$backtofmp_list = "{$lanfp[0]}{$lanfp[13]}{$lanfp[1]}|admin.php?act={$page['list']}";
acceptrequest('configjob');
if ($configjob == 'save_config') {
$savetext = "<?PHP\n";
$save_config = $_POST['prefconfig'];
if (count($save_config) <= 1) {
catcherror($lna[1013]);
}
while (@(list($key, $val) = @each($save_config))) {
$savetext .= "\$fmp_cfg['{$key}']='" . admin_convert($val) . "';\n";
}
if ($savetext == '') {
catcherror($lna[1013]);
}
if (!writetofile($file['dcfg'], $savetext)) {
catcherror("{$lna[66]}" . $file['dcfg']);
} else {
catchsuccess($finishok, array($backtofmp_cfg, $backtofmp_list, $backtoplugin));
}
}
$plugin_header = <<<eot
<style type="text/css">
.pd3 {
\tpadding:2px;
}
</style>
eot;
$pref_leftchar = "200";
$pref_variable = "fmp_cfg";
include $file['dcfg'];
$ow = array("?", "=", "&");
<div style='visibility: hidden'><input type=submit value="{$lna[64]}" id='realsubmit' class='formbutton'></div>
</form>
eot;
}
if ($job == 'store' || $job == 'restore') {
acceptrequest('pagetitle,closesidebar,html,ubb,emot,useeditor,pagealias,addshortcut,shortcuttarget,shortcutname', 0, 'post');
//Get content
$content = $_POST['content'];
//If magic quotes is on, strip the slashes automatically added
if ($mqgpc_status == 1) {
$content = stripslashes($content);
}
if ($pagetitle == '' || $content == '') {
$cancel = $lna[307];
}
catcherror($cancel);
$closesidebar = @floor($closesidebar);
$htmlstat = @floor($html);
$ubbstat = @floor($ubb);
$emotstat = @floor($emot);
$pageid = @floor($id);
if ($autobr == 0) {
$content = str_replace("\r", '', $content);
//Disable auto linebreak in WYSIWYG editors
}
if ($callaftersubmit) {
$content = call_user_func($callaftersubmit, $content);
}
$content = preg_replace("/\\[php\\](.+?)\\[\\/php\\]/ise", "phpcode3('\\1')", $content);
if ($htmlstat != 1 || $permission['Html'] != 1) {
$content = preg_replace("/\\[code\\](.+?)\\[\\/code\\]/ise", "phpcode2('\\1')", $content);
if ($job == 'ajaxverify') {
acceptrequest('savecookie,securitycode');
$savecookie = floor($savecookie);
if ($config['loginvalidation'] == 1) {
if ($db_defaultsessdir != 1) {
session_save_path("./{$db_tmpdir}");
}
session_cache_limiter("private, must-revalidate");
session_start();
if ($securitycode == '' || strtolower($securitycode) != strtolower($_SESSION['code'])) {
catcherror($lnc[165]);
}
}
$password = md5($_POST['password']);
$username = safe_convert(mystrtolower($_POST['username']));
$try = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$username}' AND `userpsw`='{$password}'");
if (!is_array($try)) {
catcherror($lnc[166]);
} else {
$userid = $try['userid'];
catchsuccess("{$userid}-{$password}-{$savecookie}");
}
}
if ($job == 'ajaxloginsuccess') {
if ($permission['CP'] == 1) {
$destine = array("{$lnc[163]}|index.php", "{$lnc[107]}|admin.php");
} else {
$destine = "{$lnc[163]}|index.php";
}
catchsuccess("{$lnc[167]} " . $userdetail['username'], $destine);
}
announcebar();
$iftoppage = $mbcon['pagebarposition'] == 'down' ? 'none' : 'block';
$ifbottompage = $mbcon['pagebarposition'] == 'up' ? 'none' : 'block';
$bodymenu = $t->set('mainpage', array('pagebar' => $pagebar, 'iftoppage' => $iftoppage, 'ifbottompage' => $ifbottompage, 'ifannouncement' => $ifannouncement, 'topannounce' => $topannounce, 'mainpart' => $section_body_main, 'currentpage' => $pageitems['currentpage'], 'previouspageurl' => $pageitems['previouspageurl'], 'nextpageurl' => $pageitems['nextpageurl'], 'turningpages' => $pageitems['turningpages'], 'totalpages' => $pageitems['totalpages'], 'previouspageexists' => $pageitems['previouspageexists'], 'nextpageexists' => $pageitems['nextpageexists']));
$pagetitle = "Tags - ";
}
if ($job == 'show') {
acceptrequest('mode');
if ($mode == 1 || $mode == 2) {
$mbcon['tag_list'] = $mode - 1;
} else {
$mode = $mbcon['tag_list'] + 1;
}
$m_b = new getblogs();
if ($tag === '') {
catcherror($lnc[192]);
}
$tag = str_replace(''', "\\'", $tag);
$allentries = $blog->getgroupbyquery("SELECT * FROM `{$db_prefix}tags` WHERE `tagname`='{$tag}' LIMIT 0,1");
if (!is_array($allentries[0]) || $allentries[0]['tagentry'] == '<end>' || $allentries[0]['tagcounter'] == 0) {
$section_body_main[] = "<br/><div align='center'><span style='font-size: 14px;'>{$lnc[186]}</span></div><br/>";
} else {
$taginfo = $allentries[0];
$entries_query = str_replace(',<end>', '', $taginfo['tagentry']);
$entries_query = str_replace('<tag>,', '', $entries_query);
$partialquery = "WHERE `blogid` IN ({$entries_query}) AND `property`<'2' ORDER BY `sticky` DESC, `pubtime` DESC";
if ($mbcon['tag_list'] == 1) {
$records = $m_b->new_record_array($partialquery, $mbcon['listitemperpage'], $page);
$listbody = $m_b->make_excerption($records, 'list');
$section_body_main[] = $m_b->make_list(@implode('', $listbody));
$perpagevalue = $mbcon['listitemperpage'];
$backtolightconfig = "dp.SyntaxHighlighter For UBB|admin.php?act={$act}";
acceptrequest('configjob');
if ($configjob == 'save') {
$savetext = "<?PHP\n";
$save_config = $_POST['prefconfig'];
if (count($save_config) <= 1) {
catcherror($lna[1013]);
}
while (@(list($key, $val) = @each($save_config))) {
$savetext .= "\$dp_config['{$key}']='" . admin_convert($val) . "';\n";
}
if ($savetext == '') {
catcherror($lna[1013]);
}
if (!writetofile("plugin/{$act}/config.php", $savetext)) {
catcherror("{$lna[66]}" . "plugin/{$act}/config.php");
} else {
catchsuccess($lanic[$select_include_n] . $lanic[9], array($backtoplugin, $backtolightconfig));
}
}
$pref_leftchar = "200";
$pref_variable = "dp_config";
include "plugin/{$act}/config.php";
addpref("r", "Cpp|C|{$lna[511]}|{$lna[512]}");
addpref("r", "CSharp|C#|{$lna[511]}|{$lna[512]}");
addpref("r", "Vb|Visual Basic|{$lna[511]}|{$lna[512]}");
addpref("r", "Delphi|Delphi|{$lna[511]}|{$lna[512]}");
addpref("r", "Python|Python|{$lna[511]}|{$lna[512]}");
addpref("r", "Ruby|Ruby|{$lna[511]}|{$lna[512]}");
addpref("r", "Java|JAVA|{$lna[511]}|{$lna[512]}");
addpref("r", "Sql|SQL|{$lna[511]}|{$lna[512]}");
for ($i = 0; $i < count($wlink); $i++) {
$link = @explode('<|>', $wlink[$i]);
if (@in_array($link[1], $selid)) {
$wlink[$i] = '';
}
unset($link);
}
$allnow = @implode('', $wlink);
if ($allnow == '') {
@unlink($filename);
} else {
writetofile($filename, $allnow);
}
} elseif ($opt == 'accept' || $opt == 'textonly') {
if ($newlinkgptoid === '') {
catcherror($lna[264]);
} else {
$newlinkgptoid = floor($newlinkgptoid);
}
$linkid = $maxrecord['maxlinkid'];
for ($i = 0; $i < count($wlink); $i++) {
$link = @explode('<|>', $wlink[$i]);
if (@in_array($link[1], $selid)) {
$linklogo = $opt == 'textonly' ? '' : $link[4];
$linkid += 1;
$plinkout[] = "('{$linkid}', '{$link[2]}', '{$link[3]}', '{$linklogo}', '{$link[5]}', '{$newlinkgptoid}', '{$linkid}', '1', '', '')";
$wlink[$i] = '';
}
unset($link);
}
$link_query = @implode(',', $plinkout);
Bo-Blog 2 : The Blog Reloaded.
