/**
* Process CMS tags into HTML for weblogs.
*/
function cms_tag_weblog($tag_attr, $tag_default)
{
global $db, $Cfg, $Paths, $current_date, $Weblogs, $Current_weblog, $Current_subweblog, $diffdate_lastformat, $even_odd, $Pivot_Vars;
// some people use [[subweblog]] inside an entry page. to allow this
// we need to 'store' the entry, make the subweblog, and 'restore'
// the entry..
if (isset($db->entry)) {
$temp_entry = $db->entry;
}
$order = get_attr_value('order', $tag_attr);
if ($order == "firsttolast") {
$order = "asc";
} else {
$order = "desc";
}
$countshow = 0;
$output = "";
// to force the 'diffdate' to start anew on each (sub)weblog..
$diffdate_lastformat = "";
$subweblog = get_attr_value('subweblog', $tag_attr);
$Current_subweblog = $subweblog;
$template = $Paths['templates_path'] . $Weblogs[$Current_weblog]['sub_weblog'][$subweblog]['template'];
if (file_exists($template)) {
$tag_default_orig = implode("", file($template));
} else {
piv_error("File does not exist!", "Could not load template file '" . $template . "'. Make sure it exists, and has the right permissions", 0);
}
// safety check to prevent recursive weblogs..
if (preg_match("/\\[\\[weblog:(.*)(:[0-9]*)?\\]\\]/mUi", $tag_default_orig)) {
$tag_default_orig = "<p>(You can't recursively use [weblogs]!)</p>";
}
$show = get_attr_value('showme', $tag_attr);
if ($show == "") {
$show = $Weblogs[$Current_weblog]['sub_weblog'][$subweblog]['num_entries'];
}
$cats = $Weblogs[$Current_weblog]['sub_weblog'][$subweblog]['categories'];
$offset = $Weblogs[$Current_weblog]['sub_weblog'][$subweblog]['offset'];
// If called from a 'dynamic archive page', the offset needs to be taken into account.
if ($Pivot_Vars['o'] > 0) {
$offset += $Pivot_Vars['o'];
}
$db->disallow_write();
// Select published entries according to order, default is descending
if ($order == 'asc') {
$list_entries = $db->getlist($show, $offset, "", $cats, TRUE, "", "publish");
} else {
$list_entries = $db->getlist_end(-$show - $offset, "", $cats, TRUE, "publish");
}
if (count($list_entries) > 0) {
foreach ($list_entries as $list_entry) {
// If descending order we need to handle the offset:
// if offset > 0, we need to skip this entry
if ($order == "desc" && $offset > 0) {
$offset--;
continue;
}
$entry = $db->read_entry($list_entry['code'], TRUE);
if (!isset($entry['status']) || $entry['status'] == 'publish') {
// for 'even' and 'odd' messages..
if ($even_odd == 1) {
$even_odd = 0;
} else {
$even_odd = 1;
}
// include an anchor, if it's not set manually with the [[id_anchor]] tag
if (strpos($tag_default_orig, "[[id_anchor]]") == 0) {
$entry_html = '<span id="e' . $db->entry['code'] . '"></span>';
} else {
$entry_html = "";
}
$entry_html .= parse_step4($tag_default_orig);
$output .= $entry_html . "\n";
if ($Weblogs[$Current_weblog]['rss'] == 1) {
add_rss($entry['code'], $entry['date'], $entry['title'], $entry['introduction'], $entry['body'], $entry['user'], $entry['category']);
}
}
}
}
// perhaps restore the entry
if (isset($temp_entry)) {
$db->set_entry($temp_entry);
}
return $output;
}
reset($Weblogs);
$Current_weblog = key($Weblogs);
}
// Display the search results.
