$backtofmp_list = "{$lanfp[0]}{$lanfp[13]}{$lanfp[1]}|admin.php?act={$page['list']}"; acceptrequest('configjob'); if ($configjob == 'save_config') { $savetext = "<?PHP\n"; $save_config = $_POST['prefconfig']; if (count($save_config) <= 1) { catcherror($lna[1013]); } while (@(list($key, $val) = @each($save_config))) { $savetext .= "\$fmp_cfg['{$key}']='" . admin_convert($val) . "';\n"; } if ($savetext == '') { catcherror($lna[1013]); } if (!writetofile($file['dcfg'], $savetext)) { catcherror("{$lna[66]}" . $file['dcfg']); } else { catchsuccess($finishok, array($backtofmp_cfg, $backtofmp_list, $backtoplugin)); } } $plugin_header = <<<eot <style type="text/css"> .pd3 { \tpadding:2px; } </style> eot; $pref_leftchar = "200"; $pref_variable = "fmp_cfg"; include $file['dcfg']; $ow = array("?", "=", "&");
<div style='visibility: hidden'><input type=submit value="{$lna[64]}" id='realsubmit' class='formbutton'></div> </form> eot; } if ($job == 'store' || $job == 'restore') { acceptrequest('pagetitle,closesidebar,html,ubb,emot,useeditor,pagealias,addshortcut,shortcuttarget,shortcutname', 0, 'post'); //Get content $content = $_POST['content']; //If magic quotes is on, strip the slashes automatically added if ($mqgpc_status == 1) { $content = stripslashes($content); } if ($pagetitle == '' || $content == '') { $cancel = $lna[307]; } catcherror($cancel); $closesidebar = @floor($closesidebar); $htmlstat = @floor($html); $ubbstat = @floor($ubb); $emotstat = @floor($emot); $pageid = @floor($id); if ($autobr == 0) { $content = str_replace("\r", '', $content); //Disable auto linebreak in WYSIWYG editors } if ($callaftersubmit) { $content = call_user_func($callaftersubmit, $content); } $content = preg_replace("/\\[php\\](.+?)\\[\\/php\\]/ise", "phpcode3('\\1')", $content); if ($htmlstat != 1 || $permission['Html'] != 1) { $content = preg_replace("/\\[code\\](.+?)\\[\\/code\\]/ise", "phpcode2('\\1')", $content);
if ($job == 'ajaxverify') { acceptrequest('savecookie,securitycode'); $savecookie = floor($savecookie); if ($config['loginvalidation'] == 1) { if ($db_defaultsessdir != 1) { session_save_path("./{$db_tmpdir}"); } session_cache_limiter("private, must-revalidate"); session_start(); if ($securitycode == '' || strtolower($securitycode) != strtolower($_SESSION['code'])) { catcherror($lnc[165]); } } $password = md5($_POST['password']); $username = safe_convert(mystrtolower($_POST['username'])); $try = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$username}' AND `userpsw`='{$password}'"); if (!is_array($try)) { catcherror($lnc[166]); } else { $userid = $try['userid']; catchsuccess("{$userid}-{$password}-{$savecookie}"); } } if ($job == 'ajaxloginsuccess') { if ($permission['CP'] == 1) { $destine = array("{$lnc[163]}|index.php", "{$lnc[107]}|admin.php"); } else { $destine = "{$lnc[163]}|index.php"; } catchsuccess("{$lnc[167]} " . $userdetail['username'], $destine); }
announcebar(); $iftoppage = $mbcon['pagebarposition'] == 'down' ? 'none' : 'block'; $ifbottompage = $mbcon['pagebarposition'] == 'up' ? 'none' : 'block'; $bodymenu = $t->set('mainpage', array('pagebar' => $pagebar, 'iftoppage' => $iftoppage, 'ifbottompage' => $ifbottompage, 'ifannouncement' => $ifannouncement, 'topannounce' => $topannounce, 'mainpart' => $section_body_main, 'currentpage' => $pageitems['currentpage'], 'previouspageurl' => $pageitems['previouspageurl'], 'nextpageurl' => $pageitems['nextpageurl'], 'turningpages' => $pageitems['turningpages'], 'totalpages' => $pageitems['totalpages'], 'previouspageexists' => $pageitems['previouspageexists'], 'nextpageexists' => $pageitems['nextpageexists'])); $pagetitle = "Tags - "; } if ($job == 'show') { acceptrequest('mode'); if ($mode == 1 || $mode == 2) { $mbcon['tag_list'] = $mode - 1; } else { $mode = $mbcon['tag_list'] + 1; } $m_b = new getblogs(); if ($tag === '') { catcherror($lnc[192]); } $tag = str_replace(''', "\\'", $tag); $allentries = $blog->getgroupbyquery("SELECT * FROM `{$db_prefix}tags` WHERE `tagname`='{$tag}' LIMIT 0,1"); if (!is_array($allentries[0]) || $allentries[0]['tagentry'] == '<end>' || $allentries[0]['tagcounter'] == 0) { $section_body_main[] = "<br/><div align='center'><span style='font-size: 14px;'>{$lnc[186]}</span></div><br/>"; } else { $taginfo = $allentries[0]; $entries_query = str_replace(',<end>', '', $taginfo['tagentry']); $entries_query = str_replace('<tag>,', '', $entries_query); $partialquery = "WHERE `blogid` IN ({$entries_query}) AND `property`<'2' ORDER BY `sticky` DESC, `pubtime` DESC"; if ($mbcon['tag_list'] == 1) { $records = $m_b->new_record_array($partialquery, $mbcon['listitemperpage'], $page); $listbody = $m_b->make_excerption($records, 'list'); $section_body_main[] = $m_b->make_list(@implode('', $listbody)); $perpagevalue = $mbcon['listitemperpage'];
$backtolightconfig = "dp.SyntaxHighlighter For UBB|admin.php?act={$act}"; acceptrequest('configjob'); if ($configjob == 'save') { $savetext = "<?PHP\n"; $save_config = $_POST['prefconfig']; if (count($save_config) <= 1) { catcherror($lna[1013]); } while (@(list($key, $val) = @each($save_config))) { $savetext .= "\$dp_config['{$key}']='" . admin_convert($val) . "';\n"; } if ($savetext == '') { catcherror($lna[1013]); } if (!writetofile("plugin/{$act}/config.php", $savetext)) { catcherror("{$lna[66]}" . "plugin/{$act}/config.php"); } else { catchsuccess($lanic[$select_include_n] . $lanic[9], array($backtoplugin, $backtolightconfig)); } } $pref_leftchar = "200"; $pref_variable = "dp_config"; include "plugin/{$act}/config.php"; addpref("r", "Cpp|C|{$lna[511]}|{$lna[512]}"); addpref("r", "CSharp|C#|{$lna[511]}|{$lna[512]}"); addpref("r", "Vb|Visual Basic|{$lna[511]}|{$lna[512]}"); addpref("r", "Delphi|Delphi|{$lna[511]}|{$lna[512]}"); addpref("r", "Python|Python|{$lna[511]}|{$lna[512]}"); addpref("r", "Ruby|Ruby|{$lna[511]}|{$lna[512]}"); addpref("r", "Java|JAVA|{$lna[511]}|{$lna[512]}"); addpref("r", "Sql|SQL|{$lna[511]}|{$lna[512]}");