<<A Bluview Technology Product>>
禁止使用Windows记事本修改文件,由此造成的一切使用不正常恕不解答!
PHP+MySQL blog system.
Code: Bob Shen
Offical site: http://www.bo-blog.com
Copyright (c) Bob Shen 中国-上海
In memory of my university life
------------------------------------------------------- */
if (!defined('VALIDREQUEST')) {
die('Access Denied.');
}
acceptrequest('pageid,pagealias');
$itemid = $pagealias ? safe_convert($pagealias) : floor($pageid);
$m_b = new getblogs();
$records = $pagealias ? $m_b->getgroupbyquery("SELECT * FROM `{$db_prefix}pages` WHERE `pagealias`='{$itemid}'") : $m_b->getgroupbyquery("SELECT * FROM `{$db_prefix}pages` WHERE `pageid`='{$itemid}'");
if (is_array($records)) {
$section_body_main = $m_b->output_page($records[0]);
} else {
catcherror($lnc[186]);
}
//Load plugins
$section_body_main[0] = plugin_get('custompagebegin') . $section_body_main[0];
$section_body_main[] = plugin_get('custompageend');
$plugin_closesidebar = $records[0]['closesidebar'] == 1 ? 0 : 1;
if ($plugin_closesidebar == 1) {
$elements['mainpage'] = str_replace("class=\"content\"", "class=\"content-wide\"", $elements['mainpage']);
}
$ifannouncement = "none";
$bodymenu = $t->set('mainpage', array('pagebar' => '', 'iftoppage' => 'none', 'ifbottompage' => 'none', 'ifannouncement' => 'none', 'topannounce' => '', 'mainpart' => @implode('', $section_body_main), 'previouspageexists' => '', 'nextpageexists' => ''));
$pagetitle = "{$records[0]['pagetitle']} × ";
}
$savelnum = @explode(',', $newlnums);
$saveldesc = @explode(',', $newldescs);
$savedata = $savedata2 = "<?php\n";
for ($i = 0; $i < count($savelnum); $i++) {
if ($savelnum[$i] == '') {
continue;
}
$savedata .= "\$lnc[{$savelnum[$i]}]='" . admin_convert($saveldesc[$i]) . "';\n";
$savedata2 .= "\$lncoverwrite[{$savelnum[$i]}]='" . admin_convert($saveldesc[$i]) . "';\n";
}
if (!writetofile("data/langspec.php", $savedata)) {
catcherror($lna[66] . "data/langspec.php");
}
if (!writetofile("data/langspecoverwrite.php", $savedata2)) {
catcherror($lna[66] . "data/langspecoverwrite.php");
}
catchsuccess($finishok4, $backtolangspec);
}
function skin_convert($str)
{
$str = str_replace("\r", '', $str);
$str = str_replace("\n", '', $str);
$str = addslashes($str);
$str = str_replace('|', '', $str);
return $str;
}
function add_module($filename)
{
global $activate, $newplugindir, $blog, $db_prefix;
if (is_file("plugin/{$newplugindir}/{$filename}")) {
}
if ($blogpsw != $records['blogpsw']) {
catcherror($lnc[297]);
}
$return_main = $m_b->make_viewentry($records, $way, true);
setcookie("entrypassword{$blogid}", $blogpsw);
catchsuccess($return_main);
}
if ($job == 'getreplyonly') {
acceptrequest('repid,reppsw,way,onetimecounter');
$repid = floor($repid);
$reppsw = md5($reppsw);
$tablename = $way == 'reply' ? 'replies' : 'messages';
$partialquery = "SELECT * FROM `{$db_prefix}{$tablename}` WHERE `repid`='{$repid}' LIMIT 1";
$m_b = new getblogs();
$records = $m_b->getbyquery($partialquery);
if (!is_array($records) || $records['repid'] != $repid) {
catcherror($lnc[305]);
}
if ($reppsw != $records['reppsw']) {
catcherror($lnc[297]);
}
$records['reppsw'] = '';
$records['reproperty'] = '0';
if ($way == 'reply') {
$output_single = $m_b->single_reply($records, floor($onetimecounter));
} else {
$output_single = $m_b->single_message($records, floor($onetimecounter));
}
catchsuccess($output_single);
}
function recache_plugins()
{
global $blog, $db_prefix, $lna;
$all_pl = $blog->getgroupbyquery("SELECT * FROM `{$db_prefix}plugins` WHERE `active`=1 ORDER BY `plid` ASC");
if (is_array($all_pl)) {
foreach ($all_pl as $plugin) {
if ($plugin['plregister']) {
$register = @explode(',', str_replace(' ', '', $plugin['plregister']));
foreach ($register as $singlereg) {
$blogplugin[$singlereg][] = $plugin['plname'];
}
}
}
}
if (is_array($blogplugin)) {
foreach ($blogplugin as $typename => $plugins) {
$pluginline = '"' . @implode(',', $plugins) . '"';
$plugwrt[] = "\$blogplugin['{$typename}']={$pluginline};\r\n";
}
$out = "<?PHP\r\n" . @implode('', $plugwrt);
}
if (!writetofile("data/plugin_enabled.php", $out)) {
catcherror($lna[66] . "data/plugin_enabled.php");
}
}
if ($job == 'dolangset') {
acceptrequest('newlangf,newlangb');
if (!file_exists("lang/{$newlangf}/common.php")) {
catcherror("Front-end langauge pack does not exist. 前台语言包不存在。 前臺語言包不存在。");
}
if (!file_exists("lang/{$newlangb}/backend.php")) {
catcherror("Back-end langauge pack does not exist. 后台语言包不存在。 後臺語言包不存在。");
