function blocks_topic_block($row)
{
//global $topic, $catid;
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$currentlang = pnUserGetLang();
if (!pnSecAuthAction(0, 'Topicblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
$language = pnConfigGetVar('language');
$topic = "";
$catid = "";
if (pnConfigGetVar('multilingual') == 1) {
$column =& $pntable['stories_column'];
$querylang = "AND ({$column['alanguage']}='{$currentlang}' OR {$column['alanguage']}='')";
/* the OR is needed to display stories who are posted to ALL languages */
} else {
$querylang = '';
}
$column =& $pntable['topics_column'];
$result = $dbconn->Execute("SELECT {$column['topicid']} AS topicid, {$column['topicname']} as topicname FROM {$pntable['topics']} ORDER BY topicname");
if ($result->EOF) {
return;
} else {
$boxstuff = '<span class="pn-normal">';
if ($topic == "") {
$boxstuff .= "<strong><big>·</big></strong> <b><a href=\"modules.php?op=modload&name=Topics&file=index\">" . _ALL_TOPICS . "</a></b><br>";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name=News&file=index&catid={$catid}\">" . _ALL_TOPICS . "</a><br>";
}
while (!$result->EOF) {
$srow = $result->GetRowAssoc(false);
$result->MoveNext();
if (pnSecAuthAction(0, 'Topics::Topic', "{$srow['topicname']}::{$srow['topicid']}", ACCESS_READ)) {
$column =& $pntable['stories_column'];
$result2 = $dbconn->Execute("SELECT {$column['time']} AS unixtime FROM {$pntable['stories']} WHERE {$column['topic']}={$srow['topicid']} {$querylang} ORDER BY {$column['time']} DESC");
if (!$result2->EOF) {
$story = $result2->GetRowAssoc(false);
$story['unixtime'] = $result2->UnixTimeStamp($story['unixtime']);
$sdate = ml_ftime(_DATEBRIEF, $story['unixtime']);
if ($topic == $srow['topicid']) {
$boxstuff .= "<strong><big>·</big></strong> <span class=\"pn-title\"><b>{$srow['topicname']}</b></span> <span class=\"pn-sub\">({$sdate})</span><br>";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=index&catid={$catid}&topic={$srow['topicid']}\">{$srow['topicname']}</a> <span class=\"pn-sub\">({$sdate})</span><br>";
}
}
}
}
}
$boxstuff .= '</span>';
if (empty($row['title'])) {
$row['title'] = _TOPICS;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
function blocks_category_block($row)
{
global $topic, $catid;
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!pnSecAuthAction(0, 'Categoryblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
if (pnConfigGetVar('multilingual') == 1) {
$column =& $pntable['stories_column'];
$querylang = "AND ({$column['alanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$column['alanguage']}='')";
/* the OR is needed to display stories who are posted to ALL languages */
} else {
$querylang = '';
}
$column =& $pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT {$column['catid']} as catid, {$column['title']} as title FROM {$pntable['stories_cat']} ORDER BY {$column['title']}");
if ($result->EOF) {
return;
} else {
$boxstuff = '<span class="pn-normal">';
if ($catid == "") {
// $boxstuff .= '<strong><big>·</big></strong> <b>'._ALL_CATEGORIES.'</b><br />';
$boxstuff .= "";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name=News&file=index&topic={$topic}\">" . _ALL_CATEGORIES . "</a><br />";
}
for (; !$result->EOF; $result->MoveNext()) {
$srow = $result->GetRowAssoc(false);
if (pnSecAuthAction(0, 'Stories::Category', "{$srow['title']}::{$srow['catid']}", ACCESS_READ)) {
$column =& $pntable['stories_column'];
$result2 = $dbconn->Execute("SELECT {$column['time']} AS unixtime\n FROM {$pntable['stories']}\n WHERE {$column['catid']}=" . pnVarPrepForStore($srow['catid']) . " {$querylang}\n ORDER BY {$column['time']} DESC");
if (!$result2->EOF) {
$story = $result2->GetRowAssoc(false);
$story['unixtime'] = $result2->UnixTimeStamp($story['unixtime']);
$sdate = ml_ftime(_DATEBRIEF, $story['unixtime']);
if ($catid == $srow['catid']) {
$boxstuff .= "<strong><big>·</big></strong> <span class=\"pn-title\"><b>" . pnVarPrepForDisplay($srow['title']) . "</b></span> <span class=\"pn-sub\">(" . pnVarPrepForDisplay($sdate) . ")</span><br />";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=index&catid={$srow['catid']}&topic={$topic}\">" . pnVarPrepForDisplay($srow['title']) . "</a> <span class=\"pn-sub\">(" . pnVarPrepForDisplay($sdate) . ")</span><br />";
}
}
}
}
}
$boxstuff .= '</span>';
if (empty($row['title'])) {
$row['title'] = _CATEGORIES;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
function send_email()
{
$adminmail = pnConfigGetVar('adminmail');
$subject = "" . _ERROR404_MAILSUBJECT . "";
$sitename = pnConfigGetVar('sitename');
$remote_addr = pnServerGetVar('REMOTE_ADDR');
$http_referer = pnServerGetVar('HTTP_REFERER');
$redirect_url = pnServerGetVar('REDIRECT_URL');
$server = pnServerGetVar('HTTP_HOST');
$errordoc = "http://{$server}{$redirect_url}";
$errortime = ml_ftime(_DATETIMEBRIEF, date(time()));
$message = "{$subject}\n\n";
$message .= "TIME: {$errortime}\n";
$message .= "REMOTE_ADDR: {$remote_addr}\n";
$message .= "ERRORDOC: " . pnVarPrepForDisplay($errordoc) . "\n";
$message .= "HTTP_REFERER: {$http_referer}\n";
pnMail($adminmail, $subject, $message, "From: \"{$sitename}\" <{$adminmail}>\nX-Mailer: PHP/" . phpversion());
echo "<br /><br /><strong>" . _ERROR404_MAILED . "</strong>\n";
}
function pnMailHackAttempt($detecting_file = "(no filename available)", $detecting_line = "(no line number available)", $hack_type = "(no type given)", $message = "(no message given)")
{
# Backwards compatibility fix with php 4.0.x and 4.1.x or greater Neo
if (phpversion() >= "4.2.0") {
$_pv = $_POST;
$_gv = $_GET;
$_rv = $_REQUEST;
