function generate_content(&$title)
 {
     global $serendipity;
     $title = $this->get_config('title', $title);
     $login_url = $this->get_config('login_url');
     $logout_url = $this->get_config('logout_url');
     if ($login_url == "") {
         $login_url = serendipity_currentURL();
     }
     if ($logout_url == "") {
         $logout_url = serendipity_currentURL();
     }
     if (isset($serendipity['POST']['action']) && !isset($serendipity['POST']['logout']) && !serendipity_userLoggedIn()) {
         echo '<div class="serendipity_center serendipity_msg_important">' . WRONG_USERNAME_OR_PASSWORD . '</div>';
     } elseif (serendipity_userLoggedIn()) {
         echo '<div class="serendipity_center">' . WELCOME_BACK . ' ' . $_SESSION['serendipityUser'] . '</div>';
         echo '<form id="loginform" action="' . $logout_url . '" method="post">';
         echo '<input type="hidden" name="serendipity[logout]" value="true" />';
         echo '<input type="submit" name="serendipity[action]" value="' . LOGOUT . ' &gt;" />';
         $show_entry = false;
         $show_media = false;
         if (function_exists('serendipity_checkPermission')) {
             if (serendipity_checkPermission('adminEntries')) {
                 $show_entry = true;
             }
             if (serendipity_checkPermission('adminImages') && serendipity_checkPermission('adminImagesAdd')) {
                 $show_media = true;
             }
         } elseif (!$serendipity['no_create']) {
             $show_entry = true;
             $show_media = true;
         }
         if ($show_entry) {
             echo '<div class="loginform_link_entry"><a href="' . $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=entries&amp;serendipity[adminAction]=new">' . NEW_ENTRY . '</a></div>';
         }
         if ($show_media) {
             echo '<div class="loginform_link_media"><a href="' . $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=media&amp;serendipity[adminAction]=addSelect">' . ADD_MEDIA . '</a></div>';
         }
         echo '</form>';
         return true;
     }
     // Logout is performed in bundled event plugin!
     echo '<form id="loginform" action="' . $login_url . '" method="post">';
     echo '<fieldset id="loginform_userdata" style="border: none;">';
     echo '<label for="username">' . USERNAME . '</label>';
     echo '<input id="username" type="text" name="serendipity[user]" value="" />';
     echo '<label for="s9ypassw">' . PASSWORD . '</label>';
     echo '<input id="s9ypassw" type="password" name="serendipity[pass]" value="" />';
     echo '</fieldset>';
     echo '<fieldset id="loginform_login" style="border: none;">';
     echo '<input id="autologin" type="checkbox" name="serendipity[auto]" /><label for="autologin"> ' . AUTOMATIC_LOGIN . '</label>';
     echo '<input type="submit" id="loginform_submit" name="serendipity[action]" value="' . LOGIN . ' &gt;" />';
     echo '</fieldset>';
     echo '</form>';
     if (class_exists('serendipity_event_forgotpassword')) {
         echo '<div class="forgot_password"><a href="' . $serendipity['baseURL'] . '/serendipity_admin.php?forgotpassword=1">' . PLUGIN_EVENT_FORGOTPASSWORD_LOST_PASSWORD . '</a></div>';
     }
     return true;
 }
 function check()
 {
     global $serendipity;
     if (function_exists('serendipity_checkPermission')) {
         return serendipity_checkPermission('adminCategories');
     } elseif ($serendipity['serendipityUserlevel'] < USERLEVEL_CHIEF) {
         return false;
     } else {
         return true;
     }
 }
/**
* Approve a comment
*
* LONG
*
* @access public
* @param  int         The ID of the comment to approve
* @param  int         The ID of the entry a comment belongs to
* @param  boolean     Whether to force approving a comment despite of its current status
* @param  boolean     If set to true, a comment will be moderated instead of approved.
+ * @param  string     The 32 character token [if using token based moderation]
* @return boolean     Success or failure
*/
function serendipity_approveComment($cid, $entry_id, $force = false, $moderate = false, $token = false)
{
    global $serendipity;
    $goodtoken = serendipity_checkCommentToken($token, $cid);
    /* Get data about the comment, we need this query because this function can be called from anywhere */
    /* This also makes sure we are either the author of the comment, or a USERLEVEL_ADMIN */
    $sql = "SELECT c.*, e.title, a.email as authoremail, a.mail_comments, e.timestamp AS entry_timestamp, e.last_modified AS entry_last_modified\n                FROM {$serendipity['dbPrefix']}comments c\n                LEFT JOIN {$serendipity['dbPrefix']}entries e ON (e.id = c.entry_id)\n                LEFT JOIN {$serendipity['dbPrefix']}authors a ON (e.authorid = a.authorid)\n                WHERE c.id = '" . (int) $cid . "'\n                    " . (!serendipity_checkPermission('adminEntriesMaintainOthers') && $force !== true && !$goodtoken ? "AND e.authorid = '" . (int) $serendipity['authorid'] . "'" : '') . "\n                    " . ($force === true ? "" : "AND status = 'pending'");
    $rs = serendipity_db_query($sql, true);
    if ($moderate) {
        $sql = "UPDATE {$serendipity['dbPrefix']}comments SET status = 'pending' WHERE id = " . (int) $cid;
    } else {
        $sql = "UPDATE {$serendipity['dbPrefix']}comments SET status = 'approved' WHERE id = " . (int) $cid;
    }
    serendipity_db_query($sql);
    $field = $rs['type'] == 'NORMAL' ? 'comments' : 'trackbacks';
    // Check when the entry was published. If it is older than max_last_modified allows, the last_modified date of that entry
    // will not be pushed. With this we make sure that an RSS feed will not be updated on a client's reader and marked as new
    // only because someone made an comment to an old entry.
    if ($rs['entry_timestamp'] > time() - $serendipity['max_last_modified']) {
        $lm = time();
    } else {
        $lm = (int) $rs['entry_last_modified'];
    }
    $counter_comments = serendipity_db_query("SELECT count(id) AS counter \n                                                FROM {$serendipity['dbPrefix']}comments \n                                               WHERE status = 'approved' \n                                                 AND type   = 'NORMAL'\n                                                 AND entry_id = " . (int) $entry_id . "\n                                            GROUP BY entry_id", true);
    $counter_tb = serendipity_db_query("SELECT count(id) AS counter \n                                          FROM {$serendipity['dbPrefix']}comments \n                                         WHERE status = 'approved' \n                                           AND (type = 'TRACKBACK' or type = 'PINGBACK')\n                                           AND entry_id = " . (int) $entry_id . "\n                                      GROUP BY entry_id", true);
    $query = "UPDATE {$serendipity['dbPrefix']}entries \n                 SET comments      = " . (int) $counter_comments['counter'] . ",\n                     trackbacks    = " . (int) $counter_tb['counter'] . ", \n                     last_modified = " . $lm . " \n               WHERE id = " . (int) $entry_id;
    serendipity_db_query($query);
    /* It's already approved, don't spam people */
    if ($rs === false) {
        return false;
    }
    if (!$moderate) {
        if ($serendipity['allowSubscriptions'] === 'fulltext') {
            serendipity_mailSubscribers($entry_id, $rs['author'], $rs['email'], $rs['title'], $rs['authoremail'], $cid, $rs['body']);
        } elseif (serendipity_db_bool($serendipity['allowSubscriptions'])) {
            serendipity_mailSubscribers($entry_id, $rs['author'], $rs['email'], $rs['title'], $rs['authoremail'], $cid);
        }
        serendipity_plugin_api::hook_event('backend_approvecomment', $rs);
    }
    return true;
}
/**
 * Checks whether a user has access to write into a directory
 *
 * @access public
 * @param   string Directory to check
 * @return  boolean
 */
function serendipity_checkDirUpload($dir)
{
    global $serendipity;
    /*
    if (serendipity_checkPermission('adminImagesMaintainOthers')) {
        return true;
    }
    */
    $allowed = serendipity_ACLGet(0, 'directory', 'write', $dir);
    $mygroups = serendipity_checkPermission(null, null, true);
    // Usergroup "0" always means that access is granted. If no array exists, no ACL restrictions have been set and all is fine.
    if (!is_array($allowed) || isset($allowed[0])) {
        return true;
    }
    if (!is_array($mygroups)) {
        return true;
    }
    foreach ($mygroups as $grpid => $grp) {
        if (isset($allowed[$grpid])) {
            return true;
            break;
        }
    }
    return false;
}
Пример #5
0
if ($serendipity['GET']['adminAction'] == 'save' && serendipity_checkFormToken()) {
    $config = serendipity_parseTemplate(S9Y_CONFIG_USERTEMPLATE);
    if ((!serendipity_checkPermission('adminUsersEditUserlevel') || !serendipity_checkPermission('adminUsersMaintainOthers')) && (int) $_POST['userlevel'] > $serendipity['serendipityUserlevel']) {
        echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . CREATE_NOT_AUTHORIZED_USERLEVEL . '</div>';
    } elseif (empty($_POST['username'])) {
        echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . USERCONF_CHECK_USERNAME_ERROR . '</div>';
    } elseif (!empty($_POST['password']) && $_POST['check_password'] != $_SESSION['serendipityPassword'] && serendipity_passwordhash($_POST['check_password']) != $_SESSION['serendipityPassword']) {
        echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . USERCONF_CHECK_PASSWORD_ERROR . '</div>';
    } else {
        $valid_groups = serendipity_getGroups($serendipity['authorid'], true);
        foreach ($config as $category) {
            foreach ($category['items'] as $item) {
                if (in_array('groups', $item['flags'])) {
                    if (serendipity_checkPermission('adminUsersMaintainOthers')) {
                        // Void, no fixing neccessarry
                    } elseif (serendipity_checkPermission('adminUsersMaintainSame')) {
                        if (!is_array($_POST[$item['var']])) {
                            continue;
                        }
                        // Check that no user may assign groups he's not allowed to.
                        foreach ($_POST[$item['var']] as $groupkey => $groupval) {
                            if (in_array($groupval, $valid_groups)) {
                                continue;
                            } elseif ($groupval == 2 && in_array(3, $valid_groups)) {
                                // Admin is allowed to assign users to chief editors
                                continue;
                            } elseif ($groupval == 1 && in_array(2, $valid_groups)) {
                                // Chief is allowed to assign users to editors
                                continue;
                            }
                            unset($_POST[$item['var']][$groupkey]);
/**
 * Show the list of plugins
 *
 * Shows a HTML list of all installed plugins, complete with config/delete/sort order options
 *
 * @access public
 * @param  boolean  Indicates if event plugins (TRUE) or sidebar plugins (FALSE) shall be shown
 * @return null
 */
function show_plugins($event_only = false, $sidebars = null)
{
    global $serendipity;
    $sql_filter = '';
    if (is_array($sidebars)) {
        foreach ($sidebars as $sidebar) {
            $up = strtoupper($sidebar);
            if ($sidebar == 'hide') {
                $opts[$sidebar] = HIDDEN;
            } elseif (defined('SIDEBAR_' . $up)) {
                $opts[$sidebar] = constant('SIDEBAR_' . $up);
            } elseif (defined($up)) {
                $opts[$sidebar] = constant($up);
            } else {
                $opts[$sidebar] = $up;
            }
            $sql_filter .= "AND placement != '" . serendipity_db_escape_string($sidebar) . "' ";
        }
    }
    if (!$event_only) {
        $sql = "SELECT * from {$serendipity['dbPrefix']}plugins\n                   WHERE placement != 'event'\n                     AND placement != 'eventh'\n                         " . $sql_filter;
        $invisible_plugins = serendipity_db_query($sql);
        if (is_array($invisible_plugins)) {
            $sidebars[] = 'NONE';
            $opts['NONE'] = NONE;
        }
    }
    $opts['event'] = PLUGIN_ACTIVE;
    $opts['eventh'] = PLUGIN_INACTIVE;
    $data['event_only'] = $event_only;
    if (!$event_only) {
        $data['is_first'] = true;
    }
    $data['serendipity_setFormToken'] = serendipity_setFormToken();
    $data['serendipity_setFormTokenUrl'] = serendipity_setFormToken('url');
    /* Block display the plugins per placement location. */
    if ($event_only) {
        $plugin_placements = array('event', 'eventh');
    } else {
        $plugin_placements = $sidebars;
    }
    $data['plugin_placements'] = $plugin_placements;
    static $users = array();
    if (empty($users)) {
        $users = serendipity_fetchUsers('', 'hidden');
    }
    $data['users'] = $users;
    $i = 0;
    foreach ($plugin_placements as $plugin_placement) {
        if (!$event_only && $plugin_placement == 'NONE') {
            $is_invisible = true;
        } else {
            $is_invisible = false;
        }
        $data['placement'][$plugin_placement]['ptitle'] = $ptitle = $opts[$plugin_placement];
        $data['placement'][$plugin_placement]['pid'] = $pid = $plugin_placement;
        if ($is_invisible) {
            $plugins = $invisible_plugins;
        } else {
            $plugins = serendipity_plugin_api::enum_plugins($plugin_placement);
        }
        if (!is_array($plugins)) {
            continue;
        }
        $sort_idx = 0;
        foreach ($plugins as $plugin_data) {
            $i++;
            $plugin =& serendipity_plugin_api::load_plugin($plugin_data['name'], $plugin_data['authorid']);
            $key = urlencode($plugin_data['name']);
            $css_key = 's9ycid' . str_replace('%', '-', $key);
            $is_plugin_owner = $plugin_data['authorid'] == $serendipity['authorid'] || serendipity_checkPermission('adminPluginsMaintainOthers');
            $is_plugin_editable = $is_plugin_owner || $plugin_data['authorid'] == '0';
            $cname = explode(':', $plugin_data['name']);
            if (!is_object($plugin)) {
                $name = $title = ERROR . '!';
                $desc = ERROR . ': ' . $plugin_data['name'];
                $can_configure = false;
            } else {
                /* query for its name, description and configuration data */
                $bag = new serendipity_property_bag();
                $plugin->introspect($bag);
                $name = serendipity_specialchars($bag->get('name'));
                $desc = '<details class="plugin_data">';
                $desc .= '<summary><var class="perm_name">' . $cname[0] . '</var></summary>';
                $desc .= '<div class="plugin_desc clearfix">' . serendipity_specialchars($bag->get('description')) . '</div>';
                $desc .= '<span class="block_level">' . VERSION . ': ' . $bag->get('version') . '</span>';
                $desc .= '</details>';
                $title = serendipity_plugin_api::get_plugin_title($plugin, '[' . $name . ']');
                if ($bag->is_set('configuration') && ($plugin->protected === FALSE || $plugin_data['authorid'] == '0' || $plugin_data['authorid'] == $serendipity['authorid'] || serendipity_checkPermission('adminPluginsMaintainOthers'))) {
                    $can_configure = true;
                } else {
                    $can_configure = false;
                }
            }
            if ($opts === null) {
                $opts = array('left' => LEFT, 'right' => RIGHT, 'hide' => HIDDEN);
            }
            $event_opts = array('event' => PLUGIN_ACTIVE, 'eventh' => PLUGIN_INACTIVE);
            if ($event_only) {
                $gopts = $event_opts;
            } else {
                $gopts = $opts;
            }
            $data['placement'][$plugin_placement]['plugin_data'][$i]['sort_idx'] = $sort_idx;
            $data['placement'][$plugin_placement]['plugin_data'][$i]['css_key'] = $css_key;
            $data['placement'][$plugin_placement]['plugin_data'][$i]['is_plugin_editable'] = $is_plugin_editable;
            $data['placement'][$plugin_placement]['plugin_data'][$i]['is_plugin_owner'] = $is_plugin_owner;
            $data['placement'][$plugin_placement]['plugin_data'][$i]['name'] = $plugin_data['name'];
            $data['placement'][$plugin_placement]['plugin_data'][$i]['authorid'] = $plugin_data['authorid'];
            $data['placement'][$plugin_placement]['plugin_data'][$i]['can_configure'] = $can_configure;
            $data['placement'][$plugin_placement]['plugin_data'][$i]['key'] = $key;
            $data['placement'][$plugin_placement]['plugin_data'][$i]['title'] = $title;
            $data['placement'][$plugin_placement]['plugin_data'][$i]['desc'] = $desc;
            $data['placement'][$plugin_placement]['plugin_data'][$i]['placement'] = $plugin_data['placement'];
            $data['placement'][$plugin_placement]['plugin_data'][$i]['gopts'] = $gopts;
            $sort_idx++;
        }
    }
    $data['total'] = $i;
    return serendipity_smarty_show('admin/show_plugins.fnc.tpl', $data);
}
Пример #7
0
/**
 * Check if a member of a group has permissions to execute a plugin
 *
 * @param string    Pluginname
 * @param int       ID of the group of which the members should be checked
 * @return boolean
 */
function serendipity_hasPluginPermissions($plugin, $groupid = null)
{
    static $forbidden = null;
    global $serendipity;
    if (empty($serendipity['authorid'])) {
        return true;
    }
    if ($forbidden === null || $groupid !== null && !isset($forbidden[$groupid])) {
        $forbidden = array();
        if ($groupid === null) {
            $groups = serendipity_checkPermission(null, null, 'all');
        } else {
            $groups = array($groupid => serendipity_fetchGroup($groupid));
        }
        foreach ($groups as $idx => $group) {
            if ($idx == 'membership') {
                continue;
            }
            foreach ($group as $key => $val) {
                if (substr($key, 0, 2) == 'f_') {
                    $forbidden[$groupid][$key] = true;
                }
            }
        }
    }
    if (isset($forbidden[$groupid]['f_' . $plugin])) {
        return false;
    } else {
        return true;
    }
}
    function event_hook($event, &$bag, &$eventData, $addData = null)