}
$newcontent = "<?PHP\n\$langfront=\"{$newlangf}\";\n\$langback=\"{$newlangb}\";\n@include_once (\"lang/{$newlangf}/common.php\");";
writetofile("data/language.php", $newcontent);
catchsuccess("Language set has been changed. 语言包设置完成。 語言包設置完成。");
}
if ($job == 'refreshadminskinlist' || $job == 'selectadminskin') {
$handle = opendir("admin/theme/");
if (!$handle) {
catcherror("{$lna[155]} admin/theme/ {$lna[156]}<ul><li>{$lna[157]}</li><li>{$lna[158]}</li><li>{$lna[159]}</li></ul>");
}
while (false !== ($file = readdir($handle))) {
if ($file != "." && $file != ".." && is_dir("admin/theme/{$file}")) {
$out .= "\$adminskin[]='{$file}';\n";
}
}
if ($job == 'selectadminskin') {
acceptrequest('targetskin');
$targetskin = basename($targetskin);
if ($targetskin) {
$currentadminskin = $targetskin;
}
}
$sleout = "<?PHP\n" . $out . "\$currentadminskin='{$currentadminskin}';";
writetofile("data/cache_adminskinlist.php", $sleout);
$y2++;
for ($y = $y1; $y <= $y2; $y++) {
if ($y == $y2) {
$var['beforeYearOptions'] .= "<option value=\"{$y}\" selected>{$y}</option>\n";
} else {
$var['beforeYearOptions'] .= "<option value=\"{$y}\">{$y}</option>\n";
}
}
}
// Calculate the length of a menu, shrink if we have settings disabled
if ($filename == "html/{$atmail->Language}/xp/toolbar.html" || $filename == "html/{$atmail->Language}/xp/toolbar_abook.html") {
$var = $atmail->calcmenu_height($filename);
}
// Die if the file is not permitted
if (!$type[$filename]) {
catcherror("Specified file {$filename} is not allowed");
}
$var['FirstLoad'] = $_REQUEST['FirstLoad'];
// If using the help menu, load the selected help-file or default to the settings
if ($filename == "html/{$atmail->Language}/help/filexp.html" && $_REQUEST['HelpFile']) {
if ($_REQUEST['HelpFile']) {
$var['HelpFile'] = $_REQUEST['HelpFile'];
} else {
$var['HelpFile'] = 'file.html';
}
}
if (!$_REQUEST['XUL']) {
$var['atmailstyle'] .= $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-form.css");
}
/*
if($_REQUEST['ajax']) {
$savetext = "<?PHP\n";
$save_list = $_POST['fmp'];
//if (count($save_list)<=0) catcherror ($lna[1013]);
while (@(list($key, $val) = @each($save_list))) {
while (@(list($val_key, $val_value) = @each($val))) {
if ($val_key == 'title' && empty($val_value)) {
break;
}
if (!empty($val_value)) {
$savetext .= "\$fmp_list['{$key}']['{$val_key}']='" . admin_convert($val_value) . "';\n";
}
}
}
//if ($savetext=='') catcherror ($lna[1013]);
if (!writetofile($file['dlist'], $savetext)) {
catcherror("{$lna[66]}" . $file['dlist']);
} else {
catchsuccess($finishok, array($backtofmp_list, $backtofmp_cfg, $backtoplugin));
}
}
include $file['dlist'];
foreach ($fmp_list as $fp_id => $fp_song) {
//$fmp_list_show .= "add_fpRow('{$fp_id}','{$fmp_list[$fp_id][title]}','{$fmp_list[$fp_id][creator]}','{$fmp_list[$fp_id][location]}','{$fmp_list[$fp_id][info]}','{$fmp_list[$fp_id][image]}','{$fmp_list[$fp_id][album]}','{$fmp_list[$fp_id][meta]}')\n";
//$fmp_list_show .= "add_fpRow('{$fp_id}','".htmlspecialchars($fmp_list[$fp_id][title]). "','" .htmlspecialchars($fmp_list[$fp_id][creator]). "','" .htmlspecialchars($fmp_list[$fp_id][location]). "','" .htmlspecialchars($fmp_list[$fp_id][info]). "','" .htmlspecialchars($fmp_list[$fp_id][image]). "','" .htmlspecialchars($fmp_list[$fp_id][album]). "','" .htmlspecialchars($fmp_list[$fp_id][meta])."')\n";
$fmp_list_show .= "\n add_fpRow('-1','{$fp_id}'";
$list_arr = array('title', 'creator', 'location', 'info', 'image', 'album', 'meta');
foreach ($list_arr as $value) {
if (!empty($fmp_list[$fp_id][$value])) {
$fmp_list_show .= ",'" . htmlspecialchars($fmp_list[$fp_id][$value], ENT_QUOTES) . "'";
} else {
$fmp_list_show .= ",''";
function completeOpenID()
{
global $db_defaultsessdir, $db_tmpdir, $config, $lnc;
define('OpenIDFileStorePath', $db_tmpdir . '/openid');
require_once 'openid.php';
if ($db_defaultsessdir != 1) {
session_save_path("./{$db_tmpdir}");
}
session_start();
// Complete the authentication process using the server's response.
$response = $consumer->complete($_GET);
if ($response->status == Auth_OpenID_CANCEL) {
// This means the authentication was cancelled.
catcherror($lnc[316], false);
} else {
if ($response->status == Auth_OpenID_FAILURE) {
$msg = "OpenID authentication failed: " . $response->message;
catcherror($lnc[315] . $msg, false);
} else {
if ($response->status == Auth_OpenID_SUCCESS) {
// This means the authentication succeeded.
