function structure_item($index)
{
global $structure;
$t = trim(mystrtolower($structure[$index]));
$name = ereg_replace("\\([^\\)]*\\)\$", "", $t);
$t = ereg_replace(".*\\(", "", $t);
$link = ereg_replace("\\)", "", $t);
$link = "../" . $link;
$res[0] = $name;
$res[1] = $link;
return $res;
}
}
if ($job == 'ajaxverify') {
acceptrequest('savecookie,securitycode');
$savecookie = floor($savecookie);
if ($config['loginvalidation'] == 1) {
if ($db_defaultsessdir != 1) {
session_save_path("./{$db_tmpdir}");
}
session_cache_limiter("private, must-revalidate");
session_start();
if ($securitycode == '' || strtolower($securitycode) != strtolower($_SESSION['code'])) {
catcherror($lnc[165]);
}
}
$password = md5($_POST['password']);
$username = safe_convert(mystrtolower($_POST['username']));
$try = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$username}' AND `userpsw`='{$password}'");
if (!is_array($try)) {
catcherror($lnc[166]);
} else {
$userid = $try['userid'];
catchsuccess("{$userid}-{$password}-{$savecookie}");
}
}
if ($job == 'ajaxloginsuccess') {
if ($permission['CP'] == 1) {
$destine = array("{$lnc[163]}|index.php", "{$lnc[107]}|admin.php");
} else {
$destine = "{$lnc[163]}|index.php";
}
catchsuccess("{$lnc[167]} " . $userdetail['username'], $destine);
if ($ajax != 'on') {
$blogalias = blogalias_convert($blogalias);
if ($blogalias == '') {
$deletealias = true;
} else {
if ($job == 'restore') {
$findalias_plus = "AND `blogid`<>'{$records['blogid']}'";
}
$findalias = $blog->getgroupbyquery("SELECT * FROM `{$db_prefix}blogs` WHERE `blogalias`='{$blogalias}' {$findalias_plus} LIMIT 1");
if ($findalias[0]['blogalias'] == $blogalias) {
$blogalias .= '_' . rand(1000, 9999);
}
$deletealias = false;
}
if ($tags) {
$tags_array = @explode(' ', mystrtolower(trim($tags)));
$tags_array_all = array_unique($tags_array);
$tags = @implode(' ', $tags_array_all);
$tags = safe_convert($tags);
$tags = str_replace(' ', '', $tags);
$tags_array = @explode(' ', $tags);
$tags = '>' . str_replace(' ', '>', $tags) . '>';
} else {
$tags = '';
}
}
if ($pinged) {
$pinged = safe_convert($pinged);
}
if (is_array($permitgp)) {
$permitgp = array_diff(array_keys($usergp), $permitgp);
function checkuser($username, $password)
{
global $db_prefix;
$blog = new boblog();
$password = md5($password);
$username = mystrtolower($username);
$userdetail = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$username}' AND `userpsw`='{$password}'");
if (!$userdetail) {
return false;
} else {
if (file_exists("data/usergroup{$userdetail['usergroup']}.php")) {
include "data/usergroup{$userdetail['usergroup']}.php";
} else {
include "data/usergroup0.php";
}
if ($permission['XMLRPC'] != 1) {
return false;
} else {
return $userdetail;
}
}
}
function keep_htmlcode_matches($str)
{
/* HTML code tidy
by Bob Shen 2007-2-21
*/
global $mbcon;
if ($mbcon['tidyhtml'] != '1') {
return $str;
}
$outhtml = '';
$htmltagstart = array('li' => 0, 'ul' => 0, 'ol' => 0, 'dd' => 0, 'dt' => 0, 'dl' => 0, 'td' => 0, 'tr' => 0, 'tbody' => 0, 'table' => 0);
$htmltagend = array();
$allowsingle = array('br', 'hr', 'img', 'param');
$str = preg_split("/(<[^>]+?>)/si", $str, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE);
foreach ($str as $singlestr) {
if ($singlestr == '' || strstr($singlestr, '<!--')) {
$outhtml .= $singlestr;
} elseif (strstr($singlestr, '<')) {
//if (substr_count($singlestr, '<')!=substr_count($singlestr, '>') || substr_count($singlestr, '"')%2==1 || substr_count($singlestr, "'")%2==1) continue;
$tmp = str_replace(array('/>', '<', '>'), array(' />', '', ''), mystrtolower($singlestr));
@(list($currenttag) = @explode(' ', $tmp));
if (!in_array($currenttag, $allowsingle)) {
if ($currenttag[0] == '/') {
$currenttag = str_replace('/', '', $currenttag);
$htmltagend[$currenttag] += 1;
} else {
$htmltagstart[$currenttag] += 1;
}
}
$outhtml .= $singlestr;