    {
        global $serendipity;
        static $is_cache = null;
        static $use_groups = null;
        static $use_users = null;
        static $ext_joins = null;
        $hooks =& $bag->get('event_hooks');
        if ($is_cache === null) {
            $is_cache = serendipity_db_bool($this->get_config('cache', 'true'));
            $use_groups = serendipity_db_bool($this->get_config('use_groups'));
            $use_users = serendipity_db_bool($this->get_config('use_users'));
            $ext_joins = serendipity_db_bool($this->get_config('use_ext_joins'));
        }
        if (isset($hooks[$event])) {
            switch ($event) {
                case 'frontend_entryproperties_query':
                    $eventData['and'] = $this->returnQueryCondition($is_cache);
                    return true;
                    break;
                case 'backend_display':
                    $is_sticky = isset($eventData['properties']['ep_is_sticky']) && serendipity_db_bool($eventData['properties']['ep_is_sticky']) || isset($serendipity['POST']['properties']['is_sticky']) && serendipity_db_bool($serendipity['POST']['properties']['is_sticky']) ? 'checked="checked"' : '';
                    $no_frontpage = isset($eventData['properties']['ep_no_frontpage']) && serendipity_db_bool($eventData['properties']['ep_no_frontpage']) || isset($serendipity['POST']['properties']['no_frontpage']) && serendipity_db_bool($serendipity['POST']['properties']['no_frontpage']) ? 'checked="checked"' : '';
                    $hiderss = isset($eventData['properties']['ep_hiderss']) && serendipity_db_bool($eventData['properties']['ep_hiderss']) || isset($serendipity['POST']['properties']['hiderss']) && serendipity_db_bool($serendipity['POST']['properties']['hiderss']) ? 'checked="checked"' : '';
                    $access_values = array(PLUGIN_EVENT_ENTRYPROPERTIES_ACCESS_PRIVATE => 'private', PLUGIN_EVENT_ENTRYPROPERTIES_ACCESS_PUBLIC => 'public', PLUGIN_EVENT_ENTRYPROPERTIES_ACCESS_MEMBERS => 'member');
                    if (isset($eventData['properties']['ep_access'])) {
                        $access = $eventData['properties']['ep_access'];
                    } elseif (isset($serendipity['POST']['properties']['access'])) {
                        $access = $serendipity['POST']['properties']['access'];
                    } else {
                        $access = $this->get_config('default_read', 'public');
                    }
                    if (isset($eventData['properties']['ep_access_groups'])) {
                        $access_groups = explode(';', $eventData['properties']['ep_access_groups']);
                    } elseif (isset($serendipity['POST']['properties']['access_groups'])) {
                        $access_groups = $serendipity['POST']['properties']['access_groups'];
                    } else {
                        $access_groups = array();
                    }
                    if (isset($eventData['properties']['ep_access_users'])) {
                        $access_users = explode(';', $eventData['properties']['ep_access_users']);
                    } elseif (isset($serendipity['POST']['properties']['access_users'])) {
                        $access_users = $serendipity['POST']['properties']['access_users'];
                    } else {
                        $access_users = array();
                    }
                    if (isset($eventData['properties']['ep_entrypassword'])) {
                        $password = $eventData['properties']['ep_entrypassword'];
                    } elseif (isset($serendipity['POST']['properties']['entrypassword'])) {
                        $password = $serendipity['POST']['properties']['entrypassword'];
                    } else {
                        $password = '';
                    }
                    ?>
                    <div class="entryproperties">
                        <input type="hidden" name="serendipity[propertyform]" value="true" />
                        <h3><?php 
                    echo PLUGIN_EVENT_ENTRYPROPERTIES_TITLE;
                    ?>
</h3>
<?php 
                    $elements = explode(',', $this->get_config('sequence'));
                    foreach ($elements as $element) {
                        $this->showBackend($element, $eventData, $is_sticky, $no_frontpage, $hiderss, $access_values, $access, $password, $use_groups, $access_groups, $use_users, $access_users);
                    }
                    ?>
                    </div>
<?php 
                    return true;
                    break;
                case 'backend_maintenance':
                    if ($is_cache && $serendipity['serendipityUserlevel'] >= USERLEVEL_ADMIN) {
                        echo '<section id="maintenance_buildcache" class="equal_heights quick_list">';
                        echo '<h3>' . PLUGIN_EVENT_ENTRYPROPERTY_BUILDCACHE . '</h3>';
                        echo '<a class="button_link build_cache" href="?serendipity[adminModule]=event_display&amp;serendipity[adminAction]=buildcache" data-delmsg="' . PLUGIN_EVENT_ENTRYPROPERTIES_CACHE_FETCHNEXT . '">' . PLUGIN_EVENT_ENTRYPROPERTY_BUILDCACHE . '</a></section>';
                    }
                    return true;
                    break;
                case 'backend_import_entry':
                    //TODO: (ph) Maybe handle caching?
                    if (is_array($addData) && !$addData['nl2br']) {
                        $props = array();
                        $props['no_nl2br'] = 'true';
                        $this->addProperties($props, $eventData);
                    }
                    break;
                case 'backend_sidebar_entries_event_display_buildcache':
                    if ($is_cache) {
                        $per_fetch = 25;
                        $page = isset($serendipity['GET']['page']) ? $serendipity['GET']['page'] : 1;
                        $from = ($page - 1) * $per_fetch;
                        $to = $page * $per_fetch;
                        printf('<h2>' . PLUGIN_EVENT_ENTRYPROPERTIES_CACHE_FETCHNO, $from, $to);
                        $entries = serendipity_fetchEntries(null, true, $per_fetch, false, false, 'timestamp DESC', '', true);
                        $total = serendipity_getTotalEntries();
                        printf(PLUGIN_EVENT_ENTRYPROPERTIES_CACHE_TOTAL . '</h2>', $total);
                        if (is_array($entries)) {
                            echo '<ul class="plainList">';
                            foreach ($entries as $idx => $entry) {
                                printf('<li>' . PLUGIN_EVENT_ENTRYPROPERTIES_CACHE_BUILDING, $entry['id'], serendipity_specialchars($entry['title']));
                                $this->updateCache($entry);
                                echo ' ' . PLUGIN_EVENT_ENTRYPROPERTIES_CACHED . '</li>';
                            }
                            echo '</ul>';
                        }
                        if ($to < $total) {
                            ?>
                        <script>
                            if (confirm("<?php 
                            echo serendipity_specialchars(PLUGIN_EVENT_ENTRYPROPERTIES_CACHE_FETCHNEXT);
                            ?>
")) {
                                location.href = "?serendipity[adminModule]=event_display&serendipity[adminAction]=buildcache&serendipity[page]=<?php 
                            echo $page + 1;
                            ?>
";
                            } else {
                                alert("<?php 
                            echo serendipity_specialchars(PLUGIN_EVENT_ENTRYPROPERTIES_CACHE_ABORTED);
                            ?>
");
                            }
                        </script>
<?php 
                        } else {
                            echo '<span class="msg_notice"><span class="icon-info-circled"></span>' . PLUGIN_EVENT_ENTRYPROPERTIES_CACHE_DONE . '</span>';
                        }
                    }
                    return true;
                    break;
                case 'backend_cache_entries':
                    if (!$is_cache) {
                        return true;
                    }
                    $entries = serendipity_fetchEntries(null, true, $serendipity['fetchLimit'], false, false, 'timestamp DESC', '', true);
                    if (is_array($entries) && !empty($entries)) {
                        foreach ($entries as $idx => $entry) {
                            $this->updateCache($entry);
                        }
                    }
                    return true;
                    break;
                case 'backend_cache_purge':
                    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}entryproperties WHERE property LIKE 'ep_cache_%'");
                    break;
                case 'backend_entry_presave':
                    if (is_array($serendipity['POST']['properties'])) {
                        $this->applyProperties($serendipity['POST']['properties']);
                    }
                    break;
                case 'backend_publish':
                case 'backend_save':
                    if (!isset($eventData['id'])) {
                        return true;
                    }
                    if (!empty($serendipity['POST']['change_author']) && $serendipity['POST']['change_author'] != $eventData['id']) {
                        // Check again if the POSTed value is an author that the current user has "access" to.
                        $avail_users =& $this->getValidAuthors();
                        $new_authorid = (int) $serendipity['POST']['change_author'];
                        foreach ($avail_users as $user) {
                            if ($new_authorid == $user['authorid']) {
                                serendipity_db_query("UPDATE {$serendipity['dbPrefix']}entries SET authorid = " . $new_authorid . " WHERE id = " . (int) $eventData['id']);
                            }
                        }
                    }
                    if ($is_cache) {
                        // Previous calls to frontend_display used the "no_scramble" atteribute to not tinker with the data.
                        // We now need to call those plugins that have not yet operated before.
                        $to_addData = array('from' => 'entryproperties:' . $event);
                        serendipity_plugin_api::hook_event('frontend_display_cache', $eventData, $to_addData);
                        $serendipity['POST']['properties']['cache_body'] = $eventData['body'];
                        $serendipity['POST']['properties']['cache_extended'] = $eventData['extended'];
                    }
                    if (is_array($serendipity['POST']['properties']['access_groups']) && $serendipity['POST']['properties']['access'] != 'member') {
                        unset($serendipity['POST']['properties']['access_groups']);
                    }
                    if (is_array($serendipity['POST']['properties']['access_users']) && $serendipity['POST']['properties']['access'] != 'member') {
                        unset($serendipity['POST']['properties']['access_users']);
                    }
                    $this->addProperties($serendipity['POST']['properties'], $eventData);
                    return true;
                    break;
                case 'frontend_configure':
                    if (isset($serendipity['POST']['id']) && empty($serendipity['GET']['id'])) {
                        $serendipity['GET']['id'] =& $serendipity['POST']['id'];
                        $serendipity['GET']['subpage'] =& $serendipity['POST']['subpage'];
                    }
                    break;
                case 'frontend_entryproperties':
                    $and = $this->returnQueryCondition($is_cache);
                    $q = "SELECT entryid, property, value FROM {$serendipity['dbPrefix']}entryproperties WHERE entryid IN (" . implode(', ', array_keys($addData)) . ") {$and}";
                    $properties = serendipity_db_query($q);
                    if (!is_array($properties)) {
                        return true;
                    }
                    foreach ($properties as $idx => $row) {
                        $eventData[$addData[$row['entryid']]]['properties'][$row['property']] = $row['value'];
                    }
                    return true;
                    break;
                case 'entry_display':
                    // PH: This is done after Garvins suggestion to patchup $eventData in case an entry
                    //     is in the process of being created. This must be done for the extended properties
                    //     to be applied in the preview.
                    if (isset($serendipity['GET']['id']) && isset($eventData[0]['properties']['ep_entrypassword'])) {
                        if ($_SESSION['entrypassword_unlocked'][$serendipity['GET']['id']] == md5($eventData[0]['properties']['ep_entrypassword']) || $eventData[0]['properties']['ep_entrypassword'] == $serendipity['POST']['entrypassword']) {
                            // Do not show login form again, once we have first enabled it.
                            $_SESSION['entrypassword_unlocked'][$serendipity['GET']['id']] = md5($eventData[0]['properties']['ep_entrypassword']);
                        } else {
                            if (is_array($eventData)) {
                                $eventData['clean_page'] = true;
                            } else {
                                $eventData = array('clean_page' => true);
                            }
                            $this->showPasswordForm = true;
                        }
                    }
                    if ($addData['preview'] && is_array($serendipity['POST']['properties']) && count($serendipity['POST']['properties']) > 0) {
                        $parr = array();
                        $supported_properties = serendipity_event_entryproperties::getSupportedProperties();
                        foreach ($supported_properties as $prop_key) {
                            if (isset($serendipity['POST']['properties'][$prop_key])) {
                                $eventData[0]['properties']['ep_' . $prop_key] = $serendipity['POST']['properties'][$prop_key];
                            }
                        }
                    }
                    break;
                case 'entries_header':
                    if ($this->showPasswordForm) {
                        echo $this->showPasswordform();
                    }
                    break;
                case 'frontend_fetchentries':
                case 'frontend_fetchentry':
                    $joins = array();
                    $conds = array();
                    if (!$ext_joins) {
                        return true;
                    }
                    if ($_SESSION['serendipityAuthedUser'] === true) {
                        $conds[] = " (ep_access.property IS NULL OR ep_access.value = 'member' OR ep_access.value = 'public' OR (ep_access.value = 'private' AND e.authorid = " . (int) $serendipity['authorid'] . ")) ";
                        if ($use_groups) {
                            $mygroups = serendipity_checkPermission(null, null, true);
                            $groupcond = array();
                            foreach ((array) $mygroups as $mygroup) {
                                $groupcond[] .= "ep_access_groups.value LIKE '%;{$mygroup};%'";
                            }
                            if (count($groupcond) > 0) {
                                $conds[] = " (ep_access_groups.property IS NULL OR (ep_access.value = 'member' AND (" . implode(' OR ', $groupcond) . ")))";
                            }
                        }
                        if ($use_users) {
                            $conds[] = " (ep_access_users.property IS NULL OR (ep_access.value = 'member' AND (ep_access_users.value LIKE '%;" . (int) $serendipity['authorid'] . ";%' OR e.authorid = " . (int) $serendipity['authorid'] . "))) ";
                        }
                    } else {
                        $conds[] = " (ep_access.property IS NULL OR ep_access.value = 'public')";
                    }
                    if (!isset($serendipity['GET']['viewAuthor']) && !isset($serendipity['plugin_vars']['tag']) && !isset($serendipity['GET']['category']) && !isset($serendipity['GET']['adminModule']) && $event == 'frontend_fetchentries' && $addData['source'] != 'search') {
                        $conds[] = " (ep_no_frontpage.property IS NULL OR ep_no_frontpage.value != 'true') ";
                        $joins[] = " LEFT OUTER JOIN {$serendipity['dbPrefix']}entryproperties ep_no_frontpage\n                                                  ON (e.id = ep_no_frontpage.entryid AND ep_no_frontpage.property = 'ep_no_frontpage')";
                    }
                    if (count($conds) > 0) {
                        $cond = implode(' AND ', $conds);
                        if (empty($eventData['and'])) {
                            $eventData['and'] = " WHERE {$cond} ";
                        } else {
                            $eventData['and'] .= " AND {$cond} ";
                        }
                    }
                    $conds = array();
                    if ((!isset($addData['noSticky']) || $addData['noSticky'] !== true) && !isset($serendipity['skipSticky'])) {
                        $conds[] = 'ep_sticky.value AS orderkey,';
                    } else {
                        $conds[] = 'e.isdraft AS orderkey,';
                    }
                    if ($is_cache && (!isset($addData['noCache']) || !$addData['noCache'])) {
                        $conds[] = 'ep_cache_extended.value AS ep_cache_extended,';
                        $conds[] = 'ep_cache_body.value     AS ep_cache_body,';
                    }
                    $cond = implode("\n", $conds);
                    if (empty($eventData['addkey'])) {
                        $eventData['addkey'] = $cond;
                    } else {
                        $eventData['addkey'] .= $cond;
                    }
                    if ($serendipity['dbType'] == 'postgres') {
                        // PostgreSQL is a bit weird here. Empty columns with NULL or "" content for
                        // orderkey would get sorted on top when using DESC, and only after those
                        // the "true" content would be inserted. Thus we order ASC in postgreSQL,
                        // and silently wonder. Thanks to Nate Johnston for working this out!
