $fextension;
            }
            next($FILES);
        }
        $upload->setFileNames($filenames);
        reset($FILES);
        $upload->uploadFiles();
        if ($upload->areErrors()) {
            $retval = COM_siteHeader('menu', $LANG24[30]);
            $retval .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
            $retval .= $upload->printErrors(false);
            $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            $retval .= COM_siteFooter();
            echo $retval;
            exit;
        }
        reset($filenames);
        for ($z = $index_start; $z <= $end_index; $z++) {
            DB_query("INSERT INTO {$_TABLES['cl_pic']} (pi_pid, pi_img_num, pi_filename) VALUES ('" . $clid . "', {$z}, '" . current($filenames) . "')");
            next($filenames);
        }
    }
    return true;
}
Пример #12
0
/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @param    int     $user   User ID of profile to get
* @param    int     $msg    Message to display (if != 0)
* @return   string          HTML for user profile page
*
*/
function userprofile($user, $msg = 0)
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG_LOGIN;
    $retval = '';
    if (empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
        $retval .= COM_siteHeader('menu');
        $retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
        $login = new Template($_CONF['path_layout'] . 'submit');
        $login->set_file(array('login' => 'submitloginrequired.thtml'));
        $login->set_var('xhtml', XHTML);
        $login->set_var('login_message', $LANG_LOGIN[2]);
        $login->set_var('site_url', $_CONF['site_url']);
        $login->set_var('site_admin_url', $_CONF['site_admin_url']);
        $login->set_var('layout_url', $_CONF['layout_url']);
        $login->set_var('lang_login', $LANG_LOGIN[3]);
        $login->set_var('lang_newuser', $LANG_LOGIN[4]);
        $login->parse('output', 'login');
        $retval .= $login->finish($login->get_var('output'));
        $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        $retval .= COM_siteFooter();
        return $retval;
    }
    $result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = {$user}");
    $nrows = DB_numRows($result);
    if ($nrows == 0) {
        // no such user
        return COM_refresh($_CONF['site_url'] . '/index.php');
    }
    $A = DB_fetchArray($result);
    $display_name = COM_getDisplayName($user, $A['username'], $A['fullname']);
    // format date/time to user preference
    $curtime = COM_getUserDateTimeFormat($A['regdate']);
    $A['regdate'] = $curtime[0];
    $user_templates = new Template($_CONF['path_layout'] . 'users');
    $user_templates->set_file(array('profile' => 'profile.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
    $user_templates->set_var('xhtml', XHTML);
    $user_templates->set_var('site_url', $_CONF['site_url']);
    $user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
    $user_templates->set_var('end_block', COM_endBlock());
    $user_templates->set_var('lang_username', $LANG04[2]);
    if ($_CONF['show_fullname'] == 1) {
        $user_templates->set_var('username', $A['fullname']);
        $user_templates->set_var('user_fullname', $A['username']);
    } else {
        $user_templates->set_var('username', $A['username']);
        $user_templates->set_var('user_fullname', $A['fullname']);
    }
    if (SEC_hasRights('user.edit')) {
        global $_IMAGE_TYPE, $LANG_ADMIN;
        $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>';
        $edit_link_url = COM_createLink($edit_icon, "{$_CONF['site_admin_url']}/user.php?mode=edit&amp;uid={$A['uid']}");
        $user_templates->set_var('edit_link', $edit_link_url);
    }
    $photo = USER_getPhoto($user, $A['photo'], $A['email'], -1);
    $user_templates->set_var('user_photo', $photo);
    $user_templates->set_var('lang_membersince', $LANG04[67]);
    $user_templates->set_var('user_regdate', $A['regdate']);
    $user_templates->set_var('lang_email', $LANG04[5]);
    $user_templates->set_var('user_id', $user);
    $user_templates->set_var('lang_sendemail', $LANG04[81]);
    $user_templates->set_var('lang_homepage', $LANG04[6]);
    $user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
    $user_templates->set_var('lang_location', $LANG04[106]);
    $user_templates->set_var('user_location', strip_tags($A['location']));
    $user_templates->set_var('lang_bio', $LANG04[7]);
    $user_templates->set_var('user_bio', nl2br(stripslashes($A['about'])));
    $user_templates->set_var('lang_pgpkey', $LANG04[8]);
    $user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
    $user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
    $user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
    $user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
    $user_templates->set_var('lang_title', $LANG09[16]);
    $user_templates->set_var('lang_date', $LANG09[17]);
    // for alternative layouts: use these as headlines instead of block titles
    $user_templates->set_var('headline_last10stories', $LANG04[82]);
    $user_templates->set_var('headline_last10comments', $LANG04[10]);
    $user_templates->set_var('headline_postingstats', $LANG04[83]);
    $result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
    $nrows = DB_numRows($result);
    $tids = array();
    for ($i = 0; $i < $nrows; $i++) {
        $T = DB_fetchArray($result);
        $tids[] = $T['tid'];
    }
    $topics = "'" . implode("','", $tids) . "'";
    // list of last 10 stories by this user
    if (count($tids) > 0) {
        $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
        $sql .= " ORDER BY unixdate DESC LIMIT 10";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
    } else {
        $nrows = 0;
    }
    if ($nrows > 0) {
        for ($i = 0; $i < $nrows; $i++) {
            $C = DB_fetchArray($result);
            $user_templates->set_var('cssid', $i % 2 + 1);
            $user_templates->set_var('row_number', $i + 1 . '.');
            $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
            $user_templates->set_var('article_url', $articleUrl);
            $C['title'] = str_replace('$', '&#36;', $C['title']);
            $user_templates->set_var('story_title', COM_createLink(stripslashes($C['title']), $articleUrl, array('class' => 'b')));
            $storytime = COM_getUserDateTimeFormat($C['unixdate']);
            $user_templates->set_var('story_date', $storytime[0]);
            $user_templates->parse('story_row', 'strow', true);
        }
    } else {
        $user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
    }
    // list of last 10 comments by this user
    $sidArray = array();
    if (count($tids) > 0) {
        // first, get a list of all stories the current visitor has access to
        $sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
        $result = DB_query($sql);
        $numsids = DB_numRows($result);
        for ($i = 1; $i <= $numsids; $i++) {
            $S = DB_fetchArray($result);
            $sidArray[] = $S['sid'];
        }
    }
    $sidList = implode("', '", $sidArray);
    $sidList = "'{$sidList}'";
    // then, find all comments by the user in those stories
    $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = {$user}) GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