$_sv = $_SERVER;
$_ev = $_ENV;
$_cv = $_COOKIE;
$_fv = $_FILES;
$_snv = $_SESSION;
} else {
global $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $HTTP_COOKIE_VARS, $HTTP_POST_FILES, $HTTP_SESSION_VARS;
$_pv = $HTTP_POST_VARS;
$_gv = $HTTP_GET_VARS;
$_rv = array();
$_sv = $HTTP_SERVER_VARS;
$_ev = $HTTP_ENV_VARS;
$_cv = $HTTP_COOKIE_VARS;
$_fv = $HTTP_POST_FILES;
$_snv = $HTTP_SESSION_VARS;
}
$output = "Attention site admin of " . pnConfigGetVar('sitename') . ",\n";
$output .= "On " . ml_ftime(_DATEBRIEF, GetUserTime(time()));
$output .= " at " . ml_ftime(_TIMEBRIEF, GetUserTime(time()));
$output .= " the Postnuke code has detected that somebody tried to" . " send information to your site that may have been intended" . " as a hack. Do not panic, it may be harmless: maybe this" . " detection was triggered by something you did! Anyway, it" . " was detected and blocked. \n";
$output .= "The suspicious activity was recognized in {$detecting_file} " . "on line {$detecting_line}, and is of the type {$hack_type}. \n";
$output .= "Additional information given by the code which detected this: " . $message;
$output .= "\n\nBelow you will find a lot of information obtained about " . "this attempt, that may help you to find what happened and " . "maybe who did it.\n\n";
$output .= "\n=====================================\n";
$output .= "Information about this user:\n";
$output .= "=====================================\n";
if (!pnUserLoggedIn()) {
$output .= "This person is not logged in.\n";
} else {
$output .= "Postnuke username: "******"\n" . "Registered email of this Postnuke user: "******"\n" . "Registered real name of this Postnuke user: "******"\n";
}
$output .= "IP numbers: [note: when you are dealing with a real cracker " . "these IP numbers might not be from the actual computer he is " . "working on]" . "\n\t IP according to HTTP_CLIENT_IP: " . getenv('HTTP_CLIENT_IP') . "\n\t IP according to REMOTE_ADDR: " . getenv('REMOTE_ADDR') . "\n\t IP according to GetHostByName(\$REMOTE_ADDR): " . GetHostByName($REMOTE_ADDR) . "\n\n";
$output .= "\n=====================================\n";
$output .= "Information in the \$_REQUEST array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_rv)) {
$output .= "REQUEST * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_GET array\n";
$output .= "This is about variables that may have been ";
$output .= "in the URL string or in a 'GET' type form.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_gv)) {
$output .= "GET * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_POST array\n";
$output .= "This is about visible and invisible form elements.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_pv)) {
$output .= "POST * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Browser information\n";
$output .= "=====================================\n";
global $HTTP_USER_AGENT;
$output .= "HTTP_USER_AGENT: " . $HTTP_USER_AGENT . "\n";
$browser = (array) get_browser();
while (list($key, $value) = each($browser)) {
$output .= "BROWSER * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_SERVER array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_sv)) {
$output .= "SERVER * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_ENV array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_ev)) {
$output .= "ENV * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_COOKIE array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_cv)) {
$output .= "COOKIE * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_FILES array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_fv)) {
$output .= "FILES * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_SESSION array\n";
$output .= "This is session info. The variables\n";
$output .= " starting with PNSV are PostNukeSessionVariables.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_snv)) {
$output .= "SESSION * {$key} : {$value}\n";
}
$sitename = pnConfigGetVar('sitename');
$adminmail = pnConfigGetVar('adminmail');
$headers = "From: {$sitename} <{$adminmail}>\n" . "X-Priority: 1 (Highest)\n";
pnMail($adminmail, 'Attempted hack on your site? (type: ' . $hack_type . ')', $output, $headers);
return;
}
function search_stories()
{
list($startnum, $active_stories, $total, $stories_topics, $stories_cat, $stories_author, $q, $bool) = pnVarCleanFromInput('startnum', 'active_stories', 'total', 'stories_topics', 'stories_cat', 'stories_author', 'q', 'bool');
if (!isset($active_stories) || !$active_stories) {
return;
}
if (!pnModAvailable('News')) {
return;
}
$output =& new pnHTML();
if (!isset($startnum) || !is_numeric($startnum)) {
$startnum = 1;
}
if (isset($total) && !is_numeric($total)) {
unset($total);
}
$dbconn =& pnDBGetConn(true);
$pntable =& pnDBGetTables();
if (empty($bool)) {
$bool = 'OR';
}
$flag = false;
$storcol =& $pntable['stories_column'];
$stcatcol =& $pntable['stories_cat_column'];
$topcol =& $pntable['topics_column'];
$query = '';
$query1 = "SELECT {$storcol['sid']} as sid,\n {$topcol['tid']} as topicid,\n {$topcol['topicname']} as topicname,\n {$topcol['topictext']} as topictext,\n {$storcol['catid']} as catid,\n {$storcol['time']} AS fdate,\n {$storcol['title']} AS story_title,\n {$storcol['aid']} AS aid,\n {$stcatcol['title']} AS cat_title\n FROM {$pntable['stories']}\n LEFT JOIN {$pntable['stories_cat']} ON ({$storcol['catid']}={$stcatcol['catid']})\n LEFT JOIN {$pntable['topics']} ON ({$storcol['topic']}={$topcol['tid']})\n WHERE ";
// hack to get this to work, but much better than what we had before
//$query .= " 1 = 1 ";
// words
$w = search_split_query($q);
