function showSearch()
     global $serendipity;
     $term = serendipity_db_escape_string($serendipity['GET']['searchTerm']);
     if ($serendipity['dbType'] == 'postgres') {
         $group = '';
         $distinct = 'DISTINCT';
         $find_part = "(c.title ILIKE '%{$term}%' OR c.body ILIKE '%{$term}%')";
     } elseif ($serendipity['dbType'] == 'sqlite') {
         $group = 'GROUP BY id';
         $distinct = '';
         $term = serendipity_mb('strtolower', $term);
         $find_part = "(lower(c.title) LIKE '%{$term}%' OR lower(c.body) LIKE '%{$term}%')";
     } else {
         $group = 'GROUP BY id';
         $distinct = '';
         $term = str_replace('"', '"', $term);
         if (preg_match('@["\\+\\-\\*~<>\\(\\)]+@', $term)) {
             $find_part = "MATCH(c.title,c.body) AGAINST('{$term}' IN BOOLEAN MODE)";
         } else {
             $find_part = "MATCH(c.title,c.body) AGAINST('{$term}')";
     $querystring = "SELECT c.title AS ctitle, c.body,, c.entry_id, c.timestamp AS ctimestamp, c.url, c.type,\n                     , e.title, e.timestamp\n                          FROM {$serendipity['dbPrefix']}comments AS c\n               LEFT OUTER JOIN {$serendipity['dbPrefix']}entries AS e\n                            ON = c.entry_id\n                         WHERE c.status = 'approved'\n                           AND {$find_part}\n                               {$group}\n                      ORDER BY c.timestamp DESC";
     $results = serendipity_db_query($querystring, false, 'assoc');
     if (!is_array($results)) {
         if ($results !== 1 && $results !== true) {
             echo function_exists('serendipity_specialchars') ? serendipity_specialchars($results) : htmlspecialchars($results, ENT_COMPAT, LANG_CHARSET);
         $results = array();
     $myAddData = array("from" => "serendipity_plugin_commentsearch:generate_content");
     foreach ($results as $idx => $result) {
         $results[$idx]['permalink'] = serendipity_archiveURL($result['id'], $result['title'], 'baseURL', true, $result);
         $results[$idx]['comment'] = $result['body'];
         //(function_exists('serendipity_specialchars') ? serendipity_specialchars(strip_tags($result['body'])) : htmlspecialchars(strip_tags($result['body']), ENT_COMPAT, LANG_CHARSET));
         serendipity_plugin_api::hook_event('frontend_display', $results[$idx], $myAddData);
         // let the template decide, if we want to have tags or not
         $results[$idx]['commenthtml'] = $results[$idx]['comment'];
         $results[$idx]['comment'] = strip_tags($results[$idx]['comment']);
     $serendipity['smarty']->assign(array('comment_searchresults' => count($results), 'comment_results' => $results));
     $filename = 'plugin_commentsearch_searchresults.tpl';
     $tfile = serendipity_getTemplateFile($filename, 'serendipityPath');
     if (!$tfile) {
         $tfile = dirname(__FILE__) . '/' . $filename;
     $inclusion = $serendipity['smarty']->security_settings[INCLUDE_ANY];
     $serendipity['smarty']->security_settings[INCLUDE_ANY] = true;
     $content = $serendipity['smarty']->fetch('file:' . $tfile);
     $serendipity['smarty']->security_settings[INCLUDE_ANY] = $inclusion;
     echo $content;
 function displayUserList()
     global $serendipity;
     $userlist = serendipity_fetchUsers();
     $content = "";
     foreach ($userlist as $user) {
         if (function_exists('serendipity_authorURL')) {
             $entryLink = serendipity_authorURL($user);
         } else {
             $entryLink = serendipity_rewriteURL(PATH_AUTHORS . '/' . serendipity_makePermalink(PERM_AUTHORS, array('id' => $user['authorid'], 'title' => $user['realname'])));
         $content .= sprintf("<a href=\"%s\" title=\"%s\">%s</a><br />\n", $entryLink, function_exists('serendipity_specialchars') ? serendipity_specialchars($user['realname']) : htmlspecialchars($user['realname'], ENT_COMPAT, LANG_CHARSET), function_exists('serendipity_specialchars') ? serendipity_specialchars($user['realname']) : htmlspecialchars($user['realname'], ENT_COMPAT, LANG_CHARSET));
     return $content;
 function example()
     global $serendipity;
     $s = '';
     $s .= '<br /><div style="border: 1px solid red; padding: 5px;">' . PLUGIN_EVENT_CRONJOB_DETAILS . '</div>';
     $s .= '<br /><fieldset><legend>' . PLUGIN_EVENT_CRONJOB_LOG . '</legend><table cellspacing=1 cellpadding=2>';
     $s .= '<tr><th>' . DATE . '</th><th>' . TYPE . '</th><th>' . DESCRIPTION . '</th></tr>';
     $res = serendipity_db_query("SELECT timestamp, type, reason FROM {$serendipity['dbPrefix']}cronjoblog ORDER BY timestamp DESC");
     if (is_array($res)) {
         foreach ($res as $row) {
             $s .= '<tr><td>' . date('d.m.Y H:i', $row['timestamp']) . '</td><td>' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($row['type']) : htmlspecialchars($row['type'], ENT_COMPAT, LANG_CHARSET)) . '</td><td>' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($row['reason']) : htmlspecialchars($row['reason'], ENT_COMPAT, LANG_CHARSET)) . '</td></tr>' . "\n";
     $s .= '</table></fieldset>';
     return $s;
 function generate_content(&$title)
     global $serendipity;
     $title = $this->get_config('title', $this->title);
     $timespan = $this->get_config('timespan', 30);
     $type = $this->get_config('type', 'IMDB');
     $q = "SELECT ep.entryid AS id, e.title, e.timestamp, ep.value as rating\n\n\t\t\t\t  FROM {$serendipity['dbPrefix']}entryproperties AS ep\n\t\t\t\t  JOIN {$serendipity['dbPrefix']}entries AS e\n\t\t\t\t    ON = ep.entryid\n\n\t\t\t\t WHERE = 'cr_{$type}_rating'\n\t\t\t\t   AND e.timestamp > " . (time() - 86700 * (int) $timespan) . "\n\t\t\t\t ORDER BY ep.value DESC\n\t\t\t\t LIMIT 5";
     $rows = serendipity_db_query($q);
     if (!is_array($rows)) {
         echo "No movies during the last {$timespan} days! Maybe I dropped dead.";
     echo '<ol class="movie {$type}">';
     foreach ($rows as $row) {
         $url = serendipity_archiveURL($row['id'], $row['title'], 'serendipityHTTPPath', true, array('timestamp' => $row['timestamp']));
         echo '<li><a href="' . $url . '">' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($row['title']) : htmlspecialchars($row['title'], ENT_COMPAT, LANG_CHARSET)) . '</a> (' . $row['rating'] . ')</li>';
     echo '</ol>';
Пример #5
 function showResults()
     $sorted = array();
     foreach ((array) $this->poll['options'] as $option) {
         $sorted[$option['title']] = $option['votes'];
     foreach ($sorted as $title => $votes) {
         echo (function_exists('serendipity_specialchars') ? serendipity_specialchars($title) : htmlspecialchars($title, ENT_COMPAT, LANG_CHARSET)) . '<br />';
         if ($this->poll['votes'] > 0) {
             $total = ceil($votes / $this->poll['votes'] * 100);
         } else {
             $total = 0;
         echo '<div class="pollvote" style="text-align: right">' . $total . '%, ' . $votes . ' ' . PLUGIN_POLL_VOTES . '</div>';
     printf('<div class="polltotal">' . PLUGIN_POLLBOX_TOTALVOTES . '</div>', $this->poll['votes']);
 function generate_content(&$title)
     global $serendipity;
     $title = $this->get_config('title', $this->title);
     $url = serendipity_currentURL(true);
     echo '<form id="language_chooser" action="' . $url . '" method="post"><div>';
     echo '<select style="font-size: ' . $this->get_config('size', '9') . 'px" name="user_language" onchange="document.getElementById(\'language_chooser\').submit();">';
     //        echo '<option value=""> </option>'."\n";
     foreach ($serendipity['languages'] as $lang_key => $language) {
         if (serendipity_db_bool($this->get_config($lang_key, 'false'))) {
             echo '<option value="' . $lang_key . '" ' . ($serendipity['lang'] == $lang_key ? 'selected="selected"' : '') . '>' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($language) : htmlspecialchars($language, ENT_COMPAT, LANG_CHARSET)) . '</option>';
     echo '</select>';
     if (serendipity_db_bool($this->get_config('show_submit', 'false'))) {
         echo '<input type="submit" name="submit" value="' . GO . '" size="4" />';
     echo '</div></form>';
 function event_hook($event, &$bag, &$eventData, $addData = null)
     global $serendipity;
     $hooks =& $bag->get('event_hooks');
     if (isset($hooks[$event])) {
         switch ($event) {
             case 'frontend_header':
                 $lat = $this->get_config('lat');
                 $long = $this->get_config('long');
                 print "\n" . '    <meta name="ICBM" content="' . $lat . ', ' . $long . '" />' . "\n";
                 print '    <meta name="geo.position" content="' . $lat . ';' . $long . '" />' . "\n";
                 print '    <meta name="DC.title" content="' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['blogTitle']) : htmlspecialchars($serendipity['blogTitle'], ENT_COMPAT, LANG_CHARSET)) . '" />' . "\n";
                 return true;
                 return false;
     } else {
         return false;
 function generate_content(&$title)
     global $serendipity;
     $title = $this->get_config('title', $this->title);
     $sort = $this->get_config('sort_order');
     if ($sort == 'none') {
         $sort = '';
     } else {
         $sort .= ' ' . $this->get_config('sort_method');
     $is_count = serendipity_db_bool($this->get_config('showartcount'));
     $mincount = (int) $this->get_config('mincount');
     $authors = serendipity_fetchUsers(null, 'hidden', $is_count);
     $html = '';
     $image = $this->get_config('image', serendipity_getTemplateFile('img/xml.gif'));
     $image = $image == "'none'" || $image == 'none' ? '' : $image;
     $html .= '<ul class="plainList">' . "\n";
     if (is_array($authors) && count($authors)) {
         foreach ($authors as $auth) {
             if ($is_count) {
                 if ($auth['artcount'] < $mincount) {
                 $entrycount = " ({$auth['artcount']})";
             } else {
                 $entrycount = "";
             $html .= '<li>';
             if (!empty($image)) {
                 $html .= '<a class="serendipity_xml_icon" href="' . serendipity_feedAuthorURL($auth, 'serendipityHTTPPath') . '"><img src="' . $image . '" alt="XML" style="border: 0px" /></a> ';
             $html .= '<a href="' . serendipity_authorURL($auth, 'serendipityHTTPPath') . '" title="' . serendipity_specialchars($auth['realname']) . '">' . serendipity_specialchars($auth['realname']) . $entrycount . '</a>';
             $html .= '</li>' . "\n";
     $html .= '</ul>' . "\n";
     $html .= sprintf('<div><a href="%s" title="%s">%s</a></div>', $serendipity['serendipityHTTPPath'] . $serendipity['indexFile'], ALL_AUTHORS, ALL_AUTHORS);
     print $html;
 function event_hook($event, &$bag, &$eventData, $addData = null)
     global $serendipity;
     $hooks =& $bag->get('event_hooks');
     if (isset($hooks[$event])) {
         switch ($event) {
             case 'frontend_display':
                 if (isset($eventData['comment']) && !empty($eventData['body'])) {
                     $eventData['comment'] = function_exists('serendipity_specialchars') ? serendipity_specialchars($eventData['body']) : htmlspecialchars($eventData['body'], ENT_COMPAT, LANG_CHARSET);
                 return true;
             case 'frontend_comment':
                 echo '<div class="serendipity_commentDirection serendipity_comment_unstrip_tags">' . PLUGIN_EVENT_UNSTRIP_TRANSFORM . '</div>';
                 return true;
                 return false;
     } else {
         return false;
Пример #10
 function import()
     global $serendipity;
     // Save this so we can return it to its original value at the end of this method.
     $noautodiscovery = isset($serendipity['noautodiscovery']) ? $serendipity['noautodiscovery'] : false;
     if ($this->data['autodiscovery'] == 'false') {
         $serendipity['noautodiscovery'] = 1;
     $this->data['prefix'] = serendipity_db_escape_string($this->data['prefix']);
     $users = array();
     $categories = array();
     $entries = array();
     if (!extension_loaded('mysqli')) {
         return MYSQL_REQUIRED;
     $pmdb = @mysqli_connect($this->data['host'], $this->data['user'], $this->data['pass']);
     if (!$pmdb || mysqli_connect_error()) {
         return sprintf(COULDNT_CONNECT, serendipity_specialchars($this->data['host']));
     if (!@mysqli_select_db($pmdb, $this->data['name'])) {
         return sprintf(COULDNT_SELECT_DB, mysqli_error($pmdb));
     /* Users */
     $res = @$this->nativeQuery("SELECT id         AS ID,\n                                    username   AS user_login,\n                                    `password` AS user_pass,\n                                    email      AS user_email,\n                                    status     AS user_level,\n                                    url        AS url\n                               FROM {$this->data['prefix']}members", $pmdb);
     if (!$res) {
         return sprintf(COULDNT_SELECT_USER_INFO, mysqli_error($pmdb));
     for ($x = 0, $max_x = mysqli_num_rows($res); $x < $max_x; $x++) {
         $users[$x] = mysqli_fetch_assoc($res);
         $data = array('right_publish' => $users[$x]['user_level'] >= 3 ? 1 : 0, 'realname' => $users[$x]['user_login'], 'username' => $users[$x]['user_login'], 'email' => $users[$x]['user_email'], 'password' => $users[$x]['user_pass']);
         // pMachine uses md5, too.
         if ($users[$x]['user_level'] < 12) {
             $data['userlevel'] = USERLEVEL_EDITOR;
         } else {
             $data['userlevel'] = USERLEVEL_ADMIN;
         if ($serendipity['serendipityUserlevel'] < $data['userlevel']) {
             $data['userlevel'] = $serendipity['serendipityUserlevel'];
         serendipity_db_insert('authors', $this->strtrRecursive($data));
         $users[$x]['authorid'] = serendipity_db_insert_id('authors', 'authorid');
     /* Categories */
     $res = @$this->nativeQuery("SELECT id       AS cat_ID,\n                                    category AS cat_name,\n                                    category AS category_description\n                               FROM {$this->data['prefix']}categories ORDER BY id", $pmdb);
     if (!$res) {
         return sprintf(COULDNT_SELECT_CATEGORY_INFO, mysqli_error($pmdb));
     // Get all the info we need
     for ($x = 0, $max_x = mysqli_num_rows($res); $x < $max_x; $x++) {
         $categories[] = mysqli_fetch_assoc($res);
     // Insert all categories as top level (we need to know everyone's ID before we can represent the hierarchy).
     for ($x = 0, $max_x = sizeof($categories); $x < $max_x; $x++) {
         $cat = array('category_name' => $categories[$x]['cat_name'], 'category_description' => $categories[$x]['category_description'], 'parentid' => 0, 'category_left' => 0, 'category_right' => 0);
         serendipity_db_insert('category', $this->strtrRecursive($cat));
         $categories[$x]['categoryid'] = serendipity_db_insert_id('category', 'categoryid');
     /* Entries */
     $res = @$this->nativeQuery("SELECT * FROM {$this->data['prefix']}weblog ORDER BY t_stamp;", $pmdb);
     if (!$res) {
         return sprintf(COULDNT_SELECT_ENTRY_INFO, mysqli_error($pmdb));
     for ($x = 0, $max_x = mysqli_num_rows($res); $x < $max_x; $x++) {
         $entries[$x] = mysqli_fetch_assoc($res);
         $entry = array('title' => $this->decode($entries[$x]['title']), 'isdraft' => $entries[$x]['status'] == 'open' ? 'false' : 'true', 'allow_comments' => $entries[$x]['showcomments'] == '1' ? 'true' : 'false', 'timestamp' => $entries[$x]['t_stamp'], 'extended' => $this->strtr($entries[$x]['more']), 'body' => $this->strtr($entries[$x]['body']));
         $entry['authorid'] = '';
         $entry['author'] = '';
         foreach ($users as $user) {
             if ($user['ID'] == $entries[$x]['member_id']) {
                 $entry['authorid'] = $user['authorid'];
                 $entry['author'] = $user['username'];
         if (!is_int($entries[$x]['entryid'] = serendipity_updertEntry($entry))) {
             return $entries[$x]['entryid'];
         /* Entry/category */
         foreach ($categories as $category) {
             if ($category['cat_ID'] == $entries[$x]['category']) {
                 $data = array('entryid' => $entries[$x]['entryid'], 'categoryid' => $category['categoryid']);
                 serendipity_db_insert('entrycat', $this->strtrRecursive($data));
     /* Comments */
     $res = @$this->nativeQuery("SELECT * FROM {$this->data['prefix']}comments;", $pmdb);
     if (!$res) {
         return sprintf(COULDNT_SELECT_COMMENT_INFO, mysqli_error($pmdb));
     while ($a = mysqli_fetch_assoc($res)) {
         foreach ($entries as $entry) {
             if ($entry['post_id'] == $a['post_id']) {
                 $author = '';
                 $mail = '';
                 $url = '';
                 if (!empty($a['member_id'])) {
                     foreach ($users as $user) {
                         if ($user['ID'] == $a['member_id']) {
                             $author = $user['user_login'];
                             $mail = $user['user_email'];
                             $url = $user['url'];
                 $comment = array('entry_id ' => $entry['entryid'], 'parent_id' => 0, 'timestamp' => $a['t_stamp'], 'author' => $author, 'email' => $mail, 'url' => $url, 'ip' => $a['comment_ip'], 'status' => $a['status'] == 'open' ? 'approved' : 'pending', 'body' => $a['body'], 'subscribed' => 'false', 'type' => 'NORMAL');
                 serendipity_db_insert('comments', $this->strtrRecursive($comment));
                 if ($a['status'] == 'open') {
                     $cid = serendipity_db_insert_id('comments', 'id');
                     serendipity_approveComment($cid, $entry['entryid'], true);
     $serendipity['noautodiscovery'] = $noautodiscovery;
     // That was fun.
     return true;
 function generate_content(&$title)
     global $serendipity;
     $number = $this->get_config('number');
     $dateformat = $this->get_config('dateformat');
     $category = $this->get_config('category', 'none');
     $show_where = $this->get_config('show_where', 'both');
     if ($show_where == 'extended' && (!isset($serendipity['GET']['id']) || !is_numeric($serendipity['GET']['id']))) {
         return false;
     } else {
         if ($show_where == 'overview' && isset($serendipity['GET']['id']) && is_numeric($serendipity['GET']['id'])) {
             return false;
     if ($category == '_cur') {
         $category = $serendipity['GET']['category'];
         if (empty($category) && !empty($serendipity['GET']['id'])) {
             $entry = serendipity_fetchEntry('id', $serendipity['GET']['id']);
             $category = $entry['categories'][0]['categoryid'];
     $title = $this->get_config('title', $this->title);
     $number_from_sw = $this->get_config('number_from');
     $randomize = $this->get_config('randomize') == "yes" ? true : false;
     $sql_condition = array();
     $sql_condition['joins'] = '';
     $sql_condition['and'] = '';
     if ($category != 'none' && !empty($category)) {
         $sql_categories = array();
         if (is_numeric($category)) {
             $sql_categories[] = $category;
         } else {
             $sql_categories = explode('^', $category);
         $category_parts = array();
         foreach ($sql_categories as $sql_category) {
             $category_parts[] = "\n" . implode(' AND ', serendipity_fetchCategoryRange($sql_category));
         $sql_condition['and'] .= ' AND (c.category_left BETWEEN ' . implode(' OR c.category_left BETWEEN ', $category_parts) . ')';
     if (!$number || !is_numeric($number) || $number < 1) {
         $number = 10;
     $sql_number = serendipity_db_limit_sql($number);
     $db = $serendipity['dbType'];
     switch ($number_from_sw) {
         case 'skip':
             $sql_number = serendipity_db_limit_sql(serendipity_db_limit($serendipity['fetchLimit'], $number));
     if (!$dateformat || strlen($dateformat) < 1) {
         $dateformat = '%A, %B %e %Y';
     if ($randomize) {
         if ($db == 'mysql' || $db == 'mysqli') {
             $sql_order = "ORDER BY RAND()";
         } else {
             // SQLite and PostgreSQL support this, hooray.
             $sql_order = "ORDER BY RANDOM()";
     } else {
         $sql_order = "ORDER BY timestamp DESC ";
     $sql_condition['and'] .= "AND timestamp <= " . time();
     serendipity_ACL_SQL($sql_condition, $category == 'none');
     if (!stristr($sql_condition['joins'], $serendipity['dbPrefix'] . 'category')) {
         $sql_condition['joins'] = ' LEFT OUTER JOIN ' . $serendipity['dbPrefix'] . 'category AS c  ON ec.categoryid = c.categoryid ' . $sql_condition['joins'];
     if (!stristr($sql_condition['joins'], $serendipity['dbPrefix'] . 'entrycat')) {
         $sql_condition['joins'] = ' LEFT OUTER JOIN ' . $serendipity['dbPrefix'] . 'entrycat AS ec ON id = ec.entryid ' . $sql_condition['joins'];
     $entries_query = "SELECT DISTINCT id,\n                                title,\n                                timestamp,\n                                epm.value AS multilingual_title\n                           FROM {$serendipity['dbPrefix']}entries AS e\n                                {$sql_condition['joins']}\n\n                LEFT OUTER JOIN {$serendipity['dbPrefix']}entryproperties AS epm\n                             ON (epm.entryid = AND = 'multilingual_title_" . $serendipity['lang'] . "')\n\n                          WHERE isdraft = 'false' {$sql_condition['and']}\n                                {$sql_order}\n                                {$sql_number}";
     $entries = serendipity_db_query($entries_query);
     if (is_string($entries)) {
         echo $entries . "<br />\n";
         echo $entries_query . "<br />\n";
     if (isset($entries) && is_array($entries)) {
         echo '<dl>' . "\n";
         foreach ($entries as $k => $entry) {
             if (!empty($entry['multilingual_title'])) {
                 $entry['title'] = $entry['multilingual_title'];
             $entryLink = serendipity_archiveURL($entry['id'], $entry['title'], 'serendipityHTTPPath', true, array('timestamp' => $entry['timestamp']));
             if (empty($entry['title'])) {
                 $entry['title'] = '#' . $entry['id'];
             echo '<dt class="serendipity_recententries_entrylink"><a href="' . $entryLink . '" title="' . serendipity_specialchars($entry['title']) . '">' . serendipity_specialchars($entry['title']) . '</a></dt>' . "\n" . '<dd class="serendipity_recententries_entrydate serendipitySideBarDate">' . serendipity_specialchars(serendipity_strftime($dateformat, $entry['timestamp'])) . '</dd>' . "\n";
         echo '</dl>' . "\n\n";
  * Returns HTML displaying the user avatar. This is done without any call to external servers.
  * If a cached avatar is found, the image will have it as SRC, else the SRC will be filled with
  * an external_plugin call, that will try to fetch a fresh avatar later.
 function printAvatarHtml(&$eventData, &$addData)
     global $serendipity;
     $useSmarty = serendipity_db_bool($this->get_config('smartyimage', 'false'));
     // comments sidebar plugin doesn't support smarty, so switch it off, if detected
     if ($addData['from'] == 'serendipity_plugin_comments:generate_content') {
         if (!serendipity_db_bool($this->get_config('recent_entries', 'true'))) {
             return false;
         $useSmarty = false;
     if (empty($eventData['url']) && empty($eventData['email']) && empty($eventData['author']) && !$this->supportDefaultAvatar()) {
         $this->log("No url nor email handed and default avatar not supported!");
         return false;
     if (!empty($eventData['url']) && !preg_match('@^https*://@i', $eventData['url'])) {
         $this->log("Changed wrong url: {$eventData['url']}");
         $eventData['url'] = 'http://' . $eventData['url'];
     $url = '';
     if (!empty($eventData['url'])) {
         $url = $eventData['url'];
     if (!empty($eventData['url'])) {
         // Strip Query params
         $urlparts = explode('?', $eventData['url']);
         $url = $urlparts[0];
     $title = '';
     $author = 'unknown';
     if (isset($eventData['author'])) {
         $author = function_exists('serendipity_specialchars') ? serendipity_specialchars($eventData['author']) : htmlspecialchars($eventData['author'], ENT_COMPAT, LANG_CHARSET);
         $title = $author;
     if (isset($eventData['email']) && !empty($eventData['email'])) {
         $email_md5 = md5(strtolower($eventData['email']));
     } else {
         $email_md5 = '';
     if ($this->cache_seconds > 0) {
         $cache_file = $this->getCacheFilePath($eventData);
         // if no cache filename was generated, no usable user data was found.
         // this meens: it won't be possible to generate any image, so break at this point.
         if (!isset($cache_file)) {
             return false;
         $this->log("comment print: " . print_r($eventData, true));
         // If there is a cache file that's new enough, return the image immidiatly
         if (file_exists($cache_file) && time() - filemtime($cache_file) < $this->cache_seconds) {
             $url = $serendipity['baseURL'] . $serendipity['indexFile'] . '?/' . $this->getPermaPluginPath() . '/cachedAvatar_' . md5($url) . '_' . $email_md5 . '_' . md5($author);
         } else {
             // no image cached yet, call external plugin hook for fetching a new one
             $url = $serendipity['baseURL'] . $serendipity['indexFile'] . '?/' . $this->getPermaPluginPath() . '/fetchAvatar_' . $this->urlencode($url) . '_' . $email_md5 . '_' . $this->urlencode($author) . '_' . $eventData['id'];
     } else {
         // call external plugin hook for fetching a new one
         $url = $serendipity['baseURL'] . $serendipity['indexFile'] . '?/' . $this->getPermaPluginPath() . '/fetchAvatar_' . $this->urlencode($url) . '_' . $email_md5 . '_' . $this->urlencode($author) . '_' . $eventData['id'];
     $image_html = $this->generateImageHtml($url, $title, $this->get_config('align', 'right'), !$useSmarty, $this->generateAvatarCssClass($addData));
     if ($useSmarty) {
         $eventData['avatar'] = $image_html;
     } else {
         $eventData['comment'] = $image_html . $eventData['comment'];
     return true;
    if (preg_match('@/(serendipity_editor\\.js$)@', $_SERVER['REQUEST_URI'], $matches)) {
        return 1;
    serendipity_die(sprintf(SERENDIPITY_NEEDS_UPGRADE, $serendipity['versionInstalled'], $serendipity['version'], $serendipity['serendipityHTTPPath'] . 'serendipity_admin.php'));
// We don't care who tells us what to do
if (!isset($serendipity['GET']['action'])) {
    $serendipity['GET']['action'] = isset($serendipity['POST']['action']) ? $serendipity['POST']['action'] : '';
if (!isset($serendipity['GET']['adminAction'])) {
    $serendipity['GET']['adminAction'] = isset($serendipity['POST']['adminAction']) ? $serendipity['POST']['adminAction'] : '';
// Make sure this variable is always properly sanitized. Previously in, but there LANG_CHARSET was not defined.
if (isset($serendipity['GET']['searchTerm'])) {
    $serendipity['GET']['searchTerm'] = serendipity_specialchars(strip_tags($serendipity['GET']['searchTerm']));
// Some stuff...
if (!isset($_SESSION['serendipityAuthedUser'])) {
    $_SESSION['serendipityAuthedUser'] = false;
if (isset($_SESSION['serendipityUser'])) {
    $serendipity['user'] = $_SESSION['serendipityUser'];
if (isset($_SESSION['serendipityEmail'])) {
    $serendipity['email'] = $_SESSION['serendipityEmail'];
if (defined('IN_serendipity_admin') && !isset($serendipity['use_autosave'])) {
    $serendipity['use_autosave'] = true;
if (!isset($serendipity['use_internal_cache'])) {
 function generate_content(&$title)
     global $serendipity;
     $title = $this->get_config('title');
     $url = $this->get_config('searchenginelink');
     $formatstring = $this->get_config('formatstring');
     $quotes = $this->get_config('quotes');
     $newwindow = $this->get_config('newwindow');
     $numquotes = (int) $this->get_config('numquotes');
     $quotes = explode("\n", $quotes);
     $i = 0;
     $quotes_array = array();
     if ($newwindow) {
         $onclick = ' onclick="; return false;"';
     foreach ($quotes as $quote) {
         if (trim($quote) != '') {
             $exp = explode('|', $quote);
             if (count($exp) > 0 && trim($exp[0]) != '') {
                 $quotes_array[$i]['quote'] = function_exists('serendipity_specialchars') ? serendipity_specialchars(trim($exp[0])) : htmlspecialchars(trim($exp[0]), ENT_COMPAT, LANG_CHARSET);
                 $quotes_array[$i]['author'] = trim($exp[1]);
                 if (count($exp) > 2) {
                     $quotes_array[$i]['link'] = trim($exp[2]);
     if ($numquotes > sizeof($quotes_array) || $numquotes == 0) {
         $numquotes = sizeof($quotes_array);
     if ($numquotes == 1) {
         // Single key will be returned; we need an array!
         $keys = array(array_rand($quotes_array, $numquotes));
     } else {
         $keys = array_rand($quotes_array, $numquotes);
     foreach ($keys as $key) {
         $item = $quotes_array[$key];
         if (trim($item['link']) == '') {
             if (trim($url) != '') {
                 $item['author'] = '<a href="' . str_replace('%QUERY%', urlencode($item['author']), $url) . '"' . $onclick . '>' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($item['author']) : htmlspecialchars($item['author'], ENT_COMPAT, LANG_CHARSET)) . '</a>' . "\n";
         } elseif (trim($item['link']) != 'none') {
             $item['author'] = '<a href="' . $item['link'] . '"' . $onclick . '>' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($item['author']) : htmlspecialchars($item['author'], ENT_COMPAT, LANG_CHARSET)) . '</a>' . "\n";
         } else {
             $item['author'] = function_exists('serendipity_specialchars') ? serendipity_specialchars($item['author']) : htmlspecialchars($item['author'], ENT_COMPAT, LANG_CHARSET);
         echo str_replace(array('%QUOTE%', '%AUTHOR%'), array($item['quote'], $item['author']), $formatstring);
    function event_hook($event, &$bag, &$eventData, $addData = null)
        global $serendipity;
        $hooks =& $bag->get('event_hooks');
        if (isset($hooks[$event])) {
            switch ($event) {
                case 'backend_image_addform':
                    if ($serendipity['version'][0] < 2) {
                        if (class_exists('ZipArchive')) {
                            $checkedY = "";
                            $checkedN = "";
                            $this->get_config('unzipping') ? $checkedY = ' checked="checked"' : ($checkedN = ' checked="checked"');
            <br />
                            echo PLUGIN_EVENT_IMAGESELECTORPLUS_UNZIP_FILES;
</strong><br />
                    <input type="radio" class="input_radio" id="unzip_yes" name="serendipity[unzip_archives]" value="<?php 
                            echo YES;
                            echo $checkedY;
><label for="unzip_yes"><?php 
                            echo YES;
                    <input type="radio" class="input_radio" id="unzip_no" name="serendipity[unzip_archives]" value="<?php 
                            echo NO;
                            echo $checkedN;
><label for="unzip_no"><?php 
                            echo NO;
            <br />
:</strong><br />
            <table id="quickblog_table" style="width: 50%">
                    <td nowrap="nowrap"><?php 
                        echo TITLE;
                    <td><input class="input_textbox" name="serendipity[quickblog][title]" type="text" style="width: 90%" /></td>

