header('location: ./mn-templates.php?back=deleted');
exit;
} else {
overal_header($lang['tmpl_templates'], $lang['tmpl_msg_put_contents_error'], 'error');
}
} else {
if (unlink($dir['templates'] . 'mn_default_' . $_POST['id'] . '.html')) {
header('location: ./mn-templates.php?back=deleted');
exit;
} else {
overal_header($lang['tmpl_templates'], $lang['tmpl_msg_put_contents_error'], 'error');
}
}
} elseif (isset($_GET['action']) && $_GET['action'] == 'default') {
foreach ($default_template as $d_num => $d_tmpl) {
mn_put_contents($dir['templates'] . 'mn_default_' . $d_num . '.html', $d_tmpl);
}
header('location: ./mn-templates.php?defaults');
exit;
} else {
$templates_result = '';
foreach ($templates as $i) {
if (!file_exists($dir['templates'] . 'mn_default_' . $i . '.html')) {
continue;
} else {
$delete_link = in_array($i, $default_templates) ? '' : ' · <a href="./mn-templates.php?action=delete&id=' . $i . '" class="fancy">' . $lang['uni_delete'] . '</a>';
$templates_result .= '<tr><td><a href="./mn-templates.php?action=edit&id=' . $i . '" class="main-link">' . $lang['tmpl_tmpl_name_' . $i] . '</a><br /> <span class="links hide"><a href="./mn-templates.php?action=edit&id=' . $i . '">' . $lang['uni_edit'] . '</a>' . $delete_link . '</span></td><td><span class="trivial">mn_default</span></td><td>' . $lang['tmpl_tmpl_type_' . $i] . '</td></tr>';
}
}
if (file_exists($file['templates'])) {
$t_file = file($file['templates']);
exit;
} else {
overal_header($lang['folders_folders'], $lang['folders_msg_put_contents_error'], 'error');
}
} else {
overall_header($lang['folders_folders'], $lang['folders_msg_empty_folder_name'], 'error');
}
} elseif (isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id']) && array_key_exists($_GET['id'], $folders)) {
$var = array('folder_name' => $folders[$_GET['id']]['name'], 'folder_id' => $_GET['id'], 'folder_parent' => $folders[$_GET['id']]['parent_id']);
overall_header($lang['folders_edit_folder'] . ' » ' . $var['folder_name'], $lang['folders_edit_folder'], 'main');
} elseif (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id']) && array_key_exists($_GET['id'], $folders)) {
$var = array('folder_name' => $folders[$_GET['id']]['name'], 'folder_id' => $_GET['id'], 'folder_parent' => $folders[$_GET['id']]['parent_id']);
$admin_tmpl['folders_main'] = false;
} elseif (isset($_POST['action']) && $_POST['action'] == 'delete' && isset($_POST['id']) && array_key_exists($_POST['id'], $folders)) {
unset($folders[$_POST['id']]);
if (mn_put_contents($file['folders'], DIE_LINE . serialize($folders))) {
if (empty($folders)) {
unlink($file['folders']);
}
header('location: ./mn-folders.php?back=deleted');
exit;
} else {
overal_header($lang['folders_folders'], $lang['folders_msg_put_contents_error'], 'error');
}
} else {
if (isset($_GET['back']) && $_GET['back'] == 'added') {
overall_header($lang['folders_folders'], $lang['folders_msg_folder_added'], 'ok');
} elseif (isset($_GET['back']) && $_GET['back'] == 'canceled') {
overall_header($lang['folders_folders'], $lang['folders_msg_folder_canceled'], 'info');
} elseif (isset($_GET['back']) && $_GET['back'] == 'deleted') {