if (isset($w)) {
foreach ($w as $word) {
if ($flag) {
switch ($bool) {
case 'AND':
$query .= ' AND ';
break;
case 'OR':
default:
$query .= ' OR ';
break;
}
}
$query .= '(';
$query .= "{$storcol['title']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
$query .= "{$storcol['hometext']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
$query .= "{$storcol['bodytext']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
//$query .= "$storcol[comments] LIKE '".pnVarPrepForStore($word)."' OR ";
$query .= "{$storcol['informant']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
$query .= "{$storcol['notes']} LIKE '" . pnVarPrepForStore($word) . "'";
$query .= ')';
$flag = true;
$no_flag = false;
}
} else {
$no_flag = true;
}
// topics
if (isset($stories_topics) && !empty($stories_topics)) {
$flag = false;
$start_flag = false;
// dont set AND/OR if nothing is in front
foreach ($stories_topics as $v) {
if (empty($v)) {
continue;
}
if (!$no_flag and !$start_flag) {
$query .= ' AND (';
$start_flag = true;
}
if ($flag) {
$query .= ' OR ';
}
$query .= "{$storcol['topic']}='" . pnVarPrepForStore($v) . "'";
$flag = true;
}
if (!$no_flag and $start_flag) {
$query .= ') ';
$no_flag = false;
}
}
// categories
if (!is_array($stories_cat)) {
$stories_cat[0] = '';
}
if (isset($stories_cat[0]) && !empty($stories_cat[0])) {
if (!$no_flag) {
$query .= ' AND (';
}
$flag = false;
foreach ($stories_cat as $v) {
if ($flag) {
$query .= ' OR ';
}
$query .= "{$stcatcol['catid']}='" . pnVarPrepForStore($v) . "'";
$flag = true;
}
if (!$no_flag) {
$query .= ') ';
$no_flag = false;
}
}
// authors
if (isset($stories_author) && $stories_author != '') {
if (!$no_flag) {
$query .= ' AND (';
}
$query .= "{$storcol['informant']}='" . pnVarPrepForStore($stories_author) . "'";
$result =& $dbconn->Execute("SELECT {$pntable['users_column']['uid']} as pn_uid FROM {$pntable['users']} WHERE {$pntable['users_column']['uname']} LIKE '%" . pnVarPrepForStore($stories_author) . "%' OR {$pntable['users_column']['name']} LIKE '%" . pnVarPrepForStore($stories_author) . "%'");
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
$query .= " OR {$storcol['aid']}={$row['pn_uid']}";
$result->MoveNext();
}
if (!$no_flag) {
$query .= ') ';
$no_flag = false;
}
} else {
$stories_author = '';
}
if (pnConfigGetVar('multilingual') == 1) {
if (!empty($query)) {
$query .= ' AND';
}
$query .= " ({$storcol['alanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$storcol['alanguage']}='')";
}
if (empty($query)) {
$query = '1';
}
$query .= " ORDER BY {$storcol['time']} DESC";
$query = $query1 . $query;
// get the total count with permissions!
if (empty($total)) {
$total = 0;
$countres =& $dbconn->Execute($query);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
while (!$countres->EOF) {
$row = $countres->GetRowAssoc(false);
if (pnSecAuthAction(0, 'Stories::Story', "{$row['aid']}:{$row['cat_title']}:{$row['sid']}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$row['topicname']}::{$row['topicid']}", ACCESS_READ)) {
$total++;
}
$countres->MoveNext();
}
}
$result = $dbconn->SelectLimit($query, 10, $startnum - 1);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
if (!$result->EOF) {
$output->Text(_STORIES_TOPICS . ': ' . $total . ' ' . _SEARCHRESULTS);
$output->SetInputMode(_PNH_VERBATIMINPUT);
// Rebuild the search string from previous information
$url = 'index.php?name=Search&action=search&active_stories=1&stories_author=' . pnVarPrepForDisplay($stories_author);
if (isset($stories_cat) && $stories_cat) {
foreach ($stories_cat as $v) {
$url .= "&stories_cat%5B%5D={$v}";
}
}
if (isset($stories_topics) && $stories_topics) {
foreach ($stories_topics as $v) {
$url .= "&stories_topics%5B%5D={$v}";
}
}
$url .= '&bool=' . pnVarPrepForDisplay($bool);
if (isset($q)) {
$url .= '&q=' . pnVarPrepForDisplay($q);
}
$output->Text('<dl>');
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
if (pnSecAuthAction(0, 'Stories::Story', "{$row['aid']}:{$row['cat_title']}:{$row['sid']}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$row['topicname']}::{$row['topicid']}", ACCESS_READ)) {
$row['fdate'] = ml_ftime(_DATELONG, $result->UnixTimeStamp($row['fdate']));
$output->Text('<dt><a href="index.php?name=News&file=article&sid=' . pnVarPrepForDisplay($row['sid']) . '">' . pnVarPrepHTMLDisplay($row['story_title']) . '</a></dt>');
$output->Text('<dd>');
$output->Text(pnVarPrepForDisplay($row['fdate']) . ' (');
if (!empty($row['topicid'])) {
$output->Text($row['topictext']);
}
if (!empty($row['catid'])) {
$output->Text(' - ' . pnVarPrepHTMLDisplay($row['cat_title']));
}
$output->Text(')</dd>');
}
$result->MoveNext();
}
$output->Text('</dl>');
// Munge URL for template
$urltemplate = $url . "&startnum=%%&total={$total}";
$output->Pager($startnum, $total, $urltemplate, 10);
} else {
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text(_SEARCH_NO_STORIES_TOPICS);
$output->SetInputMode(_PNH_PARSEINPUT);
}
$output->Linebreak(3);
return $output->GetOutput();
}
function advheadlines2($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$past = time() - $row['refresh'];
if ($row['unix_update'] < $past && $row['url']) {
// if(true) { // remove comment for testing purposes
// read proxy settings from database
$column =& $pntable['headlines_column'];
$result = $dbconn->Execute("SELECT {$column['options']} as options, {$column['maxrows']} as maxrows FROM {$pntable['headlines']} WHERE {$column['rssurl']}='{$row['url']}'");
$setting = $result->GetRowAssoc(false);
$result->MoveNext();
// Check if the 'P'roxy parameter is set in the options for this url.