                        $cond = 'orderkey ASC';
                    } else {
                        $cond = 'orderkey DESC';
                    }
                    if (empty($eventData['orderby'])) {
                        $eventData['orderby'] = $cond;
                    } else {
                        $eventData['orderby'] = $cond . ', ' . $eventData['orderby'];
                    }
                    if ($is_cache && (!isset($addData['noCache']) || !$addData['noCache'])) {
                        $joins[] = " LEFT OUTER JOIN {$serendipity['dbPrefix']}entryproperties ep_cache_extended\n                                                  ON (e.id = ep_cache_extended.entryid AND ep_cache_extended.property = 'ep_cache_extended')";
                        $joins[] = " LEFT OUTER JOIN {$serendipity['dbPrefix']}entryproperties ep_cache_body\n                                                  ON (e.id = ep_cache_body.entryid AND ep_cache_body.property = 'ep_cache_body')";
                    }
                    $joins[] = " LEFT OUTER JOIN {$serendipity['dbPrefix']}entryproperties ep_access\n                                              ON (e.id = ep_access.entryid AND ep_access.property = 'ep_access')";
                    if ($use_groups) {
                        $joins[] = " LEFT OUTER JOIN {$serendipity['dbPrefix']}entryproperties ep_access_groups\n                                                  ON (e.id = ep_access_groups.entryid AND ep_access_groups.property = 'ep_access_groups')";
                    }
                    if ($use_users) {
                        $joins[] = " LEFT OUTER JOIN {$serendipity['dbPrefix']}entryproperties ep_access_users\n                                                  ON (e.id = ep_access_users.entryid AND ep_access_users.property = 'ep_access_users')";
                    }
                    if ((!isset($addData['noSticky']) || $addData['noSticky'] !== true) && !isset($serendipity['skipSticky'])) {
                        $joins[] = " LEFT JOIN {$serendipity['dbPrefix']}entryproperties ep_sticky\n                                            ON (e.id = ep_sticky.entryid AND ep_sticky.property = 'ep_is_sticky')";
                    }
                    $cond = implode("\n", $joins);
                    if (empty($eventData['joins'])) {
                        $eventData['joins'] = $cond;
                    } else {
                        $eventData['joins'] .= $cond;
                    }
                    return true;
                    break;
                case 'frontend_entries_rss':
                    if (is_array($eventData)) {
                        foreach ($eventData as $idx => $entry) {
                            if (is_array($entry['properties']) && isset($entry['properties']['ep_hiderss']) && $entry['properties']['ep_hiderss']) {
                                unset($eventData[$idx]['body']);
                                unset($eventData[$idx]['extended']);
                                unset($eventData[$idx]['exflag']);
                            }
                        }
                    }
                    return true;
                    break;
                case 'backend_plugins_new_instance':
                    // This hook will always push the entryproperties plugin as last in queue.
                    // Happens always when a new plugin is added.
                    // This is important because of its caching mechanism!
                    // Fetch maximum sort_order value. This will be the new value of our current plugin.
                    $q = "SELECT MAX(sort_order) as sort_order_max FROM {$serendipity['dbPrefix']}plugins WHERE placement = '" . $addData['default_placement'] . "'";
                    $rs = serendipity_db_query($q, true, 'num');
                    // Fetch current sort_order of current plugin.
                    $q = "SELECT sort_order FROM {$serendipity['dbPrefix']}plugins WHERE name = '" . $this->instance . "'";
                    $cur = serendipity_db_query($q, true, 'num');
                    // Decrease sort_order of all plugins after current plugin by one.
                    $q = "UPDATE {$serendipity['dbPrefix']}plugins SET sort_order = sort_order - 1 WHERE placement = '" . $addData['default_placement'] . "' AND sort_order > " . intval($cur[0]);
                    serendipity_db_query($q);
                    // Set current plugin as last plugin in queue.
                    $q = "UPDATE {$serendipity['dbPrefix']}plugins SET sort_order = " . intval($rs[0]) . " WHERE name = '" . $this->instance . "'";
                    serendipity_db_query($q);
                    return true;
                    break;
                default:
                    return false;
                    break;
            }
        } else {
            return false;
        }
    }
Пример #9
0
</a></li>
<?php 
                }
                if (serendipity_checkPermission('adminImport')) {
                    ?>
                        <li class="serendipitySideBarMenuLink serendipitySideBarMenuUserManagementLinks"><a href="serendipity_admin.php?serendipity[adminModule]=import"><?php 
                    echo IMPORT_ENTRIES;
                    ?>
</a></li>
                        <li class="serendipitySideBarMenuLink serendipitySideBarMenuUserManagementLinks"><a href="serendipity_admin.php?serendipity[adminModule]=export"><?php 
                    echo EXPORT_ENTRIES;
                    ?>
</a></li>
<?php 
                }
                if (serendipity_checkPermission('siteConfiguration') || serendipity_checkPermission('blogConfiguration')) {
                    ?>
                        <li class="serendipitySideBarMenuLink serendipitySideBarMenuUserManagementLinks"><a href="serendipity_admin.php?serendipity[adminModule]=integrity"><?php 
                    echo INTEGRITY;
                    ?>
</a></li>
<?php 
                }
                ?>
                        <?php 
                if ($serendipity['no_create'] !== true) {
                    serendipity_plugin_api::hook_event('backend_sidebar_admin', $serendipity);
                }
                ?>
                        <li class="serendipitySideBarMenuFoot serendipitySideBarMenuUserManagement" style="display:none"></li>
                    </ul>
Пример #10
0
function showMediaLibrary($messages = false, $addvar_check = false)
{
    global $serendipity;
    if (!serendipity_checkPermission('adminImagesView')) {
        return;
    }
    if (!empty($messages)) {
        echo '<div class="imageMessage"><ul>';
        foreach ($messages as $message) {
            echo '<li>' . $message . '</li>';
        }
        echo '</ul></div>';
    }
    // After upload, do not show the list to be able to proceed to
    // media selection.
    if ($addvar_check && !empty($GLOBALS['image_selector_addvars'])) {
        return true;
    }
    ?>
<script type="text/javascript" language="javascript">
    <!--
        function rename(id, fname) {
            if(newname = prompt('<?php 
    echo ENTER_NEW_NAME;
    ?>
' + fname, fname)) {
                location.href='?<?php 
    echo serendipity_setFormToken('url');
    ?>
&serendipity[adminModule]=images&serendipity[adminAction]=rename&serendipity[fid]='+ escape(id) + '&serendipity[newname]='+ escape(newname);
            }
        }
    //-->
</script>

<?php 
    if (!isset($serendipity['thumbPerPage'])) {
        $serendipity['thumbPerPage'] = 2;
    }
    serendipity_displayImageList(isset($serendipity['GET']['page']) ? $serendipity['GET']['page'] : 1, $serendipity['thumbPerPage'], true);
}
Пример #11
0
$totalComments = $sql['total'];
$pages = $commentsPerPage == COMMENTS_FILTER_ALL ? 1 : ceil($totalComments / (int) $commentsPerPage);
$page = (int) $serendipity['GET']['page'];
if ($page == 0 || $page > $pages) {
    $page = 1;
}
$linkPrevious = 'serendipity_admin.php?serendipity[adminModule]=comments&amp;serendipity[page]=' . ($page - 1) . $searchString;
$linkNext = 'serendipity_admin.php?serendipity[adminModule]=comments&amp;serendipity[page]=' . ($page + 1) . $searchString;
$filter_vals = array(10, 20, 50, COMMENTS_FILTER_ALL);
if ($commentsPerPage == COMMENTS_FILTER_ALL) {
    $limit = '';
} else {
    $limit = serendipity_db_limit_sql(serendipity_db_limit(($page - 1) * (int) $commentsPerPage, (int) $commentsPerPage));
}
$sql = serendipity_db_query("SELECT c.*, e.title FROM {$serendipity['dbPrefix']}comments c\n                                LEFT JOIN {$serendipity['dbPrefix']}entries e ON (e.id = c.entry_id)\n                                WHERE 1 = 1 " . ($c_type !== null ? " AND c.type = '{$c_type}' " : '') . $and . (!serendipity_checkPermission('adminEntriesMaintainOthers') ? 'AND e.authorid = ' . (int) $serendipity['authorid'] : '') . "\n                                ORDER BY c.id DESC {$limit}");
if (serendipity_checkPermission('adminComments')) {
    ob_start();
    # This event has to get send here so the spamblock-plugin can block an author now and the comment_page show that on this pageload
    serendipity_plugin_api::hook_event('backend_comments_top', $sql);
    $data['backend_comments_top'] = ob_get_contents();
    ob_end_clean();
}
$data['commentsPerPage'] = $commentsPerPage;
$data['totalComments'] = $totalComments;
$data['pages'] = $pages;
$data['page'] = $page;
$data['linkPrevious'] = $linkPrevious;
$data['linkNext'] = $linkNext;
$data['searchString'] = $searchString;
$data['filter_vals'] = $filter_vals;
$data['sql'] = $sql;
    /**
     * event hook: backend_sidebar_entries_event_display_managetags
     *  uses global object array eventData
     */
    function displayManageTags()
    {
        global $serendipity;
        if ($this->get_config('dbversion', 1) != 2) {
            $this->install();
            $this->set_config('dbversion', 2);
        }
        $full_permission = serendipity_checkPermission('adminPlugins');
        // AFAIS, BY USERLEVEL permission checks are being deprecated
        if ($serendipity['version'][0] < 2) {
            ?>

            <div style="border: 1px solid #000;" class="freetagMenu">
            <ul>

<?php 
        } else {
            ?>

            <h2><?php 
            echo PLUGIN_EVENT_FREETAG_MANAGETAGS;
            ?>
</h2>

            <div class="freetagMenu">
                <ul class="plainList clearfix">

<?php 
        }
        ?>

                    <li><a class="button_link" href="<?php 
        echo FREETAG_MANAGE_URL;
        ?>
&amp;serendipity[tagview]=all" title="<?php 
        echo PLUGIN_EVENT_FREETAG_MANAGE_ALL;
        ?>
">ALL</a></li>
                    <li><a class="button_link" href="<?php 
        echo FREETAG_MANAGE_URL;
        ?>
&amp;serendipity[tagview]=leaf" title="<?php 
        echo PLUGIN_EVENT_FREETAG_MANAGE_LEAF;
        ?>
">LEAF</a></li>
<?php 
        if ($full_permission === true) {
            ?>
                    <li><a class="button_link" href="<?php 
            echo FREETAG_MANAGE_URL;
            ?>
&amp;serendipity[tagview]=entryuntagged" title="<?php 
            echo PLUGIN_EVENT_FREETAG_MANAGE_UNTAGGED;
            ?>
">NOTAG</a></li>
                    <li><a class="button_link" href="<?php 
            echo FREETAG_MANAGE_URL;
            ?>
&amp;serendipity[tagview]=entryleaf" title="<?php 
            echo PLUGIN_EVENT_FREETAG_MANAGE_LEAFTAGGED;
            ?>
">LEAFTAG</a></li>
                    <li><a class="button_link" href="<?php 
            echo FREETAG_MANAGE_URL;
            ?>
&amp;serendipity[tagview]=keywords" title="<?php 
            echo PLUGIN_EVENT_FREETAG_KEYWORDS;
            ?>
">KEYWORD</a></li>
                    <li><a class="button_link" href="<?php 
            echo FREETAG_MANAGE_URL;
            ?>
&amp;serendipity[tagview]=cat2tag" title="<?php 
            echo PLUGIN_EVENT_FREETAG_GLOBALLINKS;
            ?>
">CAT2TAG</a></li>
                    <li><a class="button_link" href="<?php 
            echo FREETAG_MANAGE_URL;
            ?>
&amp;serendipity[tagview]=tagupdate" onclick="return confirm('<?php 
            echo htmlspecialchars(PLUGIN_EVENT_FREETAG_REBUILD_DESC, ENT_COMPAT, LANG_CHARSET);
            ?>
');" title="<?php 
            echo PLUGIN_EVENT_FREETAG_REBUILD;
            ?>
">AUTOTAG</a></li>
                    <li><a class="button_link" href="<?php 
            echo FREETAG_MANAGE_URL;
            ?>
&amp;serendipity[tagview]=cleanupmappings" title="<?php 
            echo PLUGIN_EVENT_FREETAG_MANAGE_CLEANUP;
            ?>
">CLEAN</a></li>
<?php 
        }
        ?>
                </ul>
            </div>

<?php 
        if (isset($this->eventData['GET']['tagaction']) && !empty($this->eventData['GET']['tagaction'])) {
            $this->displayTagAction($full_permission);
        }
        // backend menu cases
        if (isset($this->eventData['GET']['tagview'])) {
            switch ($this->eventData['GET']['tagview']) {
                case 'all':
                    // 1
                    $tags = (array) $this->getAllTags();
                    $this->displayEditTags($tags);
                    break;
                case 'leaf':
                    // 2
                    $tags = (array) $this->getLeafTags();
                    $this->displayEditTags($tags);
                    break;
                case 'entryuntagged':
                    // 3
                    if ($full_permission === true) {
                        $this->displayUntaggedEntries();
                    }
                    break;
                case 'entryleaf':
                    // 4
                    if ($full_permission === true) {
                        $this->displayLeafTaggedEntries();
                    }
                    break;
                case 'keywords':
                    // 5
                    if ($full_permission === true) {
                        $tags = (array) $this->getAllTags();
                        $this->displayKeywordAssignment($tags);
                    }
                    break;
                case 'cat2tag':
                    // 6
                    if ($full_permission === true) {
                        $this->displayCategoryToTags();
                    }
                    break;
                case 'tagupdate':
                    // 7
                    if ($full_permission === true) {
                        break;
                    }
                    if (!serendipity_db_bool($this->get_config('keyword2tag', 'false'))) {
                        echo '<span class="msg_notice"><span class="icon-info-circled"></span>The option "' . PLUGIN_EVENT_FREETAG_KEYWORDS . '" is not set!</span>' . "\n";
                        // i18n?