overall_header($lang['folders_folders'], $lang['folders_msg_folder_deleted'], 'ok');
$c_posts = array_unique($_POST['posts']);
foreach ($c_posts as $c_post) {
if (file_exists($dir['comments'] . 'comments_' . $c_post . '.php')) {
$c_file = file($dir['comments'] . 'comments_' . $c_post . '.php');
$c_content = '';
foreach ($c_file as $c_line) {
$c_data = explode(DELIMITER, $c_line);
if ($_POST['a'] == 'delete' && in_array($c_data[0], $_POST['comments'])) {
continue;
} elseif (strlen($_POST['a']) == 7 && substr($_POST['a'], 0, 6) == 'status' && in_array($c_data[0], $_POST['comments'])) {
$c_content .= $c_data[0] . DELIMITER . $c_data[1] . DELIMITER . $c_data[2] . DELIMITER . substr($_POST['a'], -1) . DELIMITER . $c_data[4] . DELIMITER . $c_data[5] . DELIMITER . $c_data[6] . DELIMITER . $c_data[7] . DELIMITER . $c_data[8] . DELIMITER . $c_data[9] . DELIMITER . $c_data[10] . DELIMITER . $c_data[11] . DELIMITER . $c_data[12] . DELIMITER . $c_data[13] . DELIMITER . trim($c_data[14]) . "\n";
} else {
$c_content .= $c_line;
}
}
mn_put_contents($dir['comments'] . 'comments_' . $c_post . '.php', $c_content);
}
}
if ($_POST['a'] == 'delete') {
header('location: ./mn-comments.php?trash&back=bulk-deleted');
exit;
} elseif ($_POST['a'] == 'status1') {
header('location: ./mn-comments.php?back=bulk-status1');
exit;
} else {
header('location: ./mn-comments.php?back=bulk-edited');
exit;
}
} else {
header('location: ./mn-comments.php');
exit;
$f_gal_arr = array_unique($f_gal_arr);
$file_galleries = implode(',', $f_gal_arr);
$file_folder = $f_data[10];
} elseif (is_numeric($_POST['a'])) {
$file_galleries = $f_data[9];
$file_folder = is_numeric($_POST['a']) ? $_POST['a'] : $f_data[10];
} else {
$file_galleries = $f_data[9];
$file_folder = $f_data[10];
}
$files_lines .= $f_data[0] . DELIMITER . $f_data[1] . DELIMITER . $f_data[2] . DELIMITER . $f_data[3] . DELIMITER . $f_data[4] . DELIMITER . $f_data[5] . DELIMITER . $f_data[6] . DELIMITER . $f_data[7] . DELIMITER . $f_data[8] . DELIMITER . $file_galleries . DELIMITER . $file_folder . DELIMITER . $f_data[11] . DELIMITER . $f_data[12] . DELIMITER . $f_data[13] . DELIMITER . $f_data[14] . DELIMITER . $f_data[15] . DELIMITER . $f_data[16] . DELIMITER . trim($f_data[17]) . "\n";
} else {
$files_lines .= $single_line;
}
}
mn_put_contents($file['files'], $files_lines);
if ($_POST['a'] == 'delete') {
header('Location: ./mn-files.php?back=bulk-deleted');
exit;
} else {
header('location: ./mn-files.php?back=bulk-ok&hl=' . implode(',', $_POST['files']));
exit;
}
} else {
if (isset($_GET['ajaxcall'])) {
echo '';
} elseif (isset($_GET['back']) && $_GET['back'] == 'success') {
overall_header($lang['files_files'], $lang['files_msg_upload_successful'], 'ok');
} elseif (isset($_GET['back']) && $_GET['back'] == 'edited') {
overall_header($lang['files_files'], $lang['files_msg_file_edited'], 'ok');
} elseif (isset($_GET['back']) && $_GET['back'] == 'bulk-ok') {
}
} else {
overall_header($lang['backup_backup'], $lang['backup_msg_not_supported'], 'error');
echo '<p class="disclaimer">' . $lang['backup_not_supported_text'] . '</p>';
}
} elseif (isset($_POST['action']) && $_POST['action'] == 'backup') {
$auth = user_auth('11');
$backup_timestamp = time();