for ($i = 0; $i < count($wlink); $i++) { $link = @explode('<|>', $wlink[$i]); if (@in_array($link[1], $selid)) { $wlink[$i] = ''; } unset($link); } $allnow = @implode('', $wlink); if ($allnow == '') { @unlink($filename); } else { writetofile($filename, $allnow); } } elseif ($opt == 'accept' || $opt == 'textonly') { if ($newlinkgptoid === '') { catcherror($lna[264]); } else { $newlinkgptoid = floor($newlinkgptoid); } $linkid = $maxrecord['maxlinkid']; for ($i = 0; $i < count($wlink); $i++) { $link = @explode('<|>', $wlink[$i]); if (@in_array($link[1], $selid)) { $linklogo = $opt == 'textonly' ? '' : $link[4]; $linkid += 1; $plinkout[] = "('{$linkid}', '{$link[2]}', '{$link[3]}', '{$linklogo}', '{$link[5]}', '{$newlinkgptoid}', '{$linkid}', '1', '', '')"; $wlink[$i] = ''; } unset($link); } $link_query = @implode(',', $plinkout);
Bo-Blog 2 : The Blog Reloaded. <<A Bluview Technology Product>> 禁止使用Windows记事本修改文件,由此造成的一切使用不正常恕不解答! PHP+MySQL blog system. Code: Bob Shen Offical site: http://www.bo-blog.com Copyright (c) Bob Shen 中国-上海 In memory of my university life ------------------------------------------------------- */ if (!defined('VALIDREQUEST')) { die('Access Denied.'); } acceptrequest('pageid,pagealias'); $itemid = $pagealias ? safe_convert($pagealias) : floor($pageid); $m_b = new getblogs(); $records = $pagealias ? $m_b->getgroupbyquery("SELECT * FROM `{$db_prefix}pages` WHERE `pagealias`='{$itemid}'") : $m_b->getgroupbyquery("SELECT * FROM `{$db_prefix}pages` WHERE `pageid`='{$itemid}'"); if (is_array($records)) { $section_body_main = $m_b->output_page($records[0]); } else { catcherror($lnc[186]); } //Load plugins $section_body_main[0] = plugin_get('custompagebegin') . $section_body_main[0]; $section_body_main[] = plugin_get('custompageend'); $plugin_closesidebar = $records[0]['closesidebar'] == 1 ? 0 : 1; if ($plugin_closesidebar == 1) { $elements['mainpage'] = str_replace("class=\"content\"", "class=\"content-wide\"", $elements['mainpage']); } $ifannouncement = "none"; $bodymenu = $t->set('mainpage', array('pagebar' => '', 'iftoppage' => 'none', 'ifbottompage' => 'none', 'ifannouncement' => 'none', 'topannounce' => '', 'mainpart' => @implode('', $section_body_main), 'previouspageexists' => '', 'nextpageexists' => '')); $pagetitle = "{$records[0]['pagetitle']} × ";
} $savelnum = @explode(',', $newlnums); $saveldesc = @explode(',', $newldescs); $savedata = $savedata2 = "<?php\n"; for ($i = 0; $i < count($savelnum); $i++) { if ($savelnum[$i] == '') { continue; } $savedata .= "\$lnc[{$savelnum[$i]}]='" . admin_convert($saveldesc[$i]) . "';\n"; $savedata2 .= "\$lncoverwrite[{$savelnum[$i]}]='" . admin_convert($saveldesc[$i]) . "';\n"; } if (!writetofile("data/langspec.php", $savedata)) { catcherror($lna[66] . "data/langspec.php"); } if (!writetofile("data/langspecoverwrite.php", $savedata2)) { catcherror($lna[66] . "data/langspecoverwrite.php"); } catchsuccess($finishok4, $backtolangspec); } function skin_convert($str) { $str = str_replace("\r", '', $str); $str = str_replace("\n", '', $str); $str = addslashes($str); $str = str_replace('|', '', $str); return $str; } function add_module($filename) { global $activate, $newplugindir, $blog, $db_prefix; if (is_file("plugin/{$newplugindir}/{$filename}")) {
} if ($blogpsw != $records['blogpsw']) { catcherror($lnc[297]); } $return_main = $m_b->make_viewentry($records, $way, true); setcookie("entrypassword{$blogid}", $blogpsw); catchsuccess($return_main); } if ($job == 'getreplyonly') { acceptrequest('repid,reppsw,way,onetimecounter'); $repid = floor($repid); $reppsw = md5($reppsw); $tablename = $way == 'reply' ? 'replies' : 'messages'; $partialquery = "SELECT * FROM `{$db_prefix}{$tablename}` WHERE `repid`='{$repid}' LIMIT 1"; $m_b = new getblogs(); $records = $m_b->getbyquery($partialquery); if (!is_array($records) || $records['repid'] != $repid) { catcherror($lnc[305]); } if ($reppsw != $records['reppsw']) { catcherror($lnc[297]); } $records['reppsw'] = ''; $records['reproperty'] = '0'; if ($way == 'reply') { $output_single = $m_b->single_reply($records, floor($onetimecounter)); } else { $output_single = $m_b->single_message($records, floor($onetimecounter)); } catchsuccess($output_single); }
function recache_plugins() { global $blog, $db_prefix, $lna; $all_pl = $blog->getgroupbyquery("SELECT * FROM `{$db_prefix}plugins` WHERE `active`=1 ORDER BY `plid` ASC"); if (is_array($all_pl)) { foreach ($all_pl as $plugin) { if ($plugin['plregister']) { $register = @explode(',', str_replace(' ', '', $plugin['plregister'])); foreach ($register as $singlereg) { $blogplugin[$singlereg][] = $plugin['plname']; } } } } if (is_array($blogplugin)) { foreach ($blogplugin as $typename => $plugins) { $pluginline = '"' . @implode(',', $plugins) . '"'; $plugwrt[] = "\$blogplugin['{$typename}']={$pluginline};\r\n"; } $out = "<?PHP\r\n" . @implode('', $plugwrt); } if (!writetofile("data/plugin_enabled.php", $out)) { catcherror($lna[66] . "data/plugin_enabled.php"); } }