$use_proxy = stristr($setting['options'], "P") != false;
// connect to the rss host
$fp = rss_connect($row, $use_proxy);
if ($fp) {
$rdf = "";
// skip header improves regexp performance (TRICKY CODE!)
while (!feof($fp) && fgets($fp, 128) != "\r\n") {
}
// start reading after the header
while (!feof($fp)) {
// read fixed blocks of data
$rdf[] .= fgets($fp, 128);
}
// nicely close the connection
fputs($fp, "Connection: close\r\n\r\n");
fclose($fp);
// for timing purposes
$starttime = getmicrotime();
// 'parse' the rdf file
$html = parse_rdf2html($rdf, $setting['maxrows'], $setting['options']);
// build the contents of the display block
$row['hdr_comment'] = "\n<!-- RSS Block start -->\n";
$row['content'] = $html;
$time = getmicrotime() - $starttime;
$row['ftr_comment'] .= "<-- RSS2 Block end (age: {$age} of {$row['refresh']})[{$stat}] -- runtime: {$time} -->\n\n";
// update block in db
$sql_content = addslashes($row['content']);
$column =& $pntable['blocks_column'];
$sql = "UPDATE {$pntable['blocks']} SET {$column['content']}='{$sql_content}',{$column['last_update']}=NOW() WHERE {$column['bid']}={$row['bid']}";
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
$row['title'] .= ' *';
$row['content'] .= "<!--\n\n\n" . $dbconn->ErrorMsg() . "\n\n\n{$sql}\n\n\n-->";
exit(0);
}
} else {
// no connection could be established!
$content = addslashes('<font class=\\"pn-normal">' . _RSSPROBLEM . '</font>');
$next_try = time() + 600;
$column =& $pntable['blocks_column'];
$result = $dbconn->Execute("UPDATE {$pntable['blocks']} SET {$column['content']}='{$content}',{$column['last_update']}=FROM_UNIXTIME({$next_try}) WHERE {$column['bid']}={$bid}");
$row['title'] = "{$row['title']} !";
$row['content'] = "{$row['content']}\n\n\n<!--\n\n\n\n\n\n\n" . ml_ftime(_DATETIMELONG, $row['unix_update']) . "\n\n\n\n\n-->\n\n\n\n";
}
} else {
$row['title'] = $row['title'] . " +";
// chached version indicator
}
return themesideblock($row);
}
function blocks_past_block($row)
{
$catid = pnVarCleanFromInput('catid');
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$oldnum = pnConfigGetVar('perpage');
if (!pnSecAuthAction(0, 'Pastblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
if (pnUserLoggedIn()) {
$storyhome = pnUserGetVar('storynum');
} else {
$storyhome = pnConfigGetVar('storyhome');
}
// Break out options from our content field
$vars = pnBlockVarsFromContent($row['content']);
// Defaults
if (empty($storynum)) {
$storynum = 10;
}
if (empty($vars['limit'])) {
$vars['limit'] = 10;
}
$storynum = $vars['limit'];
$column =& $pntable['stories_column'];
if (!isset($catid) || $catid == '') {
$articles = getArticles("{$column['ihome']}=0", "{$column['time']} DESC", $storynum, $storyhome);
} else {
$articles = getArticles("{$column['catid']}={$catid}", "{$column['time']} DESC", $storynum, $storyhome);
}
$time2 = "";
setlocale(LC_TIME, pnConfigGetVar('locale'));
$boxstuff = "<table width=\"100%\" cellpadding=\"1\" cellspacing=\"0\" border=\"0\" class=\"pn-normal\">\n";
$vari = 0;
$see = 0;
foreach ($articles as $article) {
$info = genArticleInfo($article);
$links = genArticleLinks($info);
$preformat = genArticlePreformat($info, $links);
// a little bit tricky to remove the bold property from link description
// (2001-11-15, hdonner)
$preformat['title'] = str_replace("pn-title", "pn-normal", $preformat['title']);
if (!pnSecAuthAction(0, 'Stories::Story', "{$info['aid']}:{$info['cattitle']}:{$info['sid']}", ACCESS_READ) || !pnSecAuthAction(0, 'Topics::Topic', "{$info['topicname']}::{$info['tid']}", ACCESS_READ)) {
continue;
}
$see = 1;
ereg("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $info['time'], $datetime2);
$datetime2 = ml_ftime("" . _DATESTRING2 . "", mktime($datetime2[4], $datetime2[5], $datetime2[6], $datetime2[2], $datetime2[3], $datetime2[1]));
$datetime2 = ucfirst($datetime2);
if ($time2 == $datetime2) {
$boxstuff .= "<tr><td valign=\"top\"><big><strong>·</strong></big></td>" . "<td valign=\"top\" width=\"100%\"><span class=\"pn-normal\">" . $preformat['title'] . " ({$info['comments']})</span></td></tr>\n";
} else {
$boxstuff .= "<tr><td colspan=\"2\"><b>{$datetime2}</b></td></tr>\n" . "<tr><td valign=\"top\"><big><strong>·</strong></big></td>" . "<td valign=\"top\" width=\"100%\"><span class=\"pn-normal\">{$preformat['title']} ({$info['comments']})</span></td></tr>\n";
$time2 = $datetime2;
}
$vari++;
if ($vari == $vars['limit']) {
$usernum = pnUserGetVar('storynum');
if (!empty($usernum)) {
$storynum = $usernum;
} else {
$storynum = pnConfigGetVar('storyhome');
}
$min = $oldnum + $storynum;
$boxstuff .= "<tr><td> </td><td valign=\"top\"><a class=\"pn-normal\"";
if (!isset($catid)) {
$boxstuff .= "href=\"modules.php?op=modload&name=Search&file=index&action=search&overview=1&active_stories=1\"><b>" . _OLDERARTICLES . "</b></a></td></tr>\n";
} else {
$boxstuff .= "href=\"modules.php?op=modload&name=Search&file=index&action=search&overview=1&active_stories=1&stories_cat[0]={$catid}\"><b>" . _OLDERARTICLES . "</b></a></td></tr>\n";
}
}
}
$boxstuff .= "</table>";
if ($see == 1) {
if (empty($row['title'])) {
$row['title'] = _PASTARTICLES;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
}