                    <td nowrap="nowrap"><?php 
                        echo ENTRY_BODY;
                    <td><textarea name="serendipity[quickblog][body]" style="width: 90%; height: 200px"></textarea></td>

                    <td nowrap="nowrap"><?php 
                        echo CATEGORY;
                    <td><select name="serendipity[quickblog][category]">
                        <option value=""><?php 
                        echo NO_CATEGORY;
                        if (is_array($cats = serendipity_fetchCategories())) {
                            $cats = serendipity_walkRecursive($cats, 'categoryid', 'parentid', VIEWMODE_THREADED);
                            foreach ($cats as $cat) {
                                echo '<option value="' . $cat['categoryid'] . '">' . str_repeat('&nbsp;', $cat['depth']) . $cat['category_name'] . '</option>' . "\n";

                    <td nowrap="nowrap"><?php 
                    <td><select id="select_image_target" name="serendipity[quickblog][target]">
                        <option value="none"<?php 
                        echo serendipity_ifRemember('target', 'none', false, 'selected');
                        echo NONE;
                        <option value="js"<?php 
                        echo serendipity_ifRemember('target', 'js', false, 'selected');
                        <option value="plugin"<?php 
                        echo serendipity_ifRemember('target', 'plugin', false, 'selected');
                        <option value="_blank"<?php 
                        echo serendipity_ifRemember('target', '_blank', false, 'selected');

                    <td nowrap="nowrap"><?php 
                        <input type="radio" class="input_radio" id="image_yes" name="serendipity[quickblog][isobject]" value="<?php 
                        echo YES;
"><label for="image_yes"><?php 
                        echo YES;
                        <input type="radio" class="input_radio" id="image_no" name="serendipity[quickblog][isobject]" value="<?php 
                        echo NO;
" checked="checked"><label for="image_no"><?php 
                        echo NO;

                    <td nowrap="nowrap"><?php 
                        echo IMAGE_SIZE;
                    <td><input class="input_textbox" name="serendipity[quickblog][size]" value="<?php 
                        echo $serendipity['thumbSize'];
" type="text" style="width: 50px" /></td>

                    <td align="center" colspan="2"><br /></td>
                    } else {

        <div id="imageselectorplus">

                        if (class_exists('ZipArchive')) {
                            $checkedY = "";
                            $checkedN = "";
                            $this->get_config('unzipping') ? $checkedY = ' checked="checked"' : ($checkedN = ' checked="checked"');
            <div class="clearfix radio_field">
                            echo PLUGIN_EVENT_IMAGESELECTORPLUS_UNZIP_FILES;
                    <input type="radio" class="input_radio" id="unzip_yes" name="serendipity[unzip_archives]" value="<?php 
                            echo YES;
                            echo $checkedY;
><label for="unzip_yes"><?php 
                            echo YES;
                    <input type="radio" class="input_radio" id="unzip_no" name="serendipity[unzip_archives]" value="<?php 
                            echo NO;
                            echo $checkedN;
><label for="unzip_no"><?php 
                            echo NO;
            <div id="quickblog_tablefield" class="clearfix">
                <div class="quickblog_form_field">
                    <label for="quickblog_titel"><?php 
                        echo TITLE;
                    <input id="quickblog_title" class="input_textbox" name="serendipity[quickblog][title]" type="text">

                <div class="quickblog_textarea_field">
                    <label for="nuggets2"><?php 
                        echo ENTRY_BODY;
                    <textarea id="nuggets2" class="quickblog_nugget" data-tarea="nuggets2" name="serendipity[quickblog][body]" rows="10" cols="80"></textarea>
                        if ($serendipity['wysiwyg']) {
                            $plugins = serendipity_plugin_api::enum_plugins('*', false, 'serendipity_event_nl2br');
                    <input name="serendipity[properties][disable_markups][]" type="hidden" value="<?php 
                            echo $plugins[0]['name'];
                            if (!class_exists('serendipity_event_ckeditor')) {
                    <script src="<?php 
                                echo $serendipity['serendipityHTTPPath'];
                            // just add a simple basic toolbar, since we cannot use embedded plugins here
                        CKEDITOR.replace( 'nuggets2',
                            toolbar : [['Format'],['Bold','Italic','Underline','Superscript','-','NumberedList','BulletedList','Outdent','Blockquote'],['JustifyBlock','JustifyCenter','JustifyRight'],['Link','Unlink'],['Source']],
                            toolbarGroups: null

                <div class="quickblog_form_field">
                    <label for="quickblog_select"><?php 
                        echo CATEGORY;
                    <select id="quickblog_select" name="serendipity[quickblog][category]">
                        <option value=""><?php 
                        echo NO_CATEGORY;
                        if (is_array($cats = serendipity_fetchCategories())) {
                            $cats = serendipity_walkRecursive($cats, 'categoryid', 'parentid', VIEWMODE_THREADED);
                            foreach ($cats as $cat) {
                                echo '<option value="' . $cat['categoryid'] . '">' . str_repeat('&nbsp;', $cat['depth']) . $cat['category_name'] . '</option>' . "\n";

                <div class="quickblog_form_select">
                    <label for="select_image_target"><?php 
                    <select id="select_image_target" name="serendipity[quickblog][target]">
                        <option value="none"<?php 
                        echo serendipity_ifRemember('target', 'none', false, 'selected');
                        echo NONE;
                        <option value="js"<?php 
                        echo serendipity_ifRemember('target', 'js', false, 'selected');
                        echo MEDIA_TARGET_JS;
                        <option value="plugin"<?php 
                        echo serendipity_ifRemember('target', 'plugin', false, 'selected');
                        echo MEDIA_ENTRY;
                        <option value="_blank"<?php 
                        echo serendipity_ifRemember('target', '_blank', false, 'selected');
                        echo MEDIA_TARGET_BLANK;

                <div class="clearfix radio_field quickblog_radio_field">
                        <input type="radio" class="input_radio" id="image_yes" name="serendipity[quickblog][isobject]" value="<?php 
                        echo YES;
"><label for="image_yes"><?php 
                        echo YES;
                        <input type="radio" class="input_radio" id="image_no" name="serendipity[quickblog][isobject]" value="<?php 
                        echo NO;
" checked="checked"><label for="image_no"><?php 
                        echo NO;