if ($job == 'dolangset') { acceptrequest('newlangf,newlangb'); if (!file_exists("lang/{$newlangf}/common.php")) { catcherror("Front-end langauge pack does not exist. 前台语言包不存在。 前臺語言包不存在。"); } if (!file_exists("lang/{$newlangb}/backend.php")) { catcherror("Back-end langauge pack does not exist. 后台语言包不存在。 後臺語言包不存在。"); } $newcontent = "<?PHP\n\$langfront=\"{$newlangf}\";\n\$langback=\"{$newlangb}\";\n@include_once (\"lang/{$newlangf}/common.php\");"; writetofile("data/language.php", $newcontent); catchsuccess("Language set has been changed. 语言包设置完成。 語言包設置完成。"); } if ($job == 'refreshadminskinlist' || $job == 'selectadminskin') { $handle = opendir("admin/theme/"); if (!$handle) { catcherror("{$lna[155]} admin/theme/ {$lna[156]}<ul><li>{$lna[157]}</li><li>{$lna[158]}</li><li>{$lna[159]}</li></ul>"); } while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && is_dir("admin/theme/{$file}")) { $out .= "\$adminskin[]='{$file}';\n"; } } if ($job == 'selectadminskin') { acceptrequest('targetskin'); $targetskin = basename($targetskin); if ($targetskin) { $currentadminskin = $targetskin; } } $sleout = "<?PHP\n" . $out . "\$currentadminskin='{$currentadminskin}';"; writetofile("data/cache_adminskinlist.php", $sleout);
$y2++; for ($y = $y1; $y <= $y2; $y++) { if ($y == $y2) { $var['beforeYearOptions'] .= "<option value=\"{$y}\" selected>{$y}</option>\n"; } else { $var['beforeYearOptions'] .= "<option value=\"{$y}\">{$y}</option>\n"; } } } // Calculate the length of a menu, shrink if we have settings disabled if ($filename == "html/{$atmail->Language}/xp/toolbar.html" || $filename == "html/{$atmail->Language}/xp/toolbar_abook.html") { $var = $atmail->calcmenu_height($filename); } // Die if the file is not permitted if (!$type[$filename]) { catcherror("Specified file {$filename} is not allowed"); } $var['FirstLoad'] = $_REQUEST['FirstLoad']; // If using the help menu, load the selected help-file or default to the settings if ($filename == "html/{$atmail->Language}/help/filexp.html" && $_REQUEST['HelpFile']) { if ($_REQUEST['HelpFile']) { $var['HelpFile'] = $_REQUEST['HelpFile']; } else { $var['HelpFile'] = 'file.html'; } } if (!$_REQUEST['XUL']) { $var['atmailstyle'] .= $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-form.css"); } /* if($_REQUEST['ajax']) {
$savetext = "<?PHP\n"; $save_list = $_POST['fmp']; //if (count($save_list)<=0) catcherror ($lna[1013]); while (@(list($key, $val) = @each($save_list))) { while (@(list($val_key, $val_value) = @each($val))) { if ($val_key == 'title' && empty($val_value)) { break; } if (!empty($val_value)) { $savetext .= "\$fmp_list['{$key}']['{$val_key}']='" . admin_convert($val_value) . "';\n"; } } } //if ($savetext=='') catcherror ($lna[1013]); if (!writetofile($file['dlist'], $savetext)) { catcherror("{$lna[66]}" . $file['dlist']); } else { catchsuccess($finishok, array($backtofmp_list, $backtofmp_cfg, $backtoplugin)); } } include $file['dlist']; foreach ($fmp_list as $fp_id => $fp_song) { //$fmp_list_show .= "add_fpRow('{$fp_id}','{$fmp_list[$fp_id][title]}','{$fmp_list[$fp_id][creator]}','{$fmp_list[$fp_id][location]}','{$fmp_list[$fp_id][info]}','{$fmp_list[$fp_id][image]}','{$fmp_list[$fp_id][album]}','{$fmp_list[$fp_id][meta]}')\n"; //$fmp_list_show .= "add_fpRow('{$fp_id}','".htmlspecialchars($fmp_list[$fp_id][title]). "','" .htmlspecialchars($fmp_list[$fp_id][creator]). "','" .htmlspecialchars($fmp_list[$fp_id][location]). "','" .htmlspecialchars($fmp_list[$fp_id][info]). "','" .htmlspecialchars($fmp_list[$fp_id][image]). "','" .htmlspecialchars($fmp_list[$fp_id][album]). "','" .htmlspecialchars($fmp_list[$fp_id][meta])."')\n"; $fmp_list_show .= "\n add_fpRow('-1','{$fp_id}'"; $list_arr = array('title', 'creator', 'location', 'info', 'image', 'album', 'meta'); foreach ($list_arr as $value) { if (!empty($fmp_list[$fp_id][$value])) { $fmp_list_show .= ",'" . htmlspecialchars($fmp_list[$fp_id][$value], ENT_QUOTES) . "'"; } else { $fmp_list_show .= ",''";
function completeOpenID() { global $db_defaultsessdir, $db_tmpdir, $config, $lnc; define('OpenIDFileStorePath', $db_tmpdir . '/openid'); require_once 'openid.php'; if ($db_defaultsessdir != 1) { session_save_path("./{$db_tmpdir}"); } session_start(); // Complete the authentication process using the server's response. $response = $consumer->complete($_GET); if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. catcherror($lnc[316], false); } else { if ($response->status == Auth_OpenID_FAILURE) { $msg = "OpenID authentication failed: " . $response->message; catcherror($lnc[315] . $msg, false); } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded. $openid = $response->identity_url; $sreg = $response->extensionResponse('sreg'); //Format openid $openid = str_replace(array('http://', 'https://'), array('', ''), $openid); if (substr($openid, -1, 1) == '/') { $openid = substr($openid, 0, strlen($openid) - 1); } return array('openidurl' => $openid, 'sreg' => $sreg); } else { catcherror($lnc[315] . 'OpenID Unknown Error.', false); } } } }
function save_a_text($entry) { global $mbcon, $adminlist, $blogversion, $config, $lnc, $permission, $userdetail, $logstat; if ($entry['property'] >= 2 && $permission['SeeHiddenEntry'] != 1) { catcherror($lnc[272]); } if ($entry['blogpsw'] && $permission['SeeAllProtectedEntry'] != 1 && $userdetail['userid'] != $entry['authorid']) { catcherror($lnc[272]); } $entrytitle = $entry['title']; $entrytime = gmdate('r', $entry['pubtime'] + 3600 * $config['timezone']); //Need Further Change $tmp = $entry['authorid']; $entryauthor = $adminlist[$tmp]; $entry['content'] = @str_replace('[separator]', '', $entry['content']); $entry['content'] = @str_replace('[newpage]', '', $entry['content']); if ($logstat != 1) { $entry['content'] = preg_replace("/\\[hide\\](.+?)\\[\\/hide\\]/is", "<br/>{$lnc[312]} {$lnc[79]} {$lnc[235]} {$lnc[89]}<br/>", $entry['content']); } else { $entry['content'] = str_replace(array('[hide]', '[/hide]'), '', $entry['content']); } $entrycontent = $this->getrsscontent($entry['content'], 0, $entry['ubbstat'], 0); $entrycontent = str_replace(array('<br/>', '</p>', '</div>', '{', '}', ' '), array("\r\n", "\r\n", "\r\n", '{', '}', ' '), $entrycontent); $entrycontent = strip_tags($entrycontent); $entrycontent = html_entity_decode($entrycontent, ENT_QUOTES); $entryurl = "{$config['blogurl']}/" . getlink_entry($entry['blogid'], $entry['blogalias']); @header('Content-type: text/plain'); @header('Content-Disposition: attachment; filename="' . date('Ymd-His') . '.txt"'); $UTF8BOM = chr(239) . chr(187) . chr(191); echo "{$UTF8BOM}{$lnc[71]}{$entrytitle}\r\n{$lnc[72]}{$config['blogname']}\r\n{$lnc[73]}{$entrytime}\r\n{$lnc[74]}{$entryauthor}\r\n{$lnc[75]}{$entryurl}\r\n\r\n{$lnc[76]}\r\n{$entrycontent}\r\n\r\n\r\nGenerated by Bo-blog {$blogversion}"; exit; }