LoadWeblogLanguage($Weblogs[$Current_weblog]['language']);
$db = new db();
$result = "\n<div class='pivot-search-result'>\n";
$result .= search_result();
$result .= "<!-- Search took " . timetaken() . " seconds -->\n";
$result .= "</div>\n";
unset($db->entry);
// Set the template for the tags page
if (!isset($Pivot_Vars['t']) || empty($Pivot_Vars['t'])) {
if (isset($Weblogs[$Current_weblog]['extra_template']) && $Weblogs[$Current_weblog]['extra_template'] != "") {
$template = $Weblogs[$Current_weblog]['extra_template'];
} else {
$template = $Weblogs[$Current_weblog]['archive_template'];
}
} else {
$template = $Pivot_Vars['t'];
}
$template_html = load_template($template);
$template_html = replace_subweblogs_templates($template_html, $result);
if (!$template_html) {
piv_error("Template error", "Could not load template file, <i>" . htmlspecialchars($template) . "</i>, because it doesn't exist.");
} else {
$output = $template_html;
$output = parse_step4($output);
}
echo $output;
flush();
if (isset($Pivot_Vars['uid'])) {
$Pivot_Vars['uid'] = str_replace("standard-", "", $Pivot_Vars['uid']);
$Pivot_Vars['id'] = $Pivot_Vars['uid'];
}
$override_weblog = "";
// check if we need to override the template.
if (isset($Pivot_Vars['t'])) {
// explicitly defined template is most important.
$Pivot_Vars['t'] = basename($Pivot_Vars['t']);
$override_template = $Pivot_Vars['t'];
} else {
if (isset($Pivot_Vars['w']) && $Pivot_Vars['w'] != "") {
$override_weblog = weblog_from_para($Pivot_Vars['w']);
// Checking if weblog exists
if (!isset($Weblogs[$override_weblog])) {
piv_error("Weblog doesn't exist", "Selected weblog \"" . htmlspecialchars($Pivot_Vars['w']) . "\" doesn't exist.");
}
} else {
$override_weblog = find_current_weblog_referer();
}
}
// If non-crufty URLs (mod_rewrite) is enabled and someone tries to
// access the crufty URL, redirect (if not in preview mode).
// This is search engine friendly.
list($request_script) = explode("?", $_SERVER['REQUEST_URI']);
if (!isset($Pivot_Vars['f_title']) && $Cfg['mod_rewrite'] && basename($request_script) == "entry.php") {
if ($override_weblog == "") {
reset($Weblogs);
$Current_weblog = key($Weblogs);
} else {
$Current_weblog = $override_weblog;
// If you don't want the self-registered users to have access to all
// categories, uncomment the line below (and list only the categories
// the user is allowed to post in).
// $selfreg_cats = array("Category1","Category2");
//
// END USER CONFIGURATION
define('LIVEPAGE', TRUE);
include_once 'pv_core.php';
$override_weblog = find_current_weblog_request();
if (empty($override_weblog)) {
$override_weblog = find_current_weblog_referer();
}
set_current_weblog($override_weblog);
LoadWeblogLanguage($Weblogs[$Current_weblog]['language']);
if (!$Cfg['selfreg']) {
piv_error(lang('userinfo', 'selfreg'), lang('userinfo', 'disabled'));
}
// Saving the page contents using
ob_start();
$setupstepn = 5;
$Setupstep1 = array(array('username', lang('userinfo', 'username'), '', 0, '', '', ''), array('pass1', lang('userinfo', 'pass1'), '', 1, '', '', 'maxlength="15"'), array('pass2', lang('userinfo', 'pass2'), '', 1, '', '', 'maxlength="15"'), array('email', lang('userinfo', 'email'), '', 0, '', '', ''), array('nick', lang('userinfo', 'nickname'), '', 0, '', '', ''));
if (!isset($Pivot_Vars['step'])) {
$setupstepn = 1;
} elseif ($Pivot_Vars['step'] == 1) {
// Sanitize passed variables to prevent people from inserting characters that
// could be interpreted as dividers.