    // SQL NOTE:  Using a HAVING clause is usually faster than a where if the
    // field is part of the select
    // if (!empty ($sidList)) {
    //     $sql .= " AND (sid in ($sidList))";
    // }
    if (!empty($sidList)) {
        $sql .= " HAVING sid in ({$sidList})";
    }
    $sql .= " ORDER BY unixdate DESC LIMIT 10";
    $result = DB_query($sql);
    $nrows = DB_numRows($result);
    if ($nrows > 0) {
        for ($i = 0; $i < $nrows; $i++) {
            $C = DB_fetchArray($result);
            $user_templates->set_var('cssid', $i % 2 + 1);
            $user_templates->set_var('row_number', $i + 1 . '.');
            $comment_url = $_CONF['site_url'] . '/comment.php?mode=view&amp;cid=' . $C['cid'];
            $C['title'] = str_replace('$', '&#36;', $C['title']);
            $user_templates->set_var('comment_title', COM_createLink(stripslashes($C['title']), $comment_url, array('class' => 'b')));
            $commenttime = COM_getUserDateTimeFormat($C['unixdate']);
            $user_templates->set_var('comment_date', $commenttime[0]);
            $user_templates->parse('comment_row', 'row', true);
        }
    } else {
        $user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
    }
    // posting stats for this user
    $user_templates->set_var('lang_number_stories', $LANG04[84]);
    $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
    $result = DB_query($sql);
    $N = DB_fetchArray($result);
    $user_templates->set_var('number_stories', COM_numberFormat($N['count']));
    $user_templates->set_var('lang_number_comments', $LANG04[85]);
    $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = {$user})";
    if (!empty($sidList)) {
        $sql .= " AND (sid in ({$sidList}))";
    }
    $result = DB_query($sql);
    $N = DB_fetchArray($result);
    $user_templates->set_var('number_comments', COM_numberFormat($N['count']));
    $user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
    // Call custom registration function if enabled and exists
    if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
        $user_templates->set_var('customfields', CUSTOM_userDisplay($user));
    }
    PLG_profileVariablesDisplay($user, $user_templates);
    $user_templates->parse('output', 'profile');
    $retval .= $user_templates->finish($user_templates->get_var('output'));
    $retval .= PLG_profileBlocksDisplay($user);
    return $retval;
}
Пример #13
0
function filemgmt_comments($firstcomment)
{
    global $_USER, $_CONF;
    $comment_id = "filemgmt-" . intval($_GET['lid']);
    $file = $_GET['filename'];
    if ($firstcomment) {
        $story = $comment_id;
        $pid = 0;
        $type = "filemgmt";
        echo COM_refresh($_CONF['site_url'] . "/comment.php?sid={$story}&amp;pid={$pid}&amp;type={$type}");
    } else {
        $display = COM_siteHeader() . COM_userComments($comment_id, $file, 'filemgmt', '', 'nested');
        $display .= COM_siteFooter();
    }
    echo $display;
    exit;
}
Пример #14
0
/**
* Default data
*/
$DEFVALUES = array();
/**
* Security Feature(s) to add
*/
$NEWFEATURE = array();
$NEWFEATURE['dataproxy.admin'] = 'dataproxy Admin';
/**
* Only let Root users access this page
*/
if (!SEC_inGroup('Root')) {
    // Someone is trying to illegally access this page
    COM_errorLog("Someone has tried to illegally access the dataproxy install/uninstall page.  User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$_SERVER['REMOTE_ADDR']}", 1);
    $display = COM_siteHeader() . COM_startBlock(DPXY_str('access_denied')) . DPXY_str('access_denied_msg') . COM_endBlock() . COM_siteFooter();
    echo $display;
    exit;
}
/**
* Puts the datastructures for this plugin into the Geeklog database
*
* Note: Corresponding uninstall routine is in functions.inc
* 
* @return   boolean True if successful False otherwise
*/
function plugin_install_dataproxy()
{
    global $pi_name, $pi_version, $gl_version, $pi_url, $NEWTABLE, $DEFVALUES, $NEWFEATURE, $_TABLES, $_CONF;
    COM_errorLog("Attempting to install the {$pi_name} Plugin", 1);
    // Create the Plugins Tables
Пример #15
0
/**
* Check a security token.
*
* Checks the POST and GET data for a security token, if one exists, validates
* that it's for this user and URL. If the token is not valid, it asks the user
* to re-authenticate and resends the request if authentication was successful.
*
* @return   boolean     true if the token is valid; does not return if not!
*
*/
function SEC_checkToken()
{
    global $_CONF, $LANG20, $LANG_ADMIN;
    if (_sec_checkToken()) {
        SEC_createToken(-1);
        return true;
    }
    // determine the destination of this request
    $destination = COM_getCurrentURL();
    // validate the destination is not blank and is part of our site...
    if ($destination == '') {
        $destination = $_CONF['site_url'] . '/index.php';
    }
    if (substr($destination, 0, strlen($_CONF['site_url'])) != $_CONF['site_url']) {
        $destination = $_CONF['site_url'] . '/index.php';
    }
    $method = strtoupper($_SERVER['REQUEST_METHOD']) == 'GET' ? 'GET' : 'POST';
    $postdata = serialize($_POST);
    $getdata = serialize($_GET);
    $filedata = '';
    if (!empty($_FILES)) {
        foreach ($_FILES as $key => $file) {
            if (is_array($file['name'])) {
                foreach ($file['name'] as $offset => $filename) {
                    if (!empty($file['name'][$offset])) {
                        $filename = basename($file['tmp_name'][$offset]);
                        move_uploaded_file($file['tmp_name'][$offset], $_CONF['path_data'] . 'temp/' . $filename);
                        $_FILES[$key]['tmp_name'][$offset] = $filename;
                    }
                }
            } else {
                if (!empty($file['name']) && !empty($file['tmp_name'])) {
                    $filename = basename($file['tmp_name']);
                    move_uploaded_file($file['tmp_name'], $_CONF['path_data'] . 'temp/' . $filename);
                    $_FILES[$key]['tmp_name'] = $filename;
                }
            }
        }
        $filedata = serialize($_FILES);
    }
    SESS_setVar('glfusion.auth.method', $method);
    SESS_setVar('glfusion.auth.dest', $destination);
    SESS_setVar('glfusion.auth.post', $postdata);
    SESS_setVar('glfusion.auth.get', $getdata);
    if (!empty($filedata)) {
        SESS_setVar('glfusion.auth.file', $filedata);
    }
    $display = COM_siteHeader();
    $display .= SEC_tokenreauthForm('', $destination);
    $display .= COM_siteFooter();
    echo $display;
    exit;
}
Пример #16
0
        $templates->set_var('start_ip_lookup_anchortag', '');
        $templates->set_var('end_ip_lookup_anchortag', '');
    }
    $templates->parse('output', 'entry');
    $retval .= $templates->finish($templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
// MAIN
$rightblocks = false;
$display .= COM_siteHeader('menu', $LANG_BAD_BEHAVIOR['page_title']);
if (isset($_GET['mode'])) {
    $mode = COM_applyFilter($_GET['mode']);
} else {
    $mode = 'list';
}
if ($mode == 'list') {
    $page = isset($_GET['page']) ? COM_applyFilter($_GET['page'], true) : 0;
    $display .= _bb_listEntries($page);
} else {
    if ($mode == 'view') {
        $id = isset($_GET['id']) ? COM_applyFilter($_GET['id'], true) : 0;