function mailboxsize($query) { $db = array(); $result =& $this->dbh->query($query, null, DB_FETCHMODE_ASSOC); if (DB::isError($result)) { catcherror($result->getMessage()); } $num = 0; while ($fields =& $result->fetchrow()) { foreach ($fields as $fname => $fvalue) { $db[$fname] = $fvalue; if ($fname == "EmailBox") { $foldername = $fvalue; $folders[$db['EmailBox']][$num++]; } } $msg_len = strlen($db['EmailMessage']) / 1024; $folders[$db['EmailBox']]['size'] += $msg_len; $folders[$db['EmailBox']]['size'] = sprintf('%2.1f', $folders[$db['EmailBox']]['size']); } }
die($display_overall_plus); } else { $display_overall .= $display_overall_plus; } } if ($job == 'urlrewritesave') { acceptrequest('urlrewritesta'); $urlrewritesta = floor($urlrewritesta); $savetext = "<?PHP\n\$db_server='{$db_server}';\n\$db_username='******';\n\$db_password='******';\n\$db_name='{$db_name}';\n\$db_prefix='{$db_prefix}';\n\$db_410='{$db_410}';\n\$db_tmpdir='{$db_tmpdir}';\n\$db_defaultsessdir='{$db_defaultsessdir}';\n"; while (@(list($key, $val) = @each($config))) { if ($key == 'urlrewritemethod') { $savetext .= "\$config['{$key}']='{$urlrewritesta}';\n"; $saved = 1; } else { $savetext .= "\$config['{$key}']='" . admin_convert(stripslashes($val)) . "';\n"; } } if ($saved != 1) { $savetext .= "\$config['urlrewritemethod']='{$urlrewritesta}';\n"; } if (writetofile("data/config.php", $savetext)) { if ($ajax == 'on') { $fetchURL = 'admin.php?go=misc_urlrewrite'; catchsuccessandfetch($lna[1094], $fetchURL); } else { catchsuccess($lna[1094], "{$lna[39]}|admin.php"); } } else { catcherror($lna[66] . "data/config.php"); } }
$relatedmods = array('tags' => 'alltags', 'star' => 'starred', 'guestbook' => 'guestbook'); $tosetinvisiblearray = $tosetvisiblearray = array(); while (@(list($key, $val) = @each($save_config))) { $savetext .= "\$flset['{$key}']='" . admin_convert($val) . "';\n"; if ($relatedmods[$key]) { if ($val == 1) { $tosetinvisiblearray[] = $relatedmods[$key]; } if ($val == 0) { $tosetvisiblearray[] = $relatedmods[$key]; } } } if ($savetext == '') { catcherror($lna[1013]); } if (writetofile("data/functionlock.php", $savetext)) { if (sizeof($tosetinvisiblearray) >= 1) { $allinvisibles = makeaquery($tosetinvisiblearray, "`name`='%s'", 'OR'); $blog->query("UPDATE `{$db_prefix}mods` SET `active`=0 WHERE {$allinvisibles}"); } if (sizeof($tosetvisiblearray) >= 1) { $allvisibles = makeaquery($tosetvisiblearray, "`name`='%s'", 'OR'); $blog->query("UPDATE `{$db_prefix}mods` SET `active`=1 WHERE {$allvisibles}"); } recache_mods(); catchsuccess($finishok, "{$lna[1194]}|admin.php?go=main_funclock"); } else { catcherror("{$lna[66]}" . "data/functionlock.php"); } }
</td> <td class="sectend">{$lna[845]}</td> </tr> <tr> <td colspan=2 class="sect"><br>{$lna[867]}<br><br> {$lna[868]} {$current_file} <br><br>{$lna[843]}<br><br></td> </tr> </table> eot; } if ($job == 'rssrollback') { acceptcookie('srcindex,endnumber'); $srcindex = basename($srcindex); if (!file_exists("bak/{$srcindex}")) { catcherror($lna[869]); } if (strstr($srcindex, '.gz')) { $rsscontent = @gzreadfromfile("bak/{$srcindex}"); } else { $rsscontent = readfromfile("bak/{$srcindex}"); } $array_insert = rssrollback($rsscontent); if (is_array($array_insert)) { $i = $maxrecord['maxblogid']; foreach ($array_insert as $singlevalue) { $allvalues[] = "('{$i}', '{$singlevalue['title']}', '{$singlevalue['time']}', '{$singlevalue['content']}', '{$endnumber}', '{$userdetail['userid']}', 1, '')"; $i += 1; } $all_values = @implode(',', $allvalues); $sql_query = "INSERT INTO {$db_prefix}blogs (`blogid`, `title`, `pubtime`, `content`, `category`, `authorid`, `htmlstat`, `permitgp`) VALUES {$all_values}";
function search($sort = null, $db = null, $start = 0) { if ($db['abookview'] == 'ldap') { return $this->_search_ldap($db); } global $atmail, $pref; // Init some vars $h = $users = $results = array(); $extend = ''; if (!is_numeric($start)) { $start = 0; } if (empty($sort)) { $sort = "Account"; } else { $sort = Filter::cleanSqlFieldNames($sort); } $db['SearchType'] = Filter::stringMatch($db['SearchType'], array('and', 'or')); if (!$db['SearchType']) { $db['SearchType'] = 'and'; } if ($db['SearchType'] == 'or') { $extend = 'and ('; } foreach (array('FirstName', 'LastName', 'Account', 'UserWorkCompany', 'UserHomeAddress', 'UserHomeCity', 'UserHomeState', 'UserHomeCountry') as $field) { // Toggle which database we are using if ($db['abookview'] == "personal") { $type = $this->Abook; } if ($field == "FirstName" && !empty($db[$field])) { $extend .= "{$db['SearchType']} {$type}.UserFirstName LIKE " . $this->db->quote("%{$db[$field]}%") . " "; } elseif ($field == "LastName" && !empty($db[$field])) { $extend .= "{$db['SearchType']} {$type}.UserLastName LIKE " . $this->db->quote("%{$db[$field]}%") . " "; } elseif ($field == "Account" && !empty($db[$field])) { $extend .= "{$db['SearchType']} {$type}.UserEmail LIKE " . $this->db->quote("%{$db[$field]}%") . " "; } elseif (!empty($db[$field])) { $extend .= "AND {$type}.