                        break;
                    }
                    $this->displayTagUpdate();
                    break;
                case 'cleanupmappings':
                    // 8
                    if ($full_permission === true) {
                        $this->cleanupTagAssignments();
                    }
                    break;
                default:
                    if (!empty($this->eventData['GET']['tagview'])) {
                        echo '<span class="msg_notice"><span class="icon-info-circled"></span> ' . "Can't execute tagview</span>\n";
                    }
                    break;
            }
        }
        return true;
    }
Пример #13
0
/* Paging */
$sql = serendipity_db_query("SELECT COUNT(*) AS total FROM {$serendipity['dbPrefix']}comments c WHERE 1 = 1 " . ($c_type !== null ? " AND c.type = '{$c_type}' " : '') . $and, true);
$totalComments = $sql['total'];
$pages = $commentsPerPage == COMMENTS_FILTER_ALL ? 1 : ceil($totalComments / (int) $commentsPerPage);
$page = (int) $serendipity['GET']['page'];
if ($page == 0 || $page > $pages) {
    $page = 1;
}
$linkPrevious = 'serendipity_admin.php?serendipity[adminModule]=comments&amp;serendipity[page]=' . ($page - 1) . $searchString;
$linkNext = 'serendipity_admin.php?serendipity[adminModule]=comments&amp;serendipity[page]=' . ($page + 1) . $searchString;
if ($commentsPerPage == COMMENTS_FILTER_ALL) {
    $limit = '';
} else {
    $limit = serendipity_db_limit_sql(serendipity_db_limit(($page - 1) * (int) $commentsPerPage, (int) $commentsPerPage));
}
$sql = serendipity_db_query("SELECT c.*, e.title FROM {$serendipity['dbPrefix']}comments c\n                                LEFT JOIN {$serendipity['dbPrefix']}entries e ON (e.id = c.entry_id)\n                                WHERE 1 = 1 " . ($c_type !== null ? " AND c.type = '{$c_type}' " : '') . $and . (!serendipity_checkPermission('adminEntriesMaintainOthers') ? 'AND e.authorid = ' . (int) $serendipity['authorid'] : '') . "\n                                ORDER BY c.id DESC {$limit}");
if (!empty($errormsg)) {
    echo '<p class="serendipityAdminMsgError serendipity_backend_msg_notice"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . $errormsg . '</p>';
}
// closing admin messages
?>
<script type="text/javascript">
function FT_toggle(id) {
    if ( document.getElementById(id + '_full').style.display == '' ) {
        document.getElementById(id + '_full').style.display='none';
        document.getElementById(id + '_summary').style.display='';
        document.getElementById(id + '_text').innerHTML = '<?php 
echo VIEW_FULL;
?>
';
    } else {
Пример #14
0
         $data['messages'] = '<span class="msg_notice"><span class="icon-info-circled"></span> ' . MEDIA_RESIZE_EXISTS . '</span>';
     } else {
         $data['print_SCALING_IMAGE'] = sprintf(SCALING_IMAGE, $file['path'] . $file['name'] . '.' . $file['extension'], (int) $serendipity['GET']['width'], (int) $serendipity['GET']['height']);
         $data['extraParems'] = serendipity_generateImageSelectorParems();
         $scaleImg = serendipity_scaleImg($serendipity['GET']['fid'], $serendipity['GET']['width'], $serendipity['GET']['height']);
         if (!empty($scaleImg) && is_string($scaleImg)) {
             $data['scaleImgError'] = $scaleImg;
         }
         $data['is_done'] = true;
     }
     // fall back
     $data['showML'] = showMediaLibrary();
     break;
 case 'scaleSelect':
     $file = serendipity_fetchImageFromDatabase($serendipity['GET']['fid']);
     if (!is_array($file) || !serendipity_checkPermission('adminImagesDelete') || !serendipity_checkPermission('adminImagesMaintainOthers') && $file['authorid'] != '0' && $file['authorid'] != $serendipity['authorid']) {
         return;
     }
     $data['extraParems'] = serendipity_generateImageSelectorParems('form');
     $data['case_scaleSelect'] = true;
     $s = getimagesize($serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file['path'] . $file['name'] . ($file['extension'] ? '.' . $file['extension'] : ""));
     $data['img_width'] = $s[0];
     $data['img_height'] = $s[1];
     $data['print_RESIZE_BLAHBLAH'] = sprintf(RESIZE_BLAHBLAH, serendipity_specialchars($serendipity['GET']['fname']));
     $data['print_ORIGINAL_SIZE'] = sprintf(ORIGINAL_SIZE, $s[0], $s[1]);
     $data['formtoken'] = serendipity_setFormToken();
     $data['file'] = $serendipity['uploadHTTPPath'] . $file['path'] . $file['name'] . ($file['extension'] ? '.' . $file['extension'] : "");
     break;
 case 'choose':
     $file = serendipity_fetchImageFromDatabase($serendipity['GET']['fid']);
     $media['file'] =& $file;
 function event_hook($event, &$bag, &$eventData, $addData = null)
 {
     global $serendipity;
     $hooks =& $bag->get('event_hooks');
     if (isset($hooks[$event])) {
         switch ($event) {
             case 'external_plugin':
                 //catch learnAction here because the GET-Params prevent
                 //the normal switch/case to find this
                 if (strpos($eventData, 'learnAction') !== false) {
                     if (!serendipity_checkPermission('adminComments')) {
                         return;
                     }
                     $this->learnAction($_REQUEST['id'], $_REQUEST['category'], $_REQUEST['action'], $_REQUEST['entry_id']);
                     echo DONE;
                     return true;
                     break;
                 }
                 switch ($eventData) {
                     case 'learncomment':
                         if (!serendipity_checkPermission('adminComments')) {
                             break;
                         }
                         $category = $_REQUEST['category'];
                         $ids = $_REQUEST['id'];
                         $ids = explode(';', $ids);
                         foreach ($ids as $id) {
                             $comment = $this->getComment($id);
                             if (is_array($comment)) {
                                 $comment = $comment['0'];
                                 $entry_id = $comment['entry_id'];
                             }
                             $this->startLearn($comment, $category);
                             //Ham shall be approved, Spam deleted
                             if ($category == 'ham') {
                                 serendipity_approveComment($id, $entry_id);
                             } elseif ($category == 'spam') {
                                 if ($this->get_config('method', 'moderate') == 'custom') {
                                     $spamBarrier = min(array($this->get_config('moderateBarrier', 70) / 100, $this->get_config('blockBarrier', 90) / 100));
                                 } else {
                                     $spamBarrier = 0.7;
                                 }
                                 //spam shall not get through the filter twice - so make sure, it really is marked as spam
                                 $loop = 0;
                                 while ($this->startClassify($comment) < $spamBarrier && $loop < 5) {
                                     $this->startLearn($comment, $category);
                                     //prevent infinite loop
                                     $loop++;
                                 }
                                 if ($this->get_config('recycler', true)) {
                                     $this->recycleComment($id, $entry_id);
                                 }
                                 serendipity_deleteComment($id, $entry_id);
                             }
                         }
                         break;
                     case 'spamblock_bayes.load.gif':
                         header('Content-Type: image/gif');
                         echo file_get_contents(dirname(__FILE__) . '/img/spamblock_bayes.load.gif');
                         break;
                     case 'spamblock_bayes.spam.png':
                         header('Content-Type: image/png');
                         echo file_get_contents(dirname(__FILE__) . '/img/spamblock_bayes.spam.png');
                         break;
                     case 'jquery.tablesorter.js':
                         header('Content-Type: text/javascript');
                         echo file_get_contents(dirname(__FILE__) . '/jquery.tablesorter.js');
                         break;
                     case 'jquery.heatcolor.js':
                         header('Content-Type: text/javascript');
                         echo file_get_contents(dirname(__FILE__) . '/jquery.heatcolor.js');
                         break;
                     case 'jquery.excerpt.js':
                         header('Content-Type: text/javascript');
                         echo file_get_contents(dirname(__FILE__) . '/jquery.excerpt.js');
                         break;
                     case 'serendipity_event_spamblock_bayes.js':
                         header('Content-Type: text/javascript');
                         echo file_get_contents(dirname(__FILE__) . '/serendipity_event_spamblock_bayes.js');
                         break;
                     case 'getRating':
                         $ids = $_REQUEST['id'];
                         $ids = explode(';', $ids);
                         //we get the comments in wrong order
                         $comments = array_reverse($this->getComment($ids));
                         $i = 0;
                         foreach ($comments as $comment) {
                             $ratings .= preg_replace('/\\..*/', '', $this->startClassify($comment) * 100) . '%;' . $ids[$i] . ';';
                             $i++;
                         }
                         echo $ratings;
                         break;
                     case 'bayesMenuLearn':
                         if (!serendipity_checkPermission('adminComments')) {
                             break;
                         }
                         //the POST-Data of the form is almost exactly like the result of the database-query
                         $comment = $_POST;
                         if (serendipity_db_bool($comment['ham'])) {
                             $category = 'ham';
                         } else {
                             $category = 'spam';
                         }
                         $this->startLearn($comment, $category);
                         $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                         $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                         $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                         $url .= '&amp;serendipity[subpage]=3';
                         $url .= '&amp;serendipity[success]=Learned comment as ' . $category . '">';
                         echo $redirect . $url;
                         break;
                     case 'bayesLearnFromOld':
                         if (!serendipity_checkPermission('adminComments')) {
                             break;
                         }
                         $this->learnFromOld();
                         #redirect the user back to the menu
                         $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                         $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                         $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                         $url .= '&amp;serendipity[subpage]=2';
                         $url .= '&amp;serendipity[success]=Learning Done">';
                         echo $redirect . $url;
                         break;
                     case 'bayesDeleteDatabase':
                         if (!serendipity_checkPermission('adminComments')) {
                             break;
                         }
                         $this->deleteDB();
                         $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                         $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                         $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                         $url .= '&amp;serendipity[subpage]=2';
                         $url .= '&amp;serendipity[success]=Database deleted">';
                         echo $redirect . $url;
                         break;
                     case 'bayesSetupDatabase':
                         if (!serendipity_checkPermission('adminComments')) {
                             break;
                         }
                         $this->setupDB();
                         $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                         $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                         $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                         $url .= '&amp;serendipity[subpage]=2';
                         $url .= '&amp;serendipity[success]=Database created">';
                         echo $redirect . $url;
                         break;
                     case 'bayesRecycler':
                         if (!serendipity_checkPermission('adminComments')) {
                             break;
                         }
                         if (!empty($_REQUEST['serendipity']['selected'])) {
                             $ids = array_keys($_REQUEST['serendipity']['selected']);
                         } else {
                             if (!empty($_REQUEST['serendipity']['comments'])) {
                                 $ids = array_keys($_REQUEST['serendipity']['comments']);
                             }
                         }
                         if (isset($_REQUEST['restore'])) {
                             if (!empty($ids)) {
                                 $ids = array_keys($_REQUEST['serendipity']['selected']);
                                 #When restoring a comment we can be pretty sure it's a valid one
                                 $comments = $this->getRecyclerComment($ids);
                                 foreach ($comments as $comment) {
                                     $this->startLearn($comment, 'ham');
                                 }
                                 $this->restoreComments($ids);
                                 if (in_array(0, $ids)) {
                                     #this happened when the recyclercode was broken
                                     $msg = "Not able to restore comment with id 0";
                                     $msgtype = 'error';
                                 }
                                 if (count($ids) > 1) {
                                     $msg = 'Comments ' . implode(', ', $ids) . ' restored';
                                 } else {
                                     $msg = 'Comment ' . implode(', ', $ids) . ' restored';
                                 }
                                 $msgtype = 'success';
                             } else {
                                 $msg = 'No comment selected';
                                 $msgtype = 'message';
                             }
                         }
                         if (isset($_REQUEST['empty'])) {
                             if (isset($_REQUEST['recyclerSpam'])) {
                                 if ($this->get_config('emptyAll', false)) {
                                     $comments = $this->getAllRecyclerComments();
                                 } else {
                                     $comments = $this->getRecyclerComment($ids);
                                 }
                                 foreach ($comments as $comment) {
                                     $this->startLearn($comment, 'spam');
                                 }
                             }
                             if ($this->get_config('emptyAll', false)) {
                                 $success = $this->emptyRecycler();
                             } else {
                                 $success = $this->deleteFromRecycler($ids);
                             }
                             if (serendipity_db_bool($success)) {
                                 $msg = 'Recycler emptied';
                                 $msgtype = 'success';
                             } else {
                                 $msg = urlencode($success);
                                 $msgtype = 'error';
                             }
                         }
                         $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                         $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                         $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                         $url .= '&amp;serendipity[subpage]=1';
                         if (!empty($msgtype)) {
                             $url .= '&amp;serendipity[' . $msgtype . ']=' . $msg . '">';
                         } else {
                             $url .= '" />';
                         }
                         echo $redirect . $url;
                         break;
                     case 'bayesAnalyse':
                         if (isset($_REQUEST['comments'])) {
                             $comment_ids = array_keys($_REQUEST['comments']);
                         } else {
                             $msg = 'Please select at least one comment';
                             $msgtype = 'message';
                         }
                         $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                         $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                         $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                         $url .= '&amp;serendipity[subpage]=4';
                         if (isset($_REQUEST['comments'])) {
                             foreach ($comment_ids as $comment) {
                                 $url .= '&amp;serendipity[comments][' . $comment . ']';
                             }
                         }
                         if (!empty($msgtype)) {
                             $url .= '&amp;serendipity[' . $msgtype . ']=' . $msg . '"/>';
                         } else {
                             $url .= '" />';
                         }
                         echo $redirect . $url;
                         break;
                     case 'bayesImport':
                         #Showing the menu
                         $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                         $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                         $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                         $url .= '&amp;serendipity[subpage]=5';
                         echo $redirect . $url;
                         break;
                     case 'spamblock_bayes_import':
                         if (!serendipity_checkPermission('adminComments')) {
                             break;
                         }
                         $this->setupDB();
                         #starting the import
                         $importDatabase = $this->getCsvDatabase($_FILES['importcsv']['tmp_name']);
                         $result = $this->importDatabase($importDatabase);
                         if ($result === true) {
                             $msg = "Database imported";
                             $msgtype = "success";
                         } else {
                             $msg = $result;
                             $msgtype = "error";
                         }
                         $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                         $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                         $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                         $url .= '&amp;serendipity[subpage]=2';
                         $url .= '&amp;serendipity[' . $msgtype . ']=' . $msg . '">';
                         echo $redirect . $url;
                         break;
                     case 'bayesExportDatabase':
                         $key = $_POST['key'];
                         $exportKey = $this->get_config('exportKey', "");
                         if (!(serendipity_checkPermission('adminComments') || !$exportKey == "" && $exportKey == $key)) {
                             break;
                         }
                         $this->set_config('exportKey', "");
                         $this->exportDatabase();
                         header('Content-type: application/x-download');
                         header('Content-Disposition: attachment; filename=spamblock_bayes.csv');
                         echo file_get_contents($serendipity['serendipityPath'] . 'templates_c/spamblock_bayes.csv');
                         break;
                     case 'bayesTrojaGetKey':
                         $publicTrojaKey = openssl_get_publickey(file_get_contents(dirname(__FILE__) . '/publicTrojaKey.pem'));
                         header('HTTP/1.1 200 OK');
                         $key = mt_rand();
                         $this->set_config('exportKey', $key);
                         openssl_public_encrypt($key, $enc_key, $publicTrojaKey, OPENSSL_PKCS1_PADDING);
                         echo base64_encode($enc_key);
                         break;
                     case 'bayesTrojaRegister':
                         if (!serendipity_checkPermission('adminComments')) {
                             break;
                         }
                         $this->set_config('awaitingTrojaRequest', true);
                         $this->set_config('troja_registered', true);
                         $trojaUrlTarget = $this->trojaUrl . 'register';
                         $data = array('url' => $serendipity['baseURL']);
                         $trojaUrlTarget .= "?" . http_build_query($data);
                         $response = $this->getRequest($trojaUrlTarget);
                         parse_str($response, $params);
                         $registered = urldecode($params['registered']);
                         if ($registered == 1) {
                             $msg = "Registered";
                             $msgtype = "success";
                         } else {
                             $msg = "Could not register this blog (already registered?)";
                             $msgtype = "error";
                         }
                         $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                         $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                         $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                         $url .= '&amp;serendipity[subpage]=5';
                         $url .= '&amp;serendipity[' . $msgtype . ']=' . $msg . '">';
                         echo $redirect . $url;
                         break;
                     case 'bayesTrojaRemove':
                         if (!serendipity_checkPermission('adminComments')) {
                             break;
                         }
                         $this->set_config('awaitingTrojaRequest', true);
                         $this->set_config('troja_registered', false);
                         $trojaUrlTarget = $this->trojaUrl . 'remove';
                         $data = array('url' => $serendipity['baseURL']);
                         $trojaUrlTarget .= "?" . http_build_query($data);
                         $response = $this->getRequest($trojaUrlTarget);
                         parse_str($response, $params);
                         $removed = urldecode($params['removed']);
                         if ($removed == 1) {
                             $msg = "Removed";
                             $msgtype = "success";
                         } else {
                             $msg = "Could not remove this blog";
                             $msgtype = "error";
                         }
                         $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                         $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                         $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                         $url .= '&amp;serendipity[subpage]=5';
                         $url .= '&amp;serendipity[' . $msgtype . ']=' . $msg . '">';
                         echo $redirect . $url;
                         break;
                     case 'bayesTrojaAccept':
                         $waiting = serendipity_db_bool($this->get_config('awaitingTrojaRequest', false));
                         if ($waiting === true) {
                             header('HTTP/1.1 200 OK');
                             $this->set_config('awaitingTrojaRequest', false);
                         } else {
                             header('HTTP/1.1 403 Forbidden');
                         }
                         echo "";
                         break;
                     case 'bayesTrojaRequestDB':
                         if (!serendipity_checkPermission('adminComments')) {
                             break;
                         }
                         $trojaUrlTarget = $this->trojaUrl . 'requestDB';
                         $url = $serendipity['baseURL'];
                         $try = 0;
                         while (trim($url) == $serendipity['baseURL']) {
                             $try++;
                             $response = $this->getRequest($trojaUrlTarget);
                             parse_str($response, $params);
                             $url = urldecode($params['url']);
                             if ($try > 3) {
                                 break;
                             }
                         }
                         $key = $params['key'];
                         $error = false;
                         if (trim($url) == "http://" . $serendipity['baseURL'] || trim($url) == $serendipity['baseURL']) {
                             $msg = "Got only this blog as target to import from";
                             $msgtype = "error";
                             $error = true;
                         }
                         if ($url == "") {
                             $msg = "Got no target to import from";
                             $msgtype = "error";
                             $error = true;
                         }
                         if ($error) {
                             $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                             $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                             $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                             $url .= '&amp;serendipity[subpage]=5';
                             $url .= '&amp;serendipity[' . $msgtype . ']=' . $msg . '">';
                             echo $redirect . $url;
                             return;
                         } else {
                             $msg = "Imported from {$url}";
                             $msgtype = "success";
                         }
                         $this->fetchDatabase(trim($url), $key);
                         $redirect = '<meta http-equiv="REFRESH" content="0;url=';
                         $url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
                         $url .= '&amp;serendipity[adminAction]=spamblock_bayes';
                         $url .= '&amp;serendipity[subpage]=5';
                         $url .= '&amp;serendipity[' . $msgtype . ']=' . $msg . '">';
                         echo $redirect . $url;
                         break;
                 }
                 return true;
                 break;
             case 'frontend_saveComment':
                 if (!is_array($eventData) || serendipity_db_bool($eventData['allow_comments'])) {
                     $serendipity['csuccess'] = 'true';
                     $comment = array($this->type['url'] => $addData['url'], $this->type['body'] => $addData['comment'], $this->type['name'] => $addData['name'], $this->type['email'] => $addData['email'], $this->type['ip'] => serendipity_db_escape_string(isset($addData['ip']) ? $addData['ip'] : $_SERVER['REMOTE_ADDR']), $this->type['referrer'] => substr(isset($_SESSION['HTTP_REFERER']) ? serendipity_db_escape_string($_SESSION['HTTP_REFERER']) : '', 0, 200));
                     if ($this->checkIfSpam($comment)) {
                         $method = $this->get_config('method', 'moderate');
                         if ($method == 'moderate') {
                             $this->moderate($eventData, $addData);
                             return false;
                         } elseif ($method == 'block') {
                             $this->block($eventData, $addData);
                             return false;
                         }
                     }
                     $blockBarrier = $this->get_config('blockBarrier', 90) / 100;
                     $moderateBarrier = $this->get_config('moderateBarrier', 70) / 100;
                     //now this either wasn't spam or method custom is selected.
