Пример #1
0
$backtofmp_list = "{$lanfp[0]}{$lanfp[13]}{$lanfp[1]}|admin.php?act={$page['list']}";
acceptrequest('configjob');
if ($configjob == 'save_config') {
    $savetext = "<?PHP\n";
    $save_config = $_POST['prefconfig'];
    if (count($save_config) <= 1) {
        catcherror($lna[1013]);
    }
    while (@(list($key, $val) = @each($save_config))) {
        $savetext .= "\$fmp_cfg['{$key}']='" . admin_convert($val) . "';\n";
    }
    if ($savetext == '') {
        catcherror($lna[1013]);
    }
    if (!writetofile($file['dcfg'], $savetext)) {
        catcherror("{$lna[66]}" . $file['dcfg']);
    } else {
        catchsuccess($finishok, array($backtofmp_cfg, $backtofmp_list, $backtoplugin));
    }
}
$plugin_header = <<<eot
<style type="text/css">
.pd3 {
\tpadding:2px;
}
</style>
eot;
$pref_leftchar = "200";
$pref_variable = "fmp_cfg";
include $file['dcfg'];
$ow = array("?", "=", "&");
Пример #2
0
<div style='visibility: hidden'><input type=submit value="{$lna[64]}" id='realsubmit' class='formbutton'></div>
</form>
eot;
}
if ($job == 'store' || $job == 'restore') {
    acceptrequest('pagetitle,closesidebar,html,ubb,emot,useeditor,pagealias,addshortcut,shortcuttarget,shortcutname', 0, 'post');
    //Get content
    $content = $_POST['content'];
    //If magic quotes is on, strip the slashes automatically added
    if ($mqgpc_status == 1) {
        $content = stripslashes($content);
    }
    if ($pagetitle == '' || $content == '') {
        $cancel = $lna[307];
    }
    catcherror($cancel);
    $closesidebar = @floor($closesidebar);
    $htmlstat = @floor($html);
    $ubbstat = @floor($ubb);
    $emotstat = @floor($emot);
    $pageid = @floor($id);
    if ($autobr == 0) {
        $content = str_replace("\r", '', $content);
        //Disable auto linebreak in WYSIWYG editors
    }
    if ($callaftersubmit) {
        $content = call_user_func($callaftersubmit, $content);
    }
    $content = preg_replace("/\\[php\\](.+?)\\[\\/php\\]/ise", "phpcode3('\\1')", $content);
    if ($htmlstat != 1 || $permission['Html'] != 1) {
        $content = preg_replace("/\\[code\\](.+?)\\[\\/code\\]/ise", "phpcode2('\\1')", $content);
Пример #3
0
if ($job == 'ajaxverify') {
    acceptrequest('savecookie,securitycode');
    $savecookie = floor($savecookie);
    if ($config['loginvalidation'] == 1) {
        if ($db_defaultsessdir != 1) {
            session_save_path("./{$db_tmpdir}");
        }
        session_cache_limiter("private, must-revalidate");
        session_start();
        if ($securitycode == '' || strtolower($securitycode) != strtolower($_SESSION['code'])) {
            catcherror($lnc[165]);
        }
    }
    $password = md5($_POST['password']);
    $username = safe_convert(mystrtolower($_POST['username']));
    $try = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$username}' AND `userpsw`='{$password}'");
    if (!is_array($try)) {
        catcherror($lnc[166]);
    } else {
        $userid = $try['userid'];
        catchsuccess("{$userid}-{$password}-{$savecookie}");
    }
}
if ($job == 'ajaxloginsuccess') {
    if ($permission['CP'] == 1) {
        $destine = array("{$lnc[163]}|index.php", "{$lnc[107]}|admin.php");
    } else {
        $destine = "{$lnc[163]}|index.php";
    }
    catchsuccess("{$lnc[167]} " . $userdetail['username'], $destine);
}
Пример #4
0
    announcebar();
    $iftoppage = $mbcon['pagebarposition'] == 'down' ? 'none' : 'block';
    $ifbottompage = $mbcon['pagebarposition'] == 'up' ? 'none' : 'block';
    $bodymenu = $t->set('mainpage', array('pagebar' => $pagebar, 'iftoppage' => $iftoppage, 'ifbottompage' => $ifbottompage, 'ifannouncement' => $ifannouncement, 'topannounce' => $topannounce, 'mainpart' => $section_body_main, 'currentpage' => $pageitems['currentpage'], 'previouspageurl' => $pageitems['previouspageurl'], 'nextpageurl' => $pageitems['nextpageurl'], 'turningpages' => $pageitems['turningpages'], 'totalpages' => $pageitems['totalpages'], 'previouspageexists' => $pageitems['previouspageexists'], 'nextpageexists' => $pageitems['nextpageexists']));
    $pagetitle = "Tags - ";
}
if ($job == 'show') {
    acceptrequest('mode');
    if ($mode == 1 || $mode == 2) {
        $mbcon['tag_list'] = $mode - 1;
    } else {
        $mode = $mbcon['tag_list'] + 1;
    }
    $m_b = new getblogs();
    if ($tag === '') {
        catcherror($lnc[192]);
    }
    $tag = str_replace('&#039;', "\\'", $tag);
    $allentries = $blog->getgroupbyquery("SELECT * FROM `{$db_prefix}tags` WHERE `tagname`='{$tag}' LIMIT 0,1");
    if (!is_array($allentries[0]) || $allentries[0]['tagentry'] == '<end>' || $allentries[0]['tagcounter'] == 0) {
        $section_body_main[] = "<br/><div align='center'><span style='font-size: 14px;'>{$lnc[186]}</span></div><br/>";
    } else {
        $taginfo = $allentries[0];
        $entries_query = str_replace(',<end>', '', $taginfo['tagentry']);
        $entries_query = str_replace('<tag>,', '', $entries_query);
        $partialquery = "WHERE `blogid` IN ({$entries_query}) AND `property`<'2' ORDER BY  `sticky` DESC, `pubtime` DESC";
        if ($mbcon['tag_list'] == 1) {
            $records = $m_b->new_record_array($partialquery, $mbcon['listitemperpage'], $page);
            $listbody = $m_b->make_excerption($records, 'list');
            $section_body_main[] = $m_b->make_list(@implode('', $listbody));
            $perpagevalue = $mbcon['listitemperpage'];
Пример #5
0
$backtolightconfig = "dp.SyntaxHighlighter For UBB|admin.php?act={$act}";
acceptrequest('configjob');
if ($configjob == 'save') {
    $savetext = "<?PHP\n";
    $save_config = $_POST['prefconfig'];
    if (count($save_config) <= 1) {
        catcherror($lna[1013]);
    }
    while (@(list($key, $val) = @each($save_config))) {
        $savetext .= "\$dp_config['{$key}']='" . admin_convert($val) . "';\n";
    }
    if ($savetext == '') {
        catcherror($lna[1013]);
    }
    if (!writetofile("plugin/{$act}/config.php", $savetext)) {
        catcherror("{$lna[66]}" . "plugin/{$act}/config.php");
    } else {
        catchsuccess($lanic[$select_include_n] . $lanic[9], array($backtoplugin, $backtolightconfig));
    }
}
$pref_leftchar = "200";
$pref_variable = "dp_config";
include "plugin/{$act}/config.php";
addpref("r", "Cpp|C|{$lna[511]}|{$lna[512]}");
addpref("r", "CSharp|C#|{$lna[511]}|{$lna[512]}");
addpref("r", "Vb|Visual Basic|{$lna[511]}|{$lna[512]}");
addpref("r", "Delphi|Delphi|{$lna[511]}|{$lna[512]}");
addpref("r", "Python|Python|{$lna[511]}|{$lna[512]}");
addpref("r", "Ruby|Ruby|{$lna[511]}|{$lna[512]}");
addpref("r", "Java|JAVA|{$lna[511]}|{$lna[512]}");
addpref("r", "Sql|SQL|{$lna[511]}|{$lna[512]}");
Пример #6
0
     for ($i = 0; $i < count($wlink); $i++) {
         $link = @explode('<|>', $wlink[$i]);
         if (@in_array($link[1], $selid)) {
             $wlink[$i] = '';
         }
         unset($link);
     }
     $allnow = @implode('', $wlink);
     if ($allnow == '') {
         @unlink($filename);
     } else {
         writetofile($filename, $allnow);
     }
 } elseif ($opt == 'accept' || $opt == 'textonly') {
     if ($newlinkgptoid === '') {
         catcherror($lna[264]);
     } else {
         $newlinkgptoid = floor($newlinkgptoid);
     }
     $linkid = $maxrecord['maxlinkid'];
     for ($i = 0; $i < count($wlink); $i++) {
         $link = @explode('<|>', $wlink[$i]);
         if (@in_array($link[1], $selid)) {
             $linklogo = $opt == 'textonly' ? '' : $link[4];
             $linkid += 1;
             $plinkout[] = "('{$linkid}', '{$link[2]}', '{$link[3]}', '{$linklogo}', '{$link[5]}', '{$newlinkgptoid}', '{$linkid}', '1', '', '')";
             $wlink[$i] = '';
         }
         unset($link);
     }
     $link_query = @implode(',', $plinkout);
Пример #7
0
Bo-Blog 2 : The Blog Reloaded.
