case 4: $tdata = DB::query("SELECT public,locked FROM `" . _mysql_prefix . "-sboxes` WHERE id=" . $posttarget); if (DB::size($tdata) != 0) { $tdata = DB::row($tdata); if (_publicAccess($tdata['public']) and $tdata['locked'] != 1) { $continue = true; } } break; // forum // forum case 5: $tdata = DB::query("SELECT public,var2,var3,level FROM `" . _mysql_prefix . "-root` WHERE id=" . $posttarget . " AND type=8"); if (DB::size($tdata) != 0) { $tdata = DB::row($tdata); if (_publicAccess($tdata['public'], $tdata['level']) and _publicAccess($tdata['var3']) and $tdata['var2'] != 1) { $continue = true; } } break; // zprava // zprava case 6: if (_messages && _loginindicator) { $tdata = DB::query_row('SELECT sender,receiver FROM `' . _mysql_prefix . '-pm` WHERE id=' . $posttarget . ' AND (sender=' . _loginid . ' OR receiver=' . _loginid . ') AND sender_deleted=0 AND receiver_deleted=0'); if ($tdata !== false) { $continue = true; $xhome = $posttarget; } } break;
<?php // kontrola jadra if (!defined('_core')) { exit; } // titulek $title = $query['title']; if (_template_autoheadings && $query['autotitle']) { $content .= "<h1>" . $query['title'] . _linkRSS($id, 3) . "</h1>\n"; } _extend('call', 'page.book.aftertitle', $extend_args); // obsah _extend('call', 'page.book.content.before', $extend_args); if ($query['content'] != "") { $content .= _parseHCM($query['content']); } _extend('call', 'page.book.content.after', $extend_args); // prispevky require_once _indexroot . 'require/functions-posts.php'; $content .= _postsOutput(3, $id, array($query['var2'], _publicAccess($query['var1']), $query['var3']));
<?php /* ---- inicializace jadra ---- */ require './require/load.php'; SL::init('./'); if (!_printart) { exit; } /* ---- vystup ---- */ if (_publicAccess(!_notpublicsite) and isset($_GET['id'])) { $id = intval($_GET['id']); // nacteni dat clanku $query = DB::query("SELECT art.*,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $id); if (DB::size($query) != 0) { // rozebrani dat, test pristupu $query = DB::row($query); $access = _articleAccess($query); $artlink = _linkArticle($id, $query['title_seo'], $query['cat_title_seo']); $url = _url . "/" . $artlink; define('_indexOutput_url', $artlink); // vypsani obsahu if ($access == 1) { // vlozeni zacatku hlavicky require _indexroot . "require/headstart.php"; ?> <link href="<?php echo _indexroot; ?> plugins/templates/<?php echo _template; ?>
/* -- stranka -- */ // rozebrani dat, test pristupu $id = $query['id']; define('_indexOutput_url', _linkRoot($id, $query['title_seo']) . (isset($ids[1]) ? '/' . $ids[1] : '')); define('_indexOutput_pid', $id); // presmerovani na mod_rewrite adresu if (_modrewrite && isset($ids) && !$rewritten) { $redir_query = $raw_get_data; unset($redir_query['p']); define('_redirect_to', _url . '/' . _addGetToLink(_indexOutput_url, _buildQuery($redir_query), false)); } elseif (isset($ids) && $id == _index_page_id) { // presmerovani hlavni strany (kvuli duplicite) define('_redirect_to', _url . '/'); } else { // priprava pro vystup if (_publicAccess($query['public'], $query['level'])) { // udalosti stranky if (null !== $query['events']) { $query['events'] = _parseStr($query['events']); for ($i = 0; isset($query['events'][$i]); ++$i) { $event = explode(':', $query['events'][$i], 2); _extend('call', 'page.event.' . $event[0], array('arg' => isset($event[1]) ? $event[1] : null, 'query' => &$query)); } } // zpetny odkaz $backlink = null; _extend('call', 'page.backlink', array('backlink' => &$backlink, 'query' => $query)); if (null === $backlink && isset($query['inter_id']) && $query['visible'] == 1 && _template_intersec_backlink) { // odkaz na rozcestnik $backlink = _linkRoot($query['inter_id'], $query['inter_title_seo']); }
if ('' !== $author_name['publicname']) { $author_name = $author_name['publicname']; } else { $author_name = $author_name['username']; } $avatar = "<img src='" . $avatar . "' alt='" . $author_name . "' class='topic-avatar' />"; } } } else { $author = "<span class='post-author-guest' title='" . _showIP($query['ip']) . "'>" . $query['guest'] . "</span>"; } // vystup $module .= "\n<h2>" . $_lang['posts.topic'] . ": " . $query['subject'] . _linkRSS($id, 6) . "</h2>\n<p><small>" . $_lang['global.postauthor'] . " " . $author . " " . _formatTime($query['time']) . "</small>" . $editlink . "</p>\n<p>" . $avatar . _parsePost($query['text']) . "</p>\n<div class='cleaner'></div>\n"; // odpovedi require_once _indexroot . 