        $page = isset($_GET['page']) ? COM_applyFilter($_GET['page'], true) : 0;
        $display .= _bb_viewEntry($id, $page);
    } else {
        $page = isset($_GET['page']) ? COM_applyFilter($_GET['page'], true) : 0;
        $display .= _bb_listEntries($page);
    }
}
$display .= COM_siteFooter($rightblocks);
echo $display;
Пример #17
0
            $row = DB_fetchArray($result, FALSE);
            $pages += $row['num_pages'];
            $T->set_var('pages', $row['num_pages']);
            $date_compare = GUS_get_date_comparison('date', $year, $month, $day);
            $result = DB_query("SELECT COUNT(*) AS num_stories FROM {$_TABLES['stories']} WHERE {$date_compare}");
            $row = DB_fetchArray($result, FALSE);
            $stories += $row['num_stories'];
            $T->set_var('stories', $row['num_stories']);
            $result = DB_query("SELECT COUNT(*) AS num_comments FROM {$_TABLES['comments']} WHERE {$date_compare}");
            $row = DB_fetchArray($result, FALSE);
            $comments += $row['num_comments'];
            $T->set_var('comments', $row['num_comments']);
            $result = DB_query("SELECT COUNT(*) AS num_links FROM {$temp_table['name']}\n\t\t\t\t\t\t\t\tWHERE page LIKE '%portal.php' AND query_string <> '' AND DAYOFMONTH( date ) = {$day}");
            $row = DB_fetchArray($result, FALSE);
            $linksf += $row['num_links'];
            $T->set_var('linksf', $row['num_links']);
            $T->Parse('ABlock', 'ROW', TRUE);
        }
    }
    $T->set_var(array('period' => $LANG_GUS00['total'], 'anon' => $anon, 'reg' => $reg, 'pages' => $pages, 'stories' => $stories, 'comments' => $comments, 'linksf' => $linksf, 'google_paging' => $navlinks));
    $title = date('F Y - ', mktime(0, 0, 0, $month, 1, $year)) . $LANG_GUS00['daily_title'];
    $display = GUS_template_finish($T, $title);
    if ($_GUS_cache and date('Yn') !== $year . $month) {
        GUS_writecache($display);
    }
    GUS_remove_temp_table($temp_table);
}
echo COM_siteHeader($_GUS_CONF['show_left_blocks']);
echo $display;
echo COM_siteFooter($_GUS_CONF['show_right_blocks']);
Пример #18
0
/**
* Upload new topic icon, replaces previous icon if one exists
*
* @param    string  tid     ID of topic to prepend to filename
* @return   string          filename of new photo (empty = no new photo)
*
*/
function handleIconUpload($tid)
{
    global $_CONF, $_TABLES, $LANG27;
    require_once $_CONF['path_system'] . 'classes/upload.class.php';
    $upload = new upload();
    if (!empty($_CONF['image_lib'])) {
        if ($_CONF['image_lib'] == 'imagemagick') {
            // Using imagemagick
            $upload->setMogrifyPath($_CONF['path_to_mogrify']);
        } elseif ($_CONF['image_lib'] == 'netpbm') {
            // using netPBM
            $upload->setNetPBM($_CONF['path_to_netpbm']);
        } elseif ($_CONF['image_lib'] == 'gdlib') {
            // using the GD library
            $upload->setGDLib();
        }
        $upload->setAutomaticResize(true);
        if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
            $upload->setLogFile($_CONF['path'] . 'logs/error.log');
            $upload->setDebug(true);
        }
        if (isset($_CONF['jpeg_quality'])) {
            $upload->setJpegQuality($_CONF['jpeg_quality']);
        }
    }
    $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
    if (!$upload->setPath($_CONF['path_images'] . 'topics')) {
        $display = COM_siteHeader('menu', $LANG27[29]);
        $display .= COM_startBlock($LANG27[29], '', COM_getBlockTemplate('_msg_block', 'header'));
        $display .= $upload->printErrors(false);
        $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        $display .= COM_siteFooter();
        COM_output($display);
        exit;
        // don't return
    }
    $filename = '';
    // see if user wants to upload a (new) icon
    $newicon = $_FILES['newicon'];
    if (!empty($newicon['name'])) {
        $pos = strrpos($newicon['name'], '.') + 1;
        $fextension = substr($newicon['name'], $pos);
        $filename = 'topic_' . $tid . '.' . $fextension;
    }
    // do the upload
    if (!empty($filename)) {
        $upload->setFileNames($filename);
        $upload->setPerms('0644');
        if ($_CONF['max_topicicon_width'] > 0 && $_CONF['max_topicicon_height'] > 0) {
            $upload->setMaxDimensions($_CONF['max_topicicon_width'], $_CONF['max_topicicon_height']);
        } else {
            $upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
        }
        if ($_CONF['max_topicicon_size'] > 0) {
            $upload->setMaxFileSize($_CONF['max_topicicon_size']);
        } else {
            $upload->setMaxFileSize($_CONF['max_image_size']);
        }
        $upload->uploadFiles();
        if ($upload->areErrors()) {
            $display = COM_siteHeader('menu', $LANG27[29]);
            $display .= COM_startBlock($LANG27[29], '', COM_getBlockTemplate('_msg_block', 'header'));
            $display .= $upload->printErrors(false);
            $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            $display .= COM_siteFooter();
            COM_output($display);
            exit;
            // don't return
        }
        $filename = '/images/topics/' . $filename;
    }
    return $filename;
}
Пример #19
0
// | GNU General Public License for more details.                              |
// |                                                                           |
// | You should have received a copy of the GNU General Public License         |
// | along with this program; if not, write to the Free Software Foundation,   |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.           |
// |                                                                           |
// +---------------------------------------------------------------------------+
//
require_once '../../../lib-common.php';
if (!SEC_hasRights('forum.edit')) {
    echo COM_siteHeader();
    echo COM_startBlock($LANG_GF00['access_denied']);
    echo $LANG_GF00['admin_only'];
    echo COM_endBlock();
    echo adminfooter();
    echo COM_siteFooter(true);
    exit;
}
$navbarMenu = array($LANG_GF06['1'] => $_CONF['site_admin_url'] . '/plugins/forum/index.php', $LANG_GF06['2'] => $_CONF['site_admin_url'] . '/plugins/forum/settings.php', $LANG_GF06['3'] => $_CONF['site_admin_url'] . '/plugins/forum/boards.php', $LANG_GF06['4'] => $_CONF['site_admin_url'] . '/plugins/forum/mods.php', $LANG_GF06['5'] => $_CONF['site_admin_url'] . '/plugins/forum/migrate.php', $LANG_GF06['6'] => $_CONF['site_admin_url'] . '/plugins/forum/messages.php', $LANG_GF06['7'] => $_CONF['site_admin_url'] . '/plugins/forum/ips.php');
// Site admin can add common footer code here
function adminfooter()
{
    global $_CONF, $LANG_GF01;
    $footertemplate = new Template($_CONF['path_layout'] . 'forum/layout/admin');
    $footertemplate->set_file(array('footertemplate' => 'footer.thtml'));
    $footertemplate->set_var('forumname', $LANG_GF01['forumname']);
    $footertemplate->parse('output', 'footertemplate');
    echo $footertemplate->finish($footertemplate->get_var('output'));
}
function gf_resyncforum($id)
{
Пример #20
0
     case 'blankpage':
         $header = new Template($_CONF['path_layout'] . 'nexcontent');