                     if ($this->lastRating > $blockBarrier) {
                         $this->block($eventData, $addData);
                         return false;
                     } elseif ($this->lastRating > $moderateBarrier) {
                         $this->moderate($eventData, $addData);
                         return false;
                     }
                 }
                 return true;
                 break;
             case 'backend_view_comment':
                 $path = $this->path = $this->get_config('path', $serendipity['serendipityHTTPPath'] . 'plugins/serendipity_event_spamblock_bayes/');
                 if (!empty($path) && $path != 'default' && $path != 'none' && $path != 'empty') {
                     $path_defined = true;
                     $imgpath = $path . 'img/';
                 } else {
                     $path_defined = false;
                     $imgpath = $serendipity['baseURL'] . 'index.php?/plugin/';
                 }
                 $comment = $eventData;
                 //change $comment into the needed form
                 $comment[$this->type['body']] = $comment['fullBody'];
                 unset($comment['fullBody']);
                 if ($serendipity['version'][0] == '1') {
                     $eventData['action_more'] = '<a id="ham' . $comment['id'] . '"
             class="serendipityIconLink spamblockBayesControls"
             onclick="return ham(' . $comment['id'] . ');"
             title="' . PLUGIN_EVENT_SPAMBLOCK_BAYES_NAME . ': ' . PLUGIN_EVENT_SPAMBLOCK_BAYES_HAM . '"
             href="' . $serendipity['baseURL'] . 'index.php?/plugin/learnAction&action=approve&category=ham&id=' . $eventData['id'] . '&entry_id=' . $eventData['entry_id'] . '"
             ><img
             src="' . serendipity_getTemplateFile('admin/img/accept.png') . '"
             alt="" />' . PLUGIN_EVENT_SPAMBLOCK_BAYES_HAM . '</a> <a
             id="spam' . $comment['id'] . '"
             class="serendipityIconLink spamblockBayesControls"
             onclick="return spam(' . $comment['id'] . ');"
             title="' . PLUGIN_EVENT_SPAMBLOCK_BAYES_NAME . ': ' . PLUGIN_EVENT_SPAMBLOCK_BAYES_SPAM . '"
             href="' . $serendipity['baseURL'] . 'index.php?/plugin/learnAction&action=delete&category=spam&id=' . $eventData['id'] . '&entry_id=' . $eventData['entry_id'] . '"
             ><img src="' . $imgpath . 'spamblock_bayes.spam.png' . '" alt="" />' . PLUGIN_EVENT_SPAMBLOCK_BAYES_SPAM . '</a>
             <span class="spamblockBayesRating">
             <a href="serendipity_admin.php?serendipity[adminModule]=event_display&amp;serendipity[adminAction]=spamblock_bayes&amp;serendipity[subpage]=4&amp;serendipity[comments][' . $comment['id'] . ']">
                 <span id="' . $comment['id'] . '_rating">' . preg_replace('/\\..*/', '', $this->startClassify($comment) * 100) . '%</span>
             </a>
             <img src="' . serendipity_getTemplateFile('admin/img/admin_msg_note.png') . '" title="' . PLUGIN_EVENT_SPAMBLOCK_BAYES_RATING_EXPLANATION . '" />
             </span>
             ';
                 } else {
                     $eventData['action_more'] = '<ul id="bayes_actions" class="plainList clearfix actions">
             <li>
             <a id="ham' . $comment['id'] . '"
             class="button_link spamblockBayesControls"
             onclick="return ham(' . $comment['id'] . ');"
             title="' . PLUGIN_EVENT_SPAMBLOCK_BAYES_NAME . ': ' . PLUGIN_EVENT_SPAMBLOCK_BAYES_HAM . '"
             href="' . $serendipity['baseURL'] . 'index.php?/plugin/learnAction&action=approve&category=ham&id=' . $eventData['id'] . '&entry_id=' . $eventData['entry_id'] . '"
             ><span class="icon-ok-circled"></span><span class="visuallyhidden"> ' . PLUGIN_EVENT_SPAMBLOCK_BAYES_HAM . '</span></a>
             </li>
             <li>
             <a id="spam' . $comment['id'] . '"
             class="button_link spamblockBayesControls"
             onclick="return spam(' . $comment['id'] . ');"
             title="' . PLUGIN_EVENT_SPAMBLOCK_BAYES_NAME . ': ' . PLUGIN_EVENT_SPAMBLOCK_BAYES_SPAM . '"
             href="' . $serendipity['baseURL'] . 'index.php?/plugin/learnAction&action=delete&category=spam&id=' . $eventData['id'] . '&entry_id=' . $eventData['entry_id'] . '"
             ><span class="icon-cancel"></span><span class="visuallyhidden"> ' . PLUGIN_EVENT_SPAMBLOCK_BAYES_SPAM . '</span></a>
             </li>
             <li class="bayes_spamrating">
             <a href="serendipity_admin.php?serendipity[adminModule]=event_display&amp;serendipity[adminAction]=spamblock_bayes&amp;serendipity[subpage]=4&amp;serendipity[comments][' . $comment['id'] . ']" title="' . PLUGIN_EVENT_SPAMBLOCK_BAYES_RATING_EXPLANATION . '">
             <span id="' . $comment['id'] . '_rating"> ' . preg_replace('/\\..*/', '', $this->startClassify($comment) * 100) . '%</span>
             </a>
             </li>
             </ul>
             ';
                 }
                 return true;
                 break;
             case 'backend_sendcomment':
                 $delete = PLUGIN_EVENT_SPAMBLOCK_BAYES_DELETE . ': ';
                 $delete .= $serendipity['baseURL'] . 'index.php?/plugin/learnAction&action=delete&category=spam&id=' . $eventData['comment_id'] . '&entry_id=' . $eventData['entry_id'];
                 $eventData['action_more']['delete'] = $delete;
                 if (!empty($eventData['moderate_comment']) && $eventData['moderate_comment']) {
                     $approve = PLUGIN_EVENT_SPAMBLOCK_BAYES_APPROVE . ': ';
                     $approve .= $serendipity['baseURL'] . 'index.php?/plugin/learnAction&action=approve&category=ham&id=' . $eventData['comment_id'] . '&entry_id=' . $eventData['entry_id'];
                     $eventData['action_more']['approve'] = $approve;
                 }
                 return true;
                 break;
             case 'backend_comments_top':
                 $path = $this->path = $this->get_config('path', $serendipity['serendipityHTTPPath'] . 'plugins/serendipity_event_spamblock_bayes/');
                 if (!empty($path) && $path != 'default' && $path != 'none' && $path != 'empty') {
                     $path_defined = true;
                     $imgpath = $path . 'img/';
                 } else {
                     $path_defined = false;
                     $imgpath = $serendipity['baseURL'] . 'index.php?/plugin/';
                 }
                 echo "<style>\n                        .spamblockBayesControls {\n                            cursor: pointer;\n                        }\n                        .spamblockBayesRating {\n                            float: right;\n                        }\n                        .spamblockBayesRating img {\n                            vertical-align: middle;\n                        }\n                    </style>\n                    <script>\n                        var learncommentPath = '{$serendipity['baseURL']}index.php?/plugin/learncomment';\n                        var ratingPath = '{$serendipity['baseURL']}index.php?/plugin/getRating';\n                        var bayesCharset = '" . LANG_CHARSET . "';\n                        var bayesDone = '" . DONE . "';\n                        var bayesHelpImage = '" . serendipity_getTemplateFile('admin/img/admin_msg_note.png') . "';\n                        var bayesHelpTitle = '" . PLUGIN_EVENT_SPAMBLOCK_BAYES_RATING_EXPLANATION . "';\n                        var bayesLoadIndicator = '{$imgpath}spamblock_bayes.load.gif';\n                        var bayesSpambutton = '" . PLUGIN_EVENT_SPAMBLOCK_BAYES_SPAMBUTTON . "';\n                        var bayesHambutton = '" . PLUGIN_EVENT_SPAMBLOCK_BAYES_HAMBUTTON . "';\n                        var bayesPlugin = '" . PLUGIN_EVENT_SPAMBLOCK_BAYES_NAME . "';\n                    </script>\n                    <script type=\"text/javascript\" src=\"{$path}bayes_commentlist.js\"></script>\n                    ";
                 return true;
                 break;
             case 'backend_sidebar_entries':
                 if (!serendipity_checkPermission('adminComments')) {
                     break;
                 }
                 if ($serendipity['version'][0] == '1') {
                     if ($this->get_config('menu', true)) {
                         echo '<li class="serendipitySideBarMenuLink serendipitySideBarMenuEntryLinks">
                             <a href="?serendipity[adminModule]=event_display&serendipity[adminAction]=spamblock_bayes&serendipity[subpage]=1">
                                 ' . PLUGIN_EVENT_SPAMBLOCK_BAYES_NAME . '
                             </a>
                         </li>';
                     }
                 } else {
                 }
                 return true;
                 break;
             case 'backend_sidebar_admin_appearance':
                 if (!serendipity_checkPermission('adminComments')) {
                     break;
                 }
                 if ($serendipity['version'][0] == '1') {
                 } else {
                     if ($this->get_config('menu', true)) {
                         echo '<li><a href="?serendipity[adminModule]=event_display&serendipity[adminAction]=spamblock_bayes&serendipity[subpage]=1">' . PLUGIN_EVENT_SPAMBLOCK_BAYES_NAME . '</a></li>';
                     }
                 }
                 return true;
                 break;
             case 'backend_sidebar_entries_event_display_spamblock_bayes':
                 if (!serendipity_checkPermission('adminComments')) {
                     break;
                 }
                 $path = $this->path = $this->get_config('path', $serendipity['serendipityHTTPPath'] . 'plugins/serendipity_event_spamblock_bayes/');
                 if (!empty($path) && $path != 'default' && $path != 'none' && $path != 'empty') {
                     $path_defined = true;
                     $imgpath = $path . 'img/';
                 } else {
                     $path_defined = false;
                     $imgpath = $serendipity['baseURL'] . 'index.php?/plugin/';
                 }
                 global $serendipity;
                 if (isset($serendipity['GET']['message'])) {
                     if ($serendipity['version'][0] == '1') {
                         echo '<p class="serendipityAdminMsgNote">' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['message']) : htmlspecialchars($serendipity['GET']['message'], ENT_COMPAT, LANG_CHARSET)) . '</p>';
                     } else {
                         echo '<span class="msg_notice"><span class="icon-info-circled"></span> ' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['message']) : htmlspecialchars($serendipity['GET']['message'], ENT_COMPAT, LANG_CHARSET)) . '</span>';
                     }
                 }
                 if (isset($serendipity['GET']['success'])) {
                     if ($serendipity['version'][0] == '1') {
                         echo '<p class="serendipityAdminMsgSuccess">' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['success']) : htmlspecialchars($serendipity['GET']['success'], ENT_COMPAT, LANG_CHARSET)) . '</p>';
                     } else {
                         echo '<span class="msg_success"><span class="icon-ok-circled"></span> ' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['success']) : htmlspecialchars($serendipity['GET']['success'], ENT_COMPAT, LANG_CHARSET)) . '</span>';
                     }
                 }
                 if (isset($serendipity['GET']['error'])) {
                     if ($serendipity['version'][0] == '1') {
                         echo '<p class="serendipityAdminMsgError">' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['error']) : htmlspecialchars($serendipity['GET']['error'], ENT_COMPAT, LANG_CHARSET)) . '</p>';
                     } else {
                         echo '<span class="msg_error"><span class="icon-attention-circled"></span> ' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['error']) : htmlspecialchars($serendipity['GET']['error'], ENT_COMPAT, LANG_CHARSET)) . '</span>';
                     }
                 }
                 $this->get = $serendipity['GET'];
                 $this->displayMenu($serendipity['GET']['subpage']);
                 return true;
                 break;
             case 'xmlrpc_comment_spam':
                 $entry_id = $addData['id'];
                 $comment_id = $addData['cid'];
                 if ($this->get_config('method', 'moderate') == 'custom') {
                     $spamBarrier = min(array($this->get_config('moderateBarrier', 70) / 100, $this->get_config('blockBarrier', 90) / 100));
                 } else {
                     $spamBarrier = 0.7;
                 }
                 //spam shall not get through the filter twice - so make sure, it really is marked as spam
                 $loop = 0;
                 while ($this->startClassify($eventData) < $spamBarrier && $loop < 5) {
                     $this->startLearn($eventData, 'spam');
                     //prevent infinite loop
                     $loop++;
                 }
                 if ($this->get_config('recycler', true)) {
                     $this->recycleComment($comment_id, $entry_id);
                 }
                 serendipity_deleteComment($comment_id, $entry_id);
                 return true;
                 break;
             case 'xmlrpc_comment_ham':
                 $this->startLearn($eventData, 'ham');
                 $comment_id = $addData['cid'];
                 $entry_id = $addData['id'];
                 //moderated ham-comments should be instantly approved, that's why they need an id:
                 serendipity_approveComment($comment_id, $entry_id);
                 return true;
                 break;
             default:
                 return false;
                 break;
         }
     } else {
         return false;
     }
 }
Пример #16
0
<?php

if (IN_serendipity !== true) {
    die("Don't hack!");
}
$probelang = dirname(__FILE__) . '/' . $serendipity['charset'] . 'lang_' . $serendipity['lang'] . '.inc.php';
if (file_exists($probelang)) {
    include $probelang;
}
include dirname(__FILE__) . '/lang_en.inc.php';
$serendipity['smarty']->assign(array('currpage' => "http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']));
$template_config = array(array('var' => 'feedburner', 'name' => FEEDBURNER_102, 'type' => 'string', 'default' => ''), array('var' => 'delicious', 'name' => DELICIOUS_102, 'type' => 'string', 'default' => ''), array('var' => 'flickr', 'name' => 'flickr URI', 'type' => 'string', 'default' => ''), array('var' => 'technorati', 'name' => 'technorati URI', 'type' => 'string', 'default' => ''), array('var' => 'addthiswidget', 'name' => 'addthis.com Bookmark Widget', 'type' => 'boolean', 'default' => 'false'), array('var' => 'addthisaccount', 'name' => 'addthis.com Account', 'type' => 'string', 'default' => ''), array('var' => 'amount', 'name' => NAVLINK_AMOUNT, 'type' => 'string', 'default' => '5'));
$template_loaded_config = serendipity_loadThemeOptions($template_config, $serendipity['smarty_vars']['template_option']);
if (isset($_POST['serendipity']['template']['amount']) && serendipity_userLoggedIn() && serendipity_checkPermission('adminTemplates')) {
    $temp_post = $_POST['serendipity']['template']['amount'];
    if (is_numeric($temp_post)) {
        $template_loaded_config['amount'] = $temp_post;
    }
}
$navlinks = array();
for ($i = 0; $i < $template_loaded_config['amount']; $i++) {
    $navlinks[] = array('title' => $template_loaded_config['navlink' . $i . 'text'], 'href' => $template_loaded_config['navlink' . $i . 'url'], 'akey' => $template_loaded_config['navlink' . $i . 'key']);
    $template_config[] = array('var' => 'navlink' . $i . 'text', 'name' => NAV_LINK_TEXT . ' #' . $i, 'type' => 'string', 'default' => 'Link #' . $i);
    $template_config[] = array('var' => 'navlink' . $i . 'url', 'name' => NAV_LINK_URL . ' #' . $i, 'type' => 'string', 'default' => '#');
    $template_config[] = array('var' => 'navlink' . $i . 'key', 'name' => NAV_LINK_KEY . ' #' . $i, 'type' => 'string', 'default' => $i);
}
$serendipity['smarty']->assign_by_ref('navlinks', $navlinks);
    function showElementCommentlist($where, $limit)
    {
        global $serendipity;
        $summaryLength = 200;
        $i = 0;
        if (version_compare(substr($serendipity['version'], 0, 3), '1.6') >= 0) {
            $comments = serendipity_fetchComments(null, $limit, 'co.id DESC', true, 'NORMAL', $where);
        } else {