$openid = $response->identity_url;
$sreg = $response->extensionResponse('sreg');
//Format openid
$openid = str_replace(array('http://', 'https://'), array('', ''), $openid);
if (substr($openid, -1, 1) == '/') {
$openid = substr($openid, 0, strlen($openid) - 1);
}
return array('openidurl' => $openid, 'sreg' => $sreg);
} else {
catcherror($lnc[315] . 'OpenID Unknown Error.', false);
}
}
}
}
function save_a_text($entry)
{
global $mbcon, $adminlist, $blogversion, $config, $lnc, $permission, $userdetail, $logstat;
if ($entry['property'] >= 2 && $permission['SeeHiddenEntry'] != 1) {
catcherror($lnc[272]);
}
if ($entry['blogpsw'] && $permission['SeeAllProtectedEntry'] != 1 && $userdetail['userid'] != $entry['authorid']) {
catcherror($lnc[272]);
}
$entrytitle = $entry['title'];
$entrytime = gmdate('r', $entry['pubtime'] + 3600 * $config['timezone']);
//Need Further Change
$tmp = $entry['authorid'];
$entryauthor = $adminlist[$tmp];
$entry['content'] = @str_replace('[separator]', '', $entry['content']);
$entry['content'] = @str_replace('[newpage]', '', $entry['content']);
if ($logstat != 1) {
$entry['content'] = preg_replace("/\\[hide\\](.+?)\\[\\/hide\\]/is", "<br/>{$lnc[312]} {$lnc[79]} {$lnc[235]} {$lnc[89]}<br/>", $entry['content']);
} else {
$entry['content'] = str_replace(array('[hide]', '[/hide]'), '', $entry['content']);
}
$entrycontent = $this->getrsscontent($entry['content'], 0, $entry['ubbstat'], 0);
$entrycontent = str_replace(array('<br/>', '</p>', '</div>', '{', '}', ' '), array("\r\n", "\r\n", "\r\n", '{', '}', ' '), $entrycontent);
$entrycontent = strip_tags($entrycontent);
$entrycontent = html_entity_decode($entrycontent, ENT_QUOTES);
$entryurl = "{$config['blogurl']}/" . getlink_entry($entry['blogid'], $entry['blogalias']);
@header('Content-type: text/plain');
@header('Content-Disposition: attachment; filename="' . date('Ymd-His') . '.txt"');
$UTF8BOM = chr(239) . chr(187) . chr(191);
echo "{$UTF8BOM}{$lnc[71]}{$entrytitle}\r\n{$lnc[72]}{$config['blogname']}\r\n{$lnc[73]}{$entrytime}\r\n{$lnc[74]}{$entryauthor}\r\n{$lnc[75]}{$entryurl}\r\n\r\n{$lnc[76]}\r\n{$entrycontent}\r\n\r\n\r\nGenerated by Bo-blog {$blogversion}";
exit;
}
function mailboxsize($query)
{
$db = array();
$result =& $this->dbh->query($query, null, DB_FETCHMODE_ASSOC);
if (DB::isError($result)) {
catcherror($result->getMessage());
}
$num = 0;
while ($fields =& $result->fetchrow()) {
foreach ($fields as $fname => $fvalue) {
$db[$fname] = $fvalue;
if ($fname == "EmailBox") {
$foldername = $fvalue;
$folders[$db['EmailBox']][$num++];
}
}
$msg_len = strlen($db['EmailMessage']) / 1024;
$folders[$db['EmailBox']]['size'] += $msg_len;
$folders[$db['EmailBox']]['size'] = sprintf('%2.1f', $folders[$db['EmailBox']]['size']);
}
}
die($display_overall_plus);
} else {
$display_overall .= $display_overall_plus;
}
}
if ($job == 'urlrewritesave') {
acceptrequest('urlrewritesta');
$urlrewritesta = floor($urlrewritesta);
$savetext = "<?PHP\n\$db_server='{$db_server}';\n\$db_username='******';\n\$db_password='******';\n\$db_name='{$db_name}';\n\$db_prefix='{$db_prefix}';\n\$db_410='{$db_410}';\n\$db_tmpdir='{$db_tmpdir}';\n\$db_defaultsessdir='{$db_defaultsessdir}';\n";
while (@(list($key, $val) = @each($config))) {
if ($key == 'urlrewritemethod') {
$savetext .= "\$config['{$key}']='{$urlrewritesta}';\n";
$saved = 1;
} else {
$savetext .= "\$config['{$key}']='" . admin_convert(stripslashes($val)) . "';\n";
}
}
if ($saved != 1) {
$savetext .= "\$config['urlrewritemethod']='{$urlrewritesta}';\n";
}
if (writetofile("data/config.php", $savetext)) {
if ($ajax == 'on') {
$fetchURL = 'admin.php?go=misc_urlrewrite';
catchsuccessandfetch($lna[1094], $fetchURL);
} else {
catchsuccess($lna[1094], "{$lna[39]}|admin.php");
}
} else {
catcherror($lna[66] . "data/config.php");
}
}
$relatedmods = array('tags' => 'alltags', 'star' => 'starred', 'guestbook' => 'guestbook');
$tosetinvisiblearray = $tosetvisiblearray = array();
while (@(list($key, $val) = @each($save_config))) {
$savetext .= "\$flset['{$key}']='" . admin_convert($val) . "';\n";
if ($relatedmods[$key]) {
if ($val == 1) {
$tosetinvisiblearray[] = $relatedmods[$key];
}
if ($val == 0) {
$tosetvisiblearray[] = $relatedmods[$key];
}
}
}
if ($savetext == '') {
catcherror($lna[1013]);
}
if (writetofile("data/functionlock.php", $savetext)) {
if (sizeof($tosetinvisiblearray) >= 1) {
$allinvisibles = makeaquery($tosetinvisiblearray, "`name`='%s'", 'OR');
$blog->query("UPDATE `{$db_prefix}mods` SET `active`=0 WHERE {$allinvisibles}");
}
if (sizeof($tosetvisiblearray) >= 1) {
$allvisibles = makeaquery($tosetvisiblearray, "`name`='%s'", 'OR');
$blog->query("UPDATE `{$db_prefix}mods` SET `active`=1 WHERE {$allvisibles}");
}
recache_mods();
catchsuccess($finishok, "{$lna[1194]}|admin.php?go=main_funclock");
} else {
catcherror("{$lna[66]}" . "data/functionlock.php");
}
}
</td>
<td class="sectend">{$lna[845]}</td>
</tr>
<tr>
<td colspan=2 class="sect"><br>{$lna[867]}<br><br>
{$lna[868]} {$current_file}
<br><br>{$lna[843]}<br><br></td>
</tr>
</table>
eot;
}
if ($job == 'rssrollback') {
acceptcookie('srcindex,endnumber');
$srcindex = basename($srcindex);
if (!file_exists("bak/{$srcindex}")) {
catcherror($lna[869]);
}
if (strstr($srcindex, '.gz')) {
$rsscontent = @gzreadfromfile("bak/{$srcindex}");
} else {
$rsscontent = readfromfile("bak/{$srcindex}");
}
$array_insert = rssrollback($rsscontent);
if (is_array($array_insert)) {
$i = $maxrecord['maxblogid'];
foreach ($array_insert as $singlevalue) {
$allvalues[] = "('{$i}', '{$singlevalue['title']}', '{$singlevalue['time']}', '{$singlevalue['content']}', '{$endnumber}', '{$userdetail['userid']}', 1, '')";
$i += 1;
}
$all_values = @implode(',', $allvalues);
$sql_query = "INSERT INTO {$db_prefix}blogs (`blogid`, `title`, `pubtime`, `content`, `category`, `authorid`, `htmlstat`, `permitgp`) VALUES {$all_values}";
function search($sort = null, $db = null, $start = 0)
{
if ($db['abookview'] == 'ldap') {
return $this->_search_ldap($db);
}
global $atmail, $pref;