         $header->set_file(array('header' => 'header.thtml'));
         $header->set_var('page_title', $heading);
         $header->set_var('css_url', $_CONF['layout_url'] . '/style.css');
         $header->set_var('theme', $_CONF['theme']);
         $header->parse('output', 'header');
         $siteheader = $header->finish($header->get_var('output'));
         $footer = new Template($_CONF['path_layout'] . 'nexcontent');
         $footer->set_file(array('footer' => 'footer.thtml'));
         $footer->parse('output', 'footer');
         $sitefooter = $footer->finish($footer->get_var('output'));
         break;
     default:
         $siteheader = COM_siteHeader('none', $pagetitle);
         $sitefooter = COM_siteFooter();
         break;
 }
 if ($editperms and $_GET['preview'] != 1) {
     if ($type == 'category') {
         $editlink = '<a href="' . $_CONF['site_admin_url'] . '/plugins/nexcontent/index.php?op=editCategory&mode=edit&pageid=' . $page . '">[Edit]</a>';
     } else {
         $editlink = '<a href="' . $_CONF['site_admin_url'] . '/plugins/nexcontent/index.php?op=editPage&mode=edit&pageid=' . $page . '">[Edit]</a>';
     }
     $pageview->set_var('edit_link', '<span style="padding-left:10px;">' . $editlink . '</span>');
     $pageview->set_var('top_editlink', '<td width="7%" nowrap>' . $editlink . '</td>');
     $pageview->parse('bottom_editlink', 'editlink');
 } else {
     $pageview->set_var('top_editlink', '');
     $pageview->set_var('bottom_editlink', '');
 }
Пример #21
0
/**
 * Get an existing static page
 *
 * @param   array   args    Contains all the data provided by the client
 * @param   string  &output OUTPUT parameter containing the returned text
 * @param   string  &svc_msg OUTPUT parameter containing any service messages
 * @return  int		    Response code as defined in lib-plugins.php
 */
function service_get_staticpages($args, &$output, &$svc_msg)
{
    global $_CONF, $_TABLES, $LANG_ACCESS, $LANG12, $LANG_STATIC, $LANG_LOGIN, $_SP_CONF;
    $output = '';
    $svc_msg['output_fields'] = array('sp_hits', 'sp_format', 'owner_id', 'group_id', 'perm_owner', 'perm_group', 'perm_members', 'perm_anon', 'sp_help', 'sp_php', 'sp_inblock', 'commentcode');
    if (empty($args['sp_id']) && !empty($args['id'])) {
        $args['sp_id'] = $args['id'];
    }
    if ($args['gl_svc']) {
        if (isset($args['sp_id'])) {
            $args['sp_id'] = COM_applyBasicFilter($args['sp_id']);
        }
        if (isset($args['mode'])) {
            $args['mode'] = COM_applyBasicFilter($args['mode']);
        }
        if (empty($args['sp_id'])) {
            $svc_msg['gl_feed'] = true;
        } else {
            $svc_msg['gl_feed'] = false;
        }
    } else {
        $svc_msg['gl_feed'] = false;
    }
    if (!$svc_msg['gl_feed']) {
        $page = '';
        if (isset($args['sp_id'])) {
            $page = $args['sp_id'];
        }
        $mode = '';
        if (isset($args['mode'])) {
            $mode = $args['mode'];
        }
        $error = 0;
        if ($page == '') {
            $error = 1;
        }
        $perms = SP_getPerms();
        if (!empty($perms)) {
            $perms = ' AND ' . $perms;
        }
        $sql = "SELECT sp_title,sp_content,sp_hits,sp_date,sp_format," . "commentcode,sp_uid,owner_id,group_id,perm_owner,perm_group," . "perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']} " . "WHERE (sp_id = '{$page}') AND (sp_status = 1)" . $perms;
        $result = DB_query($sql);
        $count = DB_numRows($result);
        if ($count == 0 || $count > 1) {
            $error = 1;
        }
        if (!$error) {
            $output = DB_fetchArray($result, false);
            // WE ASSUME $output doesn't have any confidential fields
            if ($mode !== 'autotag') {
                $_CONF['pagetitle'] = $output['sp_title'];
            }
        } else {
            // an error occured (page not found, access denied, ...)
            if (empty($page)) {
                $failflg = 0;
            } else {
                $failflg = DB_getItem($_TABLES['staticpage'], 'sp_nf', "sp_id='{$page}'");
            }
            if ($failflg) {
                if ($mode !== 'autotag') {
                    $output = COM_siteHeader('menu');
                }
                $output .= SEC_loginRequiredForm();
                if ($mode !== 'autotag') {
                    $output .= COM_siteFooter();
                }
            } else {
                if ($mode !== 'autotag') {
                    COM_404();
                }
            }
            return PLG_RET_ERROR;
        }
        if ($args['gl_svc']) {
            // This date format is PHP 5 only,
            // but only the web-service uses the value
            $output['published'] = date('c', strtotime($output['sp_date']));
            $output['updated'] = date('c', strtotime($output['sp_date']));
            $output['id'] = $page;
            $output['title'] = $output['sp_title'];
            $output['category'] = array($output['sp_tid']);
            $output['content'] = $output['sp_content'];
            $output['content_type'] = 'html';
            $output['author_name'] = DB_getItem($_TABLES['users'], 'username', 'uid=' . (int) $output['owner_id']);
            $output['link_edit'] = $page;
        }
    } else {
        $output = array();
        $mode = '';
        if (isset($args['mode'])) {
            $mode = $args['mode'];
        }
        $perms = SP_getPerms();
        if (!empty($perms)) {
            $perms = ' AND ' . $perms;
        }
        $offset = 0;
        if (isset($args['offset'])) {
            $offset = COM_applyBasicFilter($args['offset'], true);
        }
        $max_items = $_SP_CONF['atom_max_items'] + 1;
        $limit = " LIMIT {$offset}, {$max_items}";
        $order = " ORDER BY sp_date DESC";
        $sql = "SELECT sp_id,sp_title,sp_content,sp_hits,sp_date,sp_format,owner_id," . "group_id,perm_owner,perm_group,perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']} WHERE (sp_status = 1)" . $perms . $order . $limit;
        $result = DB_query($sql);
        $count = 0;
        while (($output_item = DB_fetchArray($result, false)) !== false) {
            // WE ASSUME $output doesn't have any confidential fields
            $count += 1;
            if ($count == $max_items) {
                $svc_msg['offset'] = $offset + $_SP_CONF['atom_max_items'];
                break;
            }
            if ($args['gl_svc']) {
                // This date format is PHP 5 only, but only the web-service uses the value
                $output_item['published'] = date('c', strtotime($output_item['sp_date']));
                $output_item['updated'] = date('c', strtotime($output_item['sp_date']));
                $output_item['id'] = $output_item['sp_id'];
                $output_item['title'] = $output_item['sp_title'];
                $output_item['category'] = array($output_item['sp_tid']);
                $output_item['content'] = $output_item['sp_content'];
                $output_item['content_type'] = 'html';
                $output_item['author_name'] = DB_getItem($_TABLES['users'], 'username', 'uid=' . (int) $output['owner_id']);
            }
            $output[] = $output_item;
        }
    }
    return PLG_RET_OK;
}
Пример #22