            $comments = serendipity_db_query("SELECT c.*, e.title FROM {$serendipity['dbPrefix']}comments c\n                                        LEFT JOIN {$serendipity['dbPrefix']}entries e ON (e.id = c.entry_id)\n                                        WHERE 1 = 1 " . $where . (!serendipity_checkPermission('adminEntriesMaintainOthers') ? 'AND e.authorid = ' . (int) $serendipity['authorid'] : '') . "\n                                        ORDER BY c.id DESC LIMIT {$limit}");
        }
        if (!is_array($comments)) {
            return;
        }
        if (count($comments) == 0) {
            return;
        }
        echo '<table width="100%" cellpadding="3" border="0" cellspacing="0">';
        foreach ($comments as $rs) {
            $i++;
            $comment = array('fullBody' => $rs['body'], 'summary' => serendipity_mb('substr', $rs['body'], 0, $summaryLength), 'status' => $rs['status'], 'type' => $rs['type'], 'id' => $rs['id'], 'title' => $rs['title'], 'timestamp' => $rs['timestamp'], 'referer' => $rs['referer'], 'url' => $rs['url'], 'ip' => $rs['ip'], 'entry_url' => serendipity_archiveURL($rs['entry_id'], $rs['title']), 'email' => $rs['email'], 'author' => empty($rs['author']) ? ANONYMOUS : $rs['author'], 'entry_id' => $rs['entry_id']);
            $entrylink = serendipity_archiveURL($comment['entry_id'], 'comments', 'serendipityHTTPPath', true) . '#c' . $comment['id'];
            if (strlen($comment['fullBody']) > strlen($comment['summary'])) {
                $comment['summary'] .= ' ...';
                $comment['excerpt'] = true;
                // When summary is not the full body, strip HTML tags from summary, as it might break and leave unclosed HTML.
                $comment['fullBody'] = nl2br(function_exists('serendipity_specialchars') ? serendipity_specialchars($comment['fullBody']) : htmlspecialchars($comment['fullBody'], ENT_COMPAT, LANG_CHARSET));
                $comment['summary'] = nl2br(strip_tags($comment['summary']));
            } else {
                $comment['excerpt'] = false;
                $comment['fullBody'] = $comment['summary'] = nl2br(function_exists('serendipity_specialchars') ? serendipity_specialchars($comment['fullBody']) : htmlspecialchars($comment['fullBody'], ENT_COMPAT, LANG_CHARSET));
            }
            #serendipity_plugin_api::hook_event('backend_view_comment', $comment, '&amp;serendipity[page]='. $page . $searchString);
            $class = 'serendipity_admin_list_item_' . ($i % 2 == 0 ? 'even' : 'uneven');
            if ($comment['status'] == 'pending' || $comment['status'] === 'confirm') {
                $class .= ' serendipity_admin_comment_pending';
            }
            $header_class = $comment['status'] == 'pending' || $comment['status'] === 'confirm' ? 'serendipityAdminMsgNote serendipity_admin_comment_pending_header' : '';
            ?>
        <tr>
            <td class="<?php 
            echo $header_class;
            ?>
">
        <?php 
            if ($header_class == 'serendipityAdminMsgNote serendipity_admin_comment_pending_header') {
                ?>
                    <img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="<?php 
                echo serendipity_getTemplateFile('admin/img/admin_msg_note.png');
                ?>
" alt="" />
        <?php 
            }
            ?>
                <a name="c<?php 
            echo $comment['id'];
            ?>
"></a>
                <?php 
            echo ($comment['type'] == 'NORMAL' ? COMMENT : ($comment['type'] == 'TRACKBACK' ? TRACKBACK : PINGBACK)) . ' #' . $comment['id'] . ', ' . IN_REPLY_TO . ' <strong><a href="' . $comment['entry_url'] . '">' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($comment['title']) : htmlspecialchars($comment['title'], ENT_COMPAT, LANG_CHARSET)) . '</a></strong>, ' . ON . ' ' . serendipity_formatTime('%b %e %Y, %H:%M', $comment['timestamp']);
            ?>
            </td>
        </tr>
        <tr>
            <td class="serendipity_admin_list_item <?php 
            echo $class;
            ?>
" id="comment_<?php 
            echo $comment['id'];
            ?>
">
                <table width="100%" cellspacing="0" cellpadding="3" border="0">
                    <tr>
                        <td width="40%"><strong><?php 
            echo AUTHOR;
            ?>
</strong>: <?php 
            echo (function_exists('serendipity_specialchars') ? serendipity_specialchars(serendipity_truncateString($comment['author'], 30)) : htmlspecialchars(serendipity_truncateString($comment['author'], 30), ENT_COMPAT, LANG_CHARSET)) . $comment['action_author'];
            ?>
</td>
                        <td><strong><?php 
            echo EMAIL;
            ?>
</strong>:
                            <?php 
            if (empty($comment['email'])) {
                echo 'N/A';
            } else {
                ?>
                                    <a href="mailto:<?php 
                echo function_exists('serendipity_specialchars') ? serendipity_specialchars($comment['email']) : htmlspecialchars($comment['email'], ENT_COMPAT, LANG_CHARSET);
                ?>
" title="<?php 
                echo function_exists('serendipity_specialchars') ? serendipity_specialchars($comment['email']) : htmlspecialchars($comment['email'], ENT_COMPAT, LANG_CHARSET);
                ?>
"><?php 
                echo function_exists('serendipity_specialchars') ? serendipity_specialchars(serendipity_truncateString($comment['email'], 30)) : htmlspecialchars(serendipity_truncateString($comment['email'], 30), ENT_COMPAT, LANG_CHARSET);
                ?>
</a>
                            <?php 
            }
            ?>
                        <?php 
            echo $comment['action_email'];
            ?>
                        </td>
                    </tr>
                    <tr>
                        <td width="40%"><strong>IP</strong>:
                            <?php 
            if (empty($comment['ip'])) {
                echo '0.0.0.0';
            } else {
                echo function_exists('serendipity_specialchars') ? serendipity_specialchars($comment['ip']) : htmlspecialchars($comment['ip'], ENT_COMPAT, LANG_CHARSET);
            }
            ?>
                            <?php 
            echo $comment['action_ip'];
            ?>
                            </td>
                        <td><strong><?php 
            echo URL;
            ?>
</strong>:
                            <?php 
            if (empty($comment['url'])) {
                echo 'N/A';
            } else {
                ?>
                                    <a href="<?php 
                echo function_exists('serendipity_specialchars') ? serendipity_specialchars($comment['url']) : htmlspecialchars($comment['url'], ENT_COMPAT, LANG_CHARSET);
                ?>
" title="<?php 
                echo function_exists('serendipity_specialchars') ? serendipity_specialchars($comment['url']) : htmlspecialchars($comment['url'], ENT_COMPAT, LANG_CHARSET);
                ?>
" target="_blank"><?php 
                echo function_exists('serendipity_specialchars') ? serendipity_specialchars(serendipity_truncateString($comment['url'], 30)) : htmlspecialchars(serendipity_truncateString($comment['url'], 30), ENT_COMPAT, LANG_CHARSET);
                ?>
</a>
                            <?php 
            }
            ?>
                            <?php 
            echo $comment['action_url'];
            ?>
                            </td>
                    </tr>
                    <tr>
                        <td width="40%">&nbsp;</td>
                        <td><strong><?php 
            echo REFERER;
            ?>
</strong>:
                            <?php 
            if (empty($comment['referer'])) {
                echo 'N/A';
            } else {
                ?>
                                  <a href="<?php 
                echo function_exists('serendipity_specialchars') ? serendipity_specialchars($comment['referer']) : htmlspecialchars($comment['referer'], ENT_COMPAT, LANG_CHARSET);
                ?>
" title="<?php 
                echo function_exists('serendipity_specialchars') ? serendipity_specialchars($comment['referer']) : htmlspecialchars($comment['referer'], ENT_COMPAT, LANG_CHARSET);
                ?>
" target="_blank"><?php 
                echo function_exists('serendipity_specialchars') ? serendipity_specialchars(serendipity_truncateString($comment['referer'], 30)) : htmlspecialchars(serendipity_truncateString($comment['referer'], 30), ENT_COMPAT, LANG_CHARSET);
                ?>
</a>
                            <?php 
            }
            ?>
                            <?php 
            echo $comment['action_referer'];
            ?>
                            </td>
                    <tr>
                        <td style="border-top: 1px solid #CCCCCC; border-bottom: 1px solid #CCCCCC" colspan="3">
                            <div id="<?php 
            echo $comment['id'];
            ?>
_summary"><?php 
            echo $comment['summary'];
            ?>
</div>
                            <div id="<?php 
            echo $comment['id'];
            ?>
_full" style="display: none"><?php 
            echo $comment['fullBody'];
            ?>
</div>
                        </td>
                    </tr>
                </table>
        <?php 
            if (($comment['status'] == 'pending' || $comment['status'] === 'confirm') && !serendipity_db_bool($this->get_config('read_only'))) {
                ?>
                  <a href="?serendipity[action]=admin&amp;serendipity[adminModule]=comments&amp;serendipity[adminAction]=approve&amp;serendipity[id]=<?php 
                echo $comment['id'];
                ?>
&amp;<?php 
                echo serendipity_setFormToken('url');
                ?>
" class="serendipityIconLink" title="<?php 
                echo APPROVE;
                ?>
"><img src="<?php 
                echo serendipity_getTemplateFile('admin/img/accept.png');
                ?>
" alt="<?php 
                echo APPROVE;
                ?>
" /><?php 
                echo APPROVE;
                ?>
</a>
        <?php 
            }
            ?>
        <?php 
            if ($comment['status'] == 'approved' && !serendipity_db_bool($this->get_config('read_only'))) {
                ?>
                  <a href="?serendipity[action]=admin&amp;serendipity[adminModule]=comments&amp;serendipity[adminAction]=pending&amp;serendipity[id]=<?php 
                echo $comment['id'];
                ?>
&amp;<?php 
                echo serendipity_setFormToken('url');
                ?>
" class="serendipityIconLink" title="<?php 
                echo SET_TO_MODERATED;
                ?>
"><img src="<?php 
                echo serendipity_getTemplateFile('admin/img/clock.png');
                ?>
" alt="<?php 
                echo SET_TO_MODERATED;
                ?>
" /><?php 
                echo SET_TO_MODERATED;
                ?>
</a>
        <?php 
            }
            ?>
        <?php 
            if ($comment['excerpt']) {
                ?>
                  <a href="#c<?php 
                echo $comment['id'];
                ?>
" onclick="FT_toggle(<?php 
                echo $comment['id'];
                ?>
); return false;" title="<?php 
                echo VIEW;
                ?>
" class="serendipityIconLink"><img src="<?php 
                echo serendipity_getTemplateFile('admin/img/zoom.png');
                ?>
" alt="<?php 
                echo TOGGLE_ALL;
                ?>
" /><span id="<?php 
                echo $comment['id'];
                ?>
_text"><?php 
                echo TOGGLE_ALL;
                ?>
</span></a>
        <?php 
            }
            ?>
                  <a target="_blank" href="<?php 
            echo $entrylink;
            ?>
" title="<?php 
            echo VIEW;
            ?>
" class="serendipityIconLink"><img src="<?php 
            echo serendipity_getTemplateFile('admin/img/zoom.png');
            ?>
" alt="<?php 
            echo VIEW;
            ?>
" /><?php 
            echo VIEW;
            ?>
</a>
                  <a href="?serendipity[action]=admin&amp;serendipity[adminModule]=comments&amp;serendipity[adminAction]=edit&amp;serendipity[id]=<?php 
            echo $comment['id'];
            ?>
&amp;serendipity[entry_id]=<?php 
            echo $comment['entry_id'];
            ?>
&amp;<?php 
            echo serendipity_setFormToken('url');
            ?>
" title="<?php 
            echo EDIT;
            ?>
" class="serendipityIconLink"><img src="<?php 
            echo serendipity_getTemplateFile('admin/img/edit.png');
            ?>
" alt="<?php 
            echo EDIT;
            ?>
" /><?php 
            echo EDIT;
            ?>
</a>
        <?php 
            if (!serendipity_db_bool($this->get_config('read_only'))) {
                ?>
                  <a href="?serendipity[action]=admin&amp;serendipity[adminModule]=comments&amp;serendipity[adminAction]=delete&amp;serendipity[id]=<?php 
                echo $comment['id'];
                ?>
&amp;serendipity[entry_id]=<?php 
                echo $comment['entry_id'];
                ?>
&amp;<?php 
                echo serendipity_setFormToken('url');
                ?>
" onclick='return confirm("<?php 
                echo sprintf(COMMENT_DELETE_CONFIRM, $comment['id'], function_exists('serendipity_specialchars') ? serendipity_specialchars($comment['author']) : htmlspecialchars($comment['author'], ENT_COMPAT, LANG_CHARSET));
                ?>
")' title="<?php 
                echo DELETE;
                ?>
" class="serendipityIconLink"><img src="<?php 
                echo serendipity_getTemplateFile('admin/img/delete.png');
                ?>
" alt="<?php 
                echo DELETE;
                ?>
" /><?php 
                echo DELETE;
                ?>
</a>
        <?php 
            }
            ?>
                  <a target="_blank" onclick="cf = window.open(this.href, 'CommentForm', 'width=800,height=600,toolbar=no,scrollbars=1,scrollbars,resize=1,resizable=1'); cf.focus(); return false;" href="?serendipity[action]=admin&amp;serendipity[adminModule]=comments&amp;serendipity[adminAction]=reply&amp;serendipity[id]=<?php 
            echo $comment['id'];
            ?>
&amp;serendipity[entry_id]=<?php 
            echo $comment['entry_id'];
            ?>
&amp;serendipity[noBanner]=true&amp;serendipity[noSidebar]=true&amp;<?php 
            echo serendipity_setFormToken('url');
            ?>
" title="<?php 
            echo REPLY;
            ?>
" class="serendipityIconLink"><img src="<?php 
            echo serendipity_getTemplateFile('admin/img/user_editor.png');
            ?>
" alt="<?php 
            echo REPLY;
            ?>
" /><?php 
            echo REPLY;
            ?>
</a>
                  <?php 
            echo $comment['action_more'];
            ?>
            </td>
        </tr>
        <?php 
        }
        echo '</table>';
    }
Пример #18
0
<?php

# $Id$
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved.  See LICENSE file for licensing details
if (IN_serendipity !== true) {
    die("Don't hack!");
}
if (!serendipity_checkPermission('adminTemplates')) {
    return;
}
class template_option
{
    var $config = null;
    var $values = null;
    var $keys = null;
    function introspect_config_item($item, &$bag)
    {
        foreach ($this->config[$item] as $key => $val) {
            $bag->add($key, $val);
        }
    }
    function get_config($item)
    {
        return $this->values[$item];
    }
    function set_config($item, $value)
    {
        global $serendipity;
        serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}options\n                                    WHERE okey = 't_" . serendipity_db_escape_string($serendipity['template']) . "'\n                                      AND name = '" . serendipity_db_escape_string($item) . "'");
        if ($this->config[$item]['scope'] == 'global') {
Пример #19
0
 /**
  * Get a list of Sidebar plugins and pass them to Smarty
  *
  * @access public
  * @param   string      The side of plugins to show (left/right/hide/event/eventh)
  * @param   string      deprecated: Indicated which wrapping HTML element to use for plugins
  * @param   boolean     Indicates whether only all plugins should be shown that are not in the $side list
  * @param   string      Only show plugins of this plugin class
  * @param   string      Only show a plugin with this instance ID
  * @return  string      Smarty HTML output
  */
 function generate_plugins($side, $tag = '', $negate = false, $class = null, $id = null, $tpl = 'sidebar.tpl')
 {
     global $serendipity;
     /* $tag parameter is deprecated and used in Smarty templates instead. Only use it in function
      * header for layout.php BC.
