<?php ############################################################ # PODCAST GENERATOR # # Created by Alberto Betella # http://podcastgen.sourceforge.net # # This is Free Software released under the GNU/GPL License. ############################################################ ob_start(); ########### Security code, avoids cross-site scripting (Register Globals ON) if (isset($_REQUEST['GLOBALS']) or isset($_REQUEST['absoluteurl']) or isset($_REQUEST['amilogged']) or isset($_REQUEST['theme_path'])) { exit; } ########### End include "core/includes.php"; $ShowCategory = NULL; if (isset($_GET['cat']) and $_GET['cat'] != NULL) { $ShowCategory = avoidXSS($_GET['cat']); } generatePodcastFeed(FALSE, $ShowCategory, FALSE); //Output on screen ob_end_flush();
if (isset($_GET['p'])) { if ($_GET['p'] == "admin") { // if admin is called from the script in a GET variable - security issue $PG_mainbody .= "<h3>" . _("FTP Feature") . "</h3>"; $PG_mainbody .= "<p><span class=\"alert\">" . _("Looking for manually uploaded podcast into directory:") . " {$upload_dir}</span></p>"; if (!isset($_GET['c'])) { //show "Continue" Button //include ("$absoluteurl"."components/loading_indicator/loading.js"); $PG_mainbody .= '<br /><br /> <form method="GET" action="index.php"> <input type="hidden" name="p" value="' . $_GET['p'] . '"> <input type="hidden" name="do" value="' . $_GET['do'] . '"> <input type="hidden" name="c" value="ok"> <input type="submit" value="' . _("Continue") . '" class="btn btn-success btn-small" onClick="showNotify(\'' . _("Searching...") . '\');"> </form> '; } elseif (isset($_GET['c']) and isset($_GET['p']) and $_GET['p'] == "admin" and isset($_GET['do']) and $_GET['do'] == "ftpfeature") { $episodesCounter = autoIndexingEpisodes(); $PG_mainbody .= '<p><b>' . _("Scan finished:") . '</b> ' . $episodesCounter . ' ' . _("new episode(s) added.") . '</p>'; $PG_mainbody .= "<p><a href=\"{$url}\">" . _("Go to the homepage") . "</a></p>"; //REGENERATE FEED ... if ($episodesCounter > 0) { generatePodcastFeed(TRUE, NULL, FALSE); //Output in file } } // if continue button is pressed } } // if is called from admin
// check image format $iTunesCoverNameWithoutExtension = $absoluteurl . $img_dir . "itunes_image."; $newNameiTunesCoverUploaded = $iTunesCoverNameWithoutExtension . strtolower($img_ext[1]); //Delete previous covers if (file_exists($iTunesCoverNameWithoutExtension . 'jpg')) { unlink($iTunesCoverNameWithoutExtension . 'jpg'); } else { if (file_exists($iTunesCoverNameWithoutExtension . 'png')) { unlink($iTunesCoverNameWithoutExtension . 'png'); } } if (move_uploaded_file($_FILES['image']['tmp_name'], $newNameiTunesCoverUploaded)) { $PG_mainbody .= "<p><b>" . _("iTunes cover art replaced successfully.") . "</b></p>"; // If upload is successful. ########## REGENERATE FEED $episodesCounter = generatePodcastFeed(TRUE, NULL, FALSE); //Output in file ########## } else { //if upload NOT successful $PG_mainbody .= "<p><b>" . _("Error: image NOT sent!") . "</b></p>"; // $temporaneo= $_FILES['image']['tmp_name']; } } else { // if image extension is NOT valid $PG_mainbody .= "<p><b>" . _("Image extension not valid. The image extension must end in .jpg or .png") . "</b></p>"; // $PG_mainbody .= "<p>"._("You can replace the current image with a new one. To be eligible for featuring on iTunes Store, a podcast must have 1400 x 1400 pixel cover art in JPG or PNG.")."</p>"; $PG_mainbody .= '<br /> <form> <input type="button" value="« ' . _("Back") . '" onClick="history.back()" class="btn btn-danger btn-small" /> </form>';