0
/**
* Saves a poll
*
* Saves a poll topic and potential answers to the database
*
* @param    string  $pid            Poll topic ID
* @param    string  $old_pid        Previous poll topic ID
* @param    array   $Q              Array of poll questions
* @param    string  $mainpage       Checkbox: poll appears on homepage
* @param    string  $topic          The text for the topic
* @param    string  $meta_description
* @param    string  $meta_keywords
* @param    int     $statuscode     (unused)
* @param    string  $open           Checkbox: poll open for voting
* @param    string  $hideresults    Checkbox: hide results until closed
* @param    int     $commentcode    Indicates if users can comment on poll
* @param    array   $A              Array of possible answers
* @param    array   $V              Array of vote per each answer
* @param    array   $R              Array of remark per each answer
* @param    int     $owner_id       ID of poll owner
* @param    int     $group_id       ID of group poll belongs to
* @param    int     $perm_owner     Permissions the owner has on poll
* @param    int     $perm_grup      Permissions the group has on poll
* @param    int     $perm_members   Permissions logged in members have on poll
* @param    int     $perm_anon      Permissions anonymous users have on poll
* @return   string                  HTML redirect or error message
*
*/
function savepoll($pid, $old_pid, $Q, $mainpage, $topic, $meta_description, $meta_keywords, $statuscode, $open, $hideresults, $commentcode, $A, $V, $R, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon)
{
    global $_CONF, $_TABLES, $_USER, $LANG21, $LANG25, $MESSAGE, $_POLL_VERBOSE, $_PO_CONF;
    $retval = '';
    // Convert array values to numeric permission values
    list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    $topic = COM_stripslashes($topic);
    $meta_description = strip_tags(COM_stripslashes($meta_description));
    $meta_keywords = strip_tags(COM_stripslashes($meta_keywords));
    $pid = COM_sanitizeID($pid);
    $old_pid = COM_sanitizeID($old_pid);
    if (empty($pid)) {
        if (empty($old_pid)) {
            $pid = COM_makeSid();
        } else {
            $pid = $old_pid;
        }
    }
    // check if any question was entered
    if (empty($topic) or count($Q) == 0 or strlen($Q[0]) == 0 or strlen($A[0][0]) == 0) {
        $retval .= COM_siteHeader('menu', $LANG25[5]);
        $retval .= COM_startBlock($LANG21[32], '', COM_getBlockTemplate('_msg_block', 'header'));
        $retval .= $LANG25[2];
        $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        $retval .= COM_siteFooter();
        return $retval;
    }
    if (!SEC_checkToken()) {
        COM_accessLog("User {$_USER['username']} tried to save poll {$pid} and failed CSRF checks.");
        return COM_refresh($_CONF['site_admin_url'] . '/plugins/polls/index.php');
    }
    // check for poll id change
    if (!empty($old_pid) && $pid != $old_pid) {
        // check if new pid is already in use
        if (DB_count($_TABLES['polltopics'], 'pid', $pid) > 0) {
            // TBD: abort, display editor with all content intact again
            $pid = $old_pid;
            // for now ...
        }
    }
    // start processing the poll topic
    if ($_POLL_VERBOSE) {
        COM_errorLog('**** Inside savepoll() in ' . $_CONF['site_admin_url'] . '/plugins/polls/index.php ***');
    }
    $access = 0;
    if (DB_count($_TABLES['polltopics'], 'pid', $pid) > 0) {
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['polltopics']} WHERE pid = '{$pid}'");
        $P = DB_fetchArray($result);
        $access = SEC_hasAccess($P['owner_id'], $P['group_id'], $P['perm_owner'], $P['perm_group'], $P['perm_members'], $P['perm_anon']);
    } else {
        $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
    }
    if ($access < 3 || !SEC_inGroup($group_id)) {
        $display .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
        COM_accessLog("User {$_USER['username']} tried to illegally submit or edit poll {$pid}.");
        COM_output($display);
        exit;
    }
    if (empty($voters)) {
        $voters = 0;
    }
    if ($_POLL_VERBOSE) {
        COM_errorLog('owner permissions: ' . $perm_owner, 1);
        COM_errorLog('group permissions: ' . $perm_group, 1);
        COM_errorLog('member permissions: ' . $perm_members, 1);
        COM_errorLog('anonymous permissions: ' . $perm_anon, 1);
    }
    // we delete everything and re-create it with the input from the form
    $del_pid = $pid;
    if (!empty($old_pid) && $pid != $old_pid) {
        $del_pid = $old_pid;
        // delete by old pid, create using new pid below
    }
    DB_delete($_TABLES['polltopics'], 'pid', $del_pid);
    DB_delete($_TABLES['pollanswers'], 'pid', $del_pid);
    DB_delete($_TABLES['pollquestions'], 'pid', $del_pid);
    $topic = addslashes($topic);
    $meta_description = addslashes($meta_description);
    $meta_keywords = addslashes($meta_keywords);
    $k = 0;
    // set up a counter to make sure we do assign a straight line of question id's
    $v = 0;
    // re-count votes sine they might have been changed
    // first dimension of array are the questions
    $num_questions = count($Q);
    for ($i = 0; $i < $num_questions; $i++) {
        $Q[$i] = COM_stripslashes($Q[$i]);
        if (strlen($Q[$i]) > 0) {
            // only insert questions that exist
            $Q[$i] = addslashes($Q[$i]);
            DB_save($_TABLES['pollquestions'], 'qid, pid, question', "'{$k}', '{$pid}', '{$Q[$i]}'");
            // within the questions, we have another dimensions with answers,
            // votes and remarks
            $num_answers = count($A[$i]);
            for ($j = 0; $j < $num_answers; $j++) {
                $A[$i][$j] = COM_stripslashes($A[$i][$j]);
                if (strlen($A[$i][$j]) > 0) {
                    // only insert answers etc that exist
                    if (!is_numeric($V[$i][$j])) {
                        $V[$i][$j] = "0";
                    }
                    $A[$i][$j] = addslashes($A[$i][$j]);
                    $R[$i][$j] = addslashes($R[$i][$j]);
                    $sql = "INSERT INTO {$_TABLES['pollanswers']} (pid, qid, aid, answer, votes, remark) VALUES " . "('{$pid}', '{$k}', " . ($j + 1) . ", '{$A[$i][$j]}', {$V[$i][$j]}, '{$R[$i][$j]}');";
                    DB_query($sql);
                    $v = $v + $V[$i][$j];
                }
            }
            $k++;
        }
    }
    // save topics after the questions so we can include question count into table
    $sql = "'{$pid}','{$topic}','{$meta_description}','{$meta_keywords}',{$v}, {$k}, '" . date('Y-m-d H:i:s');
    if ($mainpage == 'on') {
        $sql .= "',1";
    } else {
        $sql .= "',0";
    }
    if ($open == 'on') {
        $sql .= ",1";
    } else {
        $sql .= ",0";
    }
    if ($hideresults == 'on') {
        $sql .= ",1";
    } else {
        $sql .= ",0";
    }
    $sql .= ",'{$statuscode}','{$commentcode}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon}";
    // Save poll topic
    DB_save($_TABLES['polltopics'], "pid, topic, meta_description, meta_keywords, voters, questions, date, display, is_open, hideresults, statuscode, commentcode, owner_id, group_id, perm_owner, perm_group, perm_members, perm_anon", $sql);