      */
     $plugins = serendipity_plugin_api::enum_plugins($side, $negate, $class, $id);
     if (!is_array($plugins)) {
         return;
     }
     if (!isset($serendipity['smarty'])) {
         $serendipity['smarty_raw_mode'] = true;
         serendipity_smarty_init();
     }
     $pluginData = array();
     $addData = func_get_args();
     serendipity_plugin_api::hook_event('frontend_generate_plugins', $plugins, $addData);
     if (count($plugins) == 0) {
         $serendipity['prevent_sidebar_plugins_' . $side] = true;
     }
     $loggedin = false;
     if (serendipity_userLoggedIn() && serendipity_checkPermission('adminPlugins')) {
         $loggedin = true;
     }
     foreach ($plugins as $plugin_data) {
         $plugin =& serendipity_plugin_api::load_plugin($plugin_data['name'], $plugin_data['authorid'], $plugin_data['path']);
         if (is_object($plugin)) {
             $class = get_class($plugin);
             $title = '';
             /* TODO: make generate_content NOT echo its output */
             ob_start();
             $show_plugin = $plugin->generate_content($title);
             $content = ob_get_contents();
             ob_end_clean();
             if ($loggedin) {
                 $content .= '<div class="serendipity_edit_nugget"><a href="' . $serendipity['serendipityHTTPPath'] . 'serendipity_admin.php?serendipity[adminModule]=plugins&amp;serendipity[plugin_to_conf]=' . htmlentities($plugin->instance) . '">' . EDIT . '</a></div>';
             }
             if ($show_plugin !== false) {
                 $pluginData[] = array('side' => $side, 'class' => $class, 'title' => $title, 'content' => $content, 'id' => $plugin->instance);
             }
         } else {
             $pluginData[] = array('side' => $side, 'title' => ERROR, 'class' => $class, 'content' => sprintf(INCLUDE_ERROR, $plugin_data['name']));
         }
     }
     serendipity_plugin_api::hook_event('frontend_sidebar_plugins', $pluginData, $addData);
     $serendipity['smarty']->assign_by_ref('plugindata', $pluginData);
     $serendipity['smarty']->assign('pluginside', ucfirst($side));
     return serendipity_smarty_fetch('sidebar_' . $side, $tpl, true);
 }
/**
 * When paths or other options are changed in the s9y configuration, update the core files
 *
 * @access public
 * @return boolean
 */
function serendipity_updateConfiguration()
{
    global $serendipity, $umask;
    // Save all basic config variables to the database
    $config = serendipity_parseTemplate(S9Y_CONFIG_TEMPLATE);
    if (isset($_POST['sqlitedbName']) && !empty($_POST['sqlitedbName'])) {
        $_POST['dbName'] = $_POST['sqlitedbName'];
    }
    // Password can be hidden in re-configuring, but we need to store old password
    if (empty($_POST['dbPass']) && !empty($serendipity['dbPass'])) {
        $_POST['dbPass'] = $serendipity['dbPass'];
    }
    foreach ($config as $category) {
        foreach ($category['items'] as $item) {
            /* Don't save trash */
            if (!serendipity_checkConfigItemFlags($item, 'configuration')) {
                continue;
            }
            if (!isset($item['userlevel'])) {
                $item['userlevel'] = USERLEVEL_ADMIN;
            }
            // Check permission set. Changes to blogConfiguration or siteConfiguration items
            // always required authorid = 0, so that it be not specific to a userlogin
            if ($serendipity['serendipityUserlevel'] >= $item['userlevel'] || IS_installed === false) {
                $authorid = 0;
            } elseif ($item['permission'] == 'blogConfiguration' && serendipity_checkPermission('blogConfiguration')) {
                $authorid = 0;
            } elseif ($item['permission'] == 'siteConfiguration' && serendipity_checkPermission('siteConfiguration')) {
                $authorid = 0;
            } else {
                $authorid = $serendipity['authorid'];
            }
            if (is_array($_POST[$item['var']])) {
                // Arrays not allowed. Use first index value.
                list($a_key, $a_val) = each($_POST[$item['var']]);
                $_POST[$item['var']] = $a_key;
                // If it still is an array, munge it all together.
                if (is_array($_POST[$item['var']])) {
                    $_POST[$item['var']] = @implode(',', $_POST[$item['var']]);
                }
            }
            serendipity_set_config_var($item['var'], $_POST[$item['var']], $authorid);
        }
    }
    if (IS_installed === false || serendipity_checkPermission('siteConfiguration')) {
        return serendipity_updateLocalConfig($_POST['dbName'], $_POST['dbPrefix'], $_POST['dbHost'], $_POST['dbUser'], $_POST['dbPass'], $_POST['dbType'], $_POST['dbPersistent']);
    } else {
        return true;
    }
}
Пример #21
0
            if ($bag->is_set('configuration')) {
                /* Only play with the plugin if there is something to play with */
                echo '<script type="text/javascript">location.href = \'' . $serendipity['baseurl'] . '?serendipity[adminModule]=plugins&serendipity[plugin_to_conf]=' . $inst . '\';</script>';
                die;
            } else {
                /* If no config is available, redirect to plugin overview, because we do not want that a user can install the plugin a second time via accidental browser refresh */
                echo '<script type="text/javascript">location.href = \'' . $serendipity['baseurl'] . '?serendipity[adminModule]=plugins\';</script>';
                die;
            }
        }
    }
    if (isset($_POST['REMOVE']) && serendipity_checkFormToken()) {
        if (is_array($_POST['serendipity']['plugin_to_remove'])) {
            foreach ($_POST['serendipity']['plugin_to_remove'] as $key) {
                $plugin =& serendipity_plugin_api::load_plugin($key);
                if ($plugin->serendipity_owner == '0' || $plugin->serendipity_owner == $serendipity['authorid'] || serendipity_checkPermission('adminPluginsMaintainOthers')) {
                    serendipity_plugin_api::remove_plugin_instance($key);
                }
            }
        }
    }
    ?>

<?php 
    if (isset($_POST['SAVE'])) {
        ?>
    <div class="serendipityAdminMsgSuccess"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="<?php 
        echo serendipity_getTemplateFile('admin/img/admin_msg_success.png');
        ?>
" alt="" /><?php 
        echo DONE . ': ' . sprintf(SETTINGS_SAVED_AT, serendipity_strftime('%H:%M:%S'));
/**
 * Show the list of plugins
 *
 * Shows a HTML list of all installed plugins, complete with config/delete/sort order options
 *
 * @access public
 * @param  boolean  Indicates if event plugins (TRUE) or sidebar plugins (FALSE) shall be shown
 * @return null
 */
function show_plugins($event_only = false, $sidebars = null)
{
    static $opts = array('event' => PLUGIN_ACTIVE, 'eventh' => PLUGIN_INACTIVE);
    global $serendipity;
    $sql_filter = '';
    if (is_array($sidebars)) {
        foreach ($sidebars as $sidebar) {
            $up = strtoupper($sidebar);
            if ($sidebar == 'hide') {
                $opts[$sidebar] = HIDDEN;
            } elseif (defined('SIDEBAR_' . $up)) {
                $opts[$sidebar] = constant('SIDEBAR_' . $up);
            } elseif (defined($up)) {
                $opts[$sidebar] = constant($up);
            } else {
                $opts[$sidebar] = $up;
            }
            $sql_filter .= "AND placement != '" . serendipity_db_escape_string($sidebar) . "' ";
        }
    }
    if (!$event_only) {
        $sql = "SELECT * from {$serendipity['dbPrefix']}plugins\n                   WHERE placement != 'event'\n                     AND placement != 'eventh'\n                         " . $sql_filter;
        $invisible_plugins = serendipity_db_query($sql);
        if (is_array($invisible_plugins)) {
            $sidebars[] = 'NONE';
            $opts['NONE'] = NONE;
        }
    }
    $eyecandy = !isset($serendipity['eyecandy']) || serendipity_db_bool($serendipity['eyecandy']);
    if (!$eyecandy) {
        echo '    <form action="?serendipity[adminModule]=plugins" method="post">';
    } elseif (!$event_only) {
        echo '<script type="text/javascript"> function templatePluginMoverInit() { ';
        $is_first = true;
        foreach ($sidebars as $sidebar) {
            ?>
    <?php 
            echo $is_first ? 'var ' : '';
            ?>
 list = document.getElementById("<?php 
            echo $sidebar;
            ?>
_col");
    DragDrop.makeListContainer(list, 'g1');
    list.onDragOver = function() { this.style["border"] = "1px solid #4d759b"; };
    list.onDragOut = function() { this.style["border"] = "none"; };
<?php 
            $is_first = false;
        }
        echo ' } addLoadEvent(templatePluginMoverInit);</script>';
        echo '    <form action="?serendipity[adminModule]=plugins" method="post" onsubmit="pluginMovergetSort(); return true">';
        echo '        <input type="hidden" name="serendipity[pluginorder]" id="order" value="" />';
    } else {
        echo '<script type="text/javascript">addLoadEvent(pluginMoverInitEvent);</script>';
        echo '    <form action="?serendipity[adminModule]=plugins" method="post" onsubmit="pluginMovergetSortEvent(); return true">';
        echo '        <input type="hidden" name="serendipity[pluginorder]" id="eventorder" value="" />';
    }
    echo serendipity_setFormToken();
    ?>
    <table class="pluginmanager" border="0" cellpadding="5" cellspacing="3" width="100%">
        <tr>
<?php 
    $errors = array();
    /* Block display the plugins per placement location. */
    if ($event_only) {
        $plugin_placements = array('event', 'eventh');
    } else {
        $plugin_placements = $sidebars;
    }
    $total = 0;
    foreach ($plugin_placements as $plugin_placement) {
        if (!$event_only && $plugin_placement == 'NONE') {
            $is_invisible = true;
        } else {
            $is_invisible = false;
        }
        $ptitle = $opts[$plugin_placement];
        $pid = $plugin_placement;
        echo '<td class="pluginmanager_side pluginmanager_' . ($event_only ? 'event' : 'sidebar') . '">';
        echo '<div class="heading">' . $ptitle . '</div>';
        echo '<ol id="' . $pid . '_col" class="pluginmanager_container">';
        if ($is_invisible) {
            $plugins = $invisible_plugins;
        } else {
            $plugins = serendipity_plugin_api::enum_plugins($plugin_placement);
        }
        if (!is_array($plugins)) {
            continue;
        }
        $sort_idx = 0;
        foreach ($plugins as $plugin_data) {
            $total++;
            $plugin =& serendipity_plugin_api::load_plugin($plugin_data['name'], $plugin_data['authorid']);
            $key = urlencode($plugin_data['name']);
            $css_key = 's9ycid' . str_replace('%', '-', $key);
            $is_plugin_owner = $plugin_data['authorid'] == $serendipity['authorid'] || serendipity_checkPermission('adminPluginsMaintainOthers');
            $is_plugin_editable = $is_plugin_owner || $plugin_data['authorid'] == '0';
            if (!is_object($plugin)) {
                $name = $title = ERROR . '!';
                $desc = ERROR . ': ' . $plugin_data['name'];
                $can_configure = false;
            } else {
                /* query for its name, description and configuration data */
                $bag = new serendipity_property_bag();
                $plugin->introspect($bag);
                $name = htmlspecialchars($bag->get('name'));
                $desc = htmlspecialchars($bag->get('description'));
                $desc .= '<br />' . VERSION . ': <em>' . $bag->get('version') . '</em>';
                $title = serendipity_plugin_api::get_plugin_title($plugin, '[' . $name . ']');
                if ($bag->is_set('configuration') && ($plugin->protected === FALSE || $plugin_data['authorid'] == '0' || $plugin_data['authorid'] == $serendipity['authorid'] || serendipity_checkPermission('adminPluginsMaintainOthers'))) {
                    $can_configure = true;
                } else {
                    $can_configure = false;
                }
            }
            if ($event_only) {
                $place = placement_box('serendipity[placement][' . $plugin_data['name'] . ']', $plugin_data['placement'], $is_plugin_editable, true, $opts);
                $event_only_uri = '&amp;serendipity[event_plugin]=true';
            } else {
                $place = placement_box('serendipity[placement][' . $plugin_data['name'] . ']', $plugin_data['placement'], $is_plugin_editable, false, $opts);
                $event_only_uri = '';
            }
            /* Only display UP/DOWN links if there's somewhere for the plugin to go */
            if ($sort_idx == 0) {
                $moveup = '&nbsp;';
            } else {
                $moveup = '<a href="?' . serendipity_setFormToken('url') . '&amp;serendipity[adminModule]=plugins&amp;submit=move+up&amp;serendipity[plugin_to_move]=' . $key . $event_only_uri . '" style="border: 0"><img src="' . serendipity_getTemplateFile('admin/img/uparrow.png') . '" height="16" width="16" border="0" alt="' . UP . '" /></a>';
            }
            if ($sort_idx == count($plugins) - 1) {
                $movedown = '&nbsp;';
            } else {
                $movedown = ($moveup != '' ? '&nbsp;' : '') . '<a href="?' . serendipity_setFormToken('url') . '&amp;serendipity[adminModule]=plugins&amp;submit=move+down&amp;serendipity[plugin_to_move]=' . $key . $event_only_uri . '" style="border: 0"><img src="' . serendipity_getTemplateFile('admin/img/downarrow.png') . '" height="16" width="16" alt="' . DOWN . '" border="0" /></a>';
            }
            ?>
            <li class="pluginmanager_item_<?php 
            echo $sort_idx % 2 ? 'even' : 'uneven';
            ?>
" id="<?php 
            echo $css_key;
            ?>
">
                <div id="g<?php 
            echo $css_key;
            ?>
" class="pluginmanager_grablet">
                    <a href="#" id="grab<?php 
            echo $css_key;
            ?>
"></a>
                </div>
                <?php 
            if ($is_plugin_editable) {
                ?>
                    <input class="input_checkbox" type="checkbox" name="serendipity[plugin_to_remove][]" value="<?php 
                echo $plugin_data['name'];
                ?>
" />
                <?php 
            }
            ?>

                <?php 
            if ($can_configure) {
                ?>
                    <a class="pluginmanager_configure" href="?serendipity[adminModule]=plugins&amp;serendipity[plugin_to_conf]=<?php 
                echo $key;
                ?>
"><img src="<?php 
                echo serendipity_getTemplateFile('admin/img/configure.png');
                ?>
" style="border: 0; vertical-align: bottom;" alt="[C]" /></a>
                <?php 
            }
            ?>

                    <span class="pluginmanager_title">
                <?php 
            if ($can_configure) {
                ?>
                    <a title="<?php 
                echo $plugin_data['name'];
                ?>
" href="?serendipity[adminModule]=plugins&amp;serendipity[plugin_to_conf]=<?php 
                echo $key;
                ?>
"><?php 
                echo $title;
                ?>
</a>
                <?php 
            } else {
                ?>
                    <?php 
                echo $title;
                ?>
                <?php 
            }
            ?>
</span><br />
                    <div class="pluginmanager_description" style="font-size: 8pt"><?php 
            echo $desc;
            ?>
</div>
                    <div class="pluginmanager_ownership"><?php 
            ownership($plugin_data['authorid'], $plugin_data['name'], $is_plugin_owner);
            ?>
</div>
                    <?php 
            echo $eyecandy ? '<noscript>' : '';
            ?>
                    <div class="pluginmanager_place"><?php 
            echo $place;
            ?>
</div>
                    <div class="pluginmanager_move"><?php 
            echo $moveup;
            ?>
 <?php 
            echo $movedown;
            ?>
</div>
                    <?php 
            echo $eyecandy ? '</noscript>' : '';
            ?>
            </li>
<?php 
            $sort_idx++;
        }
        echo '</ol></td>';
    }
    ?>
        </tr>
        <tr>
            <td colspan="3" align="right"><?php 
    printf(PLUGIN_AVAILABLE_COUNT, $total);
    ?>
</td>
        </tr>
        </table>
        <br />
        <div>
            <input type="submit" name="REMOVE" title="<?php 
    echo DELETE;
    ?>
"  value="<?php 
    echo REMOVE_TICKED_PLUGINS;
    ?>
" class="serendipityPrettyButton input_button" />
            <input type="submit" name="SAVE"   title="<?php 
    echo SAVE_CHANGES_TO_LAYOUT;
    ?>
" value="<?php 
    echo SAVE;
    ?>
" class="serendipityPrettyButton input_button" />
        </div>
</form>
<?php 
}
Пример #23
0
function showMediaLibrary($messages = false, $addvar_check = false, $smarty_vars = array())
{
    global $serendipity;
    if (!serendipity_checkPermission('adminImagesView')) {
        return;
    }
    $output = "";
    // After upload, do not show the list to be able to proceed to
    // media selection.