                <div class="quickblog_form_field">
                    <label for="quickblog_isize"><?php 
                        echo IMAGE_SIZE;
                    <input id="quickblog_isize" class="input_textbox" name="serendipity[quickblog][size]" value="<?php 
                        echo $serendipity['thumbSize'];
" type="text">
                case 'backend_image_add':
                    global $new_media;
                    // if file is zip archive and unzipping enabled
                    // unzip file and add all images to database
                    // retrieve file type
                    $target_zip = $eventData;
                    preg_match('@(^.*/)+(.*)\\.+(\\w*)@', $target_zip, $matches);
                    $target_dir = $matches[1];
                    $basename = $matches[2];
                    $extension = $matches[3];
                    $authorid = isset($serendipity['POST']['all_authors']) && $serendipity['POST']['all_authors'] == 'true' ? '0' : $serendipity['authorid'];
                    // only if unzipping function exists, we have archive file and unzipping set to yes
                    if (class_exists('ZipArchive') && $extension == 'zip' && $serendipity['POST']['unzip_archives'] == YES) {
                        // now unzip
                        $zip = new ZipArchive();
                        $res = $zip->open($target_zip);
                        if ($res === TRUE) {
                            $files_to_unzip = array();
                            $extracted_images = array();
                            for ($i = 0; $i < $zip->numFiles; $i++) {
                                $file_to_extract = $zip->getNameIndex($i);
                                if (file_exists($target_dir . $file_to_extract)) {
                                    echo '(' . $file_to_extract . ') ' . ERROR_FILE_EXISTS_ALREADY . '<br />';
                                } else {
                                    $files_to_unzip[] = $file_to_extract;
                                    $extracted_images[] = $target_dir . $file_to_extract;
                            $zip->extractTo($target_dir, $files_to_unzip);
                            echo PLUGIN_EVENT_IMAGESELECTORPLUS_UNZIP_OK;
                        } else {
                        // now proceed all unzipped images
                        foreach ($extracted_images as $target) {
                            preg_match('@(^.*/)+(.*)\\.+(\\w*)@', $target, $matches);
                            $real_dir = $matches[1];
                            $basename = $matches[2];
                            $extension = $matches[3];
                            $tfile = $basename . "." . $extension;
                            preg_match('@' . $serendipity['uploadPath'] . '(.*/)@', $target, $matches);
                            $image_directory = $matches[1];
                            // make thumbnails for new images
                            $thumbs = array(array('thumbSize' => $serendipity['thumbSize'], 'thumb' => $serendipity['thumbSuffix']));
                            serendipity_plugin_api::hook_event('backend_media_makethumb', $thumbs);
                            foreach ($thumbs as $thumb) {
                                // Create thumbnail
                                if ($created_thumbnail = serendipity_makeThumbnail($tfile, $image_directory, $thumb['thumbSize'], $thumb['thumb'])) {
                                    echo PLUGIN_EVENT_IMAGESELECTORPLUS_UNZIP_IMAGE_FROM_ARCHIVE . " - " . THUMB_CREATED_DONE . '<br />';
                            // Insert into database
                            $image_id = serendipity_insertImageInDatabase($tfile, $image_directory, $authorid, null, $realname);
                            $new_media[] = array('image_id' => $image_id, 'target' => $target, 'created_thumbnail' => $created_thumbnail);
                case 'backend_image_addHotlink':
                    // Re-Scale thumbnails?
                    $max_scale = array('width' => (int) $this->get_config('thumb_max_width'), 'height' => (int) $this->get_config('thumb_max_height'));
                    if ($max_scale['width'] > 0 || $max_scale['height'] > 0) {
                        $this->resizeThumb($max_scale, $eventData);
                    if (empty($serendipity['POST']['quickblog']['title'])) {
                    $file = basename($eventData);
                    $directory = str_replace($serendipity['serendipityPath'] . $serendipity['uploadPath'], '', dirname($eventData) . '/');
                    $size = (int) $serendipity['POST']['quickblog']['size'];
                    // check default Serendipity thumbSize, to make this happen like standard image uploads, and to get one "fullsize" image instance only,
                    // else create another quickblog image "resized" instance, to use as entries thumbnail image
                    if ($serendipity['thumbSize'] != $size) {
                        $oldSuffix = $serendipity['thumbSuffix'];
                        $serendipity['thumbSuffix'] = 'quickblog';
                        serendipity_makeThumbnail($file, $directory, $size);
                        $serendipity['thumbSuffix'] = $oldSuffix;
                    // Non-image object link generation
                    if ($serendipity['POST']['quickblog']['isobject'] == YES) {
                        $objfile = serendipity_parseFileName($file);
                        $filename = $objfile[0];
                        $suffix = $objfile[1];
                        $obj_mime = serendipity_guessMime($suffix);
                        $objpath = $serendipity['serendipityHTTPPath'] . $serendipity['uploadPath'] . $directory . $filename . '.' . $suffix;
                        // try to know about a working environment for imagemagicks pdf preview generation
                        if ($serendipity['magick'] === true && strtolower($suffix) == 'pdf' && $serendipity['thumbSize'] == $size) {
                            $objpreview = $serendipity['serendipityHTTPPath'] . $serendipity['uploadPath'] . $directory . $filename . '.' . $serendipity['thumbSuffix'] . '.' . $suffix . '.png';
                        } else {
                            $objpreview = serendipity_getTemplateFile('admin/img/mime_' . preg_replace('@[^0-9a-z_\\-]@i', '-', $obj_mime) . '.png');
                        if (!$objpreview || empty($objpreview)) {
                            $objpreview = serendipity_getTemplateFile('admin/img/mime_unknown.png');
                    // New draft post
                    $entry = array();
                    $entry['isdraft'] = 'false';
                    $entry['title'] = function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['quickblog']['title']) : htmlspecialchars($serendipity['POST']['quickblog']['title'], ENT_COMPAT, LANG_CHARSET);
                    if (isset($objpath) && !empty($objpath)) {
                        $entry['body'] = '<a href="' . $objpath . '"><img alt="" class="serendipity_image_left serendipity_quickblog_image" src="' . $objpreview . '">' . $filename . '</a> (-' . $obj_mime . '-)<p>' . $serendipity['POST']['quickblog']['body'] . '</p>';
                    } else {
                        $entry['body'] = '<!--quickblog:' . $serendipity['POST']['quickblog']['target'] . '|' . $eventData . '-->' . $serendipity['POST']['quickblog']['body'];
                    $entry['authorid'] = $serendipity['authorid'];
                    $entry['exflag'] = false;
                    $entry['categories'][0] = function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['quickblog']['category']) : htmlspecialchars($serendipity['POST']['quickblog']['category'], ENT_COMPAT, LANG_CHARSET);
                    #$entry['allow_comments']    = 'true'; // both disabled
                    #$entry['moderate_comments'] = 'false'; // to take default values
                    $serendipity['POST']['properties']['fake'] = 'fake';
                    $id = serendipity_updertEntry($entry);
                case 'frontend_display':
                    // auto resizing images based on width and/or height attributes in img tag
                    if (serendipity_db_bool($this->get_config('autoresize'))) {
                        if (!empty($eventData['body'])) {
                            $eventData['body'] = $this->substituteImages($eventData['body']);
                        if (!empty($eventData['extended'])) {
                            $eventData['extended'] = $this->substituteImages($eventData['extended']);
                    if (empty($eventData['body'])) {
                    // displaying quickblog posts
                    if (is_object($serendipity['smarty']) && preg_match('@<!--quickblog:(.+)-->@imsU', $eventData['body'], $filematch)) {
                        $eventData['body'] = $this->parse_quickblog_post($filematch[1], $eventData['body']);
                    // displaying galleries introduced by markup
                    foreach ($this->markup_elements as $temp) {
                        if (serendipity_db_bool($this->get_config($temp['name'], true)) && isset($eventData[$temp['element']]) && !$eventData['properties']['ep_disable_markup_' . $this->instance] && !isset($serendipity['POST']['properties']['disable_markup_' . $this->instance])) {
                            $element = $temp['element'];
                            $eventData[$element] = $this->media_insert($eventData[$element], $eventData);
                    return true;
                case 'backend_entry_presave':
                    if (is_numeric($eventData['id'])) {
                        $eventData['body'] = str_replace('{{s9yisp_entryid}}', $eventData['id'], $eventData['body']);
                        $eventData['extended'] = str_replace('{{s9yisp_entryid}}', $eventData['id'], $eventData['extended']);
                        $this->gotMilk = true;
                    } else {
                        $this->cache['body'] = $eventData['body'];
                        $this->cache['extended'] = $eventData['extended'];
                case 'backend_publish':
                case 'backend_save':
                    if ($this->gotMilk === false) {
                        $old = md5($this->cache['body']) . md5($this->cache['extended']);
                        $this->cache['body'] = str_replace('{{s9yisp_entryid}}', $eventData['id'], $this->cache['body']);
                        $this->cache['extended'] = str_replace('{{s9yisp_entryid}}', $eventData['id'], $this->cache['extended']);
                        $new = md5($this->cache['body']) . md5($this->cache['extended']);
                        if ($old != $new) {
                            serendipity_db_query("UPDATE {$serendipity['dbPrefix']}entries\n                                                     SET body     = '" . serendipity_db_escape_string($this->cache['body']) . "',\n                                                         extended = '" . serendipity_db_escape_string($this->cache['extended']) . "'\n                                                   WHERE       id = " . (int) $eventData['id']);
                case 'entry_display':
                    if ($this->selected()) {
                        if (is_array($eventData)) {
                            $eventData['clean_page'] = true;
                            // This is important to not display an entry list!
                        } else {
                            $eventData = array('clean_page' => true);
                case 'entries_header':
                    if (!$this->selected()) {
                        return true;
                    if ($serendipity['version'][0] > 1) {
                        return true;
                    if (!headers_sent()) {
                        header('HTTP/1.0 200');
                        header('Status: 200 OK');
                    $entry = serendipity_fetchEntry('id', $serendipity['GET']['id']);
                    $imageid = $serendipity['GET']['image'];
                    $imgsrc = '';
                    if (preg_match('@<a title="([^"]+)" id="s9yisp' . $imageid . '"></a>@imsU', $entry['body'], $imgmatch)) {
                        $imgsrc = $imgmatch[1];
                    } elseif (preg_match('@<a title="([^"]+)" id="s9yisp' . $imageid . '"></a>@imsU', $entry['extended'], $imgmatch)) {
                        $imgsrc = $imgmatch[1];
                    } else {
                    $link = '<a href="' . serendipity_archiveURL($serendipity['GET']['id'], $entry['title'], 'baseURL', true, array('timestamp' => $entry['timestamp'])) . '#s9yisp' . $imageid . '">';
                    echo '<div class="serendipity_Entry_Date">
                             <h3 class="serendipity_date">' . serendipity_formatTime(DATE_FORMAT_ENTRY, $entry['timestamp']) . '</h3>';
                    echo '<h4 class="serendipity_title"><a href="#">' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($entry['title']) : htmlspecialchars($entry['title'], ENT_COMPAT, LANG_CHARSET)) . '</a></h4>';
                    echo '<div class="serendipity_entry"><div class="serendipity_entry_body">';
                    echo '<div class="serendipity_center">' . $link . '<!-- s9ymdb:' . $entry['id'] . ' --><img src="' . $imgsrc . '" /></a></div>';
                    echo '<br />';
                    echo $link . '&lt;&lt; ' . BACK . '</a>';
                    echo "</div>\n</div>\n</div>\n";
                    return true;
                case 'frontend_image_add_unknown':
                case 'frontend_image_add_filenameonly':
                case 'frontend_image_selector_submit':
                case 'frontend_image_selector_more':
                case 'frontend_image_selector_imagecomment':
                case 'frontend_image_selector_imagealign':
                case 'frontend_image_selector_imagesize':
                case 'frontend_image_selector_hiddenfields':
                case 'frontend_image_selector_imagelink':
                    return true;
                case 'css_backend':
                    if ($serendipity['version'][0] > 1) {

#imageselectorplus .radio_field input {
    margin: 0 0.5em;
#quickblog_tablefield {
   display: table-cell;
#uploadform .quickblog_nugget {
    margin-left: 0;
    padding: 0;
#quickblog_tablefield .quickblog_form_field {
    margin: .375em 0;
#quickblog_tablefield .quickblog_radio_field div label,
#quickblog_tablefield .radio_field label {
    padding-left: .5em;
#quickblog_tablefield .quickblog_form_select {
    margin-top: 0.75em;
    margin-bottom: 0.75em;
#quickblog_tablefield .quickblog_radio_field label {
    padding-left: 0;
#quickblog_tablefield .quickblog_radio_field div {
    display: inline;
#quickblog_tablefield .quickblog_radio_field input {
    margin-left: 0.5em;

                case 'css':

#content .serendipity_quickblog_image {
    border: medium none transparent;
.serendipity_mediainsert_gallery {
    border: 1px solid #C0C0C0;
    margin: 0px;
    overflow: auto;
    padding: 0.4em;