$Pivot_Vars['username'] = preg_replace("/[!|\n]/i", "", $Pivot_Vars['username']);
$Pivot_Vars['pass1'] = preg_replace("/[!|\n]/i", "", $Pivot_Vars['pass1']);
$Pivot_Vars['pass2'] = preg_replace("/[!|\n]/i", "", $Pivot_Vars['pass2']);
$Pivot_Vars['email'] = preg_replace("/[!|\n]/i", "", $Pivot_Vars['email']);
$Pivot_Vars['nick'] = preg_replace("/[!|\n]/i", "", $Pivot_Vars['nick']);
if (count($in_weblogs) != 0) {
$override_weblog = $in_weblogs[0];
}
} else {
reset($Weblogs);
$override_weblog = key($Weblogs);
}
}
$Pivot_Vars['w'] = $override_weblog;
} else {
if ($Pivot_Vars['w'] != "") {
// Both weblog and category has some value - checking if they match
if ($Pivot_Vars['c'] != "") {
$in_weblogs = find_weblogs_with_cat($Pivot_Vars['c']);
if (!in_array($Pivot_Vars['w'], $in_weblogs)) {
piv_error("Category/weblog mismatch", 'Category "' . htmlspecialchars($Pivot_Vars['c']) . "\" doesn't belong to selected weblog (" . htmlspecialchars($Pivot_Vars['w']) . ").");
}
}
}
}
if (!isset($Pivot_Vars['c'])) {
$Pivot_Vars['c'] = "";
}
if (!isset($Pivot_Vars['u'])) {
$Pivot_Vars['u'] = "";
}
if (!isset($Pivot_Vars['t']) || empty($Pivot_Vars['t'])) {
if ($Pivot_Vars['w'] != "") {
$Pivot_Vars['t'] = basename($Weblogs[$Pivot_Vars['w']]['extra_template']);
} else {
$Pivot_Vars['t'] = "";
/**
* Checks if the Pivot install is OK.
*
* Currently it only checks if the config files are writable.
*/
function CheckSanity()
{
global $pivot_path;
$insane = false;
if (!is_writeable($pivot_path . "pv_cfg_settings.php")) {
$insane = "pv_cfg_settings.php";
} else {
if (!is_writeable($pivot_path . "pv_cfg_weblogs.php")) {
$insane = "pv_cfg_weblogs.php";
}
}
if ($insane) {
PageHeader("FATAL ERROR", 0);
echo "<div class='showlog'> </div><div class='main'><h1>FATAL ERROR</h1>\n";
piv_error("Insufficient permissions", "Admin pages can't be used - \"{$insane}\" isn't writable.");
PageFooter();
}
}
@mail($addr, $subject, $body, $add_header);
debug("Send Mail to {$addr} for '" . $my_comment['name'] . "'");
}
}
// Handle the users that want to be notified via email..
notify_new('comment', array($db->entry, $my_comment, $Cfg['moderate_comments']));
}
$Pivot_Vars['piv_name'] = strip_tags($Pivot_Vars['piv_name']);
$Pivot_Vars['piv_email'] = strip_tags($Pivot_Vars['piv_email']);
$Pivot_Vars['piv_url'] = strip_tags($Pivot_Vars['piv_url']);
$Current_weblog = $Pivot_Vars['piv_weblog'];
// switch to weblog's language
LoadWeblogLanguage($Weblogs[$Current_weblog]['language']);
if (ip_check_block($Pivot_Vars['REMOTE_ADDR'])) {
debug("Blocked user from {$ip} tried to comment");
piv_error("You are Blocked", "Your IP-address has been blocked, so you are not" . " allowed to leave comments on this site. We know IP-adresses can easily be faked," . " but it helps. Have a nice day<br /><br />Go <a href='javascript:history.go(-1)'>" . "back</a> to the last page, and do something else.", 0);
}
// set cookies (or delete) only if explicitely told so..
if ($Pivot_Vars['piv_rememberinfo'] == "yes") {
// If magic_quotes_gpc is set, we need to strip slashes..