<<A Bluview Technology Product>>
禁止使用Windows记事本修改文件,由此造成的一切使用不正常恕不解答!
PHP+MySQL blog system.
Code: Bob Shen
Offical site: http://www.bo-blog.com
Copyright (c) Bob Shen 中国-上海
In memory of my university life
------------------------------------------------------- */
if (!defined('VALIDREQUEST')) {
    die('Access Denied.');
}
acceptrequest('pageid,pagealias');
$itemid = $pagealias ? safe_convert($pagealias) : floor($pageid);
$m_b = new getblogs();
$records = $pagealias ? $m_b->getgroupbyquery("SELECT * FROM `{$db_prefix}pages` WHERE `pagealias`='{$itemid}'") : $m_b->getgroupbyquery("SELECT * FROM `{$db_prefix}pages` WHERE `pageid`='{$itemid}'");
if (is_array($records)) {
    $section_body_main = $m_b->output_page($records[0]);
} else {
    catcherror($lnc[186]);
}
//Load plugins
$section_body_main[0] = plugin_get('custompagebegin') . $section_body_main[0];
$section_body_main[] = plugin_get('custompageend');
$plugin_closesidebar = $records[0]['closesidebar'] == 1 ? 0 : 1;
if ($plugin_closesidebar == 1) {
    $elements['mainpage'] = str_replace("class=\"content\"", "class=\"content-wide\"", $elements['mainpage']);
}
$ifannouncement = "none";
$bodymenu = $t->set('mainpage', array('pagebar' => '', 'iftoppage' => 'none', 'ifbottompage' => 'none', 'ifannouncement' => 'none', 'topannounce' => '', 'mainpart' => @implode('', $section_body_main), 'previouspageexists' => '', 'nextpageexists' => ''));
$pagetitle = "{$records[0]['pagetitle']} × ";
Пример #8
0
    }
    $savelnum = @explode(',', $newlnums);
    $saveldesc = @explode(',', $newldescs);
    $savedata = $savedata2 = "<?php\n";
    for ($i = 0; $i < count($savelnum); $i++) {
        if ($savelnum[$i] == '') {
            continue;
        }
        $savedata .= "\$lnc[{$savelnum[$i]}]='" . admin_convert($saveldesc[$i]) . "';\n";
        $savedata2 .= "\$lncoverwrite[{$savelnum[$i]}]='" . admin_convert($saveldesc[$i]) . "';\n";
    }
    if (!writetofile("data/langspec.php", $savedata)) {
        catcherror($lna[66] . "data/langspec.php");
    }
    if (!writetofile("data/langspecoverwrite.php", $savedata2)) {
        catcherror($lna[66] . "data/langspecoverwrite.php");
    }
    catchsuccess($finishok4, $backtolangspec);
}
function skin_convert($str)
{
    $str = str_replace("\r", '', $str);
    $str = str_replace("\n", '', $str);
    $str = addslashes($str);
    $str = str_replace('|', '', $str);
    return $str;
}
function add_module($filename)
{
    global $activate, $newplugindir, $blog, $db_prefix;
    if (is_file("plugin/{$newplugindir}/{$filename}")) {
Пример #9
0
    }
    if ($blogpsw != $records['blogpsw']) {
        catcherror($lnc[297]);
    }
    $return_main = $m_b->make_viewentry($records, $way, true);
    setcookie("entrypassword{$blogid}", $blogpsw);
    catchsuccess($return_main);
}
if ($job == 'getreplyonly') {
    acceptrequest('repid,reppsw,way,onetimecounter');
    $repid = floor($repid);
    $reppsw = md5($reppsw);
    $tablename = $way == 'reply' ? 'replies' : 'messages';
    $partialquery = "SELECT * FROM `{$db_prefix}{$tablename}` WHERE `repid`='{$repid}' LIMIT 1";
    $m_b = new getblogs();
    $records = $m_b->getbyquery($partialquery);
    if (!is_array($records) || $records['repid'] != $repid) {
        catcherror($lnc[305]);
    }
    if ($reppsw != $records['reppsw']) {
        catcherror($lnc[297]);
    }
    $records['reppsw'] = '';
    $records['reproperty'] = '0';
    if ($way == 'reply') {
        $output_single = $m_b->single_reply($records, floor($onetimecounter));
    } else {
        $output_single = $m_b->single_message($records, floor($onetimecounter));
    }
    catchsuccess($output_single);
}
Пример #10
0
function recache_plugins()
{
    global $blog, $db_prefix, $lna;
    $all_pl = $blog->getgroupbyquery("SELECT * FROM `{$db_prefix}plugins` WHERE `active`=1 ORDER BY `plid` ASC");
    if (is_array($all_pl)) {
        foreach ($all_pl as $plugin) {
            if ($plugin['plregister']) {
                $register = @explode(',', str_replace(' ', '', $plugin['plregister']));
                foreach ($register as $singlereg) {
                    $blogplugin[$singlereg][] = $plugin['plname'];
                }
            }
        }
    }
    if (is_array($blogplugin)) {
        foreach ($blogplugin as $typename => $plugins) {
            $pluginline = '"' . @implode(',', $plugins) . '"';
            $plugwrt[] = "\$blogplugin['{$typename}']={$pluginline};\r\n";
        }
        $out = "<?PHP\r\n" . @implode('', $plugwrt);
    }
    if (!writetofile("data/plugin_enabled.php", $out)) {
        catcherror($lna[66] . "data/plugin_enabled.php");
    }
}
Пример #11
0
if ($job == 'dolangset') {
    acceptrequest('newlangf,newlangb');
    if (!file_exists("lang/{$newlangf}/common.php")) {
        catcherror("Front-end langauge pack does not exist. 前台语言包不存在。 前臺語言包不存在。");
    }
    if (!file_exists("lang/{$newlangb}/backend.php")) {
        catcherror("Back-end langauge pack does not exist. 后台语言包不存在。 後臺語言包不存在。");
    }