                case 'frontend_image_selector':
                    if ($serendipity['version'][0] < 2) {
                        $eventData['finishJSFunction'] = 'serendipity_imageSelectorPlus_done(\'' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['textarea']) : htmlspecialchars($serendipity['GET']['textarea'], ENT_COMPAT, LANG_CHARSET)) . '\')';
                    } else {
                        $eventData['finishJSFunction'] = 'serendipity.serendipity_imageSelector_done(\'' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['textarea']) : htmlspecialchars($serendipity['GET']['textarea'], ENT_COMPAT, LANG_CHARSET)) . '\')';
                    return true;
                    return false;
        } else {
            return false;
Пример #16
function serveEntry($matches)
    global $serendipity;
    $serendipity['view'] = 'entry';
    $uri = $_SERVER['REQUEST_URI'];
    if (isset($serendipity['GET']['id'])) {
        $matches[1] = (int) $serendipity['GET']['id'];
    } elseif (isset($_GET['p'])) {
        $matches[1] = $_GET['p'];
    } else {
        $matches[1] = serendipity_searchPermalink($serendipity['permalinkStructure'], $uri, !empty($matches[2]) ? $matches[2] : $matches[1], 'entry');
    if (!empty($serendipity['POST']['submit']) && !isset($_REQUEST['serendipity']['csuccess'])) {
        $comment['url'] = $serendipity['POST']['url'];
        $comment['comment'] = trim($serendipity['POST']['comment']);
        $comment['name'] = $serendipity['POST']['name'];
        $comment['email'] = $serendipity['POST']['email'];
        $comment['subscribe'] = $serendipity['POST']['subscribe'];
        $comment['parent_id'] = $serendipity['POST']['replyTo'];
        if (!empty($comment['comment'])) {
            if (serendipity_saveComment($serendipity['POST']['entry_id'], $comment, 'NORMAL')) {
                $sc_url = ($_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . (strstr($_SERVER['REQUEST_URI'], '?') ? '&' : '?') . 'serendipity[csuccess]=' . (isset($serendipity['csuccess']) ? $serendipity['csuccess'] : 'true');
                if (serendipity_isResponseClean($sc_url)) {
                    header('Status: 302 Found');
                    header('Location: ' . $sc_url);
            } else {
                $serendipity['messagestack']['comments'][] = COMMENT_NOT_ADDED;
        } else {
            $serendipity['messagestack']['comments'][] = sprintf(EMPTY_COMMENT, '', '');
    $id = (int) $matches[1];
    if ($id === 0) {
        $id = false;
    $_GET['serendipity']['action'] = 'read';
    $_GET['serendipity']['id'] = $id;
    $title = serendipity_db_query("SELECT title FROM {$serendipity['dbPrefix']}entries WHERE id={$id} AND isdraft = 'false' " . (!serendipity_db_bool($serendipity['showFutureEntries']) ? " AND timestamp <= " . serendipity_db_time() : ''), true);
    if (is_array($title)) {
        $serendipity['head_title'] = serendipity_specialchars($title[0]);
        $serendipity['head_subtitle'] = serendipity_specialchars($serendipity['blogTitle']);
    } else {
        $serendipity['view'] = '404';
        $serendipity['viewtype'] = '404_1';
        header('HTTP/1.0 404 Not found');
        header('Status: 404 Not found');
    include S9Y_INCLUDE_PATH . 'include/';
Пример #17
if (!isset($serendipity['dashboardLimit'])) {
    $serendipity['dashboardLimit'] = 5;
if (!isset($serendipity['dashboardDraftLimit'])) {
    $serendipity['dashboardDraftLimit'] = 5;
$comments = serendipity_db_query("SELECT c.*, e.title FROM {$serendipity['dbPrefix']}comments c\n                                    LEFT JOIN {$serendipity['dbPrefix']}entries e ON ( = c.entry_id)\n                                    ORDER BY DESC LIMIT " . (int) $serendipity['dashboardCommentsLimit']);
if (is_array($comments) && count($comments) > 0) {
    foreach ($comments as &$comment) {
        $comment['entrylink'] = serendipity_archiveURL($comment['entry_id'], 'comments', 'serendipityHTTPPath', true) . '#c' . $comment['id'];
        $comment['fullBody'] = $comment['body'];
        $comment['summary'] = serendipity_mb('substr', $comment['body'], 0, 100);
        if (strlen($comment['fullBody']) > strlen($comment['summary'])) {
            $comment['excerpt'] = true;
            // When summary is not the full body, strip HTML tags from summary, as it might break and leave unclosed HTML.
            $comment['fullBody'] = nl2br(serendipity_specialchars($comment['fullBody']));
            $comment['summary'] = nl2br(strip_tags($comment['summary']));
$data['comments'] = $comments;
$entries = serendipity_fetchEntries(false, false, (int) $serendipity['dashboardLimit'], true, false, 'timestamp DESC', 'e.timestamp >= ' . serendipity_serverOffsetHour());
$entriesAmount = count($entries);
if ($entriesAmount < (int) $serendipity['dashboardDraftLimit']) {
    // there is still space for drafts
    $drafts = serendipity_fetchEntries(false, false, (int) $serendipity['dashboardDraftLimit'] - $entriesAmount, true, false, 'timestamp DESC', "isdraft = 'true' AND e.timestamp <= " . serendipity_serverOffsetHour());
    if (is_array($entries) && is_array($drafts)) {
        $entries = array_merge($entries, $drafts);
    } else {
        if (is_array($drafts)) {
            // $entries is not an array, thus empty
 function event_hook($event, &$bag, &$eventData, $addData = null)
     global $serendipity;
     $hooks =& $bag->get('event_hooks');
     if (isset($hooks[$event])) {
         switch ($event) {
             case 'frontend_display':
                 /* Parse the glossary list into two arrays and clean up*/
                 $terms = array();
                 $lines = explode("\n", $this->get_config('list'));
                 foreach ($lines as $line) {
                     $temp = explode($this->get_config('separator', ':'), $line);
                     $s = trim($temp[0]);
                     $r = trim($temp[1]);
                     if (strlen($s) > 0 && ctype_alnum($s) && strlen($r) > 0) {
                         $terms[] = array($s, function_exists('serendipity_specialchars') ? serendipity_specialchars($r) : htmlspecialchars($r, ENT_COMPAT, LANG_CHARSET));
                 /* go through markup elements and call the markup function if there are terms*/
                 if (count($terms) > 0) {
                     foreach ($this->markup_elements as $temp) {
                         if (serendipity_db_bool($this->get_config($temp['name'], true)) && isset($eventData[$temp['element']]) && !$eventData['properties']['ep_disable_markup_' . $this->instance] && !isset($serendipity['POST']['properties']['disable_markup_' . $this->instance])) {
                             $element = $temp['element'];
                             $eventData[$element] = $this->_glossary_markup($eventData[$element], $terms);
                 return true;
             case 'css':
                 /* If the user hasn't added a CSS Class called serendipity_glossaryMarkup, we add a pretty one for him */
                 if (strstr($eventData, '.serendipity_glossaryMarkup') === false) {
                     $eventData .= "\n";
                     $eventData .= '.serendipity_glossaryMarkup {' . "\n";
                     $eventData .= '    color: #9F141A;' . "\n";
                     $eventData .= '    cursor: help;' . "\n";
                     $eventData .= '}' . "\n";
                 return true;
                 return false;
     } else {
         return false;
Пример #19
 function import()
     global $serendipity;
     // Save this so we can return it to its original value at the end of this method.
     $noautodiscovery = isset($serendipity['noautodiscovery']) ? $serendipity['noautodiscovery'] : false;
     if ($this->data['autodiscovery'] == 'false') {
         $serendipity['noautodiscovery'] = 1;
     $users = array();
     $entries = array();
     if (!extension_loaded('mysqli')) {
         return MYSQL_REQUIRED;
     $ltdb = @mysqli_connect($this->data['host'], $this->data['user'], $this->data['pass']);
     if (!$ltdb || mysqli_connect_error()) {
         return sprintf(COULDNT_CONNECT, serendipity_specialchars($this->data['host']));
     if (!@mysqli_select_db($ltdb, $this->data['name'])) {
         return sprintf(COULDNT_SELECT_DB, mysqli_error($ltdb));
     /* Users */
     $res = @$this->nativeQuery("SELECT \n                                            user AS user_login,\n                                            `password` AS user_pass,\n                                            email AS user_email,\n                                            full_name AS user_name,\n                                            site_admin AS user_level,\n                                            id AS ID\n                                       FROM lt_users", $ltdb);
     if (!$res) {
         return sprintf(COULDNT_SELECT_USER_INFO, mysqli_error($ltdb));
     for ($x = 0, $max_x = mysqli_num_rows($res); $x < $max_x; $x++) {
         $users[$x] = mysqli_fetch_assoc($res);
         $data = array('right_publish' => true, 'realname' => $users[$x]['user_name'], 'username' => $users[$x]['user_login'], 'userlevel' => $users[$x]['user_level'] > 0 ? USERLEVEL_ADMIN : USERLEVEL_EDITOR, 'email' => $users[$x]['user_email'], 'password' => $users[$x]['user_pass']);
         // MD5 compatible
         if ($serendipity['serendipityUserlevel'] < $data['userlevel']) {
             $data['userlevel'] = $serendipity['serendipityUserlevel'];
         serendipity_db_insert('authors', $this->strtrRecursive($data));
         $users[$x]['authorid'] = serendipity_db_insert_id('authors', 'authorid');
     /* Categories */
     if (!$this->importCategories(null, 0, $ltdb)) {
         return sprintf(COULDNT_SELECT_CATEGORY_INFO, mysqli_error($ltdb));
     /* Entries */
     $res = @$this->nativeQuery("SELECT \n                                           article_id AS ID,\n                                           UNIX_TIMESTAMP(`date`) AS tstamp, \n                                           user_id AS post_author, \n                                           status AS post_status,\n                                           text AS post_content,\n                                           topic AS post_title\n                                      FROM lt_articles \n                                      JOIN lt_articles_text\n                                        ON lt_articles_text.article_id =\n                               ORDER BY ID;", $ltdb);
     if (!$res) {
         return sprintf(COULDNT_SELECT_ENTRY_INFO, mysqli_error($ltdb));
     for ($x = 0, $max_x = mysqli_num_rows($res); $x < $max_x; $x++) {
         $entries[$x] = mysqli_fetch_assoc($res);
         $entry = array('title' => $this->decode($entries[$x]['post_title']), 'isdraft' => $entries[$x]['post_status'] == '1' ? 'false' : 'true', 'allow_comments' => 'true', 'timestamp' => $entries[$x]['tstamp'], 'body' => $this->strtr($entries[$x]['post_content']));
         $entry['authorid'] = '';
         $entry['author'] = '';
         foreach ($users as $user) {
             if ($user['ID'] == $entries[$x]['post_author']) {
                 $entry['authorid'] = $user['authorid'];
                 $entry['author'] = $user['user_login'];
         if (!is_int($entries[$x]['entryid'] = serendipity_updertEntry($entry))) {
             return $entries[$x]['entryid'];
     /* Even more category stuff */
     $res = @$this->nativeQuery("SELECT article_id AS postcat_post_ID, \n                                           category_id AS postcat_cat_ID \n                                      FROM lt_article_categories_link", $ltdb);
     if (!$res) {
         return sprintf(COULDNT_SELECT_CATEGORY_INFO, mysqli_error($ltdb));
     for ($x = 0, $max_x = mysqli_num_rows($res); $x < $max_x; $x++) {
         $entrycat = mysqli_fetch_assoc($res);
         $entryid = 0;
         $categoryid = 0;
         foreach ($entries as $entry) {
             if ($entry['ID'] == $entrycat['postcat_post_ID']) {
                 $entryid = $entry['entryid'];
         foreach ($this->categories as $category) {
             if ($category['cat_ID'] == $entrycat['postcat_cat_ID']) {
                 $categoryid = $category['categoryid'];
         if ($entryid > 0 && $categoryid > 0) {
             $data = array('entryid' => $entryid, 'categoryid' => $categoryid);
             serendipity_db_insert('entrycat', $this->strtrRecursive($data));
     /* Comments */
     $res = @$this->nativeQuery("SELECT article_id AS comment_post_ID,\n                                           topic AS title,\n                                           text AS comment_content,\n                                           user_email AS comment_author_email,\n                                           user_url AS comment_author_url,\n                                           user_name AS comment_author,\n                                           user_id AS comment_author_ID,\n                                           UNIX_TIMESTAMP(`date`) AS tstamp,\n                                           client_ip AS comment_author_IP,\n                                           status AS comment_status\n                                      FROM lt_articles_comments;", $ltdb);
     if (!$res) {
         return sprintf(COULDNT_SELECT_COMMENT_INFO, mysqli_error($ltdb));
     while ($a = mysqli_fetch_assoc($res)) {
         foreach ($entries as $entry) {
             if ($entry['ID'] == $a['comment_post_ID']) {
                 $author = '';
                 $mail = '';
                 $url = '';
                 if (!empty($a['comment_author_ID']) && $a['comment_author_ID'] > 0) {
                     foreach ($users as $user) {
                         if ($user['ID'] == $a['comment_author_ID']) {
                             $author = $user['user_login'];
                             $mail = $user['user_email'];
                             $url = $user['user_url'];
                 if (empty($author) && empty($mail)) {
                     $author = $a['comment_author'];
                     $mail = $a['comment_author_email'];
                     $url = $a['comment_author_url'];
                 $comment = array('entry_id ' => $entry['entryid'], 'parent_id' => 0, 'timestamp' => $a['tstamp'], 'author' => $author, 'email' => $mail, 'url' => $url, 'title' => $a['title'], 'ip' => $a['comment_author_IP'], 'status' => $a['comment_status'] == '2' ? 'pending' : 'approved', 'body' => $a['comment_content'], 'subscribed' => 'false', 'type' => 'NORMAL');
                 serendipity_db_insert('comments', $this->strtrRecursive($comment));
                 if ($a['comment_status'] != '2') {
                     $cid = serendipity_db_insert_id('comments', 'id');
                     serendipity_approveComment($cid, $entry['entryid'], true);
     $serendipity['noautodiscovery'] = $noautodiscovery;
     // That was fun.
     return true;
    function event_hook($event, &$bag, &$eventData, $addData = null)
        global $serendipity;
        $hooks =& $bag->get('event_hooks');
        if (isset($hooks[$event])) {
            switch ($event) {
                case 'genpage':
                    $args = implode('/', serendipity_getUriArguments($eventData, true));
                    if ($serendipity['rewrite'] != 'none') {
                        $nice_url = $serendipity['serendipityHTTPPath'] . $args;
                    } else {
                        $nice_url = $serendipity['serendipityHTTPPath'] . $serendipity['indexFile'] . '?/' . $args;
                    $myi = strpos($nice_url, '?');
                    if ($myi != 0 && $serendipity['rewrite'] != 'none') {
                        $nice_url2 = substr($nice_url, $myi + 1);
                    $myi = strpos($nice_url, '?');
                    if ($myi != 0 && $serendipity['rewrite'] != 'none') {
                        $nice_url = substr($nice_url, 0, $myi);
                    $myi = strpos($nice_url, '&');
                    if ($myi != 0 && $serendipity['rewrite'] != 'none') {
                        $nice_url = substr($nice_url, 0, $myi);
                    $myi = strpos($nice_url2, '&');
                    if ($myi != 0 && $serendipity['rewrite'] != 'none') {
                        $nice_url2 = substr($nice_url2, 0, $myi);
                    $query = "SELECT entryid FROM {$serendipity['dbPrefix']}entryproperties WHERE property = 'permalink'\n                                     AND value IN ('" . serendipity_db_escape_string($nice_url) . "', '/" . serendipity_db_escape_string($nice_url) . "',\n                                                   '" . serendipity_db_escape_string($nice_url2) . "', '/" . serendipity_db_escape_string($nice_url2) . "')";
                    $retid = serendipity_db_query($query);
                    if (is_array($retid) && !empty($retid[0]['entryid'])) {
                case 'entry_display':
                    $ids = array();
                    if (!is_array($eventData)) {
                        return true;
                    foreach ($eventData as $entry) {
                        $ids[] = $entry['id'];
                    $query = "SELECT entryid,value FROM {$serendipity['dbPrefix']}entryproperties WHERE entryid IN (" . implode(', ', $ids) . ") AND property = 'permalink'";
                    $retval = serendipity_db_query($query);
                    if (is_array($retval)) {
                        foreach ((array) $retval as $pl) {
                            $this->ids[$pl['entryid']] = $pl['value'];
                case 'frontend_display:html:per_entry':
                    if (isset($this->ids[$eventData['id']]) && stristr($this->ids[$eventData['id']], '/' . UNKNOWN) === FALSE) {
                        $eventData['link'] = $this->ids[$eventData['id']];
                        $urldata = parse_url($serendipity['baseURL']);
                        $eventData['rdf_ident'] = $urldata['scheme'] . '://' . $urldata['host'] . $this->ids[$eventData['id']];
                case 'backend_display':
                    $permalink = !empty($serendipity['POST']['permalink']) ? $serendipity['POST']['permalink'] : '';
                    if (!empty($eventData['id']) && empty($permalink)) {
                        $query = "SELECT value FROM {$serendipity['dbPrefix']}entryproperties WHERE entryid = '" . $eventData['id'] . "' AND property = 'permalink'";
                        $retval = serendipity_db_query($query);
                        if (is_array($retval) && !empty($retval[0]['value'])) {
                            $permalink = $retval[0]['value'];
                    $title = $eventData['title'];
                    if (empty($title)) {
                        $title = UNKNOWN;
                    if (empty($permalink)) {
                        $permalink = $serendipity['rewrite'] != 'none' ? $serendipity['serendipityHTTPPath'] . 'permalink/' . serendipity_makeFilename($title) . '.html' : $serendipity['serendipityHTTPPath'] . $serendipity['indexFile'] . '?/permalink/' . serendipity_makeFilename($title) . '.html';
                    <fieldset style="margin: 5px">
                    echo PLUGIN_EVENT_CUSTOM_PERMALINKS_PL;
<br /><br /></div>
                            <label for="permalink" title="<?php 
                    echo htmlentities(PLUGIN_EVENT_CUSTOM_PERMALINKS_PL, ENT_COMPAT, LANG_CHARSET);
                    echo PLUGIN_EVENT_CUSTOM_PERMALINKS_PL;
:</label> <input class="input_textbox" type="text" style="width: 60%" name="serendipity[permalink]" id="permalink" value="<?php 
                    echo function_exists('serendipity_specialchars') ? serendipity_specialchars($permalink) : htmlspecialchars($permalink, ENT_COMPAT, LANG_CHARSET);
" />
                    return true;
                case 'backend_publish':
                case 'backend_save':
                    if (!isset($serendipity['POST']['permalink']) || !isset($eventData['id'])) {
                        return true;
                    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}entryproperties WHERE entryid = '" . $eventData['id'] . "' AND property = 'permalink'");
                    serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}entryproperties (entryid, value, property) VALUES ('" . $eventData['id'] . "', '" . serendipity_db_escape_string($serendipity['POST']['permalink']) . "', 'permalink')");
                    return true;
                    return false;
        } else {
            return false;
 function event_hook($event, &$bag, &$eventData, $addData = null)
     global $serendipity;
     $debug = true;
     $hooks =& $bag->get('event_hooks');
     if (isset($hooks[$event])) {
         $captchas_ttl = $this->get_config('captchas_ttl', 7);
         $_captchas = $this->get_config('captchas', 'yes');
         $captchas = $_captchas !== 'no' && ($_captchas === 'yes' || $_captchas === 'scramble' || serendipity_db_bool($_captchas));
         // Check if the entry is older than the allowed amount of time. Enforce kaptchas if that is true
         // of if kaptchas are activated for every entry
         $show_captcha = $captchas && isset($eventData['timestamp']) && ($captchas_ttl < 1 || $eventData['timestamp'] < time() - $captchas_ttl * 60 * 60 * 24) ? true : false;
         // Plugins can override with custom captchas
         if (isset($serendipity['plugins']['disable_internal_captcha'])) {
             $show_captcha = false;
         $forcemoderation = $this->get_config('forcemoderation', 60);
         $forcemoderation_treat = $this->get_config('forcemoderation_treat', 'moderate');
         $forcemoderationt = $this->get_config('forcemoderationt', 60);
         $forcemoderationt_treat = $this->get_config('forcemoderationt_treat', 'moderate');
         $links_moderate = $this->get_config('links_moderate', 10);
         $links_reject = $this->get_config('links_reject', 20);
         if (function_exists('imagettftext') && function_exists('imagejpeg')) {
             $max_char = 5;
             $min_char = 3;
             $use_gd = true;
         } else {
             $max_char = $min_char = 5;
             $use_gd = false;
         switch ($event) {
             case 'fetchcomments':
                 if (is_array($eventData) && !$_SESSION['serendipityAuthedUser'] && serendipity_db_bool($this->get_config('hide_email', false))) {
                     // Will force emails to be not displayed in comments and RSS feed for comments. Will not apply to logged in admins (so not in the backend as well)
                     while (list($idx, $comment) = each($eventData)) {
                         $eventData[$idx]['no_email'] = true;
             case 'frontend_saveComment':
                     $fp = fopen('/tmp/spamblock2.log', 'a');
                     fwrite($fp, date('Y-m-d H:i') . "\n" . print_r($eventData, true) . "\n" . print_r($addData, true) . "\n");
                 if (!is_array($eventData) || serendipity_db_bool($eventData['allow_comments'])) {
                     $serendipity['csuccess'] = 'true';
                     $logfile = $this->logfile = $this->get_config('logfile', $serendipity['serendipityPath'] . 'spamblock.log');
                     $required_fields = $this->get_config('required_fields', '');
                     $checkmail = $this->get_config('checkmail');
                     // Check CSRF [comments only, cannot be applied to trackbacks]
                     if ($addData['type'] == 'NORMAL' && serendipity_db_bool($this->get_config('csrf', true))) {
                         if (!serendipity_checkFormToken(false)) {