// Init some vars
$h = $users = $results = array();
$extend = '';
if (!is_numeric($start)) {
$start = 0;
}
if (empty($sort)) {
$sort = "Account";
} else {
$sort = Filter::cleanSqlFieldNames($sort);
}
$db['SearchType'] = Filter::stringMatch($db['SearchType'], array('and', 'or'));
if (!$db['SearchType']) {
$db['SearchType'] = 'and';
}
if ($db['SearchType'] == 'or') {
$extend = 'and (';
}
foreach (array('FirstName', 'LastName', 'Account', 'UserWorkCompany', 'UserHomeAddress', 'UserHomeCity', 'UserHomeState', 'UserHomeCountry') as $field) {
// Toggle which database we are using
if ($db['abookview'] == "personal") {
$type = $this->Abook;
}
if ($field == "FirstName" && !empty($db[$field])) {
$extend .= "{$db['SearchType']} {$type}.UserFirstName LIKE " . $this->db->quote("%{$db[$field]}%") . " ";
} elseif ($field == "LastName" && !empty($db[$field])) {
$extend .= "{$db['SearchType']} {$type}.UserLastName LIKE " . $this->db->quote("%{$db[$field]}%") . " ";
} elseif ($field == "Account" && !empty($db[$field])) {
$extend .= "{$db['SearchType']} {$type}.UserEmail LIKE " . $this->db->quote("%{$db[$field]}%") . " ";
} elseif (!empty($db[$field])) {
$extend .= "AND {$type}.{$field} LIKE " . $this->db->quote("%{$db[$field]}%") . " ";
}
$id = $db['id'] ? $db['id'] : 0;
if ($id > 0 && is_numeric($id)) {
$extend .= " AND {$type}.id > {$id} ";
}
//if ($atmail->isset_chk($db['limit']) && is_numeric($db['limit']))
// $limit = "LIMIT {$db['limit']}";
//else
// $limit = "LIMIT 300";
$limit = "LIMIT {$start},{$this->limit}";
$db[$field] = $this->db->quote("%{$db[$field]}%");
}
if ($db['abookview'] == "personal") {
// If there is no search query, specify a default searching for valid email-accounts
if (!$extend) {
$extend = " AND UserEmail LIKE '%@%'";
} elseif ($db['SearchType'] == 'or') {
$extend = str_replace('and (or', 'and (', $extend);
$extend .= ')';
}
$results['FullTotal'] = $this->db->sqlgetfield("SELECT COUNT(id)\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM {$this->Abook}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE Account = {$this->Account_Escape} {$extend}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY {$this->Abook}.{$sort}");
// Search the users Personal addressbook only
$users = $this->db->sqlarray("SELECT id\n\t\t\t\t\t\t\t\t\t\t FROM {$this->Abook}\n\t\t\t\t\t\t\t\t\t\t WHERE Account = {$this->Account_Escape} {$extend}\n\t\t\t\t\t\t\t\t\t\t ORDER BY {$this->Abook}.{$sort} {$limit}");
} else {
catcherror('Unknown search supplied');
}
foreach ($users as $id) {
$id = stripslashes($id);
$id_escape = $this->db->quote($id);
$h = $this->db->sqlhash("SELECT UserEmail, UserFirstName, UserLastName, UserGender, id,\n\t\t \t\t\t\t\t\t UserWorkPhone, UserHomePhone\n\t\t \t\t\t\t\t\t FROM {$this->Abook}\n\t\t \t\t\t\t\t\t WHERE id = {$id_escape}");
// The UserEmail is the unique identifier for the personal addressbook
$h['Account'] = $h['UserEmail'];
if (!$h['Account']) {
continue;
}
foreach ($h as $k => $v) {
if ($pref['iconv'] && defined('ICONV_VERSION')) {
$results[$id][$k] = iconv("utf-8", "utf-8", $v);
} else {
$results[$id][$k] = $v;
}
}
// Escape ' in users First/Last name - Otherwise breaks the JS function
$results[$id]['FirstName'] = addslashes($results[$id]['FirstName']);
$results[$id]['LastName'] = addslashes($results[$id]['LastName']);
}
// do we want to autocomplete using ldap server?
if ($pref['autocomplete_ldap_entries']) {
$db['abookview'] = 'ldap';
$db['Account'] = str_replace('%', '', $db['Account']);
$db['Account'] = str_replace("'", '', $db['Account']);
$db['FirstName'] = str_replace('%', '', $db['FirstName']);
$db['FirstName'] = str_replace("'", '', $db['FirstName']);
$db['LastName'] = str_replace('%', '', $db['LastName']);
$db['LastName'] = str_replace("'", '', $db['LastName']);
$ldap_results = $this->_search_ldap($db);
$max_id = $this->db->sqlarray("SELECT max(id)\n\t FROM {$this->Abook}\n\t WHERE Account = {$this->Account_Escape} {$extend}\n\t ORDER BY {$this->Abook}.{$sort} {$limit}");
$i = $max_id[0] + 1;
foreach ($ldap_results as $ldap_entry) {
$temp['UserEmail'] = $ldap_entry['Account'];
$temp['UserFirstName'] = $ldap_entry['UserFirstName'];
$temp['UserLastName'] = $ldap_entry['UserLastName'];
$temp['id'] = $i;
$results[$i] = $temp;
$i += 1;
}
$results['FullTotal'] += count($ldap_results);
}
return $results;
}
}
$ping_show = @explode(' ', $pinged);
for ($i = 0; $i < count($ping_show); $i++) {
$ping_urls .= "<input type='hidden' name='pingurl[]' value='{$ping_show[$i]}'>";
}
$ping_url_show = @implode('<br>', $ping_show);
$form = "<div align=center><form action='admin.php?go=edit_sendtb' method='post'><input type='hidden' name='title' value=\"{$title}\"><input type='hidden' name='excerpt' value=\"{$excerpt}\"><input type='hidden' name='blog_name' value=\"{$config['blogname']}\"><input type='hidden' name='url' value='{$config['blogurl']}/" . get_entry_url($currentid, $blogalias) . "'>{$ping_urls}<input type='submit' value='{$lna[310]}' class='formbutton'> <input type='button' value='{$lna[311]}' onclick='window.location=(\"" . get_entry_url($currentid, $blogalias) . "\");' class='formbutton'></form></div>";
$t = new template();
$t->showtips($lna[312], $lna[313] . $ping_url_show . "<br><br>{$lna[314]}<br><br>" . $form, "{$backtowhere}|" . get_entry_url($currentid, $blogalias));
}
}
if ($job == 'sendtb') {
checkpermission('EditEntry');
acceptrequest('title,excerpt,url,blog_name,pingurl');
if (!is_array($pingurl)) {
catcherror($lna[315]);
}
plugin_runphp('trackbacksending');
@header("Content-Type: text/html; charset=utf-8");
$url = str_replace('{host}', $_SERVER['HTTP_HOST'], $url);
foreach ($pingurl as $durl) {
$result = sendping($durl, $title, $excerpt, $url, $blog_name);
if (!$result) {
$showp .= "<b>{$lna[316]}</b>{$durl} ; <b>{$lna[317]}</b>{$lna[318]}";
} elseif ($result == 'ok') {
$showp .= "<b>{$lna[316]}</b>{$durl} ; <b>{$lna[317]}</b>{$lna[319]}<br>";
} elseif ($result == 'unknown') {
$showp .= "<b>{$lna[316]}</b>{$durl} ; <b>{$lna[317]}</b>{$lna[949]}<br>";