function blocks_stories_block($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$currentlang = pnUserGetLang();
if (!pnSecAuthAction(0, 'Storiesblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
// Break out options from our content field
$vars = pnBlockVarsFromContent($row['content']);
// Defaults
if (!isset($vars['storiestype'])) {
$vars['storiestype'] = 2;
}
if (!isset($vars['topic'])) {
$vars['topic'] = -1;
}
if (!isset($vars['category'])) {
$vars['category'] = -1;
}
if (!isset($vars['limit'])) {
$vars['limit'] = 10;
}
$row['content'] = "";
$query_started = false;
// Base query
$storiescolumn = $pntable['stories_column'];
$storiescatcolumn = $pntable['stories_cat_column'];
$topicscolumn = $pntable['topics_column'];
$query = "SELECT {$storiescolumn['aid']} AS \"aid\",\n {$storiescolumn['catid']} AS \"cid\",\n {$storiescatcolumn['title']} AS \"cattitle\",\n {$storiescolumn['sid']} AS \"sid\",\n {$topicscolumn['topicid']} AS \"tid\",\n {$storiescolumn['time']} AS \"time\",\n {$storiescolumn['title']} AS \"title\",\n {$topicscolumn['topicname']} AS \"topicname\"\n\t\t\tFROM \t{$pntable['stories']}";
// Assume mysql start
$query .= " LEFT JOIN {$pntable['stories_cat']} ON {$storiescolumn['catid']} = {$storiescatcolumn['catid']}\n\t\t\t\tLEFT JOIN {$pntable['topics']} ON {$storiescolumn['topic']} = {$topicscolumn['topicid']}";
// Assume mysql end
// $query .= " WHERE";
$wherearray = array();
// check language
if (pnConfigGetVar('multilingual') == 1) {
// $query_started = true;
// $query .= " ($storiescolumn[alanguage]='" . pnUserGetLang() . "' OR $storiescolumn[alanguage]='')";
$wherearray[] = " ({$storiescolumn['alanguage']}='" . pnUserGetLang() . "' OR {$storiescolumn['alanguage']}='')";
}
// Qualifier for front-page/not front-page news
// storiestype = 3 - front-page news
// storiestype = 1 - not front-page news
// storiestype = 2 - all news
if ($vars['storiestype'] == '1') {
// where clause already started?
// if ($query_started == true) {
// $query .= " AND";
// }
// $query_started = true;
// $query .= " $storiescolumn[ihome]=1";
$wherearray[] = " {$storiescolumn['ihome']}=1";
}
if ($vars['storiestype'] == '3') {
// where clause already started?
// if ($query_started == true) {
// $query .= " AND";
// }
// $query_started = true;
// $query .= " $storiescolumn[ihome]=0";
$wherearray[] = " {$storiescolumn['ihome']}=0";
}
// Qualifier for particular topic
// topic = -1 - all topics?
if ($vars['topic'] != -1) {
// where clause already started?
// if ($query_started == true) {
// $query .= " AND";
// }
// $query_started = true;
// $query .= " $storiescolumn[topic]=" . pnVarPrepForStore($vars['topic']);
$wherearray[] = " {$storiescolumn['topic']}=" . pnVarPrepForStore($vars['topic']);
}
// Qualifier for particular category
// category = -1 - all categories
if ($vars['category'] != -1) {
// where clause already started?
// if ($query_started = true) {
// $query .= " AND";
// }
// $query .= " $storiescolumn[cid]=" . pnVarPrepForStore($vars['category']);
$wherearray[] = " {$storiescolumn['cid']}=" . pnVarPrepForStore($vars['category']);
}
if ($wherearray) {
$query .= " WHERE " . implode(" AND ", $wherearray);
}
// Qualifier for how many stories
$query .= " ORDER BY {$storiescolumn['time']} DESC";
// we can't use a limit query since permissions might take effect...
//$result = $dbconn->SelectLimit($query, pnVarPrepForStore($vars['limit']));
$result = $dbconn->Execute($query);
// Error checking -- jn
if ($dbconn->ErrorNo() != 0) {
return false;
}
$shown_results = 0;
$postmax = $vars['limit'];
while ((list($aid, $cid, $cattitle, $sid, $tid, $time, $title, $topicname) = $result->FetchRow()) && $shown_results < $postmax) {
$time = $result->UnixTimeStamp($time);
if (!isset($aid)) {
$aid = '';
}
if ($catid == 0) {
// Default category
$cattitle = "" . _ARTICLES . "";
}
if (pnSecAuthAction(0, 'Stories::Story', "{$aid}:{$cattitle}:{$sid}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$topicname}::{$tid}", ACCESS_READ)) {
$row['content'] .= "<strong><big>·</big></strong> <font class=\"pn-sub\"><a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=article&sid=" . pnVarPrepForDisplay($sid) . "\">" . pnVarPrepForDisplay($title) . "</a>\n (" . ml_ftime(_DATEBRIEF, $time) . ")</font><br>\n";
$shown_results++;
}
// removed uncessary MoveNext; FetchRow() from above moves the record set pointer - markwest
// Credit rembert http://forums.postnuke.com/index.php?name=PNphpBB2&file=viewtopic&t=14182
// $result->MoveNext();
}
if (!empty($row['content'])) {
return themesideblock($row);
}
}
/**
* view items
* @author Mark West
* @param int $startnum the start item id for the pager
* @return string HTML output string
*/
function Admin_Messages_admin_view()
{
// Security check
if (!SecurityUtil::checkPermission('Admin_Messages::', '::', ACCESS_EDIT)) {
return LogUtil::registerPermissionError();
}
$startnum = FormUtil::getPassedValue('startnum', isset($args['startnum']) ? $args['startnum'] : null, 'GET');
// Create output object
$view = Zikula_View::getInstance('Admin_Messages', false);
// The user API function is called. This takes the number of items
// required and the first number in the list of all items, which we
// obtained from the input and gets us the information on the appropriate
// items.