                             $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_CSRF_REASON, $addData);
                             $eventData = array('allow_comments' => false);
                             $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_CSRF_REASON;
                     // Check required fields
                     if ($addData['type'] == 'NORMAL' && !empty($required_fields)) {
                         $required_field_list = explode(',', $required_fields);
                         foreach ($required_field_list as $required_field) {
                             $required_field = trim($required_field);
                             if (empty($addData[$required_field])) {
                                 $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_REQUIRED_FIELD, $addData);
                                 $eventData = array('allow_comments' => false);
                                 $serendipity['messagestack']['comments'][] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_REQUIRED_FIELD, $required_field);
                                 return false;
                     if ($addData['type'] != 'NORMAL' && empty($addData['name'])) {
                         $eventData = array('allow_coments' => false);
                         $this->log($logfile, $eventData['id'], 'INVALIDGARV', 'INVALIDGARV', $addData);
                         return false;
                     // Check whether to allow comments from registered authors
                     if (serendipity_userLoggedIn() && $this->inGroup()) {
                         return true;
                     // Check if the user has verified himself via email already.
                     if ($addData['type'] == 'NORMAL' && (string) $checkmail === 'verify_once') {
                         $auth = serendipity_db_query("SELECT *\n                                                            FROM {$serendipity['dbPrefix']}options\n                                                           WHERE okey  = 'mail_confirm'\n                                                             AND name  = '" . serendipity_db_escape_string($addData['email']) . "'\n                                                             AND value = '" . serendipity_db_escape_string($addData['name']) . "'", true);
                         if (!is_array($auth)) {
                             // Filter authors names, Filter URL, Filter Content, Filter Emails, Check for maximum number of links before rejecting
                             // moderate false
                             if (false === $this->wordfilter($logfile, $eventData, $wordmatch, $addData, true)) {
                                 // already there #$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_FILTER_WORDS, $addData);
                                 // already there #$eventData = array('allow_comments' => false);
                                 // already there #$serendipity['messagestack']['emails'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
                                 return false;
                             } elseif (serendipity_db_bool($this->get_config('killswitch', false)) === true) {
                                 $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_KILLSWITCH, $addData);
                                 $eventData = array('allow_comments' => false);
                                 $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_KILLSWITCH;
                                 return false;
                             } else {
                                 $this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL, $addData);
                                 $eventData['moderate_comments'] = true;
                                 $eventData['status'] = 'confirm1';
                                 $serendipity['csuccess'] = 'moderate';
                                 $serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL;
                                 return false;
                         } else {
                             // User is allowed to post message, bypassing other checks as if he were logged in.
                             return true;
                     // Check if entry title is the same as comment body
                     if (serendipity_db_bool($this->get_config('entrytitle')) && trim($eventData['title']) == trim($addData['comment'])) {
                         $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_TITLE, $addData);
                         $eventData = array('allow_comments' => false);
                         $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
                         return false;
                     // Check for global emergency moderation
                     if (serendipity_db_bool($this->get_config('killswitch', false)) === true) {
                         $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_KILLSWITCH, $addData);
                         $eventData = array('allow_comments' => false);
                         $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_KILLSWITCH;
                         return false;
                     // Check for not allowing trackbacks/pingbacks/wfwcomments
                     if (($addData['type'] != 'NORMAL' || $addData['source'] == 'API') && $this->get_config('disable_api_comments', 'none') != 'none') {
                         if ($this->get_config('disable_api_comments') == 'reject') {
                             $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_API, $addData);
                             $eventData = array('allow_comments' => false);
                             $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_API;
                             return false;
                         } elseif ($this->get_config('disable_api_comments') == 'moderate') {
                             $this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_REASON_API, $addData);
                             $eventData['moderate_comments'] = true;
                             $serendipity['csuccess'] = 'moderate';
                             $serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_API;
                     // Check if sender ip is matching trackback/pingback ip (ip validation)
                     $trackback_ipvalidation_option = $this->get_config('trackback_ipvalidation', 'moderate');
                     if (($addData['type'] == 'TRACKBACK' || $addData['type'] == 'PINGBACK') && $trackback_ipvalidation_option != 'no') {
                         $exclude_urls = explode(';', $this->get_config('trackback_ipvalidation_url_exclude', $this->get_default_exclude_urls()));
                         $found_exclude_url = false;
                         foreach ($exclude_urls as $exclude_url) {
                             $exclude_url = trim($exclude_url);
                             if (empty($exclude_url)) {
                             $found_exclude_url = preg_match('@' . $exclude_url . '@', $addData['url']);
                             if ($found_exclude_url) {
                         if (!$found_exclude_url) {
                             $parts = @parse_url($addData['url']);
                             $tipval_method = $trackback_ipvalidation_option == 'reject' ? 'REJECTED' : 'MODERATE';
                             // Getting host from url successfully?
                             if (!is_array($parts)) {
                                 // not a valid URL
                                 $this->log($logfile, $eventData['id'], $tipval_method, sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $addData['url'], '', ''), $addData);
                                 if ($trackback_ipvalidation_option == 'reject') {
                                     $eventData = array('allow_comments' => false);
                                     $serendipity['messagestack']['comments'][] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $addData['url']);
                                     return false;
                                 } else {
                                     $eventData['moderate_comments'] = true;
                                     $serendipity['csuccess'] = 'moderate';
                                     $serendipity['moderate_reason'] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $addData['url']);
                             $trackback_ip = preg_replace('/[^0-9.]/', '', gethostbyname($parts['host']));
                             $sender_ip = preg_replace('/[^0-9.]/', '', $_SERVER['REMOTE_ADDR']);
                             $sender_ua = $debug ? ', ua="' . $_SERVER['HTTP_USER_AGENT'] . '"' : '';
                             // Is host ip and sender ip matching?
                             if ($trackback_ip != $sender_ip) {
                                 $this->log($logfile, $eventData['id'], $tipval_method, sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $parts['host'], $trackback_ip, $sender_ip . $sender_ua), $addData);
                                 if ($trackback_ipvalidation_option == 'reject') {
                                     $eventData = array('allow_comments' => false);
                                     $serendipity['messagestack']['comments'][] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $parts['host'], $trackback_ip, $sender_ip . $sender_ua);
                                     return false;
                                 } else {
                                     $eventData['moderate_comments'] = true;
                                     $serendipity['csuccess'] = 'moderate';
                                     $serendipity['moderate_reason'] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $parts['host'], $trackback_ip, $sender_ip . $sender_ua);
                     // Filter Akismet Blacklist?
                     $akismet_apikey = $this->get_config('akismet');
                     $akismet = $this->get_config('akismet_filter');
                     if (!empty($akismet_apikey) && ($akismet == 'moderate' || $akismet == 'reject') && !isset($addData['skip_akismet'])) {
                         $spam = $this->getBlacklist('', $akismet_apikey, $eventData, $addData);
                         if ($spam['is_spam'] !== false) {
                             if ($akismet == 'moderate') {
                                 $this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_REASON_AKISMET_SPAMLIST . ': ' . $spam['message'], $addData);
                                 $eventData['moderate_comments'] = true;
                                 $serendipity['csuccess'] = 'moderate';
                                 $serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY . ' (Akismet)';
                             } else {
                                 $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_AKISMET_SPAMLIST . ': ' . $spam['message'], $addData);
                                 $eventData = array('allow_comments' => false);
                                 $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
                                 return false;
                     // Check Trackback URLs?
                     if (($addData['type'] == 'TRACKBACK' || $addData['type'] == 'PINGBACK') && serendipity_db_bool($this->get_config('trackback_check_url'))) {
                         require_once S9Y_PEAR_PATH . 'HTTP/Request.php';
                         if (function_exists('serendipity_request_start')) {
                         $req = new HTTP_Request($addData['url'], array('allowRedirects' => true, 'maxRedirects' => 5, 'readTimeout' => array(5, 0)));
                         $is_valid = false;
                         if (PEAR::isError($req->sendRequest()) || $req->getResponseCode() != '200') {
                             $is_valid = false;
                         } else {
                             $fdata = $req->getResponseBody();
                             // Check if the target page contains a link to our blog
                             if (preg_match('@' . preg_quote($serendipity['baseURL'], '@') . '@i', $fdata)) {
                                 $is_valid = true;
                             } else {
                                 $is_valid = false;
                         if (function_exists('serendipity_request_end')) {
                         if ($is_valid === false) {
                             $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_TRACKBACKURL, $addData);
                             $eventData = array('allow_comments' => false);
                             $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_TRACKBACKURL;
                             return false;
                     if (false === $this->wordfilter($logfile, $eventData, $wordmatch, $addData)) {
                         return false;
                     // Check for maximum number of links before rejecting
                     $link_count = substr_count(strtolower($addData['comment']), 'http://');
                     if ($links_reject > 0 && $link_count > $links_reject) {
                         $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_LINKS_REJECT, $addData);
                         $eventData = array('allow_comments' => false);
                         $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
                         return false;
                     // Captcha checking
                     if ($show_captcha && $addData['type'] == 'NORMAL') {
                         if (!isset($_SESSION['spamblock']['captcha']) || !isset($serendipity['POST']['captcha']) || strtolower($serendipity['POST']['captcha']) != strtolower($_SESSION['spamblock']['captcha'])) {
                             $this->log($logfile, $eventData['id'], 'REJECTED', sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_CAPTCHAS, $serendipity['POST']['captcha'], $_SESSION['spamblock']['captcha']), $addData);
                             $eventData = array('allow_comments' => false);
                             $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_CAPTCHAS;
                             return false;
                         } else {
                             // DEBUG
                             //                                $this->log($logfile, $eventData['id'], 'REJECTED', 'Captcha passed: ' . $serendipity['POST']['captcha'] . ' / ' . $_SESSION['spamblock']['captcha'] . ' // Source: ' . $_SERVER['REQUEST_URI'], $addData);
                     } else {
                         // DEBUG
                         //                            $this->log($logfile, $eventData['id'], 'REJECTED', 'Captcha not needed: ' . $serendipity['POST']['captcha'] . ' / ' . $_SESSION['spamblock']['captcha'] . ' // Source: ' . $_SERVER['REQUEST_URI'], $addData);
                     // Check for forced comment moderation (X days)
                     if ($addData['type'] == 'NORMAL' && $forcemoderation > 0 && $eventData['timestamp'] < time() - $forcemoderation * 60 * 60 * 24) {
                         $this->log($logfile, $eventData['id'], $forcemoderation_treat, PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION, $addData);
                         if ($forcemoderation_treat == 'reject') {
                             $eventData = array('allow_comments' => false);
                             $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
                             return false;
                         } else {
                             $eventData['moderate_comments'] = true;
                             $serendipity['csuccess'] = 'moderate';
                             $serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
                     // Check for forced trackback moderation
                     if ($addData['type'] != 'NORMAL' && $forcemoderationt > 0 && $eventData['timestamp'] < time() - $forcemoderationt * 60 * 60 * 24) {
                         $this->log($logfile, $eventData['id'], $forcemoderationt_treat, PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION, $addData);
                         if ($forcemoderationt_treat == 'reject') {
                             $eventData = array('allow_comments' => false);
                             $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
                             return false;
                         } else {
                             $eventData['moderate_comments'] = true;
                             $serendipity['csuccess'] = 'moderate';
                             $serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
                     // Check for maximum number of links before forcing moderation
                     if ($links_moderate > 0 && $link_count > $links_moderate) {
                         $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_LINKS_MODERATE, $addData);
                         $eventData['moderate_comments'] = true;
                         $serendipity['csuccess'] = 'moderate';
                         $serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_LINKS_MODERATE;
                     // Check for identical comments. We allow to bypass trackbacks from our server to our own blog.
                     if ($this->get_config('bodyclone', true) === true && $_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR'] && $addData['type'] != 'PINGBACK') {
                         $query = "SELECT count(id) AS counter FROM {$serendipity['dbPrefix']}comments WHERE type = '" . $addData['type'] . "' AND body = '" . serendipity_db_escape_string($addData['comment']) . "'";
                         $row = serendipity_db_query($query, true);
                         if (is_array($row) && $row['counter'] > 0) {
                             $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_BODYCLONE, $addData);
                             $eventData = array('allow_comments' => false);
                             $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
                             return false;
                     // Check last IP
                     if ($addData['type'] == 'NORMAL' && $this->get_config('ipflood', 2) != 0) {
                         $query = "SELECT max(timestamp) AS last_post FROM {$serendipity['dbPrefix']}comments WHERE ip = '" . serendipity_db_escape_string($_SERVER['REMOTE_ADDR']) . "'";
                         $row = serendipity_db_query($query, true);
                         if (is_array($row) && $row['last_post'] > time() - $this->get_config('ipflood', 2) * 60) {
                             $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_IPFLOOD, $addData);
                             $eventData = array('allow_comments' => false);
                             $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_IP;
                             return false;
                     if ($addData['type'] == 'NORMAL' && (string) $checkmail === 'verify_always') {
                         $this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL, $addData);
                         $eventData['moderate_comments'] = true;
                         $eventData['status'] = 'confirm';
                         $serendipity['csuccess'] = 'moderate';
                         $serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL;
                         return false;
                     // Check invalid email
                     if ($addData['type'] == 'NORMAL' && serendipity_db_bool($this->get_config('checkmail', false))) {
                         if (!empty($addData['email']) && strstr($addData['email'], '@') === false) {
                             $this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_CHECKMAIL, $addData);
                             $eventData = array('allow_comments' => false);
                             $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_CHECKMAIL;
                             return false;
                     if ($eventData['moderate_comments'] == true) {
                         return false;
                 return true;
             case 'frontend_comment':
                 if (serendipity_db_bool($this->get_config('hide_email', false))) {
                     echo '<div class="serendipity_commentDirection serendipity_comment_spamblock">' . PLUGIN_EVENT_SPAMBLOCK_HIDE_EMAIL_NOTICE . '</div>';
                 if ((string) $this->get_config('checkmail') === 'verify_always' || (string) $this->get_config('checkmail') === 'verify_once') {
                     echo '<div class="serendipity_commentDirection serendipity_comment_spamblock">' . PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_INFO . '</div>';
                 if (serendipity_db_bool($this->get_config('csrf', true))) {
                     echo serendipity_setFormToken('form');
                 // Check whether to allow comments from registered authors
                 if (serendipity_userLoggedIn() && $this->inGroup()) {
                     return true;
                 if ($show_captcha) {
                     echo '<div class="serendipity_commentDirection serendipity_comment_captcha">';
                     if (!isset($serendipity['POST']['preview']) || strtolower($serendipity['POST']['captcha'] != strtolower($_SESSION['spamblock']['captcha']))) {
                         echo '<br />' . PLUGIN_EVENT_SPAMBLOCK_CAPTCHAS_USERDESC . '<br />';
                         echo $this->show_captcha($use_gd);
                         echo '<br />';
                         echo '<label for="captcha">' . PLUGIN_EVENT_SPAMBLOCK_CAPTCHAS_USERDESC3 . '</label><br /><input class="input_textbox" type="text" size="5" name="serendipity[captcha]" value="" id="captcha" />';
                     } elseif (isset($serendipity['POST']['captcha'])) {
                         echo '<input type="hidden" name="serendipity[captcha]" value="' . serendipity_specialchars($serendipity['POST']['captcha']) . '" />';
                     echo '</div>';
                 return true;
             case 'external_plugin':
                 $parts = explode('_', (string) $eventData);
                 if (!empty($parts[1])) {
                     $param = (int) $parts[1];
                 } else {
                     $param = null;
                 $methods = array('captcha');
                 if (!in_array($parts[0], $methods)) {
                 list($musec, $msec) = explode(' ', microtime());
                 $srand = (double) $msec + (double) $musec * 100000;
                 $width = 120;
                 $height = 40;
                 $bgcolors = explode(',', $this->get_config('captcha_color', '255,255,255'));
                 $fontfiles = array('Vera.ttf', 'VeraSe.ttf', 'chumbly.ttf', '36daysago.ttf');
                 if ($use_gd) {
                     $strings = $this->random_string($max_char, $min_char);
                     $fontname = $fontfiles[array_rand($fontfiles)];
                     $font = $serendipity['serendipityPath'] . 'plugins/serendipity_event_spamblock/' . $fontname;
                     if (!file_exists($font)) {
                         // Search in shared plugin directory
                         $font = S9Y_INCLUDE_PATH . 'plugins/serendipity_event_spamblock/' . $fontname;
                     if (!file_exists($font)) {
                     header('Content-Type: image/jpeg');
                     $image = imagecreate($width, $height);
                     // recommended use of imagecreatetruecolor() returns a black backgroundcolor