if (get_magic_quotes_gpc()) {
setcookie("piv_name", stripslashes($Pivot_Vars['piv_name']), time() + 2592000, $Paths['cookie_url']);
setcookie("piv_email", stripslashes($Pivot_Vars['piv_email']), time() + 2592000, $Paths['cookie_url']);
setcookie("piv_url", stripslashes($Pivot_Vars['piv_url']), time() + 2592000, $Paths['cookie_url']);
} else {
setcookie("piv_name", $Pivot_Vars['piv_name'], time() + 2592000, $Paths['cookie_url']);
setcookie("piv_email", $Pivot_Vars['piv_email'], time() + 2592000, $Paths['cookie_url']);
setcookie("piv_url", $Pivot_Vars['piv_url'], time() + 2592000, $Paths['cookie_url']);
}
setcookie("piv_rememberinfo", "yes", time() + 2592000, $Paths['cookie_url']);
//debug ("cookiezet: ". stripslashes($Pivot_Vars['piv_name']));
function save_serialize($filename, &$data)
{
global $Cfg;
$filename = fixPath($filename);
$ser_string = "<?php /* pivot */ die(); ?>" . serialize($data);
// disallow user to interrupt
ignore_user_abort(TRUE);
$old_umask = umask(0111);
if ($Cfg['unlink'] == 1 && file_exists($filename)) {
/* unlinking is good for some safe_mode users */
/* and bad for some others.. i hate safe_mode */
@unlink($filename);
}
// open the file and lock it.
if ($fp = fopen($filename, "w")) {
flock($fp, LOCK_EX);
// write it
if (fwrite($fp, $ser_string)) {
flock($fp, LOCK_UN);
fclose($fp);
} else {
flock($fp, LOCK_UN);
fclose($fp);
piv_error("Error writing file", "The file <b>{$filename}</b> could not be written! Current path: " . getcwd() . ".");
return FALSE;
}
} else {
piv_error("Error opening file", "The file <b>{$filename}</b> could not be opened for writing! Current path: " . getcwd() . ".");
return FALSE;
}
umask($old_umask);
// reset the users ability to interrupt the script
ignore_user_abort(FALSE);
return TRUE;
}
function get_entry_xml($entry_file)
{
global $row, $global_pref;
// debug("get_entry_xml: file: $entry_file");
$entry_file = "db/" . $entry_file;
$xml = new XMLFile();
$fh = fopen($entry_file, 'r');
if ($fh == false) {
piv_error("Index File corrupt!", "One of the xml files needed could not be found. <br /><br />This is can normally be fixed by recreating the index-file. Click <a href='reindex.php'>reindex</a> to do so now, and then go <a href='javascript:history.go(-1)'>back</a> to the last page.", 0);
}
$xml->read_file_handle($fh);
fclose($fh);
$row_entrypoint =& $xml->roottag->tags[0];
$row['code'] = rem_code_padding($row_entrypoint->attributes['CODE']);
$row['id'] = $row_entrypoint->attributes['UID'];
$row['template'] = $row_entrypoint->tags[0]->cdata;
$row['date'] = $row_entrypoint->tags[1]->cdata;
$row['user'] = $row_entrypoint->tags[2]->cdata;
$row['title'] = rem_entities($row_entrypoint->tags[3]->cdata);
$row['subtitle'] = rem_entities($row_entrypoint->tags[4]->cdata);
$row['introduction'] = rem_entities($row_entrypoint->tags[5]->cdata);
$row['body'] = rem_entities($row_entrypoint->tags[6]->cdata);
$row['media'] = $row_entrypoint->tags[7]->cdata;
$row['links'] = $row_entrypoint->tags[8]->cdata;
$row['url'] = $global_pref['pivot_url'] . str_replace("%1", $row['code'], $global_pref['file_format']);
$row['xmlfilename'] = $entry_file;
$commcount = 0;
unset($row['comments']);
//debug("user: "******"") {
$row['comments'][$commcount]['name'] = rem_entities($row_entrypoint->tags[9 + $commcount]->tags[0]->cdata);
$row['comments'][$commcount]['email'] = rem_entities($row_entrypoint->tags[9 + $commcount]->tags[1]->cdata);
$row['comments'][$commcount]['url'] = $row_entrypoint->tags[9 + $commcount]->tags[2]->cdata;
$row['comments'][$commcount]['ip'] = $row_entrypoint->tags[9 + $commcount]->tags[3]->cdata;
$row['comments'][$commcount]['date'] = $row_entrypoint->tags[9 + $commcount]->tags[4]->cdata;
$row['comments'][$commcount]['comment'] = rem_entities($row_entrypoint->tags[9 + $commcount]->tags[5]->cdata);