$items = ModUtil::apiFunc('Admin_Messages', 'user', 'getall', array('startnum' => $startnum, 'numitems' => ModUtil::getVar('Admin_Messages', 'itemsperpage')));
if (!$items) {
$items = array();
}
$rows = array();
foreach ($items as $item) {
if (SecurityUtil::checkPermission('Admin_Messages::', "{$item['title']}::{$item['mid']}", ACCESS_READ)) {
$fullitem = ModUtil::apiFunc('Admin_Messages', 'user', 'get', array('mid' => $item['mid']));
if ($fullitem['language'] == '') {
$fullitem['language'] = __('All');
}
$row[] = $fullitem['language'];
if (!isset($fullitem['view'])) {
$fullitem['view'] = __('All visitors');
}
switch ($fullitem['view']) {
case '1':
$fullitem['view'] = __('All visitors');
break;
case '2':
$fullitem['view'] = __('Registered users only');
break;
case '3':
$fullitem['view'] = __('Anonymous guests only');
break;
case '4':
$fullitem['view'] = __('Administrators only');
break;
}
$row[] = $fullitem['view'];
if ($fullitem['active'] == 1) {
$active = __('Yes');
} else {
$active = __('No');
}
if ($fullitem['expire'] == 0) {
$expire = __('Never');
} else {
if ($fullitem['expire'] / 86400 == 1) {
$expire = $fullitem['expire'] / 86400 . ' ' . __('day');
} else {
$expire = $fullitem['expire'] / 86400 . ' ' . __('days');
}
}
if ($fullitem['expire'] == 0) {
$expiredate = __('No expiration date');
} else {
$expiredate = ml_ftime(__('%b %d, %Y - %I:%M %p'), $fullitem['date'] + $fullitem['expire']);
}
// Options for the item. Note that each item has the appropriate
// levels of authentication checked to ensure that it is suitable
// for display
$options = array();
if (SecurityUtil::checkPermission('Admin_Messages::', "{$item['title']}::{$item['mid']}", ACCESS_EDIT)) {
$options[] = array('url' => ModUtil::url('Admin_Messages', 'admin', 'modify', array('mid' => $item['mid'])), 'image' => 'xedit.gif', 'title' => __('Edit'));
if (SecurityUtil::checkPermission('Admin_Messages::', "{$item['title']}::{$item['mid']}", ACCESS_DELETE)) {
$options[] = array('url' => ModUtil::url('Admin_Messages', 'admin', 'delete', array('mid' => $item['mid'])), 'image' => '14_layer_deletelayer.gif', 'title' => __('Delete'));
}
}
$rows[] = array('mid' => $item['mid'], 'title' => $item['title'], 'language' => $fullitem['language'], 'view' => $fullitem['view'], 'active' => $active, 'expire' => $expire, 'expiredate' => $expiredate, 'options' => $options);
}
}
$view->assign('items', $rows);
// Assign the information required to create the pager
$view->assign('pager', array('numitems' => ModUtil::apiFunc('Admin_Messages', 'user', 'countitems'), 'itemsperpage' => ModUtil::getVar('Admin_Messages', 'itemsperpage')));
// Return the output that has been generated by this function
return $view->fetch('admin_messages_admin_view.htm');
}
function PrintPage($sid)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// grab the actual story from the database
$column =& $pntable['stories_column'];
$result = $dbconn->Execute("SELECT {$column['title']},\n {$column['time']},\n {$column['hometext']},\n {$column['bodytext']},\n {$column['topic']},\n {$column['notes']},\n {$column['cid']},\n {$column['aid']}\n FROM {$pntable['stories']} where {$column['sid']} = '" . pnVarPrepForStore($sid) . "'");
list($title, $time, $hometext, $bodytext, $topic, $notes, $cid, $aid) = $result->fields;
if (!isset($title) || $title == '') {
include 'header.php';
echo _DBSELECTERROR;
include 'footer.php';
exit;
}
if ($dbconn->ErrorNo() != 0) {
include 'header.php';
echo _DBSELECTERROR;
include 'footer.php';
exit;
}
// Get data for "autorise check"
// Just a temp. solution;
// Print.php needs completely redesign by using getArticles() and genArticleInfo()
// fix for Stories::Story, Topics::Topic [larsneo]
// find out the cattitle
if ($cid == 0) {
// Default category
$cattitle = "" . _ARTICLES . "";
} else {
$catcolumn =& $pntable['stories_cat_column'];
$catquery = buildSimpleQuery('stories_cat', array('title'), "{$catcolumn['catid']} = {$cid}");
$catresult = $dbconn->Execute($catquery);
list($cattitle) = $catresult->fields;
}
// find out the topictext
$topicscolumn =& $pntable['topics_column'];
$topicquery = buildSimpleQuery('topics', array('topictext', 'topicname'), "{$topicscolumn['topicid']} = {$topic}");
$topicresult = $dbconn->Execute($topicquery);
list($topictext, $topicname) = $topicresult->fields;
if (pnSecAuthAction(0, 'Stories::Story', "{$aid}:{$cattitle}:{$sid}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$topicname}::{$topic}", ACCESS_READ)) {
// user is authorised to view Stories::Story and Topics::Topic
// Increment the read counter
$column =& $pntable['stories_column'];
$dbconn->Execute("UPDATE {$pntable['stories']} SET {$column['counter']}={$column['counter']}+1 WHERE {$column['sid']}='" . pnVarPrepForStore($sid) . "'");
$time = $result->UnixTimeStamp($time);
$cWhereIsPerso = WHERE_IS_PERSO;
if (!empty($cWhereIsPerso)) {
include "modules/NS-Multisites/print.inc.php";
} else {
$themesarein = "";
$ThemeSel = pnUserGetTheme();
}
/* with this code there's no output if wiki is removed [larsneo]
pnModAPILoad('Wiki', 'user');