    if (empty($old_pid) || $old_pid == $pid) {
        PLG_itemSaved($pid, 'polls');
    } else {
        DB_change($_TABLES['comments'], 'sid', addslashes($pid), array('sid', 'type'), array(addslashes($old_pid), 'polls'));
        PLG_itemSaved($pid, 'polls', $old_pid);
    }
    if ($_POLL_VERBOSE) {
        COM_errorLog('**** Leaving savepoll() in ' . $_CONF['site_admin_url'] . '/plugins/polls/index.php ***');
    }
    return PLG_afterSaveSwitch($_PO_CONF['aftersave'], $_CONF['site_url'] . '/polls/index.php?pid=' . $pid, 'polls', 19);
    return COM_refresh($_CONF['site_admin_url'] . '/plugins/polls/index.php?msg=19');
}
Пример #23
0
}
/* 
* Main Function
*/
$display = COM_siteHeader() . COM_startBlock($LANG_GUS00['install_header']);
$action = isset($_GET['action']) ? COM_applyFilter($_GET['action']) : '';
if ($action === 'install') {
    if (plugin_install_gus()) {
        $img_url = $_CONF['site_url'] . '/gus/images/' . $_GUS_IMG_name;
        $blockManager = $_CONF['site_admin_url'] . '/block.php';
        $admin_url = $_CONF['site_admin_url'] . '/plugins/gus/index.php';
        $import_url = $_CONF['site_admin_url'] . '/plugins/gus/import.php';
        $readme_url = $_CONF['site_admin_url'] . '/plugins/gus/readme.html';
        $display .= "<img align=left src=\"{$img_url}\" alt='GUS Icon' width=48 height=48>" . '<p>I have created all the necessary tables and activated the Who\'s Online block. ' . "If you do not want to use it, then you may disable it by changing the GUS config.php file located in the plugins/gus directory. " . "<p>To configure GUS, go to the <a href=\"{$admin_url}\">admin page</a>.\n\t\t\tInformation about the various configuration options\tmay be found in the \n\t\t\t<a href=\"{$readme_url}#config\">README file</a>." . "<p>If you would like to support development of this plugin, there are some suggestions in the  \n\t\t\t<a href=\"{$readme_url}#you\">README file</a>.";
        // check for old stats to see if we should add an import link
        if ($_ST_plugin_name != '') {
            $stats_version = DB_getItem($_TABLES['plugins'], 'pi_version', "pi_name = '{$_ST_plugin_name}'");
            $display .= "<hr>I notice you have the stats plugin version {$stats_version} installed as '{$_ST_plugin_name}'. ";
            if ($stats_version !== '1.3') {
                $display .= "<p>If you had version 1.3 installed, I could import its data. \n\t\t\t\t\tIf you update this in the future, you can import its data from \n\t\t\t\t\tthe <a href=\"{$admin_url}\">admin page</a>.";
            } else {
                $display .= "<p>You may import its data into GUS using the <a href=\"{$import_url}\">import page</a>.";
            }
        }
    } else {
        plugin_uninstall_gus();
        $display .= 'For some reason, installation failed.  Check your error logs.';
    }
}
$display .= COM_endBlock() . COM_siteFooter(TRUE);
echo $display;
Пример #24
0
        $lid = COM_applyFilter($_GET['lid'], true);
    }
    $display = '';
    $display .= COM_startBlock("<b>" . _MD_RATEFILETITLE . "</b>");
    $result = DB_query("SELECT title FROM {$_FM_TABLES['filemgmt_filedetail']} WHERE lid='{$lid}'");
    list($title) = DB_fetchArray($result);
    $title = $myts->makeTboxData4Show($title);
    $display .= '<table border="0" cellpadding="1" cellspacing="0" width="80%" class="plugin"><tr>';
    $display .= '<td class="pluginHeader">' . _MD_FILE . ':&nbsp;' . $title . '</td></tr>';
    $display .= '<tr><td style="padding:10px;"><ul>';
    $display .= '<li>' . _MD_VOTEONCE . '</li>';
    $display .= '<li>' . _MD_RATINGSCALE . '</li>';
    $display .= '<li>' . _MD_BEOBJECTIVE . '</li>';
    $display .= '<li>' . _MD_DONOTVOTE . '</li>';
    $display .= "\n         </ul></td></tr><tr><td style=\"text-align:center;\">\n         <form method=\"post\" action=\"ratefile.php\"><div>\n         <input type=\"hidden\" name=\"lid\" value=\"{$lid}\"" . XHTML . ">\n         <select name=\"rating\"><option>--</option>";
    for ($i = 10; $i > 0; $i--) {
        $display .= "<option value=\"" . $i . "\">" . $i . "</option>\n";
    }
    $display .= "</select><br" . XHTML . "><br" . XHTML . ">";
    $display .= "<input type=\"submit\" name=\"submit\" value=\"" . _MD_RATEIT . "\"" . XHTML . ">\n";
    $display .= "&nbsp;<input type=\"button\" value=\"" . _MD_CANCEL;
    $display .= "\" onclick=\"javascript:history.go(-1)\"" . XHTML . ">\n";
    $display .= "</div></form></td></tr></table>";
    $display .= COM_endBlock();
    if (function_exists('COM_createHTMLDocument')) {
        $display = COM_createHTMLDocument($display);
    } else {
        $display = COM_siteHeader() . $display . COM_siteFooter();
    }
    COM_output($display);
}
Пример #25
0
    } else {
        $logical_taskid = getnextlid($templateID);
        $p->set_var('logical_task_id', $logical_taskid);
        $p->set_var('steptype_options', COM_optionList($_TABLES['nf_steptype'], 'id,stepType', '', 0));
        $p->set_var('form_options', COM_optionList($_TABLES['nxform_definitions'], 'id,name'));
        $p->set_var('task_handler_selection', nf_makeDropDown("id", "handler", $_TABLES['nf_handlers']));
        $p->set_var('next_tasks', '');
        $userOptions = COM_optionList($_TABLES['users'], 'uid,fullname', '', 1, "fullname <> '' AND uid > 1");
        $p->set_var('available_userOptions', $userOptions);
        $variableOptions = nf_makeDropDownWithSelected("id", "variableName", $_TABLES['nf_templatevariables'], $taskRec['dynamicFormVariableID'], '', 1);
        $p->set_var('available_variablesOptions', $variableOptions);
        $sql = "{$_TABLES['nf_templatevariables']} ifTask WHERE ifTask.nf_templateID='{$templateID}'";
        $p->set_var('if_task_variables', nf_makeDropDownSql("ifTask.id", "ifTask.variableName", $sql, 1));
        $sql = "{$_TABLES['nf_ifprocessarguments']} ifTask ";
        $p->set_var('if_task_option', nf_makeDropDownSql("ifTask.id", "ifTask.label", $sql, 1));
        $sql = "{$_TABLES['nf_ifoperators']} ifTask ";
        $p->set_var('if_task_operator', nf_makeDropDownSql("ifTask.id", "ifTask.operator", $sql, 1));
        $options = '';
        for ($i = 1; $i <= 31; $i++) {
            $options .= "<option value=\"{$i}\">{$i}</option>";
        }
        $p->set_var('notifyIntervalOptions', $options);
        $p->set_var('notifyInterval2Options', $options);
    }
    $p->parse('output', 'page');
    echo $p->finish($p->get_var('output'));
} else {
    echo "You must choose a template to edit first...<BR><BR><BR>";
}
$retval .= COM_siteFooter(false);
echo $retval;
Пример #26
0
/**
* This will save a submission
*
* @param    string  $type   Type of submission we are dealing with
* @param    array   $A      Data for that submission
*
*/
function savesubmission($type, $A)
{
    global $_CONF, $_TABLES, $_USER, $LANG12;
    $retval = COM_siteHeader();
    COM_clearSpeedlimit($_CONF['speedlimit'], 'submit');
    $last = COM_checkSpeedlimit('submit');
    if ($last > 0) {
        $retval .= COM_startBlock($LANG12[26], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG12[30] . $last . $LANG12[31] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')) . COM_siteFooter();
        return $retval;
    }
    if (!empty($type) && $type != 'story') {