    $newcontent = "<?PHP\n\$langfront=\"{$newlangf}\";\n\$langback=\"{$newlangb}\";\n@include_once (\"lang/{$newlangf}/common.php\");";
    writetofile("data/language.php", $newcontent);
    catchsuccess("Language set has been changed. 语言包设置完成。 語言包設置完成。");
}
if ($job == 'refreshadminskinlist' || $job == 'selectadminskin') {
    $handle = opendir("admin/theme/");
    if (!$handle) {
        catcherror("{$lna[155]} admin/theme/ {$lna[156]}<ul><li>{$lna[157]}</li><li>{$lna[158]}</li><li>{$lna[159]}</li></ul>");
    }
    while (false !== ($file = readdir($handle))) {
        if ($file != "." && $file != ".." && is_dir("admin/theme/{$file}")) {
            $out .= "\$adminskin[]='{$file}';\n";
        }
    }
    if ($job == 'selectadminskin') {
        acceptrequest('targetskin');
        $targetskin = basename($targetskin);
        if ($targetskin) {
            $currentadminskin = $targetskin;
        }
    }
    $sleout = "<?PHP\n" . $out . "\$currentadminskin='{$currentadminskin}';";
    writetofile("data/cache_adminskinlist.php", $sleout);
Пример #12
0
    $y2++;
    for ($y = $y1; $y <= $y2; $y++) {
        if ($y == $y2) {
            $var['beforeYearOptions'] .= "<option value=\"{$y}\" selected>{$y}</option>\n";
        } else {
            $var['beforeYearOptions'] .= "<option value=\"{$y}\">{$y}</option>\n";
        }
    }
}
// Calculate the length of a menu, shrink if we have settings disabled
if ($filename == "html/{$atmail->Language}/xp/toolbar.html" || $filename == "html/{$atmail->Language}/xp/toolbar_abook.html") {
    $var = $atmail->calcmenu_height($filename);
}
// Die if the file is not permitted
if (!$type[$filename]) {
    catcherror("Specified file {$filename} is not allowed");
}
$var['FirstLoad'] = $_REQUEST['FirstLoad'];
// If using the help menu, load the selected help-file or default to the settings
if ($filename == "html/{$atmail->Language}/help/filexp.html" && $_REQUEST['HelpFile']) {
    if ($_REQUEST['HelpFile']) {
        $var['HelpFile'] = $_REQUEST['HelpFile'];
    } else {
        $var['HelpFile'] = 'file.html';
    }
}
if (!$_REQUEST['XUL']) {
    $var['atmailstyle'] .= $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-form.css");
}
/*
if($_REQUEST['ajax'])	{
Пример #13
0
    $savetext = "<?PHP\n";
    $save_list = $_POST['fmp'];
    //if (count($save_list)<=0) catcherror ($lna[1013]);
    while (@(list($key, $val) = @each($save_list))) {
        while (@(list($val_key, $val_value) = @each($val))) {
            if ($val_key == 'title' && empty($val_value)) {
                break;
            }
            if (!empty($val_value)) {
                $savetext .= "\$fmp_list['{$key}']['{$val_key}']='" . admin_convert($val_value) . "';\n";
            }
        }
    }
    //if ($savetext=='') catcherror ($lna[1013]);
    if (!writetofile($file['dlist'], $savetext)) {
        catcherror("{$lna[66]}" . $file['dlist']);
    } else {
        catchsuccess($finishok, array($backtofmp_list, $backtofmp_cfg, $backtoplugin));
    }
}
include $file['dlist'];
foreach ($fmp_list as $fp_id => $fp_song) {
    //$fmp_list_show .= "add_fpRow('{$fp_id}','{$fmp_list[$fp_id][title]}','{$fmp_list[$fp_id][creator]}','{$fmp_list[$fp_id][location]}','{$fmp_list[$fp_id][info]}','{$fmp_list[$fp_id][image]}','{$fmp_list[$fp_id][album]}','{$fmp_list[$fp_id][meta]}')\n";
    //$fmp_list_show .= "add_fpRow('{$fp_id}','".htmlspecialchars($fmp_list[$fp_id][title]). "','" .htmlspecialchars($fmp_list[$fp_id][creator]). "','" .htmlspecialchars($fmp_list[$fp_id][location]). "','" .htmlspecialchars($fmp_list[$fp_id][info]). "','" .htmlspecialchars($fmp_list[$fp_id][image]). "','" .htmlspecialchars($fmp_list[$fp_id][album]). "','" .htmlspecialchars($fmp_list[$fp_id][meta])."')\n";
    $fmp_list_show .= "\n add_fpRow('-1','{$fp_id}'";
    $list_arr = array('title', 'creator', 'location', 'info', 'image', 'album', 'meta');
    foreach ($list_arr as $value) {
        if (!empty($fmp_list[$fp_id][$value])) {
            $fmp_list_show .= ",'" . htmlspecialchars($fmp_list[$fp_id][$value], ENT_QUOTES) . "'";
        } else {
            $fmp_list_show .= ",''";
Пример #14
0
function completeOpenID()
{
    global $db_defaultsessdir, $db_tmpdir, $config, $lnc;
    define('OpenIDFileStorePath', $db_tmpdir . '/openid');
    require_once 'openid.php';
    if ($db_defaultsessdir != 1) {
        session_save_path("./{$db_tmpdir}");
    }
    session_start();
    // Complete the authentication process using the server's response.
    $response = $consumer->complete($_GET);
    if ($response->status == Auth_OpenID_CANCEL) {
        // This means the authentication was cancelled.
        catcherror($lnc[316], false);
    } else {
        if ($response->status == Auth_OpenID_FAILURE) {
            $msg = "OpenID authentication failed: " . $response->message;
            catcherror($lnc[315] . $msg, false);
        } else {
            if ($response->status == Auth_OpenID_SUCCESS) {
                // This means the authentication succeeded.