} else {
$showp .= "<b>{$lna[316]}</b>{$durl} ; <br><b>{$lna[317]}</b>{$lna[950]}{$result}<br>";
}
function smtperror($msg)
{
global $pref, $atmail;
if ($this->IgnoreError) {
return;
}
// Find the origin of the script
$location = $_SERVER['SCRIPT_NAME'];
if (strpos($location, 'admin.php')) {
$location = "{$location}?func={$_REQUEST['func']}";
}
// If a send message errors on the compose screen, reload the email message
// and print a Javascript alert to the browser
$editor = $atmail->isset_chk($_REQUEST['HtmlEditor']) ? $_REQUEST['HtmlEditor'] : '2';
if (strpos($location, 'sendmail.php') !== false) {
$path = time() . getmypid() . "err";
// Redirect the user to the compose screen, with their email intact
$location = "compose.php?spellcheck={$path}&func=spellcheck&HtmlEditor={$editor}&unique=" . $_REQUEST['unique'];
$fh = fopen($atmail->tmpdir . "/{$path}", 'w');
if (!is_resource($fh)) {
catcherror("Could not open {$atmail->tmpdir}/{$path}");
}
$tmp = array();
// Create a temp hash containing our vars
foreach (array('emailto', 'emailsubject', 'emailcc', 'emailbcc', 'contype') as $v) {
$tmp[$v] = $_REQUEST[$v];
}
// Print the email message, raw headers, encoding will be set 100%
fwrite($fh, $this->headers . "\r\nBcc: {$tmp['emailbcc']}\r\n" . "\r\n\r\n" . $this->body);
fclose($fh);
}
print $atmail->parse("html/english/errorsmtp.html", array('error' => $msg, 'location' => $location));
exit;
}
$repid = $selid;
} else {
$repid = $itemid;
}
if (empty($job)) {
$job = 'default';
}
if ($job == 'addadminreply' || $job == 'editadminreply') {
if ($permission['ReplyReply'] != 1) {
$cancel = $lna[345];
}
catcherror($cancel);
acceptrequest('adminreplycontent');
$adminreplycontent = trimplus($adminreplycontent);
if ($adminreplycontent == '') {
catcherror($lna[346]);
}
$adminreplycontent = safe_convert($adminreplycontent);
$currenttime = time();
if ($logstat == 0) {
$userdetail['username'] = $lna[901];
}
if ($job == 'editadminreply') {
$queryplus = "`adminrepeditorid`='{$userdetail['userid']}', `adminrepeditor`='{$userdetail['username']}', `adminrepedittime`='{$currenttime}'";
} else {
$queryplus = "`adminreplier`='{$userdetail['username']}', `adminrepid`='{$userdetail['userid']}',`adminreptime`='{$currenttime}'";
}
$blog->query("UPDATE `{$db_prefix}replies` SET `adminrepcontent`='{$adminreplycontent}' , {$queryplus} WHERE `repid`='{$repid}'");
if ($ajax != 'on') {
catchsuccess($finishok2, array($backtoprevious, $backtoindex, $backtodefault));
} else {
function mod_replace($name, $value, $mustchange = false)
{
global $lnc;
$filename = "data/modules.php";
$filecontent = @file($filename);
$changed = false;
for ($i = 0; $i < count($filecontent); $i++) {
if (strstr($filecontent[$i], "\$blogitem['{$name}']=")) {
$filecontent[$i] = $value;
$changed = true;
break;
}
}
if ($mustchange && !$changed) {
$filecontent[] = $value;
}
$newfilecontent = @implode('', $filecontent);
if (writetofile($filename, $newfilecontent)) {
return true;
} else {
catcherror($lnc[7] . $filename);
}
}
<td colspan=2 align=center class="sectbar">
{$lna[211]} <!--<input type=radio name='opt' value='combine'>{$lna[212]}<input type=text size=6 name='newtagname'> --> <input type=radio name='opt' value='del'>{$lna[78]} <input type=radio name='opt' value='counttags'><acronym title="{$lna[1184]}">{$lna[1183]}</acronym></a> <input type=button value="{$lna[64]}" class='formbutton' onclick="adminSubmitAjax(1);">
</td></tr>
</table>
</form>
eot;
if ($ajax == 'on') {
die($display_overall_plus);
} else {
$display_overall .= $display_overall_plus;
}
}
if ($job == 'batchtags') {
acceptrequest('selid,opt');
if (!is_array($selid)) {
catcherror($lna[213]);
}
if ($opt == 'del') {
for ($i = 0; $i < count($selid); $i++) {
$blog->query("UPDATE `{$db_prefix}blogs` SET tags=replace(tags, '>{$selid[$i]}>', '>')");
$blog->query("DELETE FROM `{$db_prefix}tags` WHERE `tagname`='{$selid[$i]}'");
}
}
if ($opt == 'counttags') {
$all_tagentries = $blog->getarraybyquery("SELECT `tags` FROM `{$db_prefix}blogs` WHERE tags<>'' AND tags<>'>'");
$all_tag_lists = @implode('', $all_tagentries['tags']);
$all_tag_lists = @explode('>', $all_tag_lists);
$counted_list = array_count_values($all_tag_lists);
for ($i = 0; $i < count($selid); $i++) {
$to_update_tag = $selid[$i];
$to_update_value = floor($counted_list[$to_update_tag]);
Offical site: http://www.bo-blog.com
Copyright (c) Bob Shen 中国-上海
In memory of my university life
------------------------------------------------------- */
if (!defined('VALIDREQUEST')) {
die('Access Denied.');
}
if ($job == 'user') {
checkpermission('ViewUserDetail');
include_once "data/cache_usergroup.php";
if ($itemid === '') {
catcherror($lnc[193]);
}
$nowuser = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE `userid`='{$itemid}'");
if (!$nowuser) {
catcherror($lnc[193]);
}
$usergp_tmp = $nowuser['usergroup'];
$tmp_gender = $nowuser['gender'];
$nowuser['email'] = trim($nowuser['email']) == '' ? $lnc[141] : "<a href=\"mailto:{$nowuser['email']}\">{$lnc[18]}</a>";
$nowuser['homepage'] = trim($nowuser['homepage']) == '' ? $lnc[141] : "<a href=\"{$nowuser['homepage']}\" target=\"_blank\">{$lnc[19]}</a>";
$t = new template();
$formbody .= $t->set('form_eachline', array('text' => $lnc[132], 'formelement' => $nowuser['username'] . " [" . $usergp[$usergp_tmp] . "]"));
$formbody .= $t->set('form_eachline', array('text' => $lnc[139], 'formelement' => $nowuser['email']));
$formbody .= $t->set('form_eachline', array('text' => $lnc[140], 'formelement' => $nowuser['homepage']));
$sex_sel = array('0' => $lnc[141], '1' => $lnc[142], '2' => $lnc[143]);
$formbody .= $t->set('form_eachline', array('text' => $lnc[144], 'formelement' => $sex_sel[$tmp_gender]));
$formbody .= $t->set('form_eachline', array('text' => $lnc[145], 'formelement' => stripslashes($nowuser['qq'])));
$formbody .= $t->set('form_eachline', array('text' => 'MSN', 'formelement' => stripslashes($nowuser['msn'])));
$formbody .= $t->set('form_eachline', array('text' => 'Skype', 'formelement' => stripslashes($nowuser['skype'])));