                     $bgcol = imagecolorallocate($image, trim($bgcolors[0]), trim($bgcolors[1]), trim($bgcolors[2]));
                     // imagettftext($image, 10, 1, 1, 15, imagecolorallocate($image, 255, 255, 255), $font, 'String: ' . $string);
                     $pos_x = 5;
                     foreach ($strings as $idx => $charidx) {
                         $color = imagecolorallocate($image, mt_rand(50, 235), mt_rand(50, 235), mt_rand(50, 235));
                         $size = mt_rand(15, 21);
                         $angle = mt_rand(-20, 20);
                         $pos_y = ceil($height - mt_rand($size / 3, $size / 2));
                         imagettftext($image, $size, $angle, $pos_x, $pos_y, $color, $font, $this->chars[$charidx]);
                         $pos_x = $pos_x + $size + 2;
                     if ($_captchas === 'scramble') {
                         $line_diff = mt_rand(5, 15);
                         $pixel_col = imagecolorallocate($image, trim($bgcolors[0]) - mt_rand(10, 50), trim($bgcolors[1]) - mt_rand(10, 50), trim($bgcolors[2]) - mt_rand(10, 50));
                         for ($y = $line_diff; $y < $height; $y += $line_diff) {
                             $row_diff = mt_rand(5, 15);
                             for ($x = $row_diff; $x < $width; $x += $row_diff) {
                                 imagerectangle($image, $x, $y, $x + 1, $y + 1, $pixel_col);
                     imagejpeg($image, NULL, 90);
                     // NULL fixes
                 } else {
                     header('Content-Type: image/png');
                     $output_char = strtolower($_SESSION['spamblock']['captcha'][$parts[1] - 1]);
                     $cap = $serendipity['serendipityPath'] . 'plugins/serendipity_event_spamblock/captcha_' . $output_char . '.png';
                     if (!file_exists($cap)) {
                         $cap = S9Y_INCLUDE_PATH . 'plugins/serendipity_event_spamblock/captcha_' . $output_char . '.png';
                     if (file_exists($cap)) {
                         echo file_get_contents($cap);
                 return true;
             case 'backend_comments_top':
                 // Tell Akismet about spam or not spam
                 $tell_id = null;
                 if (isset($serendipity['GET']['spamIsSpam'])) {
                     $tell_spam = true;
                     $tell_id = $serendipity['GET']['spamIsSpam'];
                 if (isset($serendipity['GET']['spamNotSpam'])) {
                     $tell_spam = false;
                     $tell_id = $serendipity['GET']['spamNotSpam'];
                 if ($tell_id !== null) {
                     $akismet_apikey = $this->get_config('akismet');
                     $akismet = $this->get_config('akismet_filter');
                     if (!empty($akismet_apikey)) {
                         $this->tellAboutComment('', $akismet_apikey, $tell_id, $tell_spam);
                 // Add Author to blacklist. If already filtered, it will be removed from the filter. (AKA "Toggle")
                 if (isset($serendipity['GET']['spamBlockAuthor'])) {
                     $item = $this->getComment('author', $serendipity['GET']['spamBlockAuthor']);
                     $items =& $this->checkFilter('authors', $item, true);
                     $this->set_config('contentfilter_authors', implode(';', $items));
                 // Add URL to blacklist. If already filtered, it will be removed from the filter. (AKA "Toggle")
                 if (isset($serendipity['GET']['spamBlockURL'])) {
                     $item = $this->getComment('url', $serendipity['GET']['spamBlockURL']);
                     $items =& $this->checkFilter('urls', $item, true);
                     $this->set_config('contentfilter_urls', implode(';', $items));
                 // Add E-mail to blacklist. If already filtered, it will be removed from the filter. (AKA "Toggle")
                 if (isset($serendipity['GET']['spamBlockEmail'])) {
                     $item = $this->getComment('email', $serendipity['GET']['spamBlockEmail']);
                     $items =& $this->checkFilter('emails', $item, true);
                     $this->set_config('contentfilter_emails', implode(';', $items));
                 echo '<a class="button_link" title="' . PLUGIN_EVENT_SPAMBLOCK_CONFIG . '" href="serendipity_admin.php?serendipity[adminModule]=plugins&amp;serendipity[plugin_to_conf]=' . $this->instance . '"><span class="icon-medkit"></span><span class="visuallyhidden"> ' . PLUGIN_EVENT_SPAMBLOCK_CONFIG . '</span></a>';
                 return true;
             case 'backend_view_comment':
                 $author_is_filtered = $this->checkFilter('authors', $eventData['author']);
                 $clink = 'comment_' . $eventData['id'];
                 $randomString = '&amp;random=' . substr(sha1(rand()), 0, 10);
                 # the random string will force browser to reload the page,
                 # so the server knows who to block/unblock when clicking again on the same link,
                 # see,
                 $akismet_apikey = $this->get_config('akismet');
                 $akismet = $this->get_config('akismet_filter');
                 if (!empty($akismet_apikey)) {
                     $eventData['action_more'] .= ' <a class="button_link actions_extra" title="' . PLUGIN_EVENT_SPAMBLOCK_SPAM . '" href="serendipity_admin.php?serendipity[adminModule]=comments&amp;serendipity[spamIsSpam]=' . $eventData['id'] . $addData . '#' . $clink . '"><span class="icon-block"></span><span class="visuallyhidden"> ' . PLUGIN_EVENT_SPAMBLOCK_SPAM . '</span></a>';
                     $eventData['action_more'] .= ' <a class="button_link actions_extra" title="' . PLUGIN_EVENT_SPAMBLOCK_NOT_SPAM . '" href="serendipity_admin.php?serendipity[adminModule]=comments&amp;serendipity[spamNotSpam]=' . $eventData['id'] . $addData . '#' . $clink . '"><span class="icon-ok-circled"></span><span class="visuallyhidden"> ' . PLUGIN_EVENT_SPAMBLOCK_NOT_SPAM . '</span></a>';
                 $eventData['action_author'] .= ' <a class="button_link" title="' . ($author_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_AUTHOR : PLUGIN_EVENT_SPAMBLOCK_ADD_AUTHOR) . '" href="serendipity_admin.php?serendipity[adminModule]=comments&amp;serendipity[spamBlockAuthor]=' . $eventData['id'] . $addData . $randomString . '#' . $clink . '"><span class="icon-' . ($author_is_filtered ? 'ok-circled' : 'block') . '"></span><span class="visuallyhidden"> ' . ($author_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_AUTHOR : PLUGIN_EVENT_SPAMBLOCK_ADD_AUTHOR) . '</span></a>';
                 if (!empty($eventData['url'])) {
                     $url_is_filtered = $this->checkFilter('urls', $eventData['url']);
                     $eventData['action_url'] .= ' <a class="button_link" title="' . ($url_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_URL : PLUGIN_EVENT_SPAMBLOCK_ADD_URL) . '" href="serendipity_admin.php?serendipity[adminModule]=comments&amp;serendipity[spamBlockURL]=' . $eventData['id'] . $addData . $randomString . '#' . $clink . '"><span class="icon-' . ($url_is_filtered ? 'ok-circled' : 'block') . '"></span><span class="visuallyhidden"> ' . ($url_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_URL : PLUGIN_EVENT_SPAMBLOCK_ADD_URL) . '</span></a>';
                 if (!empty($eventData['email'])) {
                     $email_is_filtered = $this->checkFilter('emails', $eventData['email']);
                     $eventData['action_email'] .= ' <a class="button_link" title="' . ($email_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_EMAIL : PLUGIN_EVENT_SPAMBLOCK_ADD_EMAIL) . '" href="serendipity_admin.php?serendipity[adminModule]=comments&amp;serendipity[spamBlockEmail]=' . $eventData['id'] . $addData . $randomString . '#' . $clink . '"><span class="icon-' . ($email_is_filtered ? 'ok-circled' : 'block') . '"></span><span class="visuallyhidden"> ' . ($email_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_EMAIL : PLUGIN_EVENT_SPAMBLOCK_ADD_EMAIL) . '</span></a>';
                 return true;
             case 'backend_sidebar_admin_appearance':
                 echo '<li><a href="serendipity_admin.php?serendipity[adminModule]=plugins&amp;serendipity[plugin_to_conf]=' . $this->instance . '">' . PLUGIN_EVENT_SPAMBLOCK_TITLE . '</a></li>';
                 return true;
                 return false;
     } else {
         return false;
 * Show the plugin configuration
 * @access public
 * @param  object   A plugin object
 * @param  object   The plugins property bag object
 * @param  string   The name of the plugin
 * @param  string   The description of the plugin
 * @param  array    The property bag 'configuration' array, holding the array of config items.
 * @param  boolean  Shows the surrounding HTML table?
 * @param  boolean  Shows the FORM submit button?
 * @param  boolean  Shows a plugin's "example" method output?
 * @param  boolean  Spawn a plugins' configuration WYSIWYG items?
 * @param  string   The array index name of POSTed values ($serendipity['POST'][xxx])
 * @param  array    An array that groups certain config keys
 * @return string   The configuration HTML
function serendipity_plugin_config(&$plugin, &$bag, &$name, &$desc, &$config_names, $showTable = true, $showSubmit = true, $showExample = true, $spawnNuggets = true, $postKey = 'plugin', $config_groups = NULL)
    global $serendipity;
    if (empty($config_names)) {
        return false;
    $tfile = "/admin/plugin_config_item.tpl";
    $data = array();
    if ($showSubmit && $postKey != 'plugin') {
        $data['showSubmit_head'] = true;
    if ($showTable) {
        $data['showTable'] = true;
    $elcount = 0;
    $htmlnugget = array();
    $plugin_options = array();
    $data['config_names'] = $config_names;
    foreach ($config_names as $config_item) {
        $cbag = new serendipity_property_bag();
        $plugin->introspect_config_item($config_item, $cbag);
        $data['cname'] = $cname = serendipity_specialchars($cbag->get('name'));
        $data['cdesc'] = $cdesc = serendipity_specialchars($cbag->get('description'));
        $value = $plugin->get_config($config_item, 'unset');
        $lang_direction = serendipity_specialchars($cbag->get('lang_direction'));
        if (empty($lang_direction)) {
            $lang_direction = LANG_DIRECTION;
        $data['lang_direction'] = $lang_direction;
        /* Apparently no value was set for this config item */
        if ($value === 'unset') {
            /* Try and the default value for the config item */
            $value = $cbag->get('default');
            /* Still, we don't have a value, try and get (bool)false - from an old plugin */
            if ($value === '') {
                $value = $plugin->get_config($config_item, false, true);
        if (isset($_POST['serendipity'][$postkey][$config_item])) {
            if (is_array($_POST['serendipity'][$postkey][$config_item])) {
                $hvalue = $_POST['serendipity'][$postkey][$config_item];
                array_walk($hvalue, 'serendipity_specialchars');
            } else {
                $hvalue = serendipity_specialchars($_POST['serendipity'][$postkey][$config_item]);
        } else {
            $hvalue = serendipity_specialchars($value);
        $radio = array();
        $select = array();
        $per_row = null;
        $text_rows = null;
        $input_type = null;
        $data['is_multi_select'] = $is_multi_select = false;
        $data['ctype'] = $ctype = $cbag->get('type');
        $data['elcount'] = $elcount;
        $data['hvalue'] = $hvalue;
        $data['postKey'] = $postKey;
        $data['config_item'] = $config_item;
        $assign_plugin_config = function ($data) use(&$plugin_options, $tfile, $config_item) {
            $plugin_options[$config_item] = array('config' => serendipity_smarty_show($tfile, $data), 'ctype' => $data['ctype']);
        switch ($ctype) {
            case 'seperator':
                // compat, due being misspelled
            // compat, due being misspelled
            case 'separator':
            case 'suboption':
            case 'multiselect':
                $data['is_multi_select'] = $is_multi_select = true;
            case 'select':
                $data['ctype'] = 'select';
                if (is_array($hvalue)) {
                    $selected_options = $hvalue;
                } elseif ($is_multi_select) {
                    $selected_options = explode('^', $hvalue);
                } else {
                    $selected_options = array($hvalue => $hvalue);
                $data['selected_options'] = $selected_options;
                $data['pre_selected'] = $pre_selected = (array) $cbag->get('select_preselected');
                $data['select_size'] = $select_size = $cbag->get('select_size');
                $data['select'] = $select = $cbag->get('select_values');
            case 'tristate':
                $data['ctype'] = 'tristate';
                $per_row = 3;
                $radio['value'][] = 'default';
                $radio['desc'][] = USE_DEFAULT;
            case 'boolean':
                $data['ctype'] = 'boolean';
                $radio['value'][] = 'true';
                $radio['desc'][] = YES;
                $radio['value'][] = 'false';
                $radio['desc'][] = NO;
            case 'radio':
                $data['ctype'] = 'radio';
                if (!count($radio) > 0) {
                    $radio = $cbag->get('radio');
                if (empty($per_row)) {
                    $per_row = $cbag->get('radio_per_row');
                    if (empty($per_row)) {
                        $per_row = 2;
                $data['per_row'] = $per_row;
                $data['radio_button'] = array();
                $counter = 0;
                foreach ($radio['value'] as $radio_index => $radio_value) {
                    $id = serendipity_specialchars($config_item . $radio_value);
                    $checked = "";
                    if ($radio_value == 'true' && ($hvalue === '1' || $hvalue === 'true')) {
                        $checked = " checked";
                    } elseif ($radio_value == 'false' && ($hvalue === '' || $hvalue === 'false')) {
                        $checked = " checked";
                    } elseif ($radio_value == $hvalue) {
                        $checked = " checked";
                    $data['radio_button'][$radio_index]['id'] = $id;
                    $data['radio_button'][$radio_index]['checked'] = $checked;
                    $data['radio_button'][$radio_index]['counter'] = $counter;
                    $data['radio_button'][$radio_index]['value'] = $radio_value;
                    $data['radio_button'][$radio_index]['index'] = serendipity_specialchars($radio['desc'][$radio_index]);
            case 'string':
                $data['ctype'] = 'string';
                if (empty($input_type)) {
                    $input_type = $cbag->get('input_type');
                    if (empty($input_type)) {
                        $input_type = "text";
                $data['input_type'] = $input_type;
            case 'html':
                $data['ctype'] = 'html';
            case 'text':
                $data['ctype'] = 'text';
                if (empty($text_rows)) {
                    $text_rows = $cbag->get('rows');
                    if (empty($text_rows)) {
                        $text_rows = 20;
                $data['text_rows'] = $text_rows;
                if ($cbag->get('type') == 'html') {
                    $htmlnugget[] = $elcount;
                    if (!function_exists('serendipity_emit_htmlarea_code')) {
                        @(include_once dirname(__FILE__) . '/');
                    // use SpawnMulti false per default (for multi nugget textareas, eg linklist sidebar plugin) - but where do we use jsname though?
                    serendipity_emit_htmlarea_code("nuggets{$elcount}", "nuggets{$elcount}");
            case 'content':
                $data['ctype'] = 'content';
                $data['cbag_default'] = $cbag->get('default');
            case 'custom':
                $data['ctype'] = 'custom';
                $data['cbag_custom'] = $cbag->get('custom');
            case 'hidden':
                $data['ctype'] = 'hidden';
                $data['cbag_value'] = $cbag->get('value');
            case 'media':
                $data['ctype'] = 'media';
                // Print the HTML to display the popup media selector
                $preview_width = $cbag->get('preview_width');
                if (!$preview_width || $preview_width == "") {
                    $preview_width = '400px';
                $preview_height = $cbag->get('preview_height');
                if (!$preview_height || $preview_height == "") {
                    $preview_height = '100px';
                $data['preview_width'] = $preview_width;
                $data['preview_height'] = $preview_height;
                $data['value'] = $value;
            case 'sequence':
                $data['ctype'] = 'sequence';
                // For the drag-n-drop to work, the list must be included in
                // a container (probably an <ol>) that JavaScript can access
                // (easiest by ID), with <li> children that have unique IDs,
                // and handles with ids of 'g'.$li_id.
                // I can't get it to work unless there's a class of
                // pluginmanager_container on the ol, either.
                // The drag-n-drop returns the list of IDs in order.
                $data['sequencejs_output'] = $sequencejs_output = $serendipity['sequencejs_output'];
                if (!$sequencejs_output) {
                    $serendipity['sequencejs_output'] = true;
                // I want this generic sequence widget to hide the ID, but
                // display a name or description with an optional picture.
                // (This would allow users to identify choices by thumbnail.)
                // Therefore, I need an array with keys 'id', 'display', and
                // 'imgurl' (or similar) to generate each list item.
                // Get the data we need to display the list
                if (!$value) {
                    $value = $eventData['default'];
                $data['value'] = $value;
                $data['cname'] = $cname = $cbag->get('name');
                $data['cdesc'] = $cdesc = $cbag->get('description');
                $data['checkable'] = $checkable = $cbag->get('checkable');
                /** Unordered array of values */
                $items = $cbag->get('values');
                if (!is_array($items)) {
                    $items = null;
                /** Array specifying order to use values in $items */
                $order = null;
                if ($value) {
                    $data['store_order'] = $store_order = $order = explode(',', $value);
                // $items is the list of things to sequence.  It's not in
                // order, and reordering PHP arrays is problematic.  So
                // we keep it unordered, and access its values according
                // to another array (appropriately named $order).
                if (is_array($items)) {
                    // Allow simple value for any sequence item
                    foreach ($items as $key => $item) {
                        if (!is_array($item)) {
                            // Replace this item with an empty array
                            $items[$item] = array();
                    // Make sure all the items are in the order list; new items
                    // go on the end (new items could have been added without
                    // this config item being updated)
                    // Also fill out thumbnails and display names
                    foreach ($items as $id => $junk) {
                        if ($order == null) {
                            $order = array($id);
                        } else {
                            if (!in_array($id, $order)) {
                                $order[] = $id;
                        // If there's no defined display name, default to the ID
                        if (!isset($items[$id]['display'])) {
                            $items[$id]['display'] = $id;
                        // If there's no image, we just won't display anything.
                    // Make sure all the items to be ordered exist!  Otherwise
                    // we could try to sequence nothing.
                    $filtered = array();
                    foreach ($order as $id) {
                        if (array_key_exists($id, $items)) {
                            $filtered[] = $id;
                    $order = $filtered;
                } else {
                    // If there's nothing to sequence, make the order in
                    // which to use them valid, but empty
                    $order = array();
                // Start the row, add one cell for the name and description
                $data['items'] = $items;
                $sort_idx = 0;
                $data['last'] = $last = count($order) - 1;
                foreach ($order as $id) {
                    // Create the variables required to print this item
                    if ($sort_idx > 0) {
                        $swapping = $order;
                        $temp = $swapping[(int) $sort_idx];
                        $swapping[(int) $sort_idx] = $swapping[(int) ($sort_idx - 1)];
                        $swapping[(int) ($sort_idx - 1)] = $temp;
                        $data['order_id'][$sort_idx]['oneup'] = $oneup = implode(',', $swapping);
                    if ($sort_idx < $last) {
                        $swapping = $order;
                        $temp = $swapping[(int) $sort_idx];
                        $swapping[(int) $sort_idx] = $swapping[(int) ($sort_idx + 1)];
                        $swapping[(int) ($sort_idx + 1)] = $temp;
                        $data['order_id'][$sort_idx]['onedown'] = $onedown = implode(',', $swapping);
                    $data['order_id'][$sort_idx]['id'] = $id;
                    $data['order_id'][$sort_idx]['sort_idx'] = $sort_idx;
                    // Print the HTML
                    // Set the item and its ID
                    // Make a handle with ID 'g$id'
                    // Add the item contents
                    // Luddite submit buttons (please, think of the scriptless!)
                    // Next, please
                // foreach end
                if (!is_array($items) or empty($order)) {
                    // Print the empty message
                    $data['no_sequence'] = sprint(NONE);
                // Print the Javascript to drag-n-drop the list
                // Finish the row
                $data['ctype'] = 'default';
                // Unknown configuration key. Let the plugin handle it.
                $addData = func_get_args();
                $eventData = array('config_item' => $config_item, 'cbag' => $cbag, 'plugin' => $plugin, 'value' => $value, 'bag' => $bag, 'postKey' => $postKey);
                serendipity_plugin_api::hook_event('backend_pluginconfig_' . $ctype, $eventData, $addData);
                $plugin_options[$config_item]['config'] = ob_get_contents();
                $plugin_options[$config_item]['ctype'] = 'default';
    $data['config_groups'] = $config_groups;
    $data['plugin_options'] = $plugin_options;
    if (is_array($config_groups)) {
        foreach ($config_groups as $config_header => $config_groupkeys) {