                $openid = $response->identity_url;
                $sreg = $response->extensionResponse('sreg');
                //Format openid
                $openid = str_replace(array('http://', 'https://'), array('', ''), $openid);
                if (substr($openid, -1, 1) == '/') {
                    $openid = substr($openid, 0, strlen($openid) - 1);
                }
                return array('openidurl' => $openid, 'sreg' => $sreg);
            } else {
                catcherror($lnc[315] . 'OpenID Unknown Error.', false);
            }
        }
    }
}
Пример #15
0
 function save_a_text($entry)
 {
     global $mbcon, $adminlist, $blogversion, $config, $lnc, $permission, $userdetail, $logstat;
     if ($entry['property'] >= 2 && $permission['SeeHiddenEntry'] != 1) {
         catcherror($lnc[272]);
     }
     if ($entry['blogpsw'] && $permission['SeeAllProtectedEntry'] != 1 && $userdetail['userid'] != $entry['authorid']) {
         catcherror($lnc[272]);
     }
     $entrytitle = $entry['title'];
     $entrytime = gmdate('r', $entry['pubtime'] + 3600 * $config['timezone']);
     //Need Further Change
     $tmp = $entry['authorid'];
     $entryauthor = $adminlist[$tmp];
     $entry['content'] = @str_replace('[separator]', '', $entry['content']);
     $entry['content'] = @str_replace('[newpage]', '', $entry['content']);
     if ($logstat != 1) {
         $entry['content'] = preg_replace("/\\[hide\\](.+?)\\[\\/hide\\]/is", "<br/>{$lnc[312]}  {$lnc[79]} {$lnc[235]} {$lnc[89]}<br/>", $entry['content']);
     } else {
         $entry['content'] = str_replace(array('[hide]', '[/hide]'), '', $entry['content']);
     }
     $entrycontent = $this->getrsscontent($entry['content'], 0, $entry['ubbstat'], 0);
     $entrycontent = str_replace(array('<br/>', '</p>', '</div>', '&#123;', '&#125;', '&nbsp;'), array("\r\n", "\r\n", "\r\n", '{', '}', ' '), $entrycontent);
     $entrycontent = strip_tags($entrycontent);
     $entrycontent = html_entity_decode($entrycontent, ENT_QUOTES);
     $entryurl = "{$config['blogurl']}/" . getlink_entry($entry['blogid'], $entry['blogalias']);
     @header('Content-type: text/plain');
     @header('Content-Disposition: attachment; filename="' . date('Ymd-His') . '.txt"');
     $UTF8BOM = chr(239) . chr(187) . chr(191);
     echo "{$UTF8BOM}{$lnc[71]}{$entrytitle}\r\n{$lnc[72]}{$config['blogname']}\r\n{$lnc[73]}{$entrytime}\r\n{$lnc[74]}{$entryauthor}\r\n{$lnc[75]}{$entryurl}\r\n\r\n{$lnc[76]}\r\n{$entrycontent}\r\n\r\n\r\nGenerated by Bo-blog {$blogversion}";
     exit;
 }
Пример #16
0
 function mailboxsize($query)
 {
     $db = array();
     $result =& $this->dbh->query($query, null, DB_FETCHMODE_ASSOC);
     if (DB::isError($result)) {
         catcherror($result->getMessage());
     }
     $num = 0;
     while ($fields =& $result->fetchrow()) {
         foreach ($fields as $fname => $fvalue) {
             $db[$fname] = $fvalue;
             if ($fname == "EmailBox") {
                 $foldername = $fvalue;
                 $folders[$db['EmailBox']][$num++];
             }
         }
         $msg_len = strlen($db['EmailMessage']) / 1024;
         $folders[$db['EmailBox']]['size'] += $msg_len;
         $folders[$db['EmailBox']]['size'] = sprintf('%2.1f', $folders[$db['EmailBox']]['size']);
     }
 }
Пример #17
0
        die($display_overall_plus);
    } else {
        $display_overall .= $display_overall_plus;
    }
}
if ($job == 'urlrewritesave') {
    acceptrequest('urlrewritesta');
    $urlrewritesta = floor($urlrewritesta);
    $savetext = "<?PHP\n\$db_server='{$db_server}';\n\$db_username='******';\n\$db_password='******';\n\$db_name='{$db_name}';\n\$db_prefix='{$db_prefix}';\n\$db_410='{$db_410}';\n\$db_tmpdir='{$db_tmpdir}';\n\$db_defaultsessdir='{$db_defaultsessdir}';\n";
    while (@(list($key, $val) = @each($config))) {
        if ($key == 'urlrewritemethod') {
            $savetext .= "\$config['{$key}']='{$urlrewritesta}';\n";
            $saved = 1;
        } else {
            $savetext .= "\$config['{$key}']='" . admin_convert(stripslashes($val)) . "';\n";
        }
    }
    if ($saved != 1) {
        $savetext .= "\$config['urlrewritemethod']='{$urlrewritesta}';\n";
    }
    if (writetofile("data/config.php", $savetext)) {
        if ($ajax == 'on') {
            $fetchURL = 'admin.php?go=misc_urlrewrite';
            catchsuccessandfetch($lna[1094], $fetchURL);
        } else {
            catchsuccess($lna[1094], "{$lna[39]}|admin.php");
        }
    } else {
        catcherror($lna[66] . "data/config.php");
    }
}
Пример #18
0
    $relatedmods = array('tags' => 'alltags', 'star' => 'starred', 'guestbook' => 'guestbook');
    $tosetinvisiblearray = $tosetvisiblearray = array();
    while (@(list($key, $val) = @each($save_config))) {
        $savetext .= "\$flset['{$key}']='" . admin_convert($val) . "';\n";
        if ($relatedmods[$key]) {
            if ($val == 1) {
                $tosetinvisiblearray[] = $relatedmods[$key];
            }
            if ($val == 0) {
                $tosetvisiblearray[] = $relatedmods[$key];
            }
        }
    }
    if ($savetext == '') {
        catcherror($lna[1013]);
    }
    if (writetofile("data/functionlock.php", $savetext)) {
        if (sizeof($tosetinvisiblearray) >= 1) {
            $allinvisibles = makeaquery($tosetinvisiblearray, "`name`='%s'", 'OR');
            $blog->query("UPDATE `{$db_prefix}mods` SET `active`=0 WHERE {$allinvisibles}");
        }
        if (sizeof($tosetvisiblearray) >= 1) {
            $allvisibles = makeaquery($tosetvisiblearray, "`name`='%s'", 'OR');
            $blog->query("UPDATE `{$db_prefix}mods` SET `active`=1 WHERE {$allvisibles}");
        }
        recache_mods();
        catchsuccess($finishok, "{$lna[1194]}|admin.php?go=main_funclock");
    } else {
        catcherror("{$lna[66]}" . "data/functionlock.php");
    }
}
Пример #19
0
</td>
<td class="sectend">{$lna[845]}</td>
</tr>
<tr>
<td colspan=2 class="sect"><br>{$lna[867]}<br><br>
{$lna[868]} {$current_file}
<br><br>{$lna[843]}<br><br></td>
</tr>
</table>
eot;
}
if ($job == 'rssrollback') {
    acceptcookie('srcindex,endnumber');
    $srcindex = basename($srcindex);
    if (!file_exists("bak/{$srcindex}")) {
        catcherror($lna[869]);
    }
    if (strstr($srcindex, '.gz')) {
        $rsscontent = @gzreadfromfile("bak/{$srcindex}");
    } else {
        $rsscontent = readfromfile("bak/{$srcindex}");
    }
    $array_insert = rssrollback($rsscontent);
    if (is_array($array_insert)) {
        $i = $maxrecord['maxblogid'];
        foreach ($array_insert as $singlevalue) {
            $allvalues[] = "('{$i}', '{$singlevalue['title']}', '{$singlevalue['time']}', '{$singlevalue['content']}', '{$endnumber}', '{$userdetail['userid']}', 1, '')";
            $i += 1;
        }
        $all_values = @implode(',', $allvalues);
        $sql_query = "INSERT INTO {$db_prefix}blogs (`blogid`, `title`, `pubtime`, `content`, `category`, `authorid`, `htmlstat`, `permitgp`) VALUES {$all_values}";
Пример #20
0
 function search($sort = null, $db = null, $start = 0)
 {
     if ($db['abookview'] == 'ldap') {
