function nm_save_settings() { global $NMPAGEURL, $NMPRETTYURLS, $NMLANG, $NMSHOWEXCERPT, $NMEXCERPTLENGTH, $NMPOSTSPERPAGE, $NMRECENTPOSTS, $NMSETTING; $backup = array('page_url' => $NMPAGEURL, 'pretty_urls' => $NMPRETTYURLS); # parse $_POST $NMPAGEURL = $_POST['page-url']; $NMPRETTYURLS = isset($_POST['pretty-urls']) ? 'Y' : ''; $NMLANG = $_POST['language']; $NMSHOWEXCERPT = $_POST['show-excerpt'] ? 'Y' : ''; $NMEXCERPTLENGTH = intval($_POST['excerpt-length']); $NMPOSTSPERPAGE = intval($_POST['posts-per-page']); $NMRECENTPOSTS = intval($_POST['recent-posts']); # new settings since 3.0 $NMSETTING = array(); $NMSETTING['archivesby'] = $_POST['archivesby']; $NMSETTING['readmore'] = $_POST['readmore']; $NMSETTING['titlelink'] = $_POST['titlelink']; $NMSETTING['gobacklink'] = $_POST['gobacklink']; $NMSETTING['images'] = $_POST['images']; $NMSETTING['imagewidth'] = $_POST['imagewidth']; $NMSETTING['imageheight'] = $_POST['imageheight']; $NMSETTING['imagecrop'] = isset($_POST['imagecrop']); $NMSETTING['imagealt'] = isset($_POST['imagealt']); $NMSETTING['imagelink'] = isset($_POST['imagelink']); $NMSETTING['enablecustomsettings'] = isset($_POST['enablecustomsettings']); $NMSETTING['customsettings'] = get_magic_quotes_gpc() == 0 ? $_POST['customsettings'] : stripslashes($_POST['customsettings']); # write settings to file if (nm_settings_to_xml()) { nm_generate_sitemap(); nm_display_message(i18n_r('news_manager/SUCCESS_SAVE')); } else { nm_display_message(i18n_r('news_manager/ERROR_SAVE'), true); } # should we update .htaccess? if ($NMPRETTYURLS == 'Y') { if ($backup['pretty_urls'] != 'Y' || $backup['page_url'] != $NMPAGEURL) { nm_display_message(sprintf(i18n_r('news_manager/UPDATE_HTACCESS'), 'load.php?id=news_manager&htaccess'), true); } } # clear registered image sizes for pic.php - since 3.2 foreach (glob(NMDATAPATH . 'images.*.txt') as $file) { unlink($file); } }
function nm_restore_post($backup) { if (strpos($backup, ':')) { # revert to the previous version of a post list($current, $backup) = explode(':', $backup); $current .= '.xml'; $backup .= '.xml'; if (dirname(realpath(NMPOSTPATH . $current)) == realpath(NMPOSTPATH) && dirname(realpath(NMBACKUPPATH . $backup)) == realpath(NMBACKUPPATH)) { // no path traversal if (file_exists(NMPOSTPATH . $current) && file_exists(NMBACKUPPATH . $backup)) { $status = unlink(NMPOSTPATH . $current) && nm_rename_file(NMBACKUPPATH . $backup, NMPOSTPATH . $backup) && nm_update_cache(); } } } else { # restore the deleted post $backup .= '.xml'; if (dirname(realpath(NMBACKUPPATH . $backup)) == realpath(NMBACKUPPATH)) { // no path traversal if (file_exists(NMBACKUPPATH . $backup)) { $status = nm_rename_file(NMBACKUPPATH . $backup, NMPOSTPATH . $backup) && nm_update_cache(); } } } if (@$status) { nm_generate_sitemap(); nm_display_message(i18n_r('news_manager/SUCCESS_RESTORE')); } else { nm_display_message(i18n_r('news_manager/ERROR_RESTORE'), true); } }