$formbody .= $t->set('form_eachline', array('text' => $lnc[146], 'formelement' => stripslashes($nowuser['fromplace'])));
function escape_html($string, $extended = true)
{
// Check any XSS and alert
if (preg_match('/<SCRIPT|document.cookie|<\\/script>/i', $string)) {
$this->log->write_log('Error', "XSS Alert : {$_SERVER['SCRIPT_NAME']} : {$string}");
catcherror("Security Alert: IP address {$_SERVER['REMOTE_ADDR']} logged - XSS Attack detected");
}
if ($extended) {
// Escape <> chars
$string = str_replace('<', '<', $string);
$string = str_replace('>', '>', $string);
// Change () to the Hex vlaues
$string = str_replace('(', '(', $string);
$string = str_replace(')', ')', $string);
// Change # , & to the Hex values
$string = str_replace('#', '#', $string);
$string = str_replace('&', '&', $string);
}
return $string;
}
/**
* Parse it as a MIME message
*
* @param int $id message id
* @param string $folder
* @param string [$nopersonalities]
* @param string [$cache]
*
* @access public
*/
function reademail($id, $folder, $nopersonalities = null, $cache = null, $path = null)
{
global $atmail, $domains, $pref;
// Load our temporary filename
$this->tmpdir = "{$pref['user_dir']}/tmp/" . $this->Username . '@' . $this->Pop3host . "/";
// Create our temporary directory, if its missing, init in Global.php
if (!is_dir($this->tmpdir)) {
mkdir($this->tmpdir, 0777);
}
if (!$this->File && $cache) {
$this->File = GetMail::check_cache($atmail->tmpdir . "/{$this->SessionID}-{$cache}.data");
// Set to blank if the cache no longer exists
//if(!file_exists($this->File))
// $this->File = '';
}
// Read our email from the server
if (!is_string($this->File)) {
if (!$nopersonalities && isset($atmail)) {
$this->FromField = $atmail->loadpersonalities();
}
$status = $this->mail->login();
// We have an error while logging in. Tell the user
if ($status) {
$this->status = $status;
return;
}
if (is_null($path)) {
$this->path = $this->mail->get($id, $folder, '', $cache);
} else {
$this->path = $path;
}
$this->mail->quit();
if ($this->Type == 'imap') {
$this->MessageState = $this->mail->MessageState;
}
// User has specified the msg from the spellchecker
} else {
if (file_exists($atmail->tmpdir . "/{$this->File}")) {
$this->path = $atmail->tmpdir . "/{$this->File}";
$this->MessageState = 'o';
} else {
if (file_exists($this->File)) {
$this->path = $this->File;
$this->MessageState = 'o';
}
}
}
// Just to be sure nobody is reading below a directory
$this->path = str_replace('../', '', $this->path);
$this->parser = new MailParser();
if (!is_dir($this->tmpdir)) {
mkdir($this->tmpdir, 0777);
}
// Users have their own mime-tmp directory
if (!$this->parser->output_dir($this->tmpdir)) {
catcherror("Could not parse message to temp directory '{$this->tmpdir}' -\n\t Check the directory exists with permissions to write");
}
if (!$this->parser->parse_open($this->path)) {
$this->txt = array_pop($this->parser->errors);
return;
}
if ($this->rawemail) {
$this->rawbody = $this->parser->stringify();
$this->rawbody = str_replace("\r/", "\r\n", $this->rawbody);
return;
}
if ($this->head) {
$this->headers = $this->parser->stringify_header();
$this->headers = str_replace(array('<', '>'), array('<', '>'), $this->headers);
}
$this->Charset = $this->parser->get_charset();
// Get any mail headers
$this->from = $this->parser->get_header_field('From');
$this->replyto = $this->parser->get_header_field('Reply-To');
if (preg_match('/(.*?)<.*?>/', $this->from, $match)) {
$this->username = $match[1];
}
// Default to our previous subject in msg, if it does not exist. e.g , reading
// a msg with multiple attachments
$this->subject = $this->parser->get_header_field('Subject');
if ($this->subject == '') {
$this->subject = 'No Subject';
}
$this->cc = $this->parser->get_header_field('CC');
$this->bcc = $this->parser->get_header_field('BCC');
$this->to = $this->parser->get_header_field('To');
$this->VideoMail = $this->quote_header($this->parser->get_header_field('X-VideoMail'));
if ($this->VideoMail) {
$this->VideoMail .= "/mini";
}
// Quote any ISO headers
foreach (array('from', 'replyto', 'subject', 'to', 'cc', 'bcc') as $field) {
// Store the encoding of the email-message
if (preg_match('/\\s*=\\?([^\\?]+)\\?([QqBb])/', $this->{$field}, $match)) {
$this->Encoding = $match[1];
if (strtoupper($match[2]) == 'Q') {
$this->{$field} = preg_replace('/\\s*=\\?([^\\?]+)\\?[Qq]\\?([^\\?]+)?\\?=/e', "\$this->mail->decode_language('\\1', GetMail::decode_mime_head('\\1', stripslashes('\\2')))", $this->{$field});
} else {
$this->{$field} = preg_replace('/\\s*=\\?([^\\?]+)\\?[Bb]\\?([^\\?]+)?\\?=/e', "\$this->mail->decode_language('\\1', base64_decode('\\2'))", $this->{$field});
}
} else {
$this->{$field} = $this->mail->decode_language($this->Charset, $this->{$field});
}
}
$this->date = $this->parser->get_header_field('Date');
$date = $this->date ? $this->date : 'today';
$date = $this->mail->calc_timezone($date);
$time = strtotime($date);
if ($this->Language == "japanese") {
setlocale(LC_TIME, 'ja_JP.UTF-8', 'en_US');
$this->date = strftime("{$this->mail->DateFormat} %a {$this->mail->TimeFormat}", $time);
} else {
setlocale(LC_TIME, strtolower($this->Language), 'en_US');
$this->date = strftime("%a " . $this->mail->DateFormat . " " . $this->mail->TimeFormat, $time);
$this->date = iconv('iso-8859-1', "UTF-8", $this->date);
}
// Take away the timezone and seconds
$this->date = preg_replace('/:\\d\\d \\+?-?\\d{4}.*/', '', $this->date);
$this->ctype = $this->parser->get_header_field('Content-Type');
list($this->mimetype) = explode(';', $this->ctype);
$this->mimetype = strtolower(trim($this->mimetype));
if ($this->mimetype == 'text/html') {
$this->type = 'HTML Msg';
} elseif ($this->mimetype == 'multipart/alternative') {
$this->type = 'Embeded HTML/Text';
} elseif (strpos($this->mimetype, 'multipart') !== false) {
$this->type = 'Attachments';
} else {
$this->type = 'Text';
}
// If we are using the maildir format, the message-id number if the unique id