         return $this->_search_ldap($db);
     }
     global $atmail, $pref;
     // Init some vars
     $h = $users = $results = array();
     $extend = '';
     if (!is_numeric($start)) {
         $start = 0;
     }
     if (empty($sort)) {
         $sort = "Account";
     } else {
         $sort = Filter::cleanSqlFieldNames($sort);
     }
     $db['SearchType'] = Filter::stringMatch($db['SearchType'], array('and', 'or'));
     if (!$db['SearchType']) {
         $db['SearchType'] = 'and';
     }
     if ($db['SearchType'] == 'or') {
         $extend = 'and (';
     }
     foreach (array('FirstName', 'LastName', 'Account', 'UserWorkCompany', 'UserHomeAddress', 'UserHomeCity', 'UserHomeState', 'UserHomeCountry') as $field) {
         // Toggle which database we are using
         if ($db['abookview'] == "personal") {
             $type = $this->Abook;
         }
         if ($field == "FirstName" && !empty($db[$field])) {
             $extend .= "{$db['SearchType']} {$type}.UserFirstName LIKE " . $this->db->quote("%{$db[$field]}%") . " ";
         } elseif ($field == "LastName" && !empty($db[$field])) {
             $extend .= "{$db['SearchType']} {$type}.UserLastName LIKE " . $this->db->quote("%{$db[$field]}%") . " ";
         } elseif ($field == "Account" && !empty($db[$field])) {
             $extend .= "{$db['SearchType']} {$type}.UserEmail LIKE " . $this->db->quote("%{$db[$field]}%") . " ";
         } elseif (!empty($db[$field])) {
             $extend .= "AND {$type}.{$field} LIKE " . $this->db->quote("%{$db[$field]}%") . " ";
         }
         $id = $db['id'] ? $db['id'] : 0;
         if ($id > 0 && is_numeric($id)) {
             $extend .= " AND {$type}.id > {$id} ";
         }
         //if ($atmail->isset_chk($db['limit']) && is_numeric($db['limit']))
         //	$limit = "LIMIT {$db['limit']}";
         //else
         //	$limit = "LIMIT 300";
         $limit = "LIMIT {$start},{$this->limit}";
         $db[$field] = $this->db->quote("%{$db[$field]}%");
     }
     if ($db['abookview'] == "personal") {
         // If there is no search query, specify a default searching for valid email-accounts
         if (!$extend) {
             $extend = " AND UserEmail LIKE '%@%'";
         } elseif ($db['SearchType'] == 'or') {
             $extend = str_replace('and (or', 'and (', $extend);
             $extend .= ')';
         }
         $results['FullTotal'] = $this->db->sqlgetfield("SELECT COUNT(id)\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM {$this->Abook}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE Account = {$this->Account_Escape} {$extend}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY {$this->Abook}.{$sort}");
         // Search the users Personal addressbook only
         $users = $this->db->sqlarray("SELECT id\n\t\t\t\t\t\t\t\t\t\t  FROM {$this->Abook}\n\t\t\t\t\t\t\t\t\t\t  WHERE Account = {$this->Account_Escape} {$extend}\n\t\t\t\t\t\t\t\t\t\t  ORDER BY {$this->Abook}.{$sort} {$limit}");
     } else {
         catcherror('Unknown search supplied');
     }
     foreach ($users as $id) {
         $id = stripslashes($id);
         $id_escape = $this->db->quote($id);
         $h = $this->db->sqlhash("SELECT UserEmail, UserFirstName, UserLastName, UserGender, id,\n\t\t    \t\t\t\t\t\t  UserWorkPhone, UserHomePhone\n\t\t    \t\t\t\t\t\t  FROM {$this->Abook}\n\t\t    \t\t\t\t\t\t  WHERE id = {$id_escape}");
         // The UserEmail is the unique identifier for the personal addressbook
         $h['Account'] = $h['UserEmail'];
         if (!$h['Account']) {
             continue;
         }
         foreach ($h as $k => $v) {
             if ($pref['iconv'] && defined('ICONV_VERSION')) {
                 $results[$id][$k] = iconv("utf-8", "utf-8", $v);
             } else {
                 $results[$id][$k] = $v;
             }
         }
         // Escape ' in users First/Last name - Otherwise breaks the JS function
         $results[$id]['FirstName'] = addslashes($results[$id]['FirstName']);
         $results[$id]['LastName'] = addslashes($results[$id]['LastName']);
     }
     // do we want to autocomplete using ldap server?
     if ($pref['autocomplete_ldap_entries']) {
         $db['abookview'] = 'ldap';
         $db['Account'] = str_replace('%', '', $db['Account']);
         $db['Account'] = str_replace("'", '', $db['Account']);
         $db['FirstName'] = str_replace('%', '', $db['FirstName']);
         $db['FirstName'] = str_replace("'", '', $db['FirstName']);
         $db['LastName'] = str_replace('%', '', $db['LastName']);
         $db['LastName'] = str_replace("'", '', $db['LastName']);
         $ldap_results = $this->_search_ldap($db);
         $max_id = $this->db->sqlarray("SELECT max(id)\n\t                                          FROM {$this->Abook}\n\t                                          WHERE Account = {$this->Account_Escape} {$extend}\n\t                                          ORDER BY {$this->Abook}.{$sort} {$limit}");
         $i = $max_id[0] + 1;
         foreach ($ldap_results as $ldap_entry) {
             $temp['UserEmail'] = $ldap_entry['Account'];
             $temp['UserFirstName'] = $ldap_entry['UserFirstName'];
             $temp['UserLastName'] = $ldap_entry['UserLastName'];
             $temp['id'] = $i;
             $results[$i] = $temp;
             $i += 1;
         }
         $results['FullTotal'] += count($ldap_results);
     }
     return $results;
 }
Пример #21
0
        }
        $ping_show = @explode(' ', $pinged);
        for ($i = 0; $i < count($ping_show); $i++) {
            $ping_urls .= "<input type='hidden' name='pingurl[]' value='{$ping_show[$i]}'>";
        }
        $ping_url_show = @implode('<br>', $ping_show);
        $form = "<div align=center><form action='admin.php?go=edit_sendtb' method='post'><input type='hidden' name='title' value=\"{$title}\"><input type='hidden' name='excerpt' value=\"{$excerpt}\"><input type='hidden' name='blog_name' value=\"{$config['blogname']}\"><input type='hidden' name='url' value='{$config['blogurl']}/" . get_entry_url($currentid, $blogalias) . "'>{$ping_urls}<input type='submit' value='{$lna[310]}' class='formbutton'> <input type='button' value='{$lna[311]}' onclick='window.location=(\"" . get_entry_url($currentid, $blogalias) . "\");' class='formbutton'></form></div>";
        $t = new template();
        $t->showtips($lna[312], $lna[313] . $ping_url_show . "<br><br>{$lna[314]}<br><br>" . $form, "{$backtowhere}|" . get_entry_url($currentid, $blogalias));
    }
}
if ($job == 'sendtb') {
    checkpermission('EditEntry');
    acceptrequest('title,excerpt,url,blog_name,pingurl');
    if (!is_array($pingurl)) {
        catcherror($lna[315]);
    }
    plugin_runphp('trackbacksending');
    @header("Content-Type: text/html; charset=utf-8");
    $url = str_replace('{host}', $_SERVER['HTTP_HOST'], $url);
    foreach ($pingurl as $durl) {
        $result = sendping($durl, $title, $excerpt, $url, $blog_name);
        if (!$result) {
            $showp .= "<b>{$lna[316]}</b>{$durl} ; <b>{$lna[317]}</b>{$lna[318]}";
        } elseif ($result == 'ok') {