        // Update the submitspeedlimit for user - assuming Plugin approves
        // submission record
        COM_updateSpeedlimit('submit');
        // see if this is a submission that needs to be handled by a plugin
        // and should include its own redirect
        $retval = PLG_saveSubmission($type, $A);
        if ($retval === false) {
            COM_errorLog("Could not save your submission. Bad type: {$type}");
        } elseif (empty($retval)) {
            // plugin should include its own redirect - but in case handle
            // it here and redirect to the main page
            return COM_refresh($_CONF['site_url'] . '/index.php');
        } else {
            return $retval;
        }
    }
    if (!empty($A['title']) && !empty($A['introtext'])) {
        $retval = savestory($A);
    } else {
        $retval .= COM_startBlock($LANG12[22], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG12[23] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')) . submissionform($type) . COM_siteFooter();
    }
    return $retval;
}
Пример #27
0
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            |
// | GNU General Public License for more details.                             |
// |                                                                          |
// | You should have received a copy of the GNU General Public License        |
// | along with this program; if not, write to the Free Software Foundation,  |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.          |
// |                                                                          |
// +--------------------------------------------------------------------------+
require_once '../../../lib-common.php';
require_once '../../auth.inc.php';
if (!SEC_hasRights('forum.edit')) {
    $display = COM_siteHeader();
    $display .= COM_startBlock($LANG_GF00['access_denied']);
    $display .= $LANG_GF00['admin_only'];
    $display .= COM_endBlock();
    $display .= COM_siteFooter(true);
    echo $display;
    exit;
}
USES_forum_functions();
USES_forum_format();
USES_forum_admin();
if (isset($_POST['migrate']) && $_POST['migrate'] == $LANG_GF01['MIGRATE_NOW'] and $_POST['selforum'] != "select" and !empty($_POST['cb_chkentry'])) {
    $num_stories = 0;
    $num_posts = 0;
    $forum = COM_applyFilter($_POST['selforum']);
    foreach ($_POST['cb_chkentry'] as $sid) {
        if ($_POST['seltopic'] == 'submissions') {
            $topic = DB_getItem($_TABLES['storysubmission'], "tid", "sid='" . DB_escapeString($sid) . "'");
            $sql = DB_query("SELECT sid,tid,date,uid,title,introtext from {$_TABLES['storysubmission']} WHERE sid='" . DB_escapeString($sid) . "'");
            list($sid, $tid, $storydate, $uid, $subject, $introtext) = DB_fetchArray($sql);
Пример #28
0
/**
 * Get an existing static page
 *
 * @param   array   args    Contains all the data provided by the client
 * @param   string  &output OUTPUT parameter containing the returned text
 * @param   string  &svc_msg OUTPUT parameter containing any service messages
 * @return  int		    Response code as defined in lib-plugins.php
 */
function service_get_staticpages($args, &$output, &$svc_msg)
{
    global $_CONF, $_TABLES, $LANG_ACCESS, $LANG12, $LANG_STATIC, $_SP_CONF;
    $output = '';
    $svc_msg['output_fields'] = array('sp_hits', 'sp_format', 'draft_flag', 'owner_id', 'group_id', 'perm_owner', 'perm_group', 'perm_members', 'perm_anon', 'sp_help', 'sp_php', 'sp_inblock', 'commentcode');
    if (empty($args['sp_id']) && !empty($args['id'])) {
        $args['sp_id'] = $args['id'];
    }
    if ($args['gl_svc']) {
        if (isset($args['sp_id'])) {
            $args['sp_id'] = COM_applyBasicFilter($args['sp_id']);
        }
        if (isset($args['mode'])) {
            $args['mode'] = COM_applyBasicFilter($args['mode']);
        }
        if (empty($args['sp_id'])) {
            $svc_msg['gl_feed'] = true;
        } else {
            $svc_msg['gl_feed'] = false;
        }
    } else {
        $svc_msg['gl_feed'] = false;
    }
    if (!$svc_msg['gl_feed']) {
        $page = '';
        if (isset($args['sp_id'])) {
            $page = $args['sp_id'];
        }
        $mode = '';
        if (isset($args['mode'])) {
            $mode = $args['mode'];
        }
        $error = 0;
        if ($page == '') {
            $error = 1;
        }
        $perms = SP_getPerms();
        if (!SEC_hasRights('staticpages.edit')) {
            if (!empty($perms)) {
                $perms .= ' AND';
            }
            $perms .= '(draft_flag = 0)';
        }
        if (!empty($perms)) {
            $perms = ' AND ' . $perms;
        }
        $sql = array();
        $sql['mysql'] = "SELECT sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format," . "commentcode,meta_description,meta_keywords,template_flag,template_id,draft_flag," . "owner_id,group_id,perm_owner,perm_group," . "perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']} " . "WHERE (sp_id = '{$page}')" . $perms;
        $sql['mssql'] = "SELECT sp_title,sp_page_title," . "CAST(sp_content AS text) AS sp_content,sp_hits," . "created,modified,sp_format,commentcode," . "CAST(meta_description AS text) AS meta_description," . "CAST(meta_keywords AS text) AS meta_keywords,template_flag,template_id,draft_flag," . "owner_id,group_id,perm_owner,perm_group,perm_members," . "perm_anon,sp_tid,sp_help,sp_php,sp_inblock " . "FROM {$_TABLES['staticpage']} WHERE (sp_id = '{$page}')" . $perms;
        $sql['pgsql'] = "SELECT sp_title,sp_page_title,sp_content,sp_hits," . "created,modified,sp_format," . "commentcode,meta_description,meta_keywords,template_flag,template_id,draft_flag," . "owner_id,group_id,perm_owner,perm_group," . "perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']} " . "WHERE (sp_id = '{$page}')" . $perms;
        $result = DB_query($sql);
        $count = DB_numRows($result);
        if ($count == 0 || $count > 1) {
            $error = 1;
        }
        if (!$error) {
            $output = DB_fetchArray($result, false);
            // WE ASSUME $output doesn't have any confidential fields
            if ($output['template_id'] != '') {
                $retval = '';
                $mode = '';
                $xmlObject = simplexml_load_string($output['sp_content']);
                // create array of XML data
                $tag = array();
                foreach ($xmlObject->variable as $variable) {
                    $key = $variable["name"] . '';
                    $value = $variable->data;
                    $tag[$key] = $value;
                }
                // Loop through variables to replace any autotags first
                foreach ($tag as &$value) {
                    $value = PLG_replaceTags($value);
                }
                $args = array('sp_id' => $output['template_id'], 'mode' => $mode, 'gl_svc' => '');
                $svc_msg = array();
                if (PLG_invokeService('staticpages', 'get', $args, $retval, $svc_msg) == PLG_RET_OK) {
                    $retval['sp_content'] = str_replace(array_keys($tag), array_values($tag), $retval['sp_content']);
                    $output['sp_content'] = $retval['sp_content'];
                }
            }
        } else {
            // an error occured (page not found, access denied, ...)