{$field} LIKE " . $this->db->quote("%{$db[$field]}%") . " "; } $id = $db['id'] ? $db['id'] : 0; if ($id > 0 && is_numeric($id)) { $extend .= " AND {$type}.id > {$id} "; } //if ($atmail->isset_chk($db['limit']) && is_numeric($db['limit'])) // $limit = "LIMIT {$db['limit']}"; //else // $limit = "LIMIT 300"; $limit = "LIMIT {$start},{$this->limit}"; $db[$field] = $this->db->quote("%{$db[$field]}%"); } if ($db['abookview'] == "personal") { // If there is no search query, specify a default searching for valid email-accounts if (!$extend) { $extend = " AND UserEmail LIKE '%@%'"; } elseif ($db['SearchType'] == 'or') { $extend = str_replace('and (or', 'and (', $extend); $extend .= ')'; } $results['FullTotal'] = $this->db->sqlgetfield("SELECT COUNT(id)\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM {$this->Abook}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE Account = {$this->Account_Escape} {$extend}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY {$this->Abook}.{$sort}"); // Search the users Personal addressbook only $users = $this->db->sqlarray("SELECT id\n\t\t\t\t\t\t\t\t\t\t FROM {$this->Abook}\n\t\t\t\t\t\t\t\t\t\t WHERE Account = {$this->Account_Escape} {$extend}\n\t\t\t\t\t\t\t\t\t\t ORDER BY {$this->Abook}.{$sort} {$limit}"); } else { catcherror('Unknown search supplied'); } foreach ($users as $id) { $id = stripslashes($id); $id_escape = $this->db->quote($id); $h = $this->db->sqlhash("SELECT UserEmail, UserFirstName, UserLastName, UserGender, id,\n\t\t \t\t\t\t\t\t UserWorkPhone, UserHomePhone\n\t\t \t\t\t\t\t\t FROM {$this->Abook}\n\t\t \t\t\t\t\t\t WHERE id = {$id_escape}"); // The UserEmail is the unique identifier for the personal addressbook $h['Account'] = $h['UserEmail']; if (!$h['Account']) { continue; } foreach ($h as $k => $v) { if ($pref['iconv'] && defined('ICONV_VERSION')) { $results[$id][$k] = iconv("utf-8", "utf-8", $v); } else { $results[$id][$k] = $v; } } // Escape ' in users First/Last name - Otherwise breaks the JS function $results[$id]['FirstName'] = addslashes($results[$id]['FirstName']); $results[$id]['LastName'] = addslashes($results[$id]['LastName']); } // do we want to autocomplete using ldap server? if ($pref['autocomplete_ldap_entries']) { $db['abookview'] = 'ldap'; $db['Account'] = str_replace('%', '', $db['Account']); $db['Account'] = str_replace("'", '', $db['Account']); $db['FirstName'] = str_replace('%', '', $db['FirstName']); $db['FirstName'] = str_replace("'", '', $db['FirstName']); $db['LastName'] = str_replace('%', '', $db['LastName']); $db['LastName'] = str_replace("'", '', $db['LastName']); $ldap_results = $this->_search_ldap($db); $max_id = $this->db->sqlarray("SELECT max(id)\n\t FROM {$this->Abook}\n\t WHERE Account = {$this->Account_Escape} {$extend}\n\t ORDER BY {$this->Abook}.{$sort} {$limit}"); $i = $max_id[0] + 1; foreach ($ldap_results as $ldap_entry) { $temp['UserEmail'] = $ldap_entry['Account']; $temp['UserFirstName'] = $ldap_entry['UserFirstName']; $temp['UserLastName'] = $ldap_entry['UserLastName']; $temp['id'] = $i; $results[$i] = $temp; $i += 1; } $results['FullTotal'] += count($ldap_results); } return $results; }
} $ping_show = @explode(' ', $pinged); for ($i = 0; $i < count($ping_show); $i++) { $ping_urls .= "<input type='hidden' name='pingurl[]' value='{$ping_show[$i]}'>"; } $ping_url_show = @implode('<br>', $ping_show); $form = "<div align=center><form action='admin.php?go=edit_sendtb' method='post'><input type='hidden' name='title' value=\"{$title}\"><input type='hidden' name='excerpt' value=\"{$excerpt}\"><input type='hidden' name='blog_name' value=\"{$config['blogname']}\"><input type='hidden' name='url' value='{$config['blogurl']}/" . get_entry_url($currentid, $blogalias) . "'>{$ping_urls}<input type='submit' value='{$lna[310]}' class='formbutton'> <input type='button' value='{$lna[311]}' onclick='window.location=(\"" . get_entry_url($currentid, $blogalias) . "\");' class='formbutton'></form></div>"; $t = new template(); $t->showtips($lna[312], $lna[313] . $ping_url_show . "<br><br>{$lna[314]}<br><br>" . $form, "{$backtowhere}|" . get_entry_url($currentid, $blogalias)); } } if ($job == 'sendtb') { checkpermission('EditEntry'); acceptrequest('title,excerpt,url,blog_name,pingurl'); if (!is_array($pingurl)) { catcherror($lna[315]); } plugin_runphp('trackbacksending'); @header("Content-Type: text/html; charset=utf-8"); $url = str_replace('{host}', $_SERVER['HTTP_HOST'], $url); foreach ($pingurl as $durl) { $result = sendping($durl, $title, $excerpt, $url, $blog_name); if (!$result) { $showp .= "<b>{$lna[316]}</b>{$durl} ; <b>{$lna[317]}</b>{$lna[318]}"; } elseif ($result == 'ok') { $showp .= "<b>{$lna[316]}</b>{$durl} ; <b>{$lna[317]}</b>{$lna[319]}<br>"; } elseif ($result == 'unknown') { $showp .= "<b>{$lna[316]}</b>{$durl} ; <b>{$lna[317]}</b>{$lna[949]}<br>"; } else { $showp .= "<b>{$lna[316]}</b>{$durl} ; <br><b>{$lna[317]}</b>{$lna[950]}{$result}<br>"; }
function smtperror($msg) { global $pref, $atmail; if ($this->IgnoreError) { return; } // Find the origin of the script $location = $_SERVER['SCRIPT_NAME']; if (strpos($location, 'admin.php')) { $location = "{$location}?func={$_REQUEST['func']}"; } // If a send message errors on the compose screen, reload the email message // and print a Javascript alert to the browser $editor = $atmail->isset_chk($_REQUEST['HtmlEditor']) ? $_REQUEST['HtmlEditor'] : '2'; if (strpos($location, 'sendmail.php') !== false) { $path = time() . getmypid() . "err"; // Redirect the user to the compose screen, with their email intact $location = "compose.php?spellcheck={$path}&func=spellcheck&HtmlEditor={$editor}&unique=" . $_REQUEST['unique']; $fh = fopen($atmail->tmpdir . "/{$path}", 'w'); if (!is_resource($fh)) { catcherror("Could not open {$atmail->tmpdir}/{$path}"); } $tmp = array(); // Create a temp hash containing our vars foreach (array('emailto', 'emailsubject', 'emailcc', 'emailbcc', 'contype') as $v) { $tmp[$v] = $_REQUEST[$v]; } // Print the email message, raw headers, encoding will be set 100% fwrite($fh, $this->headers . "\r\nBcc: {$tmp['emailbcc']}\r\n" . "\r\n\r\n" . $this->body); fclose($fh); } print $atmail->parse("html/english/errorsmtp.html", array('error' => $msg, 'location' => $location)); exit; }