            $showp .= "<b>{$lna[316]}</b>{$durl} ; <b>{$lna[317]}</b>{$lna[319]}<br>";
        } elseif ($result == 'unknown') {
            $showp .= "<b>{$lna[316]}</b>{$durl} ; <b>{$lna[317]}</b>{$lna[949]}<br>";
        } else {
            $showp .= "<b>{$lna[316]}</b>{$durl} ; <br><b>{$lna[317]}</b>{$lna[950]}{$result}<br>";
        }
Пример #22
0
 function smtperror($msg)
 {
     global $pref, $atmail;
     if ($this->IgnoreError) {
         return;
     }
     // Find the origin of the script
     $location = $_SERVER['SCRIPT_NAME'];
     if (strpos($location, 'admin.php')) {
         $location = "{$location}?func={$_REQUEST['func']}";
     }
     // If a send message errors on the compose screen, reload the email message
     // and print a Javascript alert to the browser
     $editor = $atmail->isset_chk($_REQUEST['HtmlEditor']) ? $_REQUEST['HtmlEditor'] : '2';
     if (strpos($location, 'sendmail.php') !== false) {
         $path = time() . getmypid() . "err";
         // Redirect the user to the compose screen, with their email intact
         $location = "compose.php?spellcheck={$path}&func=spellcheck&HtmlEditor={$editor}&unique=" . $_REQUEST['unique'];
         $fh = fopen($atmail->tmpdir . "/{$path}", 'w');
         if (!is_resource($fh)) {
             catcherror("Could not open {$atmail->tmpdir}/{$path}");
         }
         $tmp = array();
         // Create a temp hash containing our vars
         foreach (array('emailto', 'emailsubject', 'emailcc', 'emailbcc', 'contype') as $v) {
             $tmp[$v] = $_REQUEST[$v];
         }
         // Print the email message, raw headers, encoding will be set 100%
         fwrite($fh, $this->headers . "\r\nBcc: {$tmp['emailbcc']}\r\n" . "\r\n\r\n" . $this->body);
         fclose($fh);
     }
     print $atmail->parse("html/english/errorsmtp.html", array('error' => $msg, 'location' => $location));
     exit;
 }
Пример #23
0
    $repid = $selid;
} else {
    $repid = $itemid;
}
if (empty($job)) {
    $job = 'default';
}
if ($job == 'addadminreply' || $job == 'editadminreply') {
    if ($permission['ReplyReply'] != 1) {
        $cancel = $lna[345];
    }
    catcherror($cancel);
    acceptrequest('adminreplycontent');
    $adminreplycontent = trimplus($adminreplycontent);
    if ($adminreplycontent == '') {
        catcherror($lna[346]);
    }
    $adminreplycontent = safe_convert($adminreplycontent);
    $currenttime = time();
    if ($logstat == 0) {
        $userdetail['username'] = $lna[901];
    }
    if ($job == 'editadminreply') {
        $queryplus = "`adminrepeditorid`='{$userdetail['userid']}', `adminrepeditor`='{$userdetail['username']}', `adminrepedittime`='{$currenttime}'";
    } else {
        $queryplus = "`adminreplier`='{$userdetail['username']}', `adminrepid`='{$userdetail['userid']}',`adminreptime`='{$currenttime}'";
    }
    $blog->query("UPDATE `{$db_prefix}replies` SET `adminrepcontent`='{$adminreplycontent}' , {$queryplus} WHERE `repid`='{$repid}'");
    if ($ajax != 'on') {
        catchsuccess($finishok2, array($backtoprevious, $backtoindex, $backtodefault));
    } else {
Пример #24
0
function mod_replace($name, $value, $mustchange = false)
{
    global $lnc;
    $filename = "data/modules.php";
    $filecontent = @file($filename);
    $changed = false;
    for ($i = 0; $i < count($filecontent); $i++) {
        if (strstr($filecontent[$i], "\$blogitem['{$name}']=")) {
            $filecontent[$i] = $value;
            $changed = true;
            break;
        }
    }
    if ($mustchange && !$changed) {
        $filecontent[] = $value;
    }
    $newfilecontent = @implode('', $filecontent);
    if (writetofile($filename, $newfilecontent)) {
        return true;
    } else {
        catcherror($lnc[7] . $filename);
    }
}
Пример #25
0
<td colspan=2 align=center class="sectbar">
{$lna[211]} <!--<input type=radio name='opt' value='combine'>{$lna[212]}<input type=text size=6 name='newtagname'> &nbsp;&nbsp;--> <input type=radio name='opt' value='del'>{$lna[78]} &nbsp;&nbsp;  <input type=radio name='opt' value='counttags'><acronym title="{$lna[1184]}">{$lna[1183]}</acronym></a> &nbsp;&nbsp; <input type=button value="{$lna[64]}" class='formbutton' onclick="adminSubmitAjax(1);">
</td></tr>
</table>
</form>
eot;
    if ($ajax == 'on') {
        die($display_overall_plus);
    } else {
        $display_overall .= $display_overall_plus;
    }
}
if ($job == 'batchtags') {
    acceptrequest('selid,opt');
    if (!is_array($selid)) {
        catcherror($lna[213]);
    }
    if ($opt == 'del') {
        for ($i = 0; $i < count($selid); $i++) {
            $blog->query("UPDATE `{$db_prefix}blogs` SET tags=replace(tags, '>{$selid[$i]}>', '>')");
            $blog->query("DELETE FROM `{$db_prefix}tags` WHERE `tagname`='{$selid[$i]}'");
        }
    }
    if ($opt == 'counttags') {
        $all_tagentries = $blog->getarraybyquery("SELECT `tags` FROM `{$db_prefix}blogs` WHERE tags<>'' AND tags<>'>'");
        $all_tag_lists = @implode('', $all_tagentries['tags']);
        $all_tag_lists = @explode('>', $all_tag_lists);
        $counted_list = array_count_values($all_tag_lists);
        for ($i = 0; $i < count($selid); $i++) {
            $to_update_tag = $selid[$i];
            $to_update_value = floor($counted_list[$to_update_tag]);
Пример #26
0
Offical site: http://www.bo-blog.com
Copyright (c) Bob Shen 中国-上海
In memory of my university life
------------------------------------------------------- */
if (!defined('VALIDREQUEST')) {
    die('Access Denied.');
}
if ($job == 'user') {
    checkpermission('ViewUserDetail');
    include_once "data/cache_usergroup.php";
    if ($itemid === '') {
        catcherror($lnc[193]);
    }
    $nowuser = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE `userid`='{$itemid}'");
    if (!$nowuser) {
        catcherror($lnc[193]);
    }
    $usergp_tmp = $nowuser['usergroup'];
    $tmp_gender = $nowuser['gender'];
    $nowuser['email'] = trim($nowuser['email']) == '' ? $lnc[141] : "<a href=\"mailto:{$nowuser['email']}\">{$lnc[18]}</a>";
    $nowuser['homepage'] = trim($nowuser['homepage']) == '' ? $lnc[141] : "<a href=\"{$nowuser['homepage']}\" target=\"_blank\">{$lnc[19]}</a>";
    $t = new template();
    $formbody .= $t->set('form_eachline', array('text' => $lnc[132], 'formelement' => $nowuser['username'] . " &nbsp; [" . $usergp[$usergp_tmp] . "]"));
    $formbody .= $t->set('form_eachline', array('text' => $lnc[139], 'formelement' => $nowuser['email']));
    $formbody .= $t->set('form_eachline', array('text' => $lnc[140], 'formelement' => $nowuser['homepage']));
    $sex_sel = array('0' => $lnc[141], '1' => $lnc[142], '2' => $lnc[143]);
    $formbody .= $t->set('form_eachline', array('text' => $lnc[144], 'formelement' => $sex_sel[$tmp_gender]));
    $formbody .= $t->set('form_eachline', array('text' => $lnc[145], 'formelement' => stripslashes($nowuser['qq'])));
    $formbody .= $t->set('form_eachline', array('text' => 'MSN', 'formelement' => stripslashes($nowuser['msn'])));
    $formbody .= $t->set('form_eachline', array('text' => 'Skype', 'formelement' => stripslashes($nowuser['skype'])));