list($title,
$hometext,
$bodytext,
$notes) = pnModAPIFunc('wiki',
'user',
'transform',
array('objectid' => $sid,
'extrainfo' => array($title,
$hometext,
$bodytext,
$notes)));
*/
// call hooks
list($title, $hometext, $bodytext, $notes) = pnModCallHooks('item', 'transform', '', array($title, $hometext, $bodytext, $notes));
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n" . "<html>\n" . "<head><title>" . pnConfigGetVar('sitename') . "</title>\n";
if (defined("_CHARSET") && _CHARSET != "") {
echo "<META HTTP-EQUIV=\"Content-Type\" " . "CONTENT=\"text/html; charset=" . _CHARSET . "\">\n";
}
//changed to local stylesheet
//echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"".$themesarein."themes/$ThemeSel/style/style.css\">";
echo "<style type=\"text/css\">\n" . "<!--\n" . ".print-title {\n" . "background-color: transparent;\n" . "color: #990000;\n" . "font-family: Verdana, Arial, sans-serif;\n" . "font-size: 14px;\n" . "font-weight: bold;\n" . "text-decoration: none;\n" . "}\n" . ".print-sub {\n" . "background-color: transparent;\n" . "color: #000000;\n" . "font-family: Verdana, Arial, sans-serif;\n" . "font-size: 11px;\n" . "font-weight: normal;\n" . "text-decoration: none;\n" . "}\n" . ".print-normal {\n" . "background-color: transparent;\n" . "color: #000000;\n" . "font-family: Verdana, Arial, sans-serif;\n" . "font-size: 12px;\n" . "font-weight: normal;\n" . "text-decoration: none;\n" . "}\n" . ".print {\n" . "color: #000000;\n" . "background-color: #FFFFFF;\n" . "}\n" . "-->\n" . "</style>\n";
echo "</head>\n" . "<body class=\"print\" bgcolor=\"#FFFFFF\" text=\"#000000\">\n" . "\n<table border=\"0\" width=\"85%\" cellpadding=\"0\" cellspacing=\"1\" bgcolor=\"#FFFFFF\">\n" . "<tr><td>\n" . "<table border=\"0\" width=\"100%\" cellpadding=\"5\" cellspacing=\"1\" bgcolor=\"#FFFFFF\">\n" . "<tr><td>\n" . "<img src=\"" . WHERE_IS_PERSO . "images/" . pnConfigGetVar('site_logo') . "\" border=\"0\" alt=\"" . pnConfigGetVar('sitename') . "\">\n" . "<br /><br />\n" . "<b><font class=\"print-title\">" . pnVarPrepHTMLDisplay($title) . "</font></b><br /><br />\n" . "<font class=\"print-sub\">" . pnVarPrepHTMLDisplay($cattitle) . " / " . pnVarPrepHTMLDisplay($topictext) . "<br />\n" . "<b>" . _DATE . ":</b> " . ml_ftime(_DATETIMEBRIEF, $time) . "</font>\n" . "</td></tr>\n" . "<tr><td>\n" . "<font class=\"print-normal\">" . pnVarPrepHTMLDisplay($hometext) . "<br /><br />\n";
if (!empty($bodytext)) {
echo pnVarPrepHTMLDisplay($bodytext) . "<br />\n";
}
if (!empty($notes)) {
echo pnVarPrepHTMLDisplay($notes) . "<br />\n";
} else {
echo "<br />\n";
}
echo "</font>\n" . "</td></tr>\n" . "<tr><td>\n" . "<hr size=\"1\"><font class=\"print-normal\">\n" . "" . _COMESFROM . " " . pnConfigGetVar('sitename') . "<br />\n" . "<a class=\"print-normal\" href=\"" . pnGetBaseURL() . "\">" . pnGetBaseURL() . "</a>\n" . "<br /><br />\n" . "" . _THEURL . "" . "<br />\n" . "<a class=\"print-normal\" href=\"" . pnGetBaseURL() . "modules.php?op=modload&name=News&file=article&sid={$sid}\">" . pnGetBaseURL() . "modules.php?op=modload&name=News&file=article&sid={$sid}" . "</a>\n" . "</font>\n" . "</td></tr>\n" . "</table>\n</td></tr>\n</table>\n" . "</body>\n" . "</html>\n";
} else {
// user is not authorised to view Stories::Story and Topics::Topic
include 'header.php';
echo _BADAUTHKEY;
include 'footer.php';
exit;
}
}
function search_reviews()
{
list($active_reviews, $startnum, $total, $bool, $q) = pnVarCleanFromInput('active_reviews', 'startnum', 'total', 'bool', 'q');
if (empty($active_reviews)) {
return;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$output = new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
if (!isset($startnum) || !is_numeric($startnum)) {
$startnum = 1;
}
if (isset($total) && !is_numeric($total)) {
unset($total);
}
$w = search_split_query($q);
$flag = false;
$revcol =& $pntable['reviews_column'];
$comcol =& $pntable['reviews_comments_column'];
$query = "SELECT DISTINCT {$revcol['id']} as id, {$revcol['title']} as title, {$revcol['score']} as score, {$revcol['hits']} as hits, {$revcol['reviewer']} as reviewer, {$revcol['date']} AS fdate\n FROM {$pntable['reviews']} LEFT JOIN {$pntable['reviews_comments']} ON {$comcol['rid']}={$revcol['id']}\n WHERE \n";
foreach ($w as $word) {
if ($flag) {
switch ($bool) {
case 'AND':
$query .= ' AND ';
break;
case 'OR':
default:
$query .= ' OR ';
break;
}
}
$query .= '(';
// reviews
$query .= "{$revcol['title']} LIKE '{$word}' OR \n";
$query .= "{$revcol['text']} LIKE '{$word}' OR \n";
$query .= "{$revcol['reviewer']} LIKE '{$word}' OR \n";
$query .= "{$revcol['cover']} LIKE '{$word}' OR \n";
$query .= "{$revcol['url']} LIKE '{$word}' OR \n";
$query .= "{$revcol['url_title']} LIKE '{$word}' OR \n";
// reviews_comments
$query .= "{$comcol['comments']} LIKE '{$word}'\n";
$query .= ')';
$flag = true;
}
if (pnConfigGetVar('multilingual') == 1) {
$query .= " AND ({$revcol['rlanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$revcol['rlanguage']}='')";
}
$query .= " ORDER BY {$revcol['date']}";
// get the total count with permissions!