$backup_hash = md5(rand(1, 1000) . microtime() . $_SERVER['REMOTE_ADDR']);
if (class_exists('ZipArchive')) {
$backup = new backup('data/', $dir['backups'] . 'backup-' . date('Y-m-d') . '-' . substr($backup_hash, 6, 9) . '.zip');
} else {
$backup = false;
}
if ($backup) {
mn_put_contents($file['last_backup'], "<?php\n\t\$backup['timestamp'] = '" . $backup_timestamp . "';\n\t\$backup['hash'] = '" . $backup_hash . "';\n?" . ">");
header('location: ./mn-tools.php?action=backup&back=done');
exit;
} else {
overall_header($lang['backup_backup'], $lang['backup_msg_not_supported'], 'error');
}
} elseif (isset($_GET['action']) && $_GET['action'] == 'integration') {
$auth = user_auth('12');
overall_header($lang['int_integration'], $lang['int_integration'], 'main');
$admin_tmpl['integration'] = true;
} elseif (isset($_GET['action']) && $_GET['action'] == 'wizard') {
$auth = user_auth('12');
overall_header($lang['wiz_wizard'], $lang['wiz_wizard'], 'main');
$admin_tmpl['wizard'] = true;
$mn_users = load_basic_data('users');
$mn_categories = load_basic_data('categories');
$var = get_values('users', $_GET['id']);
$posts_count = get_posts_count('users');
$admin_tmpl['user_delete'] = true;
$admin_tmpl['form_users'] = false;
} elseif (isset($_POST['action']) && $_POST['action'] == 'delete' && isset($_POST['id']) && $_POST['id'] != 1) {
$u_file = file($file['users']);
$u_content = '';
foreach ($u_file as $u_line) {
$u_data = explode(DELIMITER, $u_line);
if ($u_data[0] == $_POST['id']) {
continue;
} else {
$u_content .= $u_line;
}
}
if (mn_put_contents($file['users'], $u_content)) {
header('location: ./mn-users.php?back=deleted');
exit;
} else {
overal_header($lang['cats_categories'], $lang['users_msg_put_contents_error'], 'error');
}
} else {
$u_file = file($file['users']);
array_shift($u_file);
$users_result = '';
$users = array();
$groups = load_basic_data('groups');
$posts_count = get_posts_count('users');
foreach ($u_file as $single_line) {
$temp_data = explode(DELIMITER, $single_line);
$users[$temp_data[0]] = $temp_data[1] . DELIMITER . $temp_data[3] . DELIMITER . $temp_data[4];
} else {
$post_slugs = get_post_slugs();
if (in_array(check_text($_GET['mn_post'], true), $post_slugs)) {
$mn_post_id = array_search(check_text($_GET['mn_post'], true), $post_slugs);
} else {
$mn_post_id = 0;
}
}
if (file_exists(MN_ROOT . $dir['posts'] . 'post_' . $mn_post_id . '.php')) {
$p = get_post_data($mn_post_id);
if ($p['timestamp'] <= mn_time() && $p['status'] <= '2') {
$detail_tmpl = isset($mn_tmpl) && file_exists(MN_ROOT . $dir['templates'] . $mn_tmpl . '_10.html') ? $mn_tmpl : DEFAULT_TMPL;
$post_result = posts_tmpl($p['id'], $detail_tmpl . '_10', $mn_url);
echo encoding($post_result);
if ($conf['web_counter'] && empty($_COOKIE['mn_user_name'])) {
mn_put_contents(MN_ROOT . $dir['posts'] . 'post_' . $p['id'] . '.php', SAFETY_LINE . DELIMITER . "\n" . $p['id'] . DELIMITER . $p['timestamp'] . DELIMITER . $p['title'] . DELIMITER . $p['friendly_url'] . DELIMITER . $p['author'] . DELIMITER . $p['cat'] . DELIMITER . $p['status'] . DELIMITER . $p['comments'] . DELIMITER . ($p['views'] + 1) . DELIMITER . $p['tags'] . DELIMITER . $p['image'] . DELIMITER . '' . DELIMITER . '' . DELIMITER . $p['xfields'] . DELIMITER . "\n" . $p['short_story'] . DELIMITER . "\n" . $p['full_story']);