    $formbody .= $t->set('form_eachline', array('text' => $lnc[146], 'formelement' => stripslashes($nowuser['fromplace'])));
Пример #27
0
 function escape_html($string, $extended = true)
 {
     // Check any XSS and alert
     if (preg_match('/<SCRIPT|document.cookie|<\\/script>/i', $string)) {
         $this->log->write_log('Error', "XSS Alert : {$_SERVER['SCRIPT_NAME']} : {$string}");
         catcherror("Security Alert: IP address {$_SERVER['REMOTE_ADDR']} logged - XSS Attack detected");
     }
     if ($extended) {
         // Escape <> chars
         $string = str_replace('<', '&lt;', $string);
         $string = str_replace('>', '&gt;', $string);
         // Change () to the Hex vlaues
         $string = str_replace('(', '&#40', $string);
         $string = str_replace(')', '&#41', $string);
         // Change # , & to the Hex values
         $string = str_replace('#', '&#35', $string);
         $string = str_replace('&', '&#38', $string);
     }
     return $string;
 }
Пример #28
0
 /**
  * Parse it as a MIME message
  *
  * @param int $id message id
  * @param string $folder
  * @param string [$nopersonalities]
  * @param string [$cache]
  *
  * @access public
  */
 function reademail($id, $folder, $nopersonalities = null, $cache = null, $path = null)
 {
     global $atmail, $domains, $pref;
     // Load our temporary filename
     $this->tmpdir = "{$pref['user_dir']}/tmp/" . $this->Username . '@' . $this->Pop3host . "/";
     // Create our temporary directory, if its missing, init in Global.php
     if (!is_dir($this->tmpdir)) {
         mkdir($this->tmpdir, 0777);
     }
     if (!$this->File && $cache) {
         $this->File = GetMail::check_cache($atmail->tmpdir . "/{$this->SessionID}-{$cache}.data");
         // Set to blank if the cache no longer exists
         //if(!file_exists($this->File))
         //	$this->File = '';
     }
     // Read our email from the server
     if (!is_string($this->File)) {
         if (!$nopersonalities && isset($atmail)) {
             $this->FromField = $atmail->loadpersonalities();
         }
         $status = $this->mail->login();
         // We have an error while logging in. Tell the user
         if ($status) {
             $this->status = $status;
             return;
         }
         if (is_null($path)) {
             $this->path = $this->mail->get($id, $folder, '', $cache);
         } else {
             $this->path = $path;
         }
         $this->mail->quit();
         if ($this->Type == 'imap') {
             $this->MessageState = $this->mail->MessageState;
         }
         // User has specified the msg from the spellchecker
     } else {
         if (file_exists($atmail->tmpdir . "/{$this->File}")) {
             $this->path = $atmail->tmpdir . "/{$this->File}";
             $this->MessageState = 'o';
         } else {
             if (file_exists($this->File)) {
                 $this->path = $this->File;
                 $this->MessageState = 'o';
             }
         }
     }
     // Just to be sure nobody is reading below a directory
     $this->path = str_replace('../', '', $this->path);
     $this->parser = new MailParser();
     if (!is_dir($this->tmpdir)) {
         mkdir($this->tmpdir, 0777);
     }
     // Users have their own mime-tmp directory
     if (!$this->parser->output_dir($this->tmpdir)) {
         catcherror("Could not parse message to temp directory '{$this->tmpdir}' -\n\t        Check the directory exists with permissions to write");
     }
     if (!$this->parser->parse_open($this->path)) {
         $this->txt = array_pop($this->parser->errors);
         return;
     }
     if ($this->rawemail) {
         $this->rawbody = $this->parser->stringify();
         $this->rawbody = str_replace("\r/", "\r\n", $this->rawbody);
         return;
     }
     if ($this->head) {
         $this->headers = $this->parser->stringify_header();
         $this->headers = str_replace(array('<', '>'), array('&lt;', '&gt;'), $this->headers);
     }
     $this->Charset = $this->parser->get_charset();
     // Get any mail headers
     $this->from = $this->parser->get_header_field('From');
     $this->replyto = $this->parser->get_header_field('Reply-To');
     if (preg_match('/(.*?)<.*?>/', $this->from, $match)) {
         $this->username = $match[1];
     }
     // Default to our previous subject in msg, if it does not exist. e.g , reading
     // a msg with multiple attachments
     $this->subject = $this->parser->get_header_field('Subject');
     if ($this->subject == '') {
         $this->subject = 'No Subject';
     }
     $this->cc = $this->parser->get_header_field('CC');
     $this->bcc = $this->parser->get_header_field('BCC');
     $this->to = $this->parser->get_header_field('To');
     $this->VideoMail = $this->quote_header($this->parser->get_header_field('X-VideoMail'));
     if ($this->VideoMail) {
         $this->VideoMail .= "/mini";
     }
     // Quote any ISO headers
     foreach (array('from', 'replyto', 'subject', 'to', 'cc', 'bcc') as $field) {
         // Store the encoding of the email-message
         if (preg_match('/\\s*=\\?([^\\?]+)\\?([QqBb])/', $this->{$field}, $match)) {
             $this->Encoding = $match[1];
             if (strtoupper($match[2]) == 'Q') {
                 $this->{$field} = preg_replace('/\\s*=\\?([^\\?]+)\\?[Qq]\\?([^\\?]+)?\\?=/e', "\$this->mail->decode_language('\\1', GetMail::decode_mime_head('\\1', stripslashes('\\2')))", $this->{$field});
             } else {
                 $this->{$field} = preg_replace('/\\s*=\\?([^\\?]+)\\?[Bb]\\?([^\\?]+)?\\?=/e', "\$this->mail->decode_language('\\1', base64_decode('\\2'))", $this->{$field});
             }
         } else {
             $this->{$field} = $this->mail->decode_language($this->Charset, $this->{$field});
         }
     }
     $this->date = $this->parser->get_header_field('Date');
     $date = $this->date ? $this->date : 'today';
     $date = $this->mail->calc_timezone($date);
     $time = strtotime($date);
     if ($this->Language == "japanese") {
         setlocale(LC_TIME, 'ja_JP.UTF-8', 'en_US');
         $this->date = strftime("{$this->mail->DateFormat} %a {$this->mail->TimeFormat}", $time);
     } else {
         setlocale(LC_TIME, strtolower($this->Language), 'en_US');
         $this->date = strftime("%a " . $this->mail->DateFormat . " " . $this->mail->TimeFormat, $time);
         $this->date = iconv('iso-8859-1', "UTF-8", $this->date);
     }
     // Take away the timezone and seconds
     $this->date = preg_replace('/:\\d\\d \\+?-?\\d{4}.*/', '', $this->date);
     $this->ctype = $this->parser->get_header_field('Content-Type');
     list($this->mimetype) = explode(';', $this->ctype);
     $this->mimetype = strtolower(trim($this->mimetype));
     if ($this->mimetype == 'text/html') {
         $this->type = 'HTML Msg';
     } elseif ($this->mimetype == 'multipart/alternative') {
         $this->type = 'Embeded HTML/Text';
     } elseif (strpos($this->mimetype, 'multipart') !== false) {
         $this->type = 'Attachments';
     } else {
         $this->type = 'Text';
     }
     // If we are using the maildir format, the message-id number if the unique id