    if ($addvar_check && !empty($GLOBALS['image_selector_addvars'])) {
        return true;
    }
    if (!isset($serendipity['thumbPerPage'])) {
        $serendipity['thumbPerPage'] = 2;
    }
    $smarty_vars = array('textarea' => isset($serendipity['GET']['textarea']) ? $serendipity['GET']['textarea'] : false, 'htmltarget' => isset($serendipity['GET']['htmltarget']) ? $serendipity['GET']['htmltarget'] : '', 'filename_only' => isset($serendipity['GET']['filename_only']) ? $serendipity['GET']['filename_only'] : false);
    $show_upload = isset($serendipity['GET']['showUpload']) ? $serendipity['GET']['showUpload'] : false;
    $output .= serendipity_displayImageList(isset($serendipity['GET']['page']) ? $serendipity['GET']['page'] : 1, $serendipity['thumbPerPage'], isset($serendipity['GET']['showMediaToolbar']) ? serendipity_db_bool($serendipity['GET']['showMediaToolbar']) : true, NULL, $show_upload, NULL, $smarty_vars);
    return $output;
}
function universal_updateComment($cid, $entry_id, $entry_authorid, &$comment)
{
    global $serendipity;
    // Check for adminEntriesMaintainOthers
    if ($entry_authorid != $serendipity['authorid'] && !serendipity_checkPermission('adminEntriesMaintainOthers')) {
        return false;
        // wrong user having no adminEntriesMaintainOthers right
    }
    $sql = "UPDATE {$serendipity['dbPrefix']}comments\n                    SET\n                        author    = '" . serendipity_db_escape_string($comment['author']) . "',\n                        email     = '" . serendipity_db_escape_string($comment['email']) . "',\n                        url       = '" . serendipity_db_escape_string($comment['url']) . "',\n                        body      = '" . serendipity_db_escape_string($comment['body']) . "'\n            WHERE id = " . (int) $cid . " AND entry_id = " . (int) $entry_id;
    serendipity_db_query($sql);
    serendipity_plugin_api::hook_event('backend_updatecomment', $comment, $cid);
    return true;
}
Пример #25
0
global $serendipity;
$data = array();
switch ($serendipity['POST']['adminAction']) {
    case 'publish':
        if (!serendipity_checkFormToken()) {
            break;
        }
        $success = serendipity_updertEntry(array('id' => serendipity_specialchars($serendipity['POST']['id']), 'timestamp' => time(), 'isdraft' => 0));
        if (is_numeric($success)) {
            $data['published'] = $success;
        } else {
            $data['error_publish'] = $success;
        }
        break;
    case 'updateCheckDisable':
        if (!serendipity_checkFormToken() || !serendipity_checkPermission('blogConfiguration')) {
            break;
        }
        serendipity_set_config_var('updateCheck', false);
        break;
}
$user = serendipity_fetchAuthor($serendipity['authorid']);
// chrome-compatible, from Oliver Gassner, adapted from TextPattern. Hi guys, keep it up. :-)
$bookmarklet = "javascript:var%20d=document,w=window,e=w.getSelection,k=d.getSelection,x=d.selection,s=(e?e():(k)?k():(x?x.createRange().text:0)),f='" . $serendipity['baseURL'] . "',l=d.location,e=encodeURIComponent,p='serendipity_admin.php?serendipity[adminModule]=entries&serendipity[adminAction]=new&serendipity[title]='+e(d.title)+'&serendipity[body]='+e(s)+'&serendipity[url]='+location.href,u=f+p;a=function(){%20%20if(!w.open(u,'t','toolbar=0,resizable=1,scrollbars=1,status=1,width=800,height=800'))%20%20%20%20l.href=u;};if(/Firefox/.test(navigator.userAgent))%20%20setTimeout(a,0);else%20%20a();void(0)";
$data['bookmarklet'] = $bookmarklet;
$data['username'] = $user[0]['realname'];
$data['js_failure_file'] = serendipity_getTemplateFile('admin/serendipity_editor.js');
$output = array();
serendipity_plugin_api::hook_event('backend_frontpage_display', $output);
$data['backend_frontpage_display'] = $output['more'];
$data['usedVersion'] = $serendipity['version'];
 function template_options($template, $catid)
 {
     global $serendipity, $template_config;
     if (!serendipity_checkPermission('adminTemplates')) {
         return;
     }
     $template = str_replace('.', '', urldecode($template));
     $catid = (int) $catid;
     $tpl_path = $serendipity['serendipityPath'] . $serendipity['templatePath'] . $template;
     if (!is_dir($tpl_path)) {
         return false;
     }
     $serendipity['GET']['adminModule'] == 'templates';
     $serendipity['smarty_vars']['template_option'] = $template . '_' . $catid;
     echo '<h3>' . STYLE_OPTIONS . '</h3>';
     if (file_exists($tpl_path . '/config.inc.php')) {
         serendipity_smarty_init();
         include_once $tpl_path . '/config.inc.php';
     }
     if (is_array($template_config)) {
         serendipity_plugin_api::hook_event('backend_templates_configuration_top', $template_config);
         if ($serendipity['POST']['adminSubAction'] == 'configure') {
             foreach ($serendipity['POST']['template'] as $option => $value) {
                 categorytemplate_option::set_config($option, $value, $serendipity['smarty_vars']['template_option']);
             }
             echo '<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . DONE . ': ' . sprintf(SETTINGS_SAVED_AT, serendipity_strftime('%H:%M:%S')) . '</div>';
         }
         echo '<form method="post" action="serendipity_admin.php">';
         echo '<input type="hidden" name="serendipity[adminModule]" value="templates" />';
         echo '<input type="hidden" name="serendipity[adminSubAction]" value="configure" />';
         echo '<input type="hidden" name="serendipity[adminAction]" value="cattemplate" />';
         echo '<input type="hidden" name="serendipity[adminModule]" value="event_display" />';
         echo '<input type="hidden" name="serendipity[catid]" value="' . $catid . '" />';
         echo '<input type="hidden" name="serendipity[cat_template]" value="' . urlencode($template) . '" />';
         include S9Y_INCLUDE_PATH . 'include/functions_plugins_admin.inc.php';
         $template_vars =& serendipity_loadThemeOptions($template_config, $serendipity['smarty_vars']['template_option']);
         $template_options = new categorytemplate_option();
         $template_options->import($template_config);
         $template_options->values =& $template_vars;
         serendipity_plugin_config($template_options, $template_vars, $serendipity['template'], $serendipity['template'], $template_options->keys, true, true, true, true, 'template');
         echo '</form><br />';
         serendipity_plugin_api::hook_event('backend_templates_configuration_bottom', $template_config);
     } else {
         echo '<p>' . STYLE_OPTIONS_NONE . '</p>';
         serendipity_plugin_api::hook_event('backend_templates_configuration_none', $template_config);
     }
 }
Пример #27
0
<?php

# $Id: entries.inc.php 2546 2009-07-10 15:45:18Z garvinhicking $
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved.  See LICENSE file for licensing details
if (IN_serendipity !== true) {
    die("Don't hack!");
}
if (!serendipity_checkPermission('adminEntries')) {
    return;
}
$sort_order = array('timestamp' => DATE, 'isdraft' => PUBLISH . '/' . DRAFT, 'a.realname' => AUTHOR, 'category_name' => CATEGORY, 'last_modified' => LAST_UPDATED, 'title' => TITLE, 'id' => 'ID');
$per_page = array('12', '16', '50', '100');
/**
 * Shows the entry panel overview
 *
 * Shows a list of existing entries, with pagination and cookie-remember settings.
 *
 * @access public
 * @return null
 */
function serendipity_drawList()
{
    global $serendipity, $sort_order, $per_page;
    $filter_import = array('author', 'category', 'isdraft');
    $sort_import = array('perPage', 'ordermode', 'order');
    foreach ($filter_import as $f_import) {
        serendipity_restoreVar($serendipity['COOKIE']['entrylist_filter_' . $f_import], $serendipity['GET']['filter'][$f_import]);
        serendipity_JSsetCookie('entrylist_filter_' . $f_import, $serendipity['GET']['filter'][$f_import]);
    }
    foreach ($sort_import as $s_import) {
Пример #28
0
         echo DIAGNOSTIC_ERROR;
         echo '<div class="serendipityAdminMsgError">- <img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . implode('<br />', $res) . '</div><br /><br />';
     } else {
         /* If we have new rewrite rules, then install them */
         $permalinkOld = array($oldConfig['serendipityHTTPPath'], $oldConfig['serendipityPath'], $oldConfig['baseURL'], $oldConfig['indexFile'], $oldConfig['rewrite']);
         $permalinkNew = array($serendipity['serendipityHTTPPath'], $serendipity['serendipityPath'], $serendipity['baseURL'], $serendipity['indexFile'], $serendipity['rewrite']);
         // Compare all old permalink section values against new one. A change in any of those
         // will force to update the .htaccess for rewrite rules.
         $permconf = serendipity_parseTemplate(S9Y_CONFIG_TEMPLATE);
         if (is_array($permconf) && is_array($permconf['permalinks']['items'])) {
             foreach ($permconf['permalinks']['items'] as $permitem) {
                 $permalinkOld[] = $oldConfig[$permitem['var']];
                 $permalinkNew[] = $serendipity[$permitem['var']];
             }
         }
         if (serendipity_checkPermission('siteConfiguration') && serialize($permalinkOld) != serialize($permalinkNew)) {
             printf(ATTEMPT_WRITE_FILE, $serendipity['serendipityPath'] . '.htaccess');
             $res = serendipity_installFiles($serendipity['serendipityPath']);
             if (is_array($res)) {
                 echo implode('<br />', $res);
             } else {
                 echo DONE . '<br />';
             }
             serendipity_buildPermalinks();
         }
         echo '<br /><div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . WRITTEN_N_SAVED . '</div>';
     }
     break;
 default:
     $from =& $serendipity;
     $t = serendipity_parseTemplate(S9Y_CONFIG_TEMPLATE);
Пример #29
0
     if (!serendipity_checkPermission('adminEntries')) {
         break;
     }
     include S9Y_INCLUDE_PATH . 'include/admin/entries.inc.php';
     $admin_section = ADMIN_ENTRIES;
     break;
 case 'comments':
     if (!serendipity_checkPermission('adminComments')) {
         break;
     }
     include S9Y_INCLUDE_PATH . 'include/admin/comments.inc.php';
     $admin_section = COMMENTS;
     break;
 case 'category':
 case 'categories':
     if (!serendipity_checkPermission('adminCategories')) {
         break;
     }
     include S9Y_INCLUDE_PATH . 'include/admin/category.inc.php';
     $admin_section = CATEGORIES;
     break;
 case 'logout':
     echo LOGGEDOUT;
     break;
 case 'event_display':
     if ($serendipity['no_create'] !== true) {
         serendipity_plugin_api::hook_event('backend_sidebar_entries_event_display_' . $serendipity['GET']['adminAction'], $serendipity);
     }
     break;
 case 'maintenance':
     include S9Y_INCLUDE_PATH . 'include/admin/maintenance.inc.php';
/**
 * Delete an entry and everything that belongs to it (comments)
 *
 * @access public
 * @param   int     The Entry ID to delete
 * @return  mixed   FALSE or NULL on error
 */
function serendipity_deleteEntry($id)
{
    global $serendipity;
    if (!is_numeric($id)) {
        return false;
    }
    // Purge the daily/monthly entries so they can be rebuilt
    $result = serendipity_db_query("SELECT timestamp, authorid FROM {$serendipity['dbPrefix']}entries WHERE id = '" . (int) $id . "'", true);
    if ($result[1] != $serendipity['authorid'] && !serendipity_checkPermission('adminEntriesMaintainOthers')) {
        // Only admins and chief users can delete entries which do not belong to the author
        return;
    }
    serendipity_purgeEntry($id, $result[0]);
    serendipity_plugin_api::hook_event('backend_delete_entry', $id);
    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}entries WHERE id={$id}");
    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}entrycat WHERE entryid={$id}");
    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}entryproperties WHERE entryid={$id}");
    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}comments WHERE entry_id={$id}");
    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}references WHERE entry_id='{$id}' AND type = ''");
    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}permalinks WHERE entry_id='{$id}'");
}