if (empty($total)) {
$total = 0;
$countres = $dbconn->Execute($query);
while (!$countres->EOF) {
$row = $countres->GetRowAssoc(false);
if (pnSecAuthAction(0, "Reviews::", "{$row['title']}::{$row['id']}", ACCESS_READ)) {
$total++;
}
$countres->MoveNext();
}
}
$result = $dbconn->SelectLimit($query, 10, $startnum - 1);
if (!$result->EOF) {
$output->Text(_REVIEWS . ': ' . $total . ' ' . _SEARCHRESULTS);
$output->SetInputMode(_PNH_VERBATIMINPUT);
// Rebuild the search string from previous information
$url = "modules.php?op=modload&name=Search&file=index&action=search&active_reviews=1&bool={$bool}&q={$q}";
$output->Text("<ul>");
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
$row['fdate'] = ml_ftime(_DATELONG, $result->UnixTimeStamp($row['fdate']));
if (pnSecAuthAction(0, "Reviews::", "{$row['title']}::{$row['id']}", ACCESS_READ)) {
$output->Text("<li><a class=\"pn-normal\" href=\"modules.php?op=modload&name=Reviews&file=index&req=showcontent&id={$row['id']}\">{$row['title']}</a> <font class=\"pn-sub\">(score: {$row['score']} - hits: {$row['hits']})</font><br>{$row['reviewer']}<br>{$row['fdate']}</li>");
}
$result->MoveNext();
}
$output->Text("</ul>");
// Munge URL for template
$urltemplate = $url . "&startnum=%%&total={$total}";
$output->Pager($startnum, $total, $urltemplate, 10);
} else {
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text('<font class="pn-normal">' . _SEARCH_NO_REVIEWS . '</font>');
$output->SetInputMode(_PNH_PARSEINPUT);
}
$output->Linebreak(3);
return $output->GetOutput();
}
function blocks_fxp_display($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!pnSecAuthAction(0, 'fxpblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
$blocktable = $pntable['blocks'];
$blockscolumn =& $pntable['blocks_column'];
$fxp_port = 5011;
$past = time() - $row['refresh'];
if ($row['unix_update'] < $past) {
// if (true) {
$fp = fsockopen('www.oanda.com', $fxp_port, $errno, $errstr, 5);
if (!$fp) {
if (!isset($bid)) {
$bid = '';
}
$content = addslashes(_FXPPROBLEM);
$next_try = time() + 600;
$result = mysql_query("UPDATE {$blocktable} SET {$blockscolumn['content']}='{$content}',{$blockscolumn['last_update']}=FROM_UNIXTIME({$next_try}) WHERE {$blockscolumn['bid']}=" . pnVarPrepForStore($bid) . "");
$row['title'] = "{$row['title']} *";
$row['content'] = "{$row['content']}\n\n\n<!--\n\n\n\n\n\n\n" . ml_ftime(_DATESTRING, $row['unix_update']) . "\n\n\n\n\n-->\n\n\n\n";
return themesideblock($row);
}
// get an array of currencies
$request = "fxp/1.1\r\n" . "Query: currencies\r\n" . "\r\n";
fputs($fp, $request);
if (trim(fgets($fp, 128)) == "fxp/1.1 200 ok") {
while (trim(fgets($fp, 128))) {
// nothing here but us chickens...
}
// ok, here we go...
while ($response = trim(fgets($fp, 128))) {
$fxp[] = $response;
}
}
foreach ($fxp as $v) {
$iso = substr($v, 0, 3);
$desc = substr($v, 4);
$currencies[$iso] = $desc;
}
asort($currencies);
// get quotes
$rates = explode("\n", trim($row['url']));
usort($rates, 'blocks_fxp_sort');
foreach ($rates as $v) {
$temp = explode('|', $v);
$request = "fxp/1.1\r\n" . "Query: quote\r\n" . "Quotecurrency: {$temp['1']}\r\n" . "Basecurrency: {$temp['0']}\r\n" . "\r\n";
fputs($fp, $request);
if (trim(fgets($fp, 128)) == "fxp/1.1 200 ok") {
while (trim(fgets($fp, 128))) {
// nothing here but us chickens...
}
// ok, here we go...
if (!isset($cur_cur)) {
$cur_cur = '';
}
while ($response = trim(fgets($fp, 128))) {
if ($cur_cur != $temp[1]) {
$quotes[] = '<b>' . $currencies[$temp[1]] . ':</b><br>';
$cur_cur = $temp[1];
}
$quotes[] = '<font class="pn-sub"> ' . $currencies[$temp[0]] . ": {$response}</font><br>";
}
} else {
$content = addslashes(_FXPPROBLEM2);
$next_try = time() + 600;
if (!isset($bid)) {
$bid = '';
}
$result = mysql_query("UPDATE {$blocktable} SET {$blockscolumn['content']}='" . pnVarPrepForStore($content) . "',{$blockscolumn['last_update']}=FROM_UNIXTIME({$next_try}) WHERE {$blockscolumn['bid']}=" . pnVarPrepForStore($bid) . "");
$row['title'] = "{$row['title']} *";
$row['content'] = "{$row['content']}\n\n\n<!--\n\n\n\n\n\n\n" . ml_ftime(_DATESTRING, $row['unix_update']) . "\n\n\n\n\n-->\n\n\n\n";
return themesideblock($row);
}
}
fclose($fp);
$row['content'] = implode("\n", $quotes);
$sql_content = addslashes($row['content']);
$sql = "UPDATE {$blocktable} SET {$blockscolumn['content']}='" . pnVarPrepForStore($sql_content) . "',{$blockscolumn['last_update']}=NOW() WHERE {$blockscolumn['bid']}=" . pnVarPrepForStore($row['bid']) . "";
if (!mysql_query($sql)) {
$row['title'] .= ' *';
$row['content'] .= "<!--\n\n\n" . mysql_error() . "\n\n\n{$sql}\n\n\n-->";
}
}
return themesideblock($row);
}