     if ($this->mail->Type == 'file' && $domains[$this->Pop3host]) {
         $this->UIDL = $id;
         $this->UIDL = preg_replace('/cur\\/|new\\//', '', $this->UIDL);
     } else {
         if (!($this->UIDL = $this->parser->get_header_field('x-uidl'))) {
             $this->UIDL = $this->parser->get_header_field('message-id');
         }
         // Make the UIDL header from the Subject/Date if the Message-ID or XUIDL does not exist
         if (!$this->UIDL) {
             $this->UIDL = md5($this->subject . $this->parser->get_header_field('date'));
         }
     }
     // Take away illegal characters from the UIDL
     $this->UIDL = str_replace("'", '"', $this->UIDL);
     $this->UIDL = str_replace('"', '', $this->UIDL);
     $this->UIDL = preg_replace('/:.*/', '', $this->UIDL);
     $this->UIDL = str_replace(array("\n", "\r", ' ', ':', '+', '<', '>', '*', '|', '\\', '/', '&gt;', '&lt;'), '', $this->UIDL);
     if ($this->Type == 'pop3' || $this->Type == 'imap') {
         $this->EmailCache = $this->UIDL;
     }
     // Take away any newlines from the UIDL
     $this->UIDL = trim($this->UIDL);
     // Set the email priority as Normal, otherwise find the value in the header(s)
     $this->priority = 'Normal';
     if (substr($this->parser->get_header_field('x-priority'), 0, 1) == 1 || $this->parser->get_header_field('X-MSMail-Priority') == 'High' || $this->parser->get_header_field('Importance') == 'High') {
         $this->priority = 'High';
     }
     if (substr($this->parser->get_header_field('x-priority'), 0, 1) == 5 || $this->parser->get_header_field('X-MSMail-Priority') == 'Low' || $this->parser->get_header_field('Importance') == 'Low') {
         $this->priority = 'Low';
     }
     if (preg_match("/{$this->emailexp}/", $this->from, $match)) {
         $this->emailfrom = $match[1];
     }
     $this->emailfrom = str_replace(array('&gt;', '&lt;'), '', $this->emailfrom);
     // Cleaup the email, take away " signs, which close the HTML input tag
     //$this->to = preg_replace('/"(.*?),(.*?)"/', '$1 $2', $this->to);
     //$this->cc = preg_replace('/"(.*?),(.*?)"/', '$1 $2', $this->cc);
     //$this->to = str_replace('"', "'", $this->to);
     //$this->cc = str_replace('"', "'", $this->cc);
     //$this->bcc = str_replace('"', "'", $this->bcc);
     //$this->ctype = $this->parser->get_header_field('Content-Type');
     // See if we are permitted to display images in messages
     if (isset($atmail)) {
         $this->DisplayImages = $atmail->load_displayimages();
         if ($atmail->DisplayImages == '2') {
             $atmail->DisplayImages = $atmail->load_abook_emails($this->emailfrom);
         }
     }
     $this->dump_entity();
     if (isset($this->multiparttxt) && !empty($this->multiparttxt)) {
         $this->multiparttxt = $atmail->escape_jscript($this->multiparttxt);
     }
     if (isset($this->html) && !empty($this->html)) {
         $this->html = $atmail->escape_jscript($this->html);
         if (isset($this->multiparttxt)) {
             $this->html .= $this->multiparttxt;
         }
     }
     if (isset($this->txt) && !empty($this->txt)) {
         $this->txt = $atmail->escape_jscript($this->txt);
         if (isset($this->multiparttxt)) {
             $this->txt .= $this->multiparttxt;
         }
     }
     $this->scan_inline();
     // Fix an error where certain messages cannot be displayed ( e.g Apple mailers as multipart msgs )
     if (!$this->html && !$this->txt) {
         $this->txt = $this->multiparttxt;
     }
 }
Пример #29
0
        $itemid = floor($itemid);
        $blog->query("DELETE FROM `{$db_prefix}pages` WHERE `pageid`='{$itemid}'");
        $blog->query("DELETE FROM `{$db_prefix}mods` WHERE `name`='pageshortcut{$itemid}' AND `position`='header'");
        mod_replace('pageshortcut{$itemid}', '');
        recache_mods();
        if ($ajax == 'on') {
            catchsuccessandfetch($lna[1095], 'admin.php?go=entry_pagemanage');
        } else {
            catchsuccess($lna[1095], "{$lna[1057]}|admin.php?go=entry_pagemanage");
        }
    }
    if ($opt == 'del') {
        if ($selid == '') {
            catcherror($lna[337]);
        }
        $batch_id = makeaquery($selid, "`pageid`='%s'", 'OR');
        $batch_id2 = makeaquery($selid, "`name`='pageshortcut%s'", 'OR');
        $blog->query("DELETE FROM `{$db_prefix}pages` WHERE {$batch_id}");
        $blog->query("DELETE FROM `{$db_prefix}mods` WHERE {$batch_id2}");
        foreach ($selid as $singleid) {
            mod_replace('pageshortcut{$singleid}', '');
        }
        recache_mods();
        if ($ajax == 'on') {
            catchsuccessandfetch($lna[1095], 'admin.php?go=entry_pagemanage');
        } else {
            catchsuccess($lna[1095], "{$lna[1057]}|admin.php?go=entry_pagemanage");
        }
    }
    catcherror($lna[965]);
}
Пример #30
0
 function savemsg($arg)
 {
     // Find the size of the message on disk if no EmailSize defined
     if ($arg['EmailFile']) {
         $arg['EmailSize'] = filesize($arg['EmailFile']);
     } else {
         $arg['EmailSize'] = strlen($arg['EmailMessage']);
     }
     // Insert the message into the EmailDatabase table (header info only)
     $query = "INSERT INTO {$this->EmailDatabase}\n\t\t\t\t (EmailSubject, EmailTo, EmailFrom, EmailDate, EmailBox,\n\t\t\t\t  EmailFlag, EmailAttach, EmailSize, Account,EmailUIDL)\n\t\t\t\t VALUES (? , ? , ? , ? , ? , ?, ?, ?, ?, ?) ";
     $data = array($arg['EmailSubject'], $arg['EmailTo'], $arg['EmailFrom'], $arg['EmailDate'], $arg['EmailBox'], $arg['EmailFlag'], $arg['EmailAttach'], $arg['EmailSize'], $arg['Account'], $arg['EmailUIDL']);
     $result =& $this->dbh->query($query, $data);
     unset($data);
     if (DB::isError($result)) {
         if ($this->debug) {
             file_put_contents("php://stderr", "SQL Error = " . $result->getMessage() . " - " . $result->getUserInfo() . "\n");
         }
         return false;
     }
     // Get the unique ID key from the EmailDatabase table, from the last Insert
     $key = $this->getid();
     // Insert the actual message into another table, referenced by the id
     $query = "INSERT INTO {$this->EmailMessage} (EmailMessage, id) VALUES (? , ?)";
     $data = array();
     // if the user specified an email file
     if (isset($arg['EmailFile'])) {
         if (!($emailfile = file_get_contents($arg['EmailFile']))) {
             catcherror("Cannot open {$arg['EmailFile']}\n");
         }
         $data[] = $emailfile;
     } else {
         $data[] = $arg['EmailMessage'];
     }
     $data[] = $key;
     $result = $this->dbh->query($query, $data);
     // if the email was incorrectly inserted into the database
     if (DB::isError($result)) {
         if ($this->debug) {
             file_put_contents("php://stderr", "SQL Error = " . $result->getMessage() . " - " . $result->getUserInfo() . "\n");
         }
         $data = array($key, $arg['Account']);
         $query = "DELETE FROM {$this->EmailDatabase} WHERE id=? AND Account=?";
         $this->dbh->query($query, $data);
         return false;
     }
     return true;
 }