}
if ($conf['comments'] === true || $conf['comments'] >= 1) {
$mn_comm_users = load_complex_data('users');
if ($p['comments'] != 2 && file_exists(MN_ROOT . $dir['comments'] . 'comments_' . $p['id'] . '.php')) {
$comment_tmpl = isset($mn_tmpl) && file_exists(MN_ROOT . $dir['templates'] . $mn_tmpl . '_12.html') ? $mn_tmpl : DEFAULT_TMPL;
$c_result = '';
$c_file = file(MN_ROOT . $dir['comments'] . 'comments_' . $p['id'] . '.php');
array_shift($c_file);
if ($conf['comments_order'] == 'reverse') {
$c_i = count($c_file);
$c_file = array_reverse($c_file);
} else {
$c_i = 1;
}
if (!empty($c_file)) {
if (isset($_POST['x_fields']) && file_exists(MN_ROOT . $file['xfields'])) {
$xfields = get_unserialized_array('xfields');
$post_xfields = array();
foreach ($xfields as $xVar => $x) {
if ($x['section'] != 'pages') {
continue;
} else {
$post_xfields[$xVar] = check_text($_POST['x' . $xVar], true, 'xf');
}
}
$xfields_serialized = serialize($post_xfields);
} else {
$xfields_serialized = '';
}
$p_content = SAFETY_LINE . "\n" . DELIMITER . $_POST['id'] . DELIMITER . mn_time() . DELIMITER . check_text($_POST['title']) . DELIMITER . friendly_url($_POST['title']) . DELIMITER . $var['author'] . DELIMITER . $_POST['visible'] . DELIMITER . $p_order . DELIMITER . $p_pass . DELIMITER . '' . DELIMITER . $xfields_serialized . DELIMITER . "\n" . check_text($_POST['text']);
if (mn_put_contents($dir['pages'] . 'page_' . $_POST['id'] . '.php', $p_content)) {
header('location: ./mn-pages.php?action=edit&id=' . $_POST['id'] . '&back=edited');
exit;
} else {
overall_header($lang['pages_edit_page'] . ' » ' . $var['title'], $lang['pages_msg_put_contents_error'], 'error', true);
}
} else {
$var['title'] = check_text($_POST['title']);
$var['text'] = check_text($_POST['text']);
$var['id'] = check_text($_POST['id']);
overall_header($lang['pages_edit_page'] . ' » ' . $var['title'], $lang['pages_msg_empty_values'], 'error', true);
$admin_tmpl['form'] = true;
}
} elseif (isset($_GET['action']) && $_GET['action'] == 'delete' && file_exists($dir['pages'] . 'page_' . $_GET['id'] . '.php')) {
$var = get_page_data($_GET['id']);
if ($auth != 1 && $var['author'] != $_SESSION['mn_user_id']) {
} elseif (!file_exists('./' . $file['pages'])) {
$p_dir = dir($dir['pages']);
$pages = array();
while ($p_file = $p_dir->read()) {
if (!is_file($dir['pages'] . $p_file)) {
continue;
} else {
$var = get_page_data($p_file, false);
if (isset($var['author']) && !empty($var['author'])) {
$pages[$var['id']] = array('id' => $var['id'], 'timestamp' => $var['timestamp'], 'title' => $var['title'], 'friendly_url' => $var['friendly_url'], 'author' => $var['author'], 'parent_id' => 0, 'order' => $var['order']);
} else {
continue;
}
}
}
mn_put_contents($file['pages'], DIE_LINE . serialize($pages));
}
$auth = user_auth('0');
if (!isset($conf['admin_update_check']) || $conf['admin_update_check'] == true) {
if (isset($_GET['check-version']) || !isset($_COOKIE['mn_latest_version'])) {
$latest_version = get_latest_version();
if (!empty($latest_version)) {