            foreach ($config_groupkeys as $config_groupkey) {
    $data['plugin_options_ungrouped'] = $plugin_options;
    if ($showSubmit) {
        $data['showSubmit_foot'] = true;
    if ($showExample && method_exists($plugin, 'example')) {
        $data['showExample'] = true;
        $data['plugin_example'] = $plugin->example();
    if ($spawnNuggets && isset($serendipity['wysiwyg']) && $serendipity['wysiwyg'] && count($htmlnugget) > 0) {
        $data['spawnNuggets'] = true;
        $ev = array('nuggets' => $htmlnugget, 'skip_nuggets' => false);
        serendipity_plugin_api::hook_event('backend_wysiwyg_nuggets', $ev);
        $data['ev'] = $ev;
    return serendipity_smarty_show('admin/plugin_config.tpl', $data);
 function printComments($comments)
     if (!is_array($comments) || count($comments) < 1) {
     foreach ($comments as $i => $comment) {
         $comment['comment'] = function_exists('serendipity_specialchars') ? serendipity_specialchars(strip_tags($comment['body'])) : htmlspecialchars(strip_tags($comment['body']), ENT_COMPAT, LANG_CHARSET);
         if (!empty($comment['url']) && substr($comment['url'], 0, 7) != 'http://' && substr($comment['url'], 0, 8) != 'https://') {
             $comment['url'] = 'http://' . $comment['url'];
         serendipity_plugin_api::hook_event('frontend_display', $comment);
         $name = empty($comment['username']) ? ANONYMOUS : $comment['username'];
         $body = $comment['comment'];
         $this->pdf->SetFont('Arial', '', 9);
         $html = $this->prep_out($body . "\n" . '    ' . $name . ' ' . ON . ' ' . serendipity_mb('ucfirst', $this->prep_out(serendipity_strftime('%b %e %Y, %H:%M', $comment['timestamp'])))) . "\n";
         if (serendipity_db_bool($this->get_config('html2pdf'))) {
         } else {
             $this->pdf->Write(3, $html);
 function generate_content(&$title)
     global $serendipity;
     $number = $this->get_config('number');
     $displaydate = $this->get_config('displaydate', 'true');
     $dateformat = $this->get_config('dateformat');
     $sidebartitle = $title = $this->get_config('sidebartitle', $this->title);
     $rssuri = $this->get_config('rssuri');
     $target = $this->get_config('target');
     $cachetime = $this->get_config('cachetime');
     $feedtype = $this->get_config('feedtype', 'rss');
     $markup = $this->get_config('markup', 'false');
     $bulletimg = $this->get_config('bulletimg');
     $charset = $this->get_config('charset', 'native');
     if (!$number || !is_numeric($number) || $number < 1) {
         $showAll = true;
     } else {
         $showAll = false;
     if (!$dateformat || strlen($dateformat) < 1) {
         $dateformat = '%A, %B %e. %Y';
     if (!$cachetime || !is_numeric($cachetime)) {
         $cachetime = 10800;
         // 3 hours in seconds
     $smarty = serendipity_db_bool($this->get_config('smarty'));
     if ($this->get_config('template') != 'plugin_remoterss.tpl') {
         $smarty = true;
     if (trim($rssuri)) {
         $feedcache = $serendipity['serendipityPath'] . 'templates_c/remoterss_cache_' . md5(preg_replace('@[^a-z0-9]*@i', '', $rssuri) . $this->get_config('template')) . '.dat';
         if (!file_exists($feedcache) || filesize($feedcache) == 0 || filemtime($feedcache) < time() - $cachetime) {
             $this->debug('Cachefile does not existing.');
             if (!$this->urlcheck($rssuri)) {
                 $this->debug('URLCheck failed');
                 echo '<!-- No valid URL! -->';
             } elseif ($feedtype == 'rss') {
                 $this->debug('URLCheck succeeded. Touching ' . $feedcache);
                 // Touching the feedcache file will prevent loops of death when the RSS target is the same URI than our blog.
                 require_once S9Y_PEAR_PATH . 'Onyx/RSS.php';
                 $c = new Onyx_RSS($charset);
                 $this->debug('Running Onyx Parser');
                 $this->encoding = $c->rss['encoding'];
                 $use_rss_link = serendipity_db_bool($this->get_config('use_rss_link'));
                 $rss_elements = explode(',', $this->get_config('show_rss_element'));
                 $escape_rss = serendipity_db_bool($this->get_config('escape_rss'));
                 $i = 0;
                 $content = '';
                 $smarty_items = array();
                 while (($showAll || $i < $number) && ($item = $c->getNextItem())) {
                     if (empty($item['title'])) {
                     $content .= '<div class="rss_item">';
                     if ($use_rss_link) {
                         $content .= '<div class="rss_link"><a href="' . serendipity_specialchars($this->decode($item['link'])) . '" ' . (!empty($target) ? 'target="' . $target . '"' : '') . '>';
                     if (!empty($bulletimg)) {
                         $content .= '<img src="' . $bulletimg . '" border="0" alt="*" /> ';
                     $is_first = true;
                     foreach ($rss_elements as $rss_element) {
                         $rss_element = trim($rss_element);
                         if (!$is_first) {
                             $content .= '<span class="rss_' . preg_replace('@[^a-z0-9]@imsU', '', $rss_element) . '">';
                         if ($escape_rss) {
                             $content .= $this->decode($item[$rss_element]);
                         } else {
                             $content .= serendipity_specialchars($this->decode($item[$rss_element]));
                         if ($smarty) {
                             $item['display_elements'][preg_replace('@[^a-z0-9]@imsU', '', $rss_element)] = $this->decode($item[$rss_element]);
                         if (!$is_first) {
                             $content .= '</span>';
                         if ($is_first && $use_rss_link) {
                             $content .= '</a></div>';
                             // end of first linked element
                         $is_first = false;
                     if ($is_first && $use_rss_link) {
                         // No XML element has been configured.
                         $content .= '</a></div>';
                     $content .= "<br />\n";
                     $item['timestamp'] = @strtotime(isset($item['pubdate']) ? $item['pubdate'] : $item['dc:date']);
                     if (!($item['timestamp'] == -1) and $displaydate == 'true') {
                         $content .= '<div class="serendipitySideBarDate">' . serendipity_specialchars(serendipity_formatTime($dateformat, $item['timestamp'], false)) . '</div>';
                     if ($smarty) {
                         $smarty_items['items'][$i] = $item;
                         $smarty_items['items'][$i]['css_class'] = preg_replace('@[^a-z0-9]@imsU', '', $rss_element);
                         foreach ($item as $key => $val) {
                             $smarty_items['items'][$i]['decoded_' . str_replace(':', '_', $key)] = $this->decode($key);
                     $content .= '</div>';
                     // end of rss_item
                 if ($smarty) {
                     $smarty_items['use_rss_link'] = $use_rss_link;
                     $smarty_items['bulletimg'] = $bulletimg;
                     $smarty_items['escape_rss'] = $escape_rss;
                     $smarty_items['displaydate'] = $displaydate;
                     $smarty_items['dateformat'] = $dateformat;
                     $smarty_items['target'] = $target;
                     $serendipity['smarty']->assign_by_ref('remoterss_items', $smarty_items);
                     $tpl = $this->get_config('template');
                     if (empty($tpl)) {
                         $tpl = 'plugin_remoterss.tpl';
                     // Template specifics go here
                     switch ($tpl) {
                         case 'plugin_remoterss_nasaiotd.tpl':
                             $smarty_items['nasa_image'] = $c->getData('image');
                     $content = $this->parseTemplate($tpl);
                 $this->debug('Caching Feed (' . strlen($content) . ' bytes)');
                 $fp = @fopen($feedcache, 'w');
                 if (trim($content) != '' && $fp) {
                     fwrite($fp, $content);
                     $this->debug('Feed cache written');
                 } else {
                     $this->debug('Could not write (empty?) cache.');
                     echo '<!-- Cache failed to ' . $feedcache . ' in ' . getcwd() . ' --><br />';
                     if (trim($content) == '') {
                         $this->debug('Getting old feedcache');
                         $content = @file_get_contents($feedcache);
                 $this->debug('RSS Plugin finished.');
             } elseif ($feedtype == 'atom') {
                 $this->debug('URLCheck succeeded. Touching ' . $feedcache);
                 // Touching the feedcache file will prevent loops of death when the RSS target is the same URI than our blog.
                 require_once S9Y_PEAR_PATH . '/simplepie/';
                 $this->debug('Running simplepie Parser');
                 $simplefeed = new SimplePie();
                 $simplefeed->cache = false;
                 $success = $simplefeed->init();
                 $this->encoding = $charset;
                 $use_rss_link = serendipity_db_bool($this->get_config('use_rss_link'));
                 $rss_elements = explode(',', $this->get_config('show_rss_element'));
                 $escape_rss = serendipity_db_bool($this->get_config('escape_rss'));
                 $i = 0;
                 $content = '';
                 $smarty_items = array();
                 foreach ($simplefeed->get_items() as $simpleitem) {
                     // map SimplePie items to s9y items
                     $item['title'] = $simpleitem->get_title();
                     $item['link'] = $simpleitem->get_permalink();
                     $item['pubdate'] = $simpleitem->get_date('U');
                     $item['date'] = $simpleitem->get_date('U');
                     $item['description'] = $simpleitem->get_description();
                     $item['content'] = $simpleitem->get_content();
                     $item['author'] = $simpleitem->get_author();
                     if (!$showAll && $i > $number) {
                     if (empty($item['title'])) {
                     $content .= '<div class="rss_item">';
                     if ($use_rss_link) {
                         $content .= '<div class="rss_link"><a href="' . serendipity_specialchars($this->decode($item['link'])) . '" ' . (!empty($target) ? 'target="' . $target . '"' : '') . '>';
                     if (!empty($bulletimg)) {
                         $content .= '<img src="' . $bulletimg . '" border="0" alt="*" /> ';
                     $is_first = true;
                     foreach ($rss_elements as $rss_element) {
                         $rss_element = trim($rss_element);
                         if (!$is_first) {
                             $content .= '<span class="rss_' . preg_replace('@[^a-z0-9]@imsU', '', $rss_element) . '">';
                         if ($escape_rss) {
                             $content .= $this->decode($item[$rss_element]);
                         } else {
                             $content .= serendipity_specialchars($this->decode($item[$rss_element]));
                         if ($smarty) {
                             $item['display_elements'][preg_replace('@[^a-z0-9]@imsU', '', $rss_element)] = $this->decode($item[$rss_element]);
                         if (!$is_first) {
                             $content .= '</span>';
                         if ($is_first && $use_rss_link) {
                             $content .= '</a></div>';
                             // end of first linked element
                         $is_first = false;
                     if ($is_first && $use_rss_link) {
                         // No XML element has been configured.
                         $content .= '</a></div>';
                     $content .= "<br />\n";
                     $item['timestamp'] = @strtotime(isset($item['pubdate']) ? $item['pubdate'] : $item['dc:date']);
                     if (!($item['timestamp'] == -1) and $displaydate == 'true') {
                         $content .= '<div class="serendipitySideBarDate">' . serendipity_specialchars(serendipity_formatTime($dateformat, $item['timestamp'], false)) . '</div>';
                     if ($smarty) {
                         $smarty_items['items'][$i] = $item;
                         $smarty_items['items'][$i]['css_class'] = preg_replace('@[^a-z0-9]@imsU', '', $rss_element);
                         foreach ($item as $key => $val) {
                             $smarty_items['items'][$i]['decoded_' . str_replace(':', '_', $key)] = $this->decode($key);
                     $content .= '</div>';
                     // end of rss_item
                 if ($smarty) {
                     $smarty_items['use_rss_link'] = $use_rss_link;
                     $smarty_items['bulletimg'] = $bulletimg;
                     $smarty_items['escape_rss'] = $escape_rss;
                     $smarty_items['displaydate'] = $displaydate;
                     $smarty_items['dateformat'] = $dateformat;
                     $smarty_items['target'] = $target;
                     $serendipity['smarty']->assign_by_ref('remoterss_items', $smarty_items);
                     $tpl = $this->get_config('template');
                     if (empty($tpl)) {
                         $tpl = 'plugin_remoterss.tpl';
                     // Template specifics go here
                     switch ($tpl) {
                         case 'plugin_remoterss_nasaiotd.tpl':
                             $smarty_items['nasa_image'] = $c->getData('image');
                     $content = $this->parseTemplate($tpl);
                 $this->debug('Caching Feed (' . strlen($content) . ' bytes)');
                 $fp = @fopen($feedcache, 'w');
                 if (trim($content) != '' && $fp) {
                     fwrite($fp, $content);
                     $this->debug('Feed cache written');
                 } else {
                     $this->debug('Could not write (empty?) cache.');
                     echo '<!-- Cache failed to ' . $feedcache . ' in ' . getcwd() . ' --><br />';
                     if (trim($content) == '') {
                         $this->debug('Getting old feedcache');
                         $content = @file_get_contents($feedcache);
                 $this->debug('RSS Plugin (Atom) finished.');
             } elseif ($feedtype == 'opml') {
                 // Touching the feedcache file will prevent loops of death when the RSS target is the same URI than our blog.
                 $opml = new s9y_remoterss_OPML();
                 $opmltree = $opml->parseOPML($rssuri);
                 if (OPMLDEBUG == 1) {
                     echo "\n<pre>\n";
                     echo "\n</pre>\n";
                 if ($opmltree['tag'] === 'opml') {
                     $head = $opml->getOPMLHead($opmltree);
                     $ownerName = $opml->getOPMLTag($head, 'ownerName');
                     $blogrolling = $ownerName != false ? $ownerName['value'] == 'Blogroll Owner' ? true : false : false;
                     $i = 0;
                     $content = '';
                     while (($showAll || $i < $number) && ($item = $opml->getOPMLOutlineAttr($opmltree, $i))) {
                         if (!empty($item['url'])) {
                             $url = $this->decode($item['url']);
                         } elseif (!empty($item['htmlUrl'])) {
                             $url = $this->decode($item['htmlUrl']);
                         } elseif (!empty($item['xmlUrl'])) {
                             $url = $this->decode($item['xmlUrl']);
                         } elseif (!empty($item['urlHTTP'])) {
                             $url = $this->decode($item['urlHTTP']);
                         } else {
                             $url = '';
                         if (!empty($item['text'])) {
                             $text = serendipity_specialchars($this->decode($item['text']));
                         } elseif (!empty($item['title'])) {
                             $text = serendipity_specialchars($this->decode($item['title']));
                         } elseif (!empty($item['description'])) {
                             $text = serendipity_specialchars($this->decode($item['description']));
                         } else {
                             $text = '';
                         if ($blogrolling === true && (!empty($text) || !empty($url))) {
                             $content .= '&bull; <a href="' . serendipity_specialchars($url) . '" ' . (!empty($target) ? 'target="' . $target . '"' : '') . ' title="' . $text . '">' . $text . "</a>";
                             if (isset($item['isRecent'])) {
                                 $content .= ' <span style="color: Red; ">*</span>';
                             $content .= "<br />";
                         } elseif (isset($item['type']) && $item['type'] == 'url' || !empty($url)) {
                             $content .= '&bull; <a href="' . serendipity_specialchars($url) . '" ' . (!empty($target) ? 'target="' . $target . '"' : '') . ' title="' . $text . '">' . $text . "</a>";
                             $content .= "<br />";
                     /* Pretend to be a html_nugget so we can apply markup events. */
                     if ($markup == 'true') {
                         $entry = array('html_nugget' => $content);
                         serendipity_plugin_api::hook_event('frontend_display', $entry);
                         $content = $entry['html_nugget'];
                     $fp = @fopen($feedcache, 'w');
                     if (trim($content) != '' && $fp) {
                         fwrite($fp, $content);
                     } else {
                         echo '<!-- Cache failed to ' . $feedcache . ' in ' . getcwd() . ' --><br />';
                         if (trim($content) == '') {
                             $content = @file_get_contents($feedcache);
                 } else {
                     echo '<!-- Not a valid OPML feed -->';
             } else {
                 echo '<!-- no valid feedtype -->';
         } else {
             $this->debug('Got feed from cache ' . $feedcache);
             $content = file_get_contents($feedcache);
         echo $content;
     } else {
Пример #25
    $serendipity['hidefooter'] = true;
    echo serendipity_iframe($_SESSION['save_entry'], $iframe_mode);
    return true;
if (isset($serendipity['GET']['no_smarty']) || isset($serendipity['no_smarty'])) {
    $_SESSION['no_smarty'] = true;
if (defined('IS_up2date') && IS_up2date === true && IS_installed === true) {
    $admin_installed = true;
} else {
    $admin_installed = false;
$is_logged_in = serendipity_userLoggedIn();
if ($is_logged_in) {
    $self_info = sprintf(USER_SELF_INFO, serendipity_specialchars($serendipity['serendipityUser']), $serendipity['permissionLevels'][$serendipity['serendipityUserlevel']]);
} else {
    $self_info = '';
$serendipity['ajax'] = $ajax = !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest';
$no_banner = isset($serendipity['GET']['noBanner']) || isset($serendipity['POST']['noBanner']);
$no_sidebar = isset($serendipity['GET']['noSidebar']) || isset($serendipity['POST']['noSidebar']);
$no_footer = isset($serendipity['GET']['noFooter']) || isset($serendipity['POST']['noFooter']);
$use_installer = !isset($serendipity['serendipityPath']) || IS_installed === false || IS_up2date === false;
$post_action = $serendipity['POST']['action'];
$main_content = '';
if (!$use_installer && $is_logged_in) {
    if (!isset($serendipity['GET']['adminModule'])) {
        $serendipity['GET']['adminModule'] = isset($serendipity['POST']['adminModule']) ? $serendipity['POST']['adminModule'] : '';
Пример #26
        $data['print_ORIGINAL_SIZE'] = sprintf(ORIGINAL_SIZE, $s[0], $s[1]);
        $data['formtoken'] = serendipity_setFormToken();
        $data['file'] = $serendipity['uploadHTTPPath'] . $file['path'] . $file['name'] . ($file['extension'] ? '.' . $file['extension'] : "");
    case 'choose':
        $file = serendipity_fetchImageFromDatabase($serendipity['GET']['fid']);
        $media['file'] =& $file;
        if (!is_array($file)) {
            $media['perm_denied'] = true;
        $media['file']['props'] =& serendipity_fetchMediaProperties((int) $serendipity['GET']['fid']);
        serendipity_plugin_api::hook_event('media_getproperties_cached', $media['file']['props']['base_metadata'], $media['file']['realfile']);
        if ($file['is_image']) {
            $file['finishJSFunction'] = $file['origfinishJSFunction'] = 'serendipity.serendipity_imageSelector_done(\'' . serendipity_specialchars($serendipity['GET']['textarea']) . '\')';
            if (!empty($serendipity['GET']['filename_only']) && $serendipity['GET']['filename_only'] !== 'true') {
                $file['fast_select'] = true;
        $media = array_merge($serendipity['GET'], $media);
        $serendipity['smarty']->assignByRef('media', $media);
        echo serendipity_smarty_show('admin/media_choose.tpl', $data);
        serendipity_restoreVar($serendipity['COOKIE']['serendipity_only_path'], $serendipity['GET']['only_path']);
        $data['case_default'] = true;
        $data['showML'] = showMediaLibrary();
function showMediaLibrary($messages = false, $addvar_check = false, $smarty_vars = array())
 function generate_content(&$title)
     global $serendipity;
     $title = THUMBPAGE_TITLE;
     if ($serendipity['GET']['page'] != 'thumbs') {
         return true;
     if (!headers_sent()) {
         header('HTTP/1.0 200');
         header('Status: 200 OK');
     $entries = serendipity_db_query("SELECT id,\n                                                title,\n                                                timestamp\n                                           FROM {$serendipity['dbPrefix']}entries\n                                          WHERE isdraft = 'false'\n                                       ORDER BY timestamp DESC");
     if (isset($entries) && is_array($entries)) {
         $count = 0;
         echo '<table><tr>';
         foreach ($entries as $k => $entry) {
             echo '<td align="center">';
             $entryLink = serendipity_archiveURL($entry['id'], $entry['title'], 'serendipityHTTPPath', true, array('timestamp' => $entry['timestamp']));
             $photo = $this->getPhoto($entry['id']);
             if (isset($photo)) {
                 $file = serendipity_fetchImageFromDatabase($photo['photoid']);
                 $imgsrc = $serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $file['path'] . $file['name'] . '.' . $file['thumbnail_name'] . '.' . $file['extension'];
                 $thumbbasename = $file['path'] . $file['name'] . '.' . $file['thumbnail_name'] . '.' . $file['extension'];
                 $thumbName = $serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $thumbbasename;
                 $thumbsize = @getimagesize($serendipity['serendipityPath'] . $serendipity['uploadPath'] . $thumbbasename);
             echo '<a href="' . $entryLink . '" title="' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($entry['title']) : htmlspecialchars($entry['title'], ENT_COMPAT, LANG_CHARSET)) . '">';
             if (isset($photo)) {
                 echo '<img style="margin:5px;" src="' . $imgsrc . '" width=' . $thumbsize[0] . ' height=' . $thumbsize[1];