            /**
             * if the user has edit permissions and the page does not exist,
             * send them to the editor so they can create it "wiki style"
             */
            $create_page = false;
            if ($mode !== 'autotag' && $count == 0 && SEC_hasRights('staticpages.edit')) {
                // check again without permissions
                if (DB_count($_TABLES['staticpage'], 'sp_id', $page) == 0) {
                    $url = $_CONF['site_admin_url'] . '/plugins/staticpages/index.php?mode=edit&sp_new_id=' . $page . '&msg=21';
                    $output = COM_refresh($url);
                    $create_page = true;
                }
            }
            if (!$create_page) {
                if (empty($page)) {
                    $failflg = 0;
                } else {
                    $failflg = DB_getItem($_TABLES['staticpage'], 'sp_nf', "sp_id = '{$page}'");
                }
                if ($failflg) {
                    if ($mode !== 'autotag') {
                        $output = COM_siteHeader('menu');
                    }
                    $output .= SEC_loginRequiredForm();
                    if ($mode !== 'autotag') {
                        $output .= COM_siteFooter(true);
                    }
                } else {
                    if ($mode !== 'autotag') {
                        $output = COM_siteHeader('menu');
                    }
                    $output .= COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header'));
                    $output .= $LANG_STATIC['deny_msg'];
                    $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
                    if ($mode !== 'autotag') {
                        $output .= COM_siteFooter(true);
                    }
                }
            }
            return PLG_RET_ERROR;
        }
        if ($args['gl_svc']) {
            // This date format is PHP 5 only,
            // but only the web-service uses the value
            $output['published'] = date('c', strtotime($output['created']));
            $output['updated'] = date('c', strtotime($output['modified']));
            $output['id'] = $page;
            $output['title'] = $output['sp_title'];
            $output['page_title'] = $output['sp_page_title'];
            $output['category'] = array($output['sp_tid']);
            $output['content'] = $output['sp_content'];
            $output['content_type'] = 'html';
            $owner_data = SESS_getUserDataFromId($output['owner_id']);
            $output['author_name'] = $owner_data['username'];
            $output['link_edit'] = $page;
        }
    } else {
        $output = array();
        $mode = '';
        if (isset($args['mode'])) {
            $mode = $args['mode'];
        }
        $perms = SP_getPerms();
        if (!empty($perms)) {
            $perms = ' WHERE ' . $perms;
        }
        $offset = 0;
        if (isset($args['offset'])) {
            $offset = COM_applyBasicFilter($args['offset'], true);
        }
        $max_items = $_SP_CONF['atom_max_items'] + 1;
        $limit = " LIMIT {$offset}, {$max_items}";
        $order = " ORDER BY modified DESC";
        $sql = array();
        $sql['mysql'] = "SELECT sp_id,sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format,meta_description,meta_keywords,template_flag,template_id,draft_flag,owner_id," . "group_id,perm_owner,perm_group,perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']}" . $perms . $order . $limit;
        $sql['mssql'] = "SELECT sp_id,sp_title,sp_page_title,CAST(sp_content AS text) AS sp_content,sp_hits," . "created,modified,sp_format,CAST(meta_description AS text) AS meta_description,CAST(meta_keywords AS text) AS meta_keywords,template_flag,template_id,draft_flag,owner_id,group_id,perm_owner,perm_group,perm_members," . "perm_anon,sp_tid,sp_help,sp_php,sp_inblock FROM {$_TABLES['staticpage']}" . $perms . $order . $limit;
        $sql['pgsql'] = "SELECT sp_id,sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format,meta_description,meta_keywords,template_flag,template_id,draft_flag,owner_id," . "group_id,perm_owner,perm_group,perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']}" . $perms . $order . $limit;
        $result = DB_query($sql);
        $count = 0;
        while (($output_item = DB_fetchArray($result, false)) !== false) {
            // WE ASSUME $output doesn't have any confidential fields
            $count += 1;
            if ($count == $max_items) {
                $svc_msg['offset'] = $offset + $_SP_CONF['atom_max_items'];
                break;
            }
            if ($args['gl_svc']) {
                // This date format is PHP 5 only, but only the web-service uses the value
                $output_item['published'] = date('c', strtotime($output_item['created']));
                $output_item['updated'] = date('c', strtotime($output_item['modified']));
                $output_item['id'] = $output_item['sp_id'];
                $output_item['title'] = $output_item['sp_title'];
                $output_item['page_title'] = $output_item['sp_page_title'];
                $output_item['category'] = array($output_item['sp_tid']);
                $output_item['content'] = $output_item['sp_content'];
                $output_item['content_type'] = 'html';
                $owner_data = SESS_getUserDataFromId($output_item['owner_id']);
                $output_item['author_name'] = $owner_data['username'];
            }
            $output[] = $output_item;
        }
    }
    return PLG_RET_OK;
}
Пример #29
0
    $theforum = '';
}
if ($op == '') {
    $bannedsql = DB_query("SELECT * FROM {$_TABLES['gf_banned_ip']} ORDER BY host_ip DESC");
    $bannum = DB_numRows($bannedsql);
    $p = new Template($_CONF['path_layout'] . 'forum/layout/admin');
    $p->set_file(array('page' => 'banip_mgmt.thtml', 'records' => 'ip_records.thtml'));
    if ($bannum == 0) {
        $p->set_var('alertmessage', $LANG_GF96['noips']);
        $p->set_var('showalert', '');
    } else {
        $p->set_var('showalert', 'none');
    }
    $p->set_var('phpself', $_CONF['site_admin_url'] . '/plugins/forum/ips.php');
    $p->set_var('LANG_IP', $LANG_GF96['ipbanned']);
    $p->set_var('LANG_Actions', $LANG_GF01['ACTIONS']);
    $i = 1;
    while ($A = DB_fetchArray($bannedsql)) {
        $p->set_var('ip', $A['host_ip']);
        $p->set_var('unban', $LANG_GF96['unban']);
        $p->set_var('csscode', $i);
        $p->parse('ip_records', 'records', true);
        $i = $i == 1 ? 2 : 1;
    }
    $p->parse('output', 'page');
    echo $p->finish($p->get_var('output'));
}
echo COM_endBlock();
echo adminfooter();
echo COM_siteFooter();
Пример #30
0
/**
* Display message after a login error
*
* @param    int     $msg            message number for custom handler
* @param    string  $message_title  title for the message box
* @param    string  $message_text   text of the message box
* @return   void                    function does not return!
*
*/
function displayLoginErrorAndAbort($msg, $message_title, $message_text)
{
    global $_CONF;
    if ($_CONF['custom_registration'] && function_exists('CUSTOM_loginErrorHandler')) {
        // Typically this will be used if you have a custom main site page
        // and need to control the login process
        CUSTOM_loginErrorHandler($msg);
    } else {
        @header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
        @header('Status: 403 Forbidden');
        $retval = COM_siteHeader('menu', $message_title) . COM_showMessageText($message_text, $message_title, false, 'error') . COM_siteFooter();
        echo $retval;
    }
    // don't return
    exit;
}