setcookie('mn_latest_version', $latest_version, time() + 60 * 60 * 24 * MN_VERSION_CHECK);
}
} else {
$latest_version = $_COOKIE['mn_latest_version'];
}
if (!empty($latest_version) && str_replace('.', '', $latest_version) > str_replace('.', '', MN_VERSION)) {
$info['new_version'] = true;
} else {
$info['new_version'] = false;
$c_content .= "\$conf['comments_field_preview'] = " . $field_preview . ";\n\n\t";
$c_content .= "// Users:\n\t";
$c_content .= "\$conf['users_registration'] = " . $_POST['users_registration'] . ";\n\t";
$c_content .= "\$conf['users_default_group'] = " . (int) $_POST['users_default_group'] . ";\n\t";
$c_content .= "\$conf['users_perm_login'] = "******";\n\t";
$c_content .= "\$conf['users_avatar_standard'] = " . $avatar_standard . ";\n\t";
$c_content .= "\$conf['users_avatar_small'] = " . $avatar_small . ";\n\t";
$c_content .= "\$conf['users_avatar_mini'] = " . $avatar_mini . ";\n\n\t";
$c_content .= "// Friendly URLs:\n\t";
$c_content .= "\$conf['url_base'] = '" . $url_base . "';\n\t";
$c_content .= "\$conf['url_post'] = " . $url_post . ";\n\t";
$c_content .= "\$conf['url_page'] = " . $url_page . ";\n\t";
$c_content .= "\$conf['url_cat_base'] = '" . check_text($_POST['url_cat_base']) . "';\n\t";
$c_content .= "\$conf['url_tag_base'] = '" . check_text($_POST['url_tag_base']) . "';\n\n";
$c_content .= "?" . ">";
if (mn_put_contents($file['config'], $c_content)) {
$tid = !empty($_POST['t-id']) || $_POST['t-id'] == '1' ? 't=' . $_POST['t-id'] . '&' : '';
header('location: ./mn-config.php?' . $tid . 'back=saved');
exit;
} else {
overall_header($lang['config_config'], $lang['config_msg_put_contents_error'], 'error');
}
} elseif (isset($_GET['back']) && $_GET['back'] == 'saved') {
overall_header($lang['config_config'], $lang['config_msg_saved'], 'ok');
} else {
overall_header($lang['config_config'], $lang['config_config'], 'main');
}
$server_port = $_SERVER['SERVER_PORT'] != '80' ? ':' . $_SERVER['SERVER_PORT'] : '';
$url_path = str_replace('mn-config.php', '', 'http://' . $_SERVER['SERVER_NAME'] . $server_port . $_SERVER['PHP_SELF']);
if (substr($url_path, -1) == '/') {
$url_path = substr($url_path, 0, -1);
if ($u_data[5] == '1') {
$continue = true;
$m_name = $u_data[1];
$m_email = $u_data[3];
$m_pass = PasswordGenerator(7) . rand(1, 99);
$u_lines .= $u_data[0] . DELIMITER . $u_data[1] . DELIMITER . sha1($m_pass) . DELIMITER . $u_data[3] . DELIMITER . $u_data[4] . DELIMITER . $u_data[5] . DELIMITER . $u_data[6] . DELIMITER . $u_data[7] . DELIMITER . $_SERVER['REMOTE_ADDR'] . DELIMITER . $u_data[9] . DELIMITER . $u_data[10] . DELIMITER . $u_data[11] . DELIMITER . $u_data[12] . DELIMITER . $u_data[13] . DELIMITER . $u_data[14] . DELIMITER . $u_data[15] . DELIMITER . $u_data[16] . DELIMITER . $u_data[17] . DELIMITER . $u_data[18] . DELIMITER . $u_data[19] . DELIMITER . $u_data[20] . DELIMITER . $u_data[21] . DELIMITER . $u_data[22] . DELIMITER . $u_data[23] . DELIMITER . $u_data[24] . DELIMITER . $u_data[25] . DELIMITER . $u_data[26] . DELIMITER . $u_data[27] . DELIMITER . trim($u_data[28]) . DELIMITER . $u_data[29] . DELIMITER . $u_data[30] . DELIMITER . $u_data[31] . DELIMITER . $u_data[32] . DELIMITER . trim($u_data[33]) . "\n";