$commcount++;
}
$xml->cleanup();
}
function read_entry($filename, $updateindex = TRUE)
{
global $global_pref;
$xml = new XMLFile();
if ($filename == "") {
$filename = $this->entry['filename'];
}
//debug("read entry: $filename". ( ($updateindex) ? "(T)" : "(F)"));
if ($this->entry['filename'] == "ROOT") {
debug("root lezen");
$this->entry['template'] = "weblog.html";
return;
}
@($fh = fopen($filename, 'r'));
if ($fh == false) {
piv_error("File Does not Exist!", "One of the xml files needed ({$filename}) could not be found. <br /><br />This can normally be fixed by recreating the index-file. Click <a href='reindex.php'>reindex</a> to do so now, and then go <a href='javascript:history.go(-1)'>back</a> to the last page.", 0);
}
$xml->read_file_handle($fh);
fclose($fh);
$row_entrypoint =& $xml->roottag->tags[0];
$row =& $xml->roottag->tags[0]->make_array();
$this->entry['code'] = rem_code_padding($row_entrypoint->attributes['CODE']);
$this->entry['id'] = $this->set_id();
@($this->entry['category'] = trim($row_entrypoint->attributes['CATEGORY']));
debug("leescat2: " . $this->entry['category']);
$this->entry['template'] = $row['template'];
$this->entry['date'] = $row['date'];
$this->entry['user'] = $row['user'];
$this->entry['title'] = rem_entities($row['title']);
$this->entry['subtitle'] = rem_entities($row['subtitle']);
$this->entry['introduction'] = rem_entities($row['introduction']);
$this->entry['body'] = rem_entities($row['body']);
$this->entry['media'] = $row['media'];
$this->entry['links'] = $row['links'];
$this->entry['url'] = $this['url'];
$this->entry['filename'] = $filename;
unset($commnames);
if (isset($row['comment'])) {
for ($i = 0; $i < count($row['comment']); $i++) {
$row['comment'][$i]['name'] = substr(rem_entities($row['comment'][$i]['name']), 0, 30);
$row['comment'][$i]['email'] = rem_entities($row['comment'][$i]['email']);
$row['comment'][$i]['comment'] = rem_entities($row['comment'][$i]['comment']);
$commnames[] = $row['comment'][$i]['name'];
}
$this->entry['comments'] = $row['comment'];
$this->entry['commnames'] = implode(", ", array_unique($commnames));
$commcount = count($commnames);
} else {
unset($this->entry['comments']);
$commcount = 0;
}
$this->entry['commcount'] = $commcount;
if ($commcount == 0) {
$commcount_str = $global_pref['commentsarr'][0];
$this->entry['commcount_str'] = str_replace("%num%", $global_pref['comments_numbersarr'][0], $commcount_str);
} else {
if ($commcount == 1) {
$commcount_str = $global_pref['commentsarr'][1];
$this->entry['commcount_str'] = str_replace("%num%", $global_pref['comments_numbersarr'][1], $commcount_str);
} else {
if (isset($global_pref['comments_numbersarr'][$commcount])) {
$num = $global_pref['comments_numbersarr'][$commcount];
} else {
$num = $commcount;
}
$commcount_str = $global_pref['commentsarr'][2];
$this->entry['commcount_str'] = str_replace("%num%", $num, $commcount_str);
}
}
if ($this->entry['media'] != "") {
$media_lines = explode("#", $this->entry['media']);
$i = 0;
unset($this->entry['media']);
foreach ($media_lines as $media_line) {
@(list($file, $width, $height, $name) = explode("|", $media_line));
$i++;
$this->entry['media'][] = array("file" => $file, "width" => $width, "height" => $height, "name" => $name);
}
}
if ($this->entry['category'] == "") {
$this->entry['category'] = "standard";
}
$xml->cleanup();
$this->update_index(FALSE);
// Sometimes the code is another number than the filename would suggest. If so,
// this needs to be fixed, by renaming the file.
if ($filename != $this->set_filename($this->entry['code'])) {
debug("rename: " . $filename . " , ", $this->set_filename($this->entry['code']));
rename($filename, $this->set_filename($this->entry['code']));
}
return TRUE;
}