$repid = $selid; } else { $repid = $itemid; } if (empty($job)) { $job = 'default'; } if ($job == 'addadminreply' || $job == 'editadminreply') { if ($permission['ReplyReply'] != 1) { $cancel = $lna[345]; } catcherror($cancel); acceptrequest('adminreplycontent'); $adminreplycontent = trimplus($adminreplycontent); if ($adminreplycontent == '') { catcherror($lna[346]); } $adminreplycontent = safe_convert($adminreplycontent); $currenttime = time(); if ($logstat == 0) { $userdetail['username'] = $lna[901]; } if ($job == 'editadminreply') { $queryplus = "`adminrepeditorid`='{$userdetail['userid']}', `adminrepeditor`='{$userdetail['username']}', `adminrepedittime`='{$currenttime}'"; } else { $queryplus = "`adminreplier`='{$userdetail['username']}', `adminrepid`='{$userdetail['userid']}',`adminreptime`='{$currenttime}'"; } $blog->query("UPDATE `{$db_prefix}replies` SET `adminrepcontent`='{$adminreplycontent}' , {$queryplus} WHERE `repid`='{$repid}'"); if ($ajax != 'on') { catchsuccess($finishok2, array($backtoprevious, $backtoindex, $backtodefault)); } else {
function mod_replace($name, $value, $mustchange = false) { global $lnc; $filename = "data/modules.php"; $filecontent = @file($filename); $changed = false; for ($i = 0; $i < count($filecontent); $i++) { if (strstr($filecontent[$i], "\$blogitem['{$name}']=")) { $filecontent[$i] = $value; $changed = true; break; } } if ($mustchange && !$changed) { $filecontent[] = $value; } $newfilecontent = @implode('', $filecontent); if (writetofile($filename, $newfilecontent)) { return true; } else { catcherror($lnc[7] . $filename); } }
<td colspan=2 align=center class="sectbar"> {$lna[211]} <!--<input type=radio name='opt' value='combine'>{$lna[212]}<input type=text size=6 name='newtagname'> --> <input type=radio name='opt' value='del'>{$lna[78]} <input type=radio name='opt' value='counttags'><acronym title="{$lna[1184]}">{$lna[1183]}</acronym></a> <input type=button value="{$lna[64]}" class='formbutton' onclick="adminSubmitAjax(1);"> </td></tr> </table> </form> eot; if ($ajax == 'on') { die($display_overall_plus); } else { $display_overall .= $display_overall_plus; } } if ($job == 'batchtags') { acceptrequest('selid,opt'); if (!is_array($selid)) { catcherror($lna[213]); } if ($opt == 'del') { for ($i = 0; $i < count($selid); $i++) { $blog->query("UPDATE `{$db_prefix}blogs` SET tags=replace(tags, '>{$selid[$i]}>', '>')"); $blog->query("DELETE FROM `{$db_prefix}tags` WHERE `tagname`='{$selid[$i]}'"); } } if ($opt == 'counttags') { $all_tagentries = $blog->getarraybyquery("SELECT `tags` FROM `{$db_prefix}blogs` WHERE tags<>'' AND tags<>'>'"); $all_tag_lists = @implode('', $all_tagentries['tags']); $all_tag_lists = @explode('>', $all_tag_lists); $counted_list = array_count_values($all_tag_lists); for ($i = 0; $i < count($selid); $i++) { $to_update_tag = $selid[$i]; $to_update_value = floor($counted_list[$to_update_tag]);
Offical site: http://www.bo-blog.com Copyright (c) Bob Shen 中国-上海 In memory of my university life ------------------------------------------------------- */ if (!defined('VALIDREQUEST')) { die('Access Denied.'); } if ($job == 'user') { checkpermission('ViewUserDetail'); include_once "data/cache_usergroup.php"; if ($itemid === '') { catcherror($lnc[193]); } $nowuser = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE `userid`='{$itemid}'"); if (!$nowuser) { catcherror($lnc[193]); } $usergp_tmp = $nowuser['usergroup']; $tmp_gender = $nowuser['gender']; $nowuser['email'] = trim($nowuser['email']) == '' ? $lnc[141] : "<a href=\"mailto:{$nowuser['email']}\">{$lnc[18]}</a>"; $nowuser['homepage'] = trim($nowuser['homepage']) == '' ? $lnc[141] : "<a href=\"{$nowuser['homepage']}\" target=\"_blank\">{$lnc[19]}</a>"; $t = new template(); $formbody .= $t->set('form_eachline', array('text' => $lnc[132], 'formelement' => $nowuser['username'] . " [" . $usergp[$usergp_tmp] . "]")); $formbody .= $t->set('form_eachline', array('text' => $lnc[139], 'formelement' => $nowuser['email'])); $formbody .= $t->set('form_eachline', array('text' => $lnc[140], 'formelement' => $nowuser['homepage'])); $sex_sel = array('0' => $lnc[141], '1' => $lnc[142], '2' => $lnc[143]); $formbody .= $t->set('form_eachline', array('text' => $lnc[144], 'formelement' => $sex_sel[$tmp_gender])); $formbody .= $t->set('form_eachline', array('text' => $lnc[145], 'formelement' => stripslashes($nowuser['qq']))); $formbody .= $t->set('form_eachline', array('text' => 'MSN', 'formelement' => stripslashes($nowuser['msn']))); $formbody .= $t->set('form_eachline', array('text' => 'Skype', 'formelement' => stripslashes($nowuser['skype']))); $formbody .= $t->set('form_eachline', array('text' => $lnc[146], 'formelement' => stripslashes($nowuser['fromplace'])));
function escape_html($string, $extended = true) { // Check any XSS and alert if (preg_match('/<SCRIPT|document.cookie|<\\/script>/i', $string)) { $this->log->write_log('Error', "XSS Alert : {$_SERVER['SCRIPT_NAME']} : {$string}"); catcherror("Security Alert: IP address {$_SERVER['REMOTE_ADDR']} logged - XSS Attack detected"); } if ($extended) { // Escape <> chars $string = str_replace('<', '<', $string); $string = str_replace('>', '>', $string); // Change () to the Hex vlaues $string = str_replace('(', '(', $string); $string = str_replace(')', ')', $string); // Change # , & to the Hex values $string = str_replace('#', '#', $string); $string = str_replace('&', '&', $string); } return $string; }