if ($this->mail->Type == 'file' && $domains[$this->Pop3host]) {
$this->UIDL = $id;
$this->UIDL = preg_replace('/cur\\/|new\\//', '', $this->UIDL);
} else {
if (!($this->UIDL = $this->parser->get_header_field('x-uidl'))) {
$this->UIDL = $this->parser->get_header_field('message-id');
}
// Make the UIDL header from the Subject/Date if the Message-ID or XUIDL does not exist
if (!$this->UIDL) {
$this->UIDL = md5($this->subject . $this->parser->get_header_field('date'));
}
}
// Take away illegal characters from the UIDL
$this->UIDL = str_replace("'", '"', $this->UIDL);
$this->UIDL = str_replace('"', '', $this->UIDL);
$this->UIDL = preg_replace('/:.*/', '', $this->UIDL);
$this->UIDL = str_replace(array("\n", "\r", ' ', ':', '+', '<', '>', '*', '|', '\\', '/', '>', '<'), '', $this->UIDL);
if ($this->Type == 'pop3' || $this->Type == 'imap') {
$this->EmailCache = $this->UIDL;
}
// Take away any newlines from the UIDL
$this->UIDL = trim($this->UIDL);
// Set the email priority as Normal, otherwise find the value in the header(s)
$this->priority = 'Normal';
if (substr($this->parser->get_header_field('x-priority'), 0, 1) == 1 || $this->parser->get_header_field('X-MSMail-Priority') == 'High' || $this->parser->get_header_field('Importance') == 'High') {
$this->priority = 'High';
}
if (substr($this->parser->get_header_field('x-priority'), 0, 1) == 5 || $this->parser->get_header_field('X-MSMail-Priority') == 'Low' || $this->parser->get_header_field('Importance') == 'Low') {
$this->priority = 'Low';
}
if (preg_match("/{$this->emailexp}/", $this->from, $match)) {
$this->emailfrom = $match[1];
}
$this->emailfrom = str_replace(array('>', '<'), '', $this->emailfrom);
// Cleaup the email, take away " signs, which close the HTML input tag
//$this->to = preg_replace('/"(.*?),(.*?)"/', '$1 $2', $this->to);
//$this->cc = preg_replace('/"(.*?),(.*?)"/', '$1 $2', $this->cc);
//$this->to = str_replace('"', "'", $this->to);
//$this->cc = str_replace('"', "'", $this->cc);
//$this->bcc = str_replace('"', "'", $this->bcc);
//$this->ctype = $this->parser->get_header_field('Content-Type');
// See if we are permitted to display images in messages
if (isset($atmail)) {
$this->DisplayImages = $atmail->load_displayimages();
if ($atmail->DisplayImages == '2') {
$atmail->DisplayImages = $atmail->load_abook_emails($this->emailfrom);
}
}
$this->dump_entity();
if (isset($this->multiparttxt) && !empty($this->multiparttxt)) {
$this->multiparttxt = $atmail->escape_jscript($this->multiparttxt);
}
if (isset($this->html) && !empty($this->html)) {
$this->html = $atmail->escape_jscript($this->html);
if (isset($this->multiparttxt)) {
$this->html .= $this->multiparttxt;
}
}
if (isset($this->txt) && !empty($this->txt)) {
$this->txt = $atmail->escape_jscript($this->txt);
if (isset($this->multiparttxt)) {
$this->txt .= $this->multiparttxt;
}
}
$this->scan_inline();
// Fix an error where certain messages cannot be displayed ( e.g Apple mailers as multipart msgs )
if (!$this->html && !$this->txt) {
$this->txt = $this->multiparttxt;
}
}
$itemid = floor($itemid);
$blog->query("DELETE FROM `{$db_prefix}pages` WHERE `pageid`='{$itemid}'");
$blog->query("DELETE FROM `{$db_prefix}mods` WHERE `name`='pageshortcut{$itemid}' AND `position`='header'");
mod_replace('pageshortcut{$itemid}', '');
recache_mods();
if ($ajax == 'on') {
catchsuccessandfetch($lna[1095], 'admin.php?go=entry_pagemanage');
} else {
catchsuccess($lna[1095], "{$lna[1057]}|admin.php?go=entry_pagemanage");
}
}
if ($opt == 'del') {
if ($selid == '') {
catcherror($lna[337]);
}
$batch_id = makeaquery($selid, "`pageid`='%s'", 'OR');
$batch_id2 = makeaquery($selid, "`name`='pageshortcut%s'", 'OR');
$blog->query("DELETE FROM `{$db_prefix}pages` WHERE {$batch_id}");
$blog->query("DELETE FROM `{$db_prefix}mods` WHERE {$batch_id2}");
foreach ($selid as $singleid) {
mod_replace('pageshortcut{$singleid}', '');
}
recache_mods();
if ($ajax == 'on') {
catchsuccessandfetch($lna[1095], 'admin.php?go=entry_pagemanage');
} else {
catchsuccess($lna[1095], "{$lna[1057]}|admin.php?go=entry_pagemanage");
}
}
catcherror($lna[965]);
}
function savemsg($arg)
{
// Find the size of the message on disk if no EmailSize defined
if ($arg['EmailFile']) {
$arg['EmailSize'] = filesize($arg['EmailFile']);
} else {
$arg['EmailSize'] = strlen($arg['EmailMessage']);
}
// Insert the message into the EmailDatabase table (header info only)
$query = "INSERT INTO {$this->EmailDatabase}\n\t\t\t\t (EmailSubject, EmailTo, EmailFrom, EmailDate, EmailBox,\n\t\t\t\t EmailFlag, EmailAttach, EmailSize, Account,EmailUIDL)\n\t\t\t\t VALUES (? , ? , ? , ? , ? , ?, ?, ?, ?, ?) ";
$data = array($arg['EmailSubject'], $arg['EmailTo'], $arg['EmailFrom'], $arg['EmailDate'], $arg['EmailBox'], $arg['EmailFlag'], $arg['EmailAttach'], $arg['EmailSize'], $arg['Account'], $arg['EmailUIDL']);
$result =& $this->dbh->query($query, $data);
unset($data);
if (DB::isError($result)) {
if ($this->debug) {
file_put_contents("php://stderr", "SQL Error = " . $result->getMessage() . " - " . $result->getUserInfo() . "\n");
}
return false;
}
// Get the unique ID key from the EmailDatabase table, from the last Insert
$key = $this->getid();
// Insert the actual message into another table, referenced by the id
$query = "INSERT INTO {$this->EmailMessage} (EmailMessage, id) VALUES (? , ?)";
$data = array();
// if the user specified an email file
if (isset($arg['EmailFile'])) {
if (!($emailfile = file_get_contents($arg['EmailFile']))) {
catcherror("Cannot open {$arg['EmailFile']}\n");
}
$data[] = $emailfile;
} else {
$data[] = $arg['EmailMessage'];
}
$data[] = $key;
$result = $this->dbh->query($query, $data);
// if the email was incorrectly inserted into the database
if (DB::isError($result)) {
if ($this->debug) {
file_put_contents("php://stderr", "SQL Error = " . $result->getMessage() . " - " . $result->getUserInfo() . "\n");
}
$data = array($key, $arg['Account']);
$query = "DELETE FROM {$this->EmailDatabase} WHERE id=? AND Account=?";
$this->dbh->query($query, $data);
return false;
}
return true;
}