} else {
$continue = false;
$status_error = $u_data[5];
}
} else {
$u_lines .= $single_line;
}
}
if ($continue) {
if (@mail($m_email, $lang['login_lost_pass_mail_subject'], str_replace('%link%', $conf['admin_url'] . '/', $lang['login_lost_pass_mail_text']) . ' ' . $m_pass, "From: robot@mnewscms.com") && mn_put_contents($file['users'], $u_lines)) {
header('location: ./mn-login.php?back=pass-sent');
exit;
} else {
login_screen($lang['login_msg_pass_not_sent'], $lang['login_msg_pass_not_sent'], 'error');
}
} else {
login_screen($lang['login_lost_pass_wrong_values'], $lang['login_lost_pass_wrong_values'], 'error');
}
} elseif (isset($_GET['back']) && $_GET['back'] == 'loggedout') {
login_screen($lang['login_login'], $lang['login_msg_logged_out'], 'info');
} elseif (isset($_GET['back']) && $_GET['back'] == 'auto-loggedout') {
login_screen($lang['login_login'], $lang['login_msg_auto_logged_out'], 'info');
} elseif (isset($_GET['back']) && $_GET['back'] == 'pass-sent') {
login_screen($lang['login_msg_pass_sent'], $lang['login_msg_pass_sent'], 'ok');
} else {
} elseif (isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id']) && file_exists($file['categories']) && !empty($var['cat_name'])) {
overall_header($lang['cats_edit_category'] . ' » ' . $var['cat_name'], $lang['cats_edit_category'], 'main');
} elseif (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id']) && file_exists($file['categories']) && !empty($var['cat_name'])) {
$admin_tmpl['cats_main'] = false;
} elseif (isset($_POST['action']) && $_POST['action'] == 'delete' && isset($_POST['id']) && file_exists($file['categories'])) {
$cats_file = file($file['categories']);
$cats_file_content = '';
foreach ($cats_file as $single_line) {
$cat_data = explode(DELIMITER, $single_line);
if ($cat_data[0] == $_POST['id']) {
continue;
} else {
$cats_file_content .= $single_line;
}
}
if (mn_put_contents($file['categories'], $cats_file_content)) {
if (file_exists($file['categories_order'])) {
$order_arr = unserialize(file_get_contents($file['categories_order']));
$new_order = array();
foreach ($order_arr as $n => $id) {
if ($id == $_POST['id']) {
continue;
} else {
$new_order[$n] = $id;
}
}
file_put_contents($file['categories_order'], serialize($new_order));
}
header('location: ./mn-categories.php?back=deleted');
exit;
} else {
} elseif (isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id']) && file_exists($file['galleries']) && !empty($var['gallery_name'])) {
overall_header($lang['galleries_edit_gallery'] . ' » ' . $var['gallery_name'], $lang['galleries_edit_gallery'], 'main');
} elseif (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id']) && file_exists($file['galleries']) && !empty($var['gallery_name'])) {
$admin_tmpl['galleries_main'] = false;
} elseif (isset($_POST['action']) && $_POST['action'] == 'delete' && isset($_POST['id']) && file_exists($file['galleries'])) {
$galleries_file = file($file['galleries']);
$galleries_file_content = '';
foreach ($galleries_file as $single_line) {
$gallery_data = explode(DELIMITER, $single_line);
if ($gallery_data[0] == $_POST['id']) {
continue;
} else {
$galleries_file_content .= $single_line;
}
}