                 if (isset($id) && $id == $entry['id']) {
                     echo ' border=4';
                 echo ' />';
             } else {
                 if (isset($id) && $id == $entry['id']) {
                     echo '<b>';
                 echo $entry['title'];
                 if (isset($id) && $id == $entry['id']) {
                     echo '</b>';
             echo '</a></td>';
             if ($count++ >= $this->get_config('number') - 1) {
                 $count = 0;
                 echo "</tr><tr>";
         echo "</tr></table>";
Пример #28
                $comment['email'] = $serendipity['POST']['email'];
                $comment['subscribe'] = $serendipity['POST']['subscribe'];
                $comment['parent_id'] = $serendipity['POST']['replyTo'];
                if (!empty($comment['comment'])) {
                    if (serendipity_saveComment($id, $comment, 'NORMAL')) {
                        $sc_url = $serendipity['baseURL'] . 'comment.php?serendipity[entry_id]=' . $id . '&success=true&url=' . urlencode($_SERVER['HTTP_REFERER']);
                        if (serendipity_isResponseClean($sc_url)) {
                            header('Status: 302 Found');
                            header('Location: ' . $sc_url);
                    } else {
                        $serendipity['smarty']->assign(array('is_comment_notadded' => true, 'comment_url' => serendipity_specialchars($_SERVER['HTTP_REFERER']), 'comment_string' => explode('%s', COMMENT_NOT_ADDED_CLICK)));
                } else {
                    $serendipity['smarty']->assign(array('is_comment_empty' => true, 'comment_url' => serendipity_specialchars($_SERVER['HTTP_REFERER']), 'comment_string' => explode('%s', EMPTY_COMMENT)));
        $serendipity['smarty']->display(serendipity_getTemplateFile($serendipity['smarty_file'], 'serendipityPath'));
// Debug logging for pingback receiving
function log_pingback($message)
    global $pb_logging;
    if ($pb_logging) {
        $fp = fopen('pingback.log', 'a');
        fwrite($fp, '[' . date('d.m.Y H:i') . '] ' . $message . "\n");
 @access public
 function event_hook($event, &$bag, &$eventData, $addData = null)
     global $serendipity;
     static $use_player = null;
     static $firstmedia_only = null;
     static $patterns = null;
     $this->log("EventHook: " . $event);
     if ($patterns == null) {
         //yes indeed, we wont find links like "download.php?file=rock.mp3&foo=bar"
         $patterns = array('playerRewritePattern' => '@<a\\s+[^>]*?href\\s*=\\s*(\'|")([^\'"]+\\.(' . implode('|', array_keys($this->supportedFiletypes)) . '))\\1[^>]*?>.*?</a>@si', 'embeddedObjectPattern' => '@<embed[^>]*?src="([^"]*?)"[^>]*?>@Usi', 'podcastLinkPattern' => '@\\[podcast:\\s*(href\\s*=\\s*)?((&quot;|\'|")(.+)(&quot;|\'|"))(\\s+mediaType\\s*=\\s*(.+))?\\]@Usi');
     if ($use_player === null) {
         $use_player = serendipity_db_bool($this->get_config('use_player', 'true'));
     if ($firstmedia_only === null) {
         $firstmedia_only = serendipity_db_bool($this->get_config('firstmedia_only', 'false'));
     switch ($event) {
         //////////////////////// Add Javascript for JW FLV Player ////////////////////////
         case 'frontend_header':
         case 'backend_header':
             echo '<script type="text/javascript" src="' . $this->GetPluginHttpPath() . '/player/flowplayer/example/flowplayer-3.2.6.min.js"></script>' . "\n";
             //////////////////////// RSS Entries ////////////////////////
         //////////////////////// RSS Entries ////////////////////////
         case 'frontend_display:rss-2.0:per_entry':
         case 'frontend_display:rss-1.0:per_entry':
         case 'frontend_display:atom-1.0:per_entry':
             $this->log("Feed creation");
             $addedEnclosures[] = "enclosures";
             // Search for all embedded objects and make the RSS enclosured.
             // RSS only displays body always. In fullview, body contains body + extended here.
             // In "small" view only embed the media beeing part of the small view.
             // In short: body only always!
             $matchSource = $eventData['body'];
             // Remove our own players first, they are matched using $eventData['podcastUrlsRewrittenByPlayerCode']
             $this->log("Removing podcast players");
             $eventData['feed_body'] = preg_replace('@<!-- podcastplayerstart -->.*?<!-- podcastplayerend -->@si', '', $eventData['feed_body']);
             // urls rewritten by player code
             $this->log("Matching URLs set by extended attributes. Isset=" . isset($eventData['podcastUrlsRewrittenByPlayerCode']));
             if (isset($eventData['podcastUrlsRewrittenByPlayerCode']) && is_array($eventData['podcastUrlsRewrittenByPlayerCode'])) {
                 $this->log("Matching URLs set by extended attributes: FOUND");
                 $urlsRewwrittenByPlayerCode = $eventData['podcastUrlsRewrittenByPlayerCode'];
                 foreach ($urlsRewwrittenByPlayerCode as $url) {
                     $fileInfo = $this->GetFileInfo($url);
                     $type = $fileInfo['mime'];
                     $enclosure = $this->GetEnclosure($event, $url, $type, $fileInfo['length'], $fileInfo['md5']);
                     if (!empty($enclosure)) {
                         $this->iTunify($eventData, $enclosure);
                         if (empty($addedEnclosures[$enclosure])) {
                             $eventData['display_dat'] .= $enclosure;
                             if ($firstmedia_only) {
                                 return true;
                         $addedEnclosures[$enclosure] = 1;
             // match the Embed-Syntax added manualy by user
             $this->log("Matching embeddedObjectPattern");
             if (preg_match_all($patterns['embeddedObjectPattern'], $matchSource, $matches)) {
                 for ($i = 0, $maxi = count($matches[1]); $i < $maxi; $i++) {
                     $url = $matches[1][$i];
                     $fileInfo = $this->GetFileInfo($url);
                     $type = $fileInfo['mime'];
                     $enclosure = $this->GetEnclosure($event, $url, $type, $fileInfo['length'], $fileInfo['md5']);
                     if (!empty($enclosure)) {
                         $this->iTunify($eventData, $enclosure);
                         if (empty($addedEnclosures[$enclosure])) {
                             $eventData['display_dat'] .= $enclosure;
                             if ($firstmedia_only) {
                                 return true;
                         $addedEnclosures[$enclosure] = 1;
             // Match the old style [podcast] syntax as well
             $this->log("Matching podcastLinkPattern");
             if (preg_match_all($patterns['podcastLinkPattern'], $matchSource, $matches)) {
                 for ($i = 0, $maxi = count($matches[1]); $i < $maxi; $i++) {
                     $url = $matches[4][$i];
                     $fileInfo = $this->GetFileInfo($url);
                     if (!empty($matches[7][$i])) {
                         $type = $matches[7][$i];
                     } else {
                         $type = $fileInfo['mime'];
                     $enclosure = $this->GetEnclosure($event, $url, $type, $fileInfo['length'], $fileInfo['md5']);
                     if (!empty($enclosure)) {
                         $this->iTunify($eventData, $enclosure);
                         if (empty($addedEnclosures[$enclosure])) {
                             $eventData['display_dat'] .= $enclosure;
                             if ($firstmedia_only) {
                                 return true;
                         $addedEnclosures[$enclosure] = 1;
             // Last, also match the '<a href>' style, if "use_player" is disabled and thus no <embed> might exist.
             $this->log("Matching playerRewritePattern");
             $nopodcasting_class = $this->get_config('nopodcasting_class', 'nopodcast');
             if (!empty($nopodcasting_class)) {
                 $classPattern = '@class\\s*=\\s*(\'|")\\s*' . $nopodcasting_class . '\\s*(\'|")+@si';
             if (!$use_player && preg_match_all($patterns['playerRewritePattern'], $matchSource, $matches)) {
                 for ($i = 0, $maxi = count($matches[1]); $i < $maxi; $i++) {
                     $complete = $matches[0];
                     if (!empty($nopodcasting_class) && preg_match($classPattern, $complete)) {
                         $this->log("NoPodcasting class found!");
                     } else {
                         $this->log("NoPodcasting class not found! [" . $classPattern . "]");
                     $url = $matches[2][$i];
                     $fileInfo = $this->GetFileInfo($url);
                     $type = $fileInfo['mime'];
                     $enclosure = $this->GetEnclosure($event, $url, $type, $fileInfo['length'], $fileInfo['md5']);
                     if (!empty($enclosure)) {
                         $this->iTunify($eventData, $enclosure);
                         if (empty($addedEnclosures[$enclosure])) {
                             $eventData['display_dat'] .= $enclosure;
                             if ($firstmedia_only) {
                                 return true;
                         $addedEnclosures[$enclosure] = 1;
             // Check, if podcasts are added via the extended article attribute and make it enclosured if not already embedded, too:
             if (serendipity_db_bool($this->get_config('ep_asure_enc', 'true'))) {
                 $extended_attributes = explode(',', $this->get_config('extendet_enclosure_attributes', 'Podcast,Video'));
                 foreach ($extended_attributes as $eattr) {
                     $this->log("EP: " . trim($eattr));
                     $eattr = "ep_" . trim($eattr);
                     if (!empty($eattr) && !empty($eventData['properties'][$eattr])) {
                         $fileInfo = $this->GetFileInfo($eventData['properties'][$eattr]);
                         $type = $fileInfo['mime'];
                         $fileUrl = str_replace(' ', '%20', $eventData['properties'][$eattr]);
                         $enclosure = $this->GetEnclosure($event, $this->GetHostUrl() . (function_exists('serendipity_specialchars') ? serendipity_specialchars($fileUrl) : htmlspecialchars($fileUrl, ENT_COMPAT, LANG_CHARSET)), $type, $fileInfo['length'], $fileInfo['md5']);
                         if (!empty($enclosure)) {
                             $this->iTunify($eventData, $enclosure);
                             if (empty($addedEnclosures[$enclosure])) {
                                 $eventData['display_dat'] .= $enclosure;
                                 if ($firstmedia_only) {
                                     return true;
                             $addedEnclosures[$enclosure] = 1;
             // A RSS feet doesn't need the object tags (they are embedded now). So remove them:
             $eventData['feed_body'] = preg_replace('@<object .*?</object>@si', '', $eventData['feed_body']);
             // Purely embedded objects are RSS enclosured now too, so we can remove them if still there:
             $eventData['feed_body'] = preg_replace('@<embed .*?</embed>@si', '', $eventData['feed_body']);
             return true;
         case 'css':
             if (!strpos($eventData, '.podcastplayer')) {
                 echo '.podcastplayer { display: block; }' . "\n";
                 echo '.podcastdownload { display: block; }' . "\n";
             return true;
             //////////////////////// RSS 1 NS /////////////////////////////
         //////////////////////// RSS 1 NS /////////////////////////////
         case 'frontend_display:rss-1.0:namespace':
             $eventData['display_dat'] .= "   xmlns:enc=''\n";
             $eventData['display_dat'] .= "   xmlns:podcast=''\n";
             $eventData['display_dat'] .= "   xmlns:atom=\"\"\n";
             $eventData['display_dat'] .= "   xmlns:sc=\"\"\n";
             return true;
             //////////////////////// RSS 2 NS///// ////////////////////////
         //////////////////////// RSS 2 NS///// ////////////////////////
         case 'frontend_display:rss-2.0:namespace':
             $eventData['display_dat'] .= "   xmlns:itunes=\"\"\n";
             $eventData['display_dat'] .= "   xmlns:atom=\"\"\n";
             $eventData['display_dat'] .= "   xmlns:sc=\"\"\n";
             if (version_compare(preg_replace('@[^0-9\\.]@', '', $serendipity['version']), '1.6', '<')) {
             } else {
                 $eventData['channel_dat'] .= $this->get_config('itunes_meta');
             //$eventData['display_dat'] .= "   xmlns:podcast=''\n";
             return true;
             //////////////////////// HTML Entry /////////////////////////
         //////////////////////// HTML Entry /////////////////////////
         case 'frontend_display':
             if (!isset($eventData['body']) && !isset($eventData['extended'])) {
                 // Do not use player HTML for user comments, html nuggets, static pages etc.
                 return false;
             if (isset($eventData['properties']['ep_disable_markup' . $this->instance]) || isset($serendipity['POST']['properties']['disable_markup_' . $this->instance])) {
                 // Do not use player HTML, when the extended properties plugin disables this markup plugin.
                 return false;
             // Reset URL list replaced by players
             $this->playerUrlsAdded = array();
             // First replace old style [podcast] syntax always, even without player replacement
             if (is_array($eventData)) {
                 if (preg_match($patterns['podcastLinkPattern'], $eventData['body'])) {
                     $eventData['body'] .= '<!-- old podcast style found -->';
                 $eventData['body'] = preg_replace($patterns['podcastLinkPattern'], '<a href="\\4">\\4</a>', $eventData['body']);
                 $eventData['extended'] = preg_replace($patterns['podcastLinkPattern'], '<a href="\\4">\\4</a>', $eventData['extended']);
             // Now replace all links to mediafiles with the configured players:
             if ($use_player && is_array($eventData)) {
                 $eventData['body'] = preg_replace_callback($patterns['playerRewritePattern'], array($this, "playerRewriteCallBack"), $eventData['body']);
                 $eventData['extended'] = preg_replace_callback($patterns['playerRewritePattern'], array($this, "playerRewriteCallBack"), $eventData['extended']);
             // Check, if podcasts are added via the extended article attribute and add them to the article, if configured:
             if ($this->get_config('extendet_enclosure_position', 'never') != 'never') {
                 $extended_attributes = explode(',', $this->get_config('extendet_enclosure_attributes', 'Podcast,Video'));
                 $extra_links = '';
                 foreach ($extended_attributes as $eattr) {
                     $eattr = "ep_" . trim($eattr);
                     $ep_align = $this->get_config('ep_align', 'center');
                     if (!empty($eattr) && !empty($eventData['properties'][$eattr])) {
                         $fileUrl = $this->GetHostUrl() . $eventData['properties'][$eattr];
                         $this->log("found input in {$eattr}: {$eventData['properties'][$eattr]}");
                         $this->log("fileurl in {$eattr}: {$fileUrl}");
                         $fileInfo = $this->GetFileInfo($eventData['properties'][$eattr]);
                         $this->log("filinfo: " . print_r($fileInfo, true));
                         // Produce player code
                         if ($use_player) {
                             if (serendipity_db_bool($this->get_config('ep_automatic_size', 'false'))) {
                                 $player = $this->GetPlayerByExt($fileInfo['extension'], $fileUrl, $fileInfo['width'], $fileInfo['height'], $ep_align, $fileInfo['mime']);
                             } else {
                                 $player = $this->GetPlayerByExt($fileInfo['extension'], $fileUrl, null, null, $ep_align, $fileInfo['mime']);
                         } else {
                             $player = '<a href="' . $fileUrl . '">' . basename($eventData['properties'][$eattr]) . '</a>';
                         $extra_links .= $player;
                 if (!empty($extra_links)) {
                     switch ($this->get_config('extendet_enclosure_position', 'never')) {
                         case 'body_top':
                             $eventData['body'] = $extra_links . $eventData['body'];
                         case 'body_botton':
                             $eventData['body'] = $eventData['body'] . $extra_links;
                         case 'ext_top':
                             $eventData['extended'] = $extra_links . $eventData['extended'];
                         case 'ext_botton':
                             $eventData['extended'] = $eventData['extended'] . $extra_links;
             // Remember media urls rewritten by player code for RSS feed.
             if (count($this->playerUrlsAdded) > 0) {
                 $eventData['podcastUrlsRewrittenByPlayerCode'] = $this->playerUrlsAdded;
             return true;
Пример #30
 function import()
     global $serendipity;
     // Save this so we can return it to its original value at the end of this method.
     $noautodiscovery = isset($serendipity['noautodiscovery']) ? $serendipity['noautodiscovery'] : false;
     if ($this->data['autodiscovery'] == 'false') {
         $serendipity['noautodiscovery'] = 1;
     $this->data['prefix'] = serendipity_db_escape_string($this->data['prefix']);
     $users = array();
     $categories = array();
     $entries = array();
     if (!extension_loaded('pgsql')) {
         return PGSQL_REQUIRED;
     $wpdb = pg_connect("{$this->data}['host'], {$this->data}['port'], {$this->data}['user'], {$this->data}['pass'], {$this->data}['name']");
     if (!$wpdb) {
         return sprintf(PGSQL_COULDNT_CONNECT, serendipity_specialchars($this->data['pass']));
     /* Users */
     $res = pg_query($wpdb, "SELECT ID, user_login, user_pass, user_email, user_level FROM {$this->data['prefix']}users;");
     if (!$res) {
         return sprintf(COULDNT_SELECT_USER_INFO, pg_last_error($wpdb));
     for ($x = 0; $x < pg_num_rows($res); $x++) {
         $users[$x] = pg_fetch_assoc($res);
         $data = array('right_publish' => $users[$x]['user_level'] >= 1 ? 1 : 0, 'realname' => $users[$x]['user_login'], 'username' => $users[$x]['user_login'], 'password' => $users[$x]['user_pass']);
         // WP uses md5, too.
         if ($users[$x]['user_level'] <= 1) {
             $data['userlevel'] = USERLEVEL_EDITOR;
         } elseif ($users[$x]['user_level'] < 5) {
             $data['userlevel'] = USERLEVEL_CHIEF;
         } else {
             $data['userlevel'] = USERLEVEL_ADMIN;
         if ($serendipity['serendipityUserlevel'] < $data['userlevel']) {
             $data['userlevel'] = $serendipity['serendipityUserlevel'];
         serendipity_db_insert('authors', $this->strtrRecursive($data));
         $users[$x]['authorid'] = serendipity_db_insert_id('authors', 'authorid');
     /* Categories */
     $res = @pg_query($wpdb, "SELECT cat_ID, cat_name, category_description, category_parent FROM {$this->data['prefix']}categories ORDER BY category_parent, cat_ID;");
     if (!$res) {
         return sprintf(COULDNT_SELECT_CATEGORY_INFO, pg_last_error($wpdb));
     // Get all the info we need
     for ($x = 0; $x < pg_num_rows($res); $x++) {
         $categories[] = pg_fetch_assoc($res);
     // Insert all categories as top level (we need to know everyone's ID before we can represent the hierarchy).
     for ($x = 0; $x < sizeof($categories); $x++) {
         $cat = array('category_name' => $categories[$x]['cat_name'], 'category_description' => $categories[$x]['category_description'], 'parentid' => 0, 'category_left' => 0, 'category_right' => 0);
         serendipity_db_insert('category', $this->strtrRecursive($cat));
         $categories[$x]['categoryid'] = serendipity_db_insert_id('category', 'categoryid');
     // There has to be a more efficient way of doing this...
     foreach ($categories as $cat) {
         if ($cat['category_parent'] != 0) {
             // Find the parent
             $par_id = 0;
             foreach ($categories as $possible_par) {
                 if ($possible_par['cat_ID'] == $cat['category_parent']) {
                     $par_id = $possible_par['categoryid'];
             if ($par_id != 0) {
                 serendipity_db_query("UPDATE {$serendipity['dbPrefix']}category SET parentid={$par_id} WHERE categoryid={$cat['categoryid']};");
             // else { echo "D'oh! " . random_string_of_profanity(); }
     /* Entries */
     $res = @pg_query($wpdb, "SELECT * FROM {$this->data['prefix']}posts ORDER BY post_date;");
     if (!$res) {
         return sprintf(COULDNT_SELECT_ENTRY_INFO, pg_last_error($wpdb));
     for ($x = 0; $x < pg_num_rows($res); $x++) {
         $entries[$x] = pg_fetch_assoc($res);
         $entry = array('title' => $this->decode($entries[$x]['post_title']), 'isdraft' => $entries[$x]['post_status'] == 'publish' ? 'false' : 'true', 'allow_comments' => $entries[$x]['comment_status'] == 'open' ? 'true' : 'false', 'timestamp' => strtotime($entries[$x]['post_date']), 'body' => $this->strtr($entries[$x]['post_content']));
         foreach ($users as $user) {
             if ($user['ID'] == $entries[$x]['post_author']) {
                 $entry['authorid'] = $user['authorid'];
         if (!is_int($entries[$x]['entryid'] = serendipity_updertEntry($entry))) {
             return $entries[$x]['entryid'];
     /* Entry/category */
     $res = @pg_query($wpdb, "SELECT * FROM {$this->data['prefix']}post2cat;");
     if (!$res) {
         return sprintf(COULDNT_SELECT_ENTRY_INFO, pg_last_error($wpdb));
     while ($a = pg_fetch_assoc($res)) {
         foreach ($categories as $category) {
             if ($category['cat_ID'] == $a['category_id']) {
                 foreach ($entries as $entry) {
                     if ($a['post_id'] == $entry['ID']) {
                         $data = array('entryid' => $entry['entryid'], 'categoryid' => $category['categoryid']);
                         serendipity_db_insert('entrycat', $this->strtrRecursive($data));
     /* Comments */
     $res = @pg_query($wpdb, "SELECT * FROM {$this->data['prefix']}comments;");
     if (!$res) {
         return sprintf(COULDNT_SELECT_COMMENT_INFO, pg_last_error($wpdb));
     while ($a = pg_fetch_assoc($res)) {
         foreach ($entries as $entry) {
             if ($entry['ID'] == $a['comment_post_ID']) {
                 $comment = array('entry_id ' => $entry['entryid'], 'parent_id' => 0, 'timestamp' => strtotime($a['comment_date']), 'author' => $a['comment_author'], 'email' => $a['comment_author_email'], 'url' => $a['comment_author_url'], 'ip' => $a['comment_author_IP'], 'status' => empty($a['comment_approved']) || $a['comment_approved'] == '1' ? 'approved' : 'pending', 'subscribed' => 'false', 'body' => $a['comment_content'], 'type' => 'NORMAL');
                 serendipity_db_insert('comments', $this->strtrRecursive($comment));
                 if ($comment['status'] == 'approved') {
                     $cid = serendipity_db_insert_id('comments', 'id');
                     serendipity_approveComment($cid, $entry['entryid'], true);
     $serendipity['noautodiscovery'] = $noautodiscovery;
     // That was fun.
     return true;