} else {
$outhtml .= $singlestr;
}
}
foreach ($htmltagstart as $tag => $counter) {
$counter = floor($counter);
$htmltagend[$tag] = floor($htmltagend[$tag]);
$difference = $counter - $htmltagend[$tag];
if ($difference == 0) {
continue;
} elseif ($difference < 0) {
$outhtml = @implode('', array_fill(0, abs($difference), "<{$tag}>")) . $outhtml;
} else {
$outhtml .= @implode('', array_fill(0, abs($difference), "</{$tag}>"));
}
}
return $outhtml;
}
if ($mbcon['anticorrupturl'] == 1) {
$v_repurl = urlconvert($v_repurl);
}
if ($stat_property == 1 || $originblog['property'] == 2) {
$reproperty = 1;
} else {
$reproperty = 0;
}
if ($logstat == 1) {
$replier = $userdetail['username'];
$replierid = $userdetail['userid'];
} else {
$v_password = md5($v_password);
$v_replier_checker = mystrtolower($v_replier);
$userchecker = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$v_replier_checker}'");
if (mystrtolower($userchecker['username']) == $v_replier_checker && $v_password == $userchecker['userpsw']) {
$replier = $userchecker['username'];
$replierid = $userchecker['userid'];
@setcookie('userid', $userchecker['userid']);
@setcookie('userpsw', $v_password);
} else {
if ($userchecker['username']) {
$cancel = $lnc[308];
}
if (@in_iarray($v_replier, $adminlist)) {
$cancel = $lnc[212];
}
$replier = $v_replier;
$replierid = -1;
}
}
</td></tr></table>
eot;
}
if ($job == 'savenewuser' || $job == 'saveuser') {
acceptrequest('p');
if ($job == 'savenewuser') {
$username = trimplus(safe_convert($p['username']));
if ($username === '') {
catcherror($lna[495]);
}
if ($p['password'] === '' || $p['password'] != $p['confirmpsw']) {
catcherror($lna[496]);
} else {
$password = md5($p['password']);
}
$usercheck = mystrtolower($username);
$try = $blog->getbyquery("SELECT userid FROM `{$db_prefix}user` WHERE LOWER(username)='{$usercheck}'");
if (is_array($try)) {
catcherror($lna[497]);
}
} else {
if ($p['newpsw'] !== '') {
if ($p['newpsw'] != $p['confirmpsw']) {
catcherror($lna[496]);
}
$password = "******" . md5($p['newpsw']) . "', ";
} else {
$password = "";
}
}
$email = strtolower(trimplus(safe_convert($p['email'])));
if ($fields[26] != "") {
echo "<td width=1% align=center><a class=menu> </a></td>";
}
echo "</tr>";
for ($i = 0; $i < count($tabledata); $i++) {
$l = "?page=edit&id=" . $tabledata[$i][0];
$archive = trim($tabledata[$i][6]) == "" ? "<input type=checkbox name=farchive" . $tabledata[$i][0] . ">" : "<input type=checkbox name=farchive" . $tabledata[$i][0] . " checked>";
$title = trim($tabledata[$i][3]);
$ch = $tabledata[$i][7] && $fields[19] != "no" ? "<input type=checkbox name=id" . $tabledata[$i][0] . ">" : " ";
if ($adminrule > 1) {
$ch = " ";
}
if ($root && $tabledata[$i][7]) {
$ch = "<input type=checkbox name=id" . $tabledata[$i][0] . ">";
}
$adda = mystrtolower($lt[32]);
$addsublevel = "<a href=?page=add&parent=" . $tabledata[$i][0] . " class=normallink>[ " . $adda . " ]</a>";
echo "<tr bgcolor=" . $admin_settings['inputbg'] . "><td align=center>";
echo $ch . "</td>";
echo "<td align=center><input name=fdate" . $tabledata[$i][0] . " value=\"" . $tabledata[$i][2] . "\" class=inputtitle onFocus=\"Ch(this);\" onBlur=\"ChOut(this);\"></td>";
echo "<td width=100%><input name=ftitle" . $tabledata[$i][0] . " onFocus=\"Ch(this);\" onBlur=\"ChOut(this);\" class=inputtitle value=\"" . $title . "\"></td>";
if ($fields[4] != "") {
echo "<td align=center>" . $archive . "</td>";
}
echo "<td width=1% align=center><a href=" . $l . " class=normallink>" . $lt[49] . "</a></td>";
if ($fields[5] != "") {
echo "<td align=center><a onClick=\"JavaScript:nwindow('attachments.php?id=" . $tabledata[$i][0] . "');\" target=attachments class=normallink><img src=../images/att.gif border=0 width=14 height=17 alt=\"" . $lt[50] . "\"></a></td>";
}
if ($fields[16] != "" || $root) {
echo "<td align=center>" . $addsublevel . "</td>";
}