if (mn_put_contents($file['galleries'], $galleries_file_content)) {
header('location: ./mn-galleries.php?back=deleted');
exit;
} else {
overal_header($lang['galleries_galleries'], $lang['galleries_msg_put_contents_error'], 'error');
}
} elseif (isset($_GET['action']) && $_GET['action'] == 'code' && isset($_GET['gal']) && is_numeric($_GET['gal'])) {
$admin_tmpl['galleries_main'] = false;
$admin_tmpl['code'] = true;
} else {
if (isset($_GET['back']) && $_GET['back'] == 'added') {
overall_header($lang['galleries_galleries'], $lang['galleries_msg_gallery_added'], 'ok');
} elseif (isset($_GET['back']) && $_GET['back'] == 'deleted') {
overall_header($lang['galleries_galleries'], $lang['galleries_msg_gallery_deleted'], 'ok');
} elseif (isset($_GET['back']) && $_GET['back'] == 'edited') {
overall_header($lang['galleries_galleries'], $lang['galleries_msg_gallery_edited'], 'ok');
@unlink($dir['comments'] . 'comments_' . $_POST['id'] . '.php');
$post_img = explode(';', $var['image']);
if (isset($post_img[0]) && !empty($post_img[0])) {
@unlink($dir['images'] . $post_img[0]);
}
$posts_file = file($file['posts']);
$p_lines = '';
foreach ($posts_file as $single_line) {
$p_data = explode(DELIMITER, $single_line);
if (isset($p_data[1]) && $p_data[1] == $_POST['id']) {
continue;
} else {
$p_lines .= $single_line;
}
}
mn_put_contents($file['posts'], $p_lines);
if (!file_exists($dir['posts'] . 'post_' . $_POST['id'] . '.php')) {
header('location: ./mn-posts.php?i-ok=post-deleted');
exit;
} else {
header('location: ./mn-posts.php?i-error=error');
exit;
}
}
} else {
header('location: ./mn-posts.php?i-error=error');
exit;
}
} elseif (isset($_GET['action']) && $_GET['action'] == 'show-post' && file_exists($dir['posts'] . 'post_' . $_GET['id'] . '.php')) {
$var = get_post_data($_GET['id']);
$story = preg_replace('#\\[mn_gallery=(.*?)\\]#ie', 'mn_gallery(\'$1\')', $var['short_story'] . $var['full_story']);
function permanent_login()
{
global $conf, $file;
$users_file = file($file['users']);
$u_lines = '';
$mn_user_hash = '';
$do_login = false;
foreach ($users_file as $single_line) {
$user_data = explode(DELIMITER, $single_line);
if ($_COOKIE['mn_user_name'] == $user_data[1] && $_COOKIE['mn_user_hash'] == $user_data[6]) {
if ($_COOKIE['mn_user_hash'] == sha1($_SERVER['HTTP_USER_AGENT'] . $user_data[2] . $user_data[7] . $_SERVER['REMOTE_ADDR'])) {
$do_login = true;
$auth_data = get_values('groups', $user_data[4]);
$time = time() - 10;
session_regenerate_id();
$_SESSION['mn_logged'] = true;
$_SESSION['mn_check_hash'] = md5(__FILE__);
$_SESSION['mn_token'] = rand(1, 1000000000.0);
$_SESSION['mn_last_login'] = $user_data[7];
$_SESSION['mn_registered'] = $user_data[9];
$_SESSION['mn_user_name'] = $user_data[1];
$_SESSION['mn_user_id'] = $user_data[0];
$_SESSION['mn_user_auth'] = $auth_data['permissions'];
$_SESSION['mn_user_time'] = $time;
setcookie('mn_logged', true, time() + 60 * 60 * MAX_LOGGED_TIME, '/', $_SERVER['SERVER_NAME']);
setcookie('mn_user_name', $user_data[1], time() + 60 * 60 * 24 * 14, '/', $_SERVER['SERVER_NAME']);
$mn_user_hash = sha1($_SERVER['HTTP_USER_AGENT'] . $user_data[2] . $time . $_SERVER['REMOTE_ADDR']);
setcookie('mn_user_hash', $mn_user_hash, time() + 60 * 60 * 24 * 14, '/', $_SERVER['SERVER_NAME']);