/** * Parse it as a MIME message * * @param int $id message id * @param string $folder * @param string [$nopersonalities] * @param string [$cache] * * @access public */ function reademail($id, $folder, $nopersonalities = null, $cache = null, $path = null) { global $atmail, $domains, $pref; // Load our temporary filename $this->tmpdir = "{$pref['user_dir']}/tmp/" . $this->Username . '@' . $this->Pop3host . "/"; // Create our temporary directory, if its missing, init in Global.php if (!is_dir($this->tmpdir)) { mkdir($this->tmpdir, 0777); } if (!$this->File && $cache) { $this->File = GetMail::check_cache($atmail->tmpdir . "/{$this->SessionID}-{$cache}.data"); // Set to blank if the cache no longer exists //if(!file_exists($this->File)) // $this->File = ''; } // Read our email from the server if (!is_string($this->File)) { if (!$nopersonalities && isset($atmail)) { $this->FromField = $atmail->loadpersonalities(); } $status = $this->mail->login(); // We have an error while logging in. Tell the user if ($status) { $this->status = $status; return; } if (is_null($path)) { $this->path = $this->mail->get($id, $folder, '', $cache); } else { $this->path = $path; } $this->mail->quit(); if ($this->Type == 'imap') { $this->MessageState = $this->mail->MessageState; } // User has specified the msg from the spellchecker } else { if (file_exists($atmail->tmpdir . "/{$this->File}")) { $this->path = $atmail->tmpdir . "/{$this->File}"; $this->MessageState = 'o'; } else { if (file_exists($this->File)) { $this->path = $this->File; $this->MessageState = 'o'; } } } // Just to be sure nobody is reading below a directory $this->path = str_replace('../', '', $this->path); $this->parser = new MailParser(); if (!is_dir($this->tmpdir)) { mkdir($this->tmpdir, 0777); } // Users have their own mime-tmp directory if (!$this->parser->output_dir($this->tmpdir)) { catcherror("Could not parse message to temp directory '{$this->tmpdir}' -\n\t Check the directory exists with permissions to write"); } if (!$this->parser->parse_open($this->path)) { $this->txt = array_pop($this->parser->errors); return; } if ($this->rawemail) { $this->rawbody = $this->parser->stringify(); $this->rawbody = str_replace("\r/", "\r\n", $this->rawbody); return; } if ($this->head) { $this->headers = $this->parser->stringify_header(); $this->headers = str_replace(array('<', '>'), array('<', '>'), $this->headers); } $this->Charset = $this->parser->get_charset(); // Get any mail headers $this->from = $this->parser->get_header_field('From'); $this->replyto = $this->parser->get_header_field('Reply-To'); if (preg_match('/(.*?)<.*?>/', $this->from, $match)) { $this->username = $match[1]; } // Default to our previous subject in msg, if it does not exist. e.g , reading // a msg with multiple attachments $this->subject = $this->parser->get_header_field('Subject'); if ($this->subject == '') { $this->subject = 'No Subject'; } $this->cc = $this->parser->get_header_field('CC'); $this->bcc = $this->parser->get_header_field('BCC'); $this->to = $this->parser->get_header_field('To'); $this->VideoMail = $this->quote_header($this->parser->get_header_field('X-VideoMail')); if ($this->VideoMail) { $this->VideoMail .= "/mini"; } // Quote any ISO headers foreach (array('from', 'replyto', 'subject', 'to', 'cc', 'bcc') as $field) { // Store the encoding of the email-message if (preg_match('/\\s*=\\?([^\\?]+)\\?([QqBb])/', $this->{$field}, $match)) { $this->Encoding = $match[1]; if (strtoupper($match[2]) == 'Q') { $this->{$field} = preg_replace('/\\s*=\\?([^\\?]+)\\?[Qq]\\?([^\\?]+)?\\?=/e', "\$this->mail->decode_language('\\1', GetMail::decode_mime_head('\\1', stripslashes('\\2')))", $this->{$field}); } else { $this->{$field} = preg_replace('/\\s*=\\?([^\\?]+)\\?[Bb]\\?([^\\?]+)?\\?=/e', "\$this->mail->decode_language('\\1', base64_decode('\\2'))", $this->{$field}); } } else { $this->{$field} = $this->mail->decode_language($this->Charset, $this->{$field}); } } $this->date = $this->parser->get_header_field('Date'); $date = $this->date ? $this->date : 'today'; $date = $this->mail->calc_timezone($date); $time = strtotime($date); if ($this->Language == "japanese") { setlocale(LC_TIME, 'ja_JP.UTF-8', 'en_US'); $this->date = strftime("{$this->mail->DateFormat} %a {$this->mail->TimeFormat}", $time); } else { setlocale(LC_TIME, strtolower($this->Language), 'en_US'); $this->date = strftime("%a " . $this->mail->DateFormat . " " . $this->mail->TimeFormat, $time); $this->date = iconv('iso-8859-1', "UTF-8", $this->date); } // Take away the timezone and seconds $this->date = preg_replace('/:\\d\\d \\+?-?\\d{4}.*/', '', $this->date); $this->ctype = $this->parser->get_header_field('Content-Type'); list($this->mimetype) = explode(';', $this->ctype); $this->mimetype = strtolower(trim($this->mimetype)); if ($this->mimetype == 'text/html') { $this->type = 'HTML Msg'; } elseif ($this->mimetype == 'multipart/alternative') { $this->type = 'Embeded HTML/Text'; } elseif (strpos($this->mimetype, 'multipart') !== false) { $this->type = 'Attachments'; } else { $this->type = 'Text'; } // If we are using the maildir format, the message-id number if the unique id if ($this->mail->Type == 'file' && $domains[$this->Pop3host]) { $this->UIDL = $id; $this->UIDL = preg_replace('/cur\\/|new\\//', '', $this->UIDL); } else { if (!($this->UIDL = $this->parser->get_header_field('x-uidl'))) { $this->UIDL = $this->parser->get_header_field('message-id'); } // Make the UIDL header from the Subject/Date if the Message-ID or XUIDL does not exist if (!