<?php
/* --- inicializace jadra --- */
require '../require/load.php';
SL::init('../');
if (_ratemode == 0) {
exit;
}
/* --- hodnoceni --- */
// nacteni promennych
_checkKeys('_POST', array('id'));
$id = intval($_POST['id']);
$article_exists = false;
// kontrola promennych a pristupu
$continue = false;
$query = DB::query("SELECT art.id,art.title_seo,art.time,art.confirmed,art.public,art.home1,art.home2,art.home3,art.rateon,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $id);
if (DB::size($query) != 0) {
$article_exists = true;
$query = DB::row($query);
if (isset($_POST['r'])) {
$r = round($_POST['r'] / 10) * 10;
if (_iplogCheck(3, $id) and _xsrfCheck() and $query['rateon'] == 1 and _articleAccess($query) == 1 and $r <= 100 and $r >= 0) {
$continue = true;
}
}
}
// zapocteni hodnoceni
if ($continue) {
DB::query("UPDATE `" . _mysql_prefix . "-articles` SET ratenum=ratenum+1,ratesum=ratesum+" . $r . " WHERE id=" . $id);
_iplogUpdate(3, $id);
}
<?php
/* --- incializace jadra --- */
require './require/load.php';
SL::init('./');
/* --- zpracovani --- */
_checkKeys('_POST', array('content'));
echo _parsePost(_htmlStr(strval($_POST['content'])));
<?php
/* --- incializace jadra --- */
require '../require/load.php';
define('_session_regenerate', true);
SL::init('../');
/* --- prihlaseni --- */
_checkKeys('_POST', array('form_url'));
if (!isset($_POST['username'])) {
$_POST['username'] = '';
}
if (!isset($_POST['password'])) {
$_POST['password'] = '';
}
$result = 0;
$username = "";
$ipbound = isset($_POST['ipbound']);
if (!_loginindicator) {
if (_xsrfCheck()) {
if (_iplogCheck(1)) {
// nacteni promennych
$username = DB::esc($_POST['username']);
$email = strpos($_POST['username'], '@') !== false;
$password = $_POST['password'];
$persistent = _checkboxLoad('persistent');
// nalezeni uzivatele
$query = DB::query("SELECT * FROM `" . _mysql_prefix . "-users` WHERE `" . ($email ? 'email' : 'username') . "`='" . $username . "'" . (!$email && $username !== '' ? ' OR publicname=\'' . $username . '\'' : ''));
if (DB::size($query) != 0) {
$query = DB::row($query);
if (empty($username)) {
$username = $query['username'];
<?php
/* --- incializace jadra --- */
require '../require/load.php';
define('_header', '');
SL::init('../');
if (!_rss) {
exit;
}
/* --- priprava promennych --- */
$continue = false;
_checkKeys('_GET', array('tp', 'id'));
$type = intval($_GET['tp']);
$id = intval($_GET['id']);
// cast sql dotazu - verejnost
if (!_loginindicator) {
if (!_notpublicsite) {
$public = " AND public=1";
} else {
exit;
}
} else {
$public = "";
}
// nastaveni titulku, typu, casti sql...
$donottestsource = false;
$homelimit = " home=" . $id;
$pagetitle_column = "title";
$custom_cond = true;
switch ($type) {
// komentare v sekci a prispevky v knize
$author = -1;
}
// typ, domov, text
$posttarget = intval($_POST['_posttarget']);
$posttype = intval($_POST['_posttype']);
$text = DB::esc(_htmlStr(_wsTrim(_cutStr($_POST['text'], $posttype != 4 ? 16384 : 255, false))));
// domovsky prispevek
if ($posttype != 4) {
_checkKeys('_POST', array('_xhome'));
$xhome = intval($_POST['_xhome']);
} else {
$xhome = -1;
}
// predmet
if ($xhome == -1 and $posttype != 4) {
_checkKeys('_POST', array('subject'));
$subject = DB::esc(_htmlStr(_wsTrim(_cutStr($_POST['subject'], $posttype == 5 ? 48 : 22, false))));
} else {
$subject = "";
}
// plugin flag
if ($posttype == 8) {
if (!isset($_POST['_pluginflag'])) {
die;
}
$pluginflag = intval($_POST['_pluginflag']);
} else {
$pluginflag = 0;
}
// vyplneni prazdnych poli
if ($subject == "" and $xhome == -1 and $posttype != 4) {
<?php
/* --- inicializace jadra --- */
require '../../require/load.php';
require_once '../../admin/functions-backup.php';
define('_header', '');
SL::init('../../');
// podminka spusteni
if (!_loginright_adminbackup || !_xsrfCheck()) {
exit;
}
// nacteni parametru
_checkKeys('_POST', array('type', 'fname', 'compress'));
$type = intval($_POST['type']);
$fname = basename(trim($_POST['fname']));
if (empty($fname)) {
$fname = 'backup';
}
$compress = intval($_POST['compress']);
$extra_dirs = null;
if (in_array($type, array(_backup_partial, _backup_full)) && isset($_POST['dir_upload'])) {
$extra_dirs = array('upload');
}
// ulozeni na serveru?
if ($store = isset($_POST['target_store'])) {
// uplnou zalohu nelze ulozit
if ($type === _backup_full) {
die;
}
// zpracovat nazev souboru a otevrit
$type_ext = _backupExt($type);