'require/functions-posts.php'; $module .= _postsOutput(6, $homedata['id'], array(_commentsperpage, _publicAccess($homedata['var3']), $homedata['var2'], $id), $query['locked'] == 1); } else { $form = _uniForm("notpublic"); $module .= $form[0]; } } else { define('_indexOutput_url', "index.php?m=topic"); if (_template_autoheadings) { $module .= "<h1>" . $_lang['global.error404.title'] . "</h1>\n"; } $module .= _formMessage(2, $_lang['posts.topic.notfound']); $found = false; } /* --- titulek --- */ if ($forumtitle != "" and $topictitle != "") { define('_indexOutput_title', $forumtitle . " " . _titleseparator . " " . $topictitle);
/** * Vyhodnotit pravo aktualniho uzivatele k pristupu ke clanku * @param array $res pole s daty clanku (potreba id,time,confirmed,public,home1,home2,home3) * @return int 0 - pristup odepren, 1 - pristup povolen, 2 - vyzadovano prihlaseni */ function _articleAccess($res) { // nevydany / neschvaleny clanek if (!$res['confirmed'] || $res['time'] > time()) { if (_loginright_adminconfirm || $res['author'] == _loginid) { return 1; } return 0; } // kontrola kategorii $homes = array($res['home1']); if ($res['home2'] != -1) { $homes[] = $res['home2']; } if ($res['home3'] != -1) { $homes[] = $res['home3']; } $q = DB::query('SELECT public,level FROM `' . _mysql_prefix . '-root` WHERE id IN(' . implode(',', $homes) . ')'); while ($r = DB::row($q)) { if (_publicAccess($r['public'], $r['level'])) { // do kategorie je pristup (staci alespon 1) return 1; } } return 2; // neni pristup }
function _HCM_sbox($id = null) { // priprava $result = ""; $id = intval($id); // nacteni dat shoutboxu $sboxdata = DB::query("SELECT * FROM `" . _mysql_prefix . "-sboxes` WHERE id=" . $id); if (DB::size($sboxdata) != 0) { $sboxdata = DB::row($sboxdata); $rcontinue = true; } else { $rcontinue = false; } // sestaveni kodu if ($rcontinue) { $result = "\n <div class='anchor'><a name='hcm_sbox_" . SL::$hcmUid . "'></a></div>\n <div class='sbox'>\n <div class='sbox-content'>\n " . ($sboxdata['title'] != "" ? "<div class='sbox-title'>" . $sboxdata['title'] . "</div>" : '') . "<div class='sbox-item'" . ($sboxdata['title'] == "" ? " style='border-top:none;'" : '') . ">"; // formular na pridani if ($sboxdata['locked'] != 1 and _publicAccess($sboxdata['public'])) { // priprava bunek // $captcha = _captchaInit(); if (!_loginindicator) { $inputs[] = array($GLOBALS['_lang']['posts.guestname'], "<input type='text' name='guest' class='sbox-input' maxlength='22' />"); } $inputs[] = array($GLOBALS['_lang']['posts.text'], "<input type='text' name='text' class='sbox-input' maxlength='255' /><input type='hidden' name='_posttype' value='4' /><input type='hidden' name='_posttarget' value='" . $id . "' />"); if (!_loginindicator) { $inputs[1][2] = true; // $inputs[] = $captcha; } $result .= _formOutput("hcm_sboxform_" . SL::$hcmUid, _indexroot . "remote/post.php?_return=" . urlencode(_indexOutput_url . "#hcm_sbox_" . SL::$hcmUid), $inputs, null, null); } else { if ($sboxdata['locked'] != 1) { $result .= $GLOBALS['_lang']['posts.loginrequired']; } else { $result .= "<img src='" . _templateImage("icons/lock.png") . "' alt='locked' class='icon' /> " . $GLOBALS['_lang']['posts.locked2']; } } $result .= "\n</div>\n<div class='sbox-posts'>"; // vypis prispevku $sposts = DB::query("SELECT id,text,author,guest,time,ip FROM `" . _mysql_prefix . "-posts` WHERE home=" . $id . " AND type=4 ORDER BY id DESC"); if (DB::size($sposts) != 0) { while ($spost = DB::row($sposts)) { // nacteni autora if ($spost['author'] != -1) { $author = _linkUser($spost['author'], "post-author' title='" . _formatTime($spost['time']), false, false, 16, ":"); } else { $author = "<span class='post-author-guest' title='" . _formatTime($spost['time']) . ", ip=" . _showIP($spost['ip']) . "'>" . $spost['guest'] . ":</span>"; } // odkaz na spravu if (_postAccess($spost)) { $alink = " <a href='index.php?m=editpost&id=" . $spost['id'] . "'><img src='" . _templateImage("icons/edit.png") . "' alt='edit' class='icon' /></a>"; } else { $alink = ""; } // kod polozky $result .= "<div class='sbox-item'>" . $author . $alink . " " . _parsePost($spost['text'], true, false, false) . "</div>\n"; } } else { $result .= "\n<div class='sbox-item'>" . $GLOBALS['_lang']['posts.noposts'] . "</div>\n"; } $result .= "\n </div>\n </div>\n </div>\n "; } return $result; }