$this->UIDL) { $this->UIDL = md5($this->subject . $this->parser->get_header_field('date')); } } // Take away illegal characters from the UIDL $this->UIDL = str_replace("'", '"', $this->UIDL); $this->UIDL = str_replace('"', '', $this->UIDL); $this->UIDL = preg_replace('/:.*/', '', $this->UIDL); $this->UIDL = str_replace(array("\n", "\r", ' ', ':', '+', '<', '>', '*', '|', '\\', '/', '>', '<'), '', $this->UIDL); if ($this->Type == 'pop3' || $this->Type == 'imap') { $this->EmailCache = $this->UIDL; } // Take away any newlines from the UIDL $this->UIDL = trim($this->UIDL); // Set the email priority as Normal, otherwise find the value in the header(s) $this->priority = 'Normal'; if (substr($this->parser->get_header_field('x-priority'), 0, 1) == 1 || $this->parser->get_header_field('X-MSMail-Priority') == 'High' || $this->parser->get_header_field('Importance') == 'High') { $this->priority = 'High'; } if (substr($this->parser->get_header_field('x-priority'), 0, 1) == 5 || $this->parser->get_header_field('X-MSMail-Priority') == 'Low' || $this->parser->get_header_field('Importance') == 'Low') { $this->priority = 'Low'; } if (preg_match("/{$this->emailexp}/", $this->from, $match)) { $this->emailfrom = $match[1]; } $this->emailfrom = str_replace(array('>', '<'), '', $this->emailfrom); // Cleaup the email, take away " signs, which close the HTML input tag //$this->to = preg_replace('/"(.*?),(.*?)"/', '$1 $2', $this->to); //$this->cc = preg_replace('/"(.*?),(.*?)"/', '$1 $2', $this->cc); //$this->to = str_replace('"', "'", $this->to); //$this->cc = str_replace('"', "'", $this->cc); //$this->bcc = str_replace('"', "'", $this->bcc); //$this->ctype = $this->parser->get_header_field('Content-Type'); // See if we are permitted to display images in messages if (isset($atmail)) { $this->DisplayImages = $atmail->load_displayimages(); if ($atmail->DisplayImages == '2') { $atmail->DisplayImages = $atmail->load_abook_emails($this->emailfrom); } } $this->dump_entity(); if (isset($this->multiparttxt) && !empty($this->multiparttxt)) { $this->multiparttxt = $atmail->escape_jscript($this->multiparttxt); } if (isset($this->html) && !empty($this->html)) { $this->html = $atmail->escape_jscript($this->html); if (isset($this->multiparttxt)) { $this->html .= $this->multiparttxt; } } if (isset($this->txt) && !empty($this->txt)) { $this->txt = $atmail->escape_jscript($this->txt); if (isset($this->multiparttxt)) { $this->txt .= $this->multiparttxt; } } $this->scan_inline(); // Fix an error where certain messages cannot be displayed ( e.g Apple mailers as multipart msgs ) if (!$this->html && !$this->txt) { $this->txt = $this->multiparttxt; } }
$itemid = floor($itemid); $blog->query("DELETE FROM `{$db_prefix}pages` WHERE `pageid`='{$itemid}'"); $blog->query("DELETE FROM `{$db_prefix}mods` WHERE `name`='pageshortcut{$itemid}' AND `position`='header'"); mod_replace('pageshortcut{$itemid}', ''); recache_mods(); if ($ajax == 'on') { catchsuccessandfetch($lna[1095], 'admin.php?go=entry_pagemanage'); } else { catchsuccess($lna[1095], "{$lna[1057]}|admin.php?go=entry_pagemanage"); } } if ($opt == 'del') { if ($selid == '') { catcherror($lna[337]); } $batch_id = makeaquery($selid, "`pageid`='%s'", 'OR'); $batch_id2 = makeaquery($selid, "`name`='pageshortcut%s'", 'OR'); $blog->query("DELETE FROM `{$db_prefix}pages` WHERE {$batch_id}"); $blog->query("DELETE FROM `{$db_prefix}mods` WHERE {$batch_id2}"); foreach ($selid as $singleid) { mod_replace('pageshortcut{$singleid}', ''); } recache_mods(); if ($ajax == 'on') { catchsuccessandfetch($lna[1095], 'admin.php?go=entry_pagemanage'); } else { catchsuccess($lna[1095], "{$lna[1057]}|admin.php?go=entry_pagemanage"); } } catcherror($lna[965]); }
function savemsg($arg) { // Find the size of the message on disk if no EmailSize defined if ($arg['EmailFile']) { $arg['EmailSize'] = filesize($arg['EmailFile']); } else { $arg['EmailSize'] = strlen($arg['EmailMessage']); } // Insert the message into the EmailDatabase table (header info only) $query = "INSERT INTO {$this->EmailDatabase}\n\t\t\t\t (EmailSubject, EmailTo, EmailFrom, EmailDate, EmailBox,\n\t\t\t\t EmailFlag, EmailAttach, EmailSize, Account,EmailUIDL)\n\t\t\t\t VALUES (? , ? , ? , ? , ? , ?, ?, ?, ?, ?) "; $data = array($arg['EmailSubject'], $arg['EmailTo'], $arg['EmailFrom'], $arg['EmailDate'], $arg['EmailBox'], $arg['EmailFlag'], $arg['EmailAttach'], $arg['EmailSize'], $arg['Account'], $arg['EmailUIDL']); $result =& $this->dbh->query($query, $data); unset($data); if (DB::isError($result)) { if ($this->debug) { file_put_contents("php://stderr", "SQL Error = " . $result->getMessage() . " - " . $result->getUserInfo() . "\n"); } return false; } // Get the unique ID key from the EmailDatabase table, from the last Insert $key = $this->getid(); // Insert the actual message into another table, referenced by the id $query = "INSERT INTO {$this->EmailMessage} (EmailMessage, id) VALUES (? , ?)"; $data = array(); // if the user specified an email file if (isset($arg['EmailFile'])) { if (!($emailfile = file_get_contents($arg['EmailFile']))) { catcherror("Cannot open {$arg['EmailFile']}\n"); } $data[] = $emailfile; } else { $data[] = $arg['EmailMessage']; } $data[] = $key; $result = $this->dbh->query($query, $data); // if the email was incorrectly inserted into the database if (DB::isError($result)) { if ($this->debug) { file_put_contents("php://stderr", "SQL Error = " . $result->getMessage() . " - " . $result->getUserInfo() . "\n"); } $data = array($key, $arg['Account']); $query = "DELETE FROM {$this->EmailDatabase} WHERE id=? AND Account=?"; $this->dbh->query($query, $data); return false; } return true; }