$u_lines .= $user_data[0] . DELIMITER . $user_data[1] . DELIMITER . $user_data[2] . DELIMITER . $user_data[3] . DELIMITER . $user_data[4] . DELIMITER . $user_data[5] . DELIMITER . $mn_user_hash . DELIMITER . $time . DELIMITER . $_SERVER['REMOTE_ADDR'] . DELIMITER . $user_data[9] . DELIMITER . $user_data[10] . DELIMITER . $user_data[11] . DELIMITER . $user_data[12] . DELIMITER . $user_data[13] . DELIMITER . $user_data[14] . DELIMITER . $user_data[15] . DELIMITER . $user_data[16] . DELIMITER . $user_data[17] . DELIMITER . $user_data[18] . DELIMITER . $user_data[19] . DELIMITER . $user_data[20] . DELIMITER . $user_data[21] . DELIMITER . $user_data[22] . DELIMITER . $user_data[23] . DELIMITER . $user_data[24] . DELIMITER . $user_data[25] . DELIMITER . $user_data[26] . DELIMITER . $user_data[27] . DELIMITER . $user_data[28] . DELIMITER . $user_data[29] . DELIMITER . $user_data[30] . DELIMITER . $user_data[31] . DELIMITER . $user_data[32] . DELIMITER . trim($user_data[33]) . "\n";
} else {
$u_lines .= $single_line;
}
} else {
$u_lines .= $single_line;
}
}
if ($do_login == true && $_SESSION['mn_logged'] && mn_put_contents($file['users'], $u_lines)) {
return true;
} else {
@session_destroy();
setcookie('mn_user_hash', '', time() - 3600, '/', $_SERVER['SERVER_NAME']);
header('location: ./mn-login.php');
exit;
}
}
continue;
} else {
$g_content .= $g_line;
}
}
$u_file = file($file['users']);
$u_content = '';
foreach ($u_file as $u_line) {
$u_data = explode(DELIMITER, $u_line);
if (isset($u_data[4]) && $u_data[4] == $_POST['id']) {
$u_content .= $u_data[0] . DELIMITER . $u_data[1] . DELIMITER . $u_data[2] . DELIMITER . $u_data[3] . DELIMITER . trim($_POST['group_alt']) . DELIMITER . $u_data[5] . DELIMITER . $u_data[6] . DELIMITER . $u_data[7] . DELIMITER . $u_data[8] . DELIMITER . $u_data[9] . DELIMITER . $u_data[10] . DELIMITER . $u_data[11] . DELIMITER . $u_data[12] . DELIMITER . $u_data[13] . DELIMITER . $u_data[14] . DELIMITER . $u_data[15] . DELIMITER . $u_data[16] . DELIMITER . $u_data[17] . DELIMITER . $u_data[18] . DELIMITER . $u_data[19] . DELIMITER . $u_data[20] . DELIMITER . $u_data[21] . DELIMITER . $u_data[22] . DELIMITER . $u_data[23] . DELIMITER . $u_data[24] . DELIMITER . $u_data[25] . DELIMITER . $u_data[26] . DELIMITER . $u_data[27] . DELIMITER . trim($u_data[28]) . DELIMITER . $u_data[29] . DELIMITER . $u_data[30] . DELIMITER . $u_data[31] . DELIMITER . $u_data[32] . DELIMITER . trim($u_data[33]) . "\n";
} else {
$u_content .= $u_line;
}
}
if (mn_put_contents($file['groups'], $g_content) && mn_put_contents($file['users'], $u_content)) {
header('location: ./mn-groups.php?back=deleted');
exit;
} else {
overal_header($lang['groups_groups'], $lang['groups_msg_put_contents_error'], 'error');
}
} else {
$g_file = file($file['groups']);
array_shift($g_file);
$groups_result = '';
foreach ($g_file as $g_line) {
$g_data = explode(DELIMITER, $g_line);
$group_id = trim($g_data[0]);
if ($group_id == 1) {
$groups_result .= '<tr><td><span class="main-link tooltip" title="' . $lang['groups_msg_not_editable'] . '">' . $lang['groups_default_group_1'] . '</span><br /> </td>';
} else {
