示例#1
0
/**
 * Process CMS tags into HTML for weblogs.
 */
function cms_tag_weblog($tag_attr, $tag_default)
{
    global $db, $Cfg, $Paths, $current_date, $Weblogs, $Current_weblog, $Current_subweblog, $diffdate_lastformat, $even_odd, $Pivot_Vars;
    // some people use [[subweblog]] inside an entry page. to allow this
    // we need to 'store' the entry, make the subweblog, and 'restore'
    // the entry..
    if (isset($db->entry)) {
        $temp_entry = $db->entry;
    }
    $order = get_attr_value('order', $tag_attr);
    if ($order == "firsttolast") {
        $order = "asc";
    } else {
        $order = "desc";
    }
    $countshow = 0;
    $output = "";
    // to force the 'diffdate' to start anew on each (sub)weblog..
    $diffdate_lastformat = "";
    $subweblog = get_attr_value('subweblog', $tag_attr);
    $Current_subweblog = $subweblog;
    $template = $Paths['templates_path'] . $Weblogs[$Current_weblog]['sub_weblog'][$subweblog]['template'];
    if (file_exists($template)) {
        $tag_default_orig = implode("", file($template));
    } else {
        piv_error("File does not exist!", "Could not load template file '" . $template . "'. Make sure it exists, and has the right permissions", 0);
    }
    // safety check to prevent recursive weblogs..
    if (preg_match("/\\[\\[weblog:(.*)(:[0-9]*)?\\]\\]/mUi", $tag_default_orig)) {
        $tag_default_orig = "<p>(You can't recursively use [weblogs]!)</p>";
    }
    $show = get_attr_value('showme', $tag_attr);
    if ($show == "") {
        $show = $Weblogs[$Current_weblog]['sub_weblog'][$subweblog]['num_entries'];
    }
    $cats = $Weblogs[$Current_weblog]['sub_weblog'][$subweblog]['categories'];
    $offset = $Weblogs[$Current_weblog]['sub_weblog'][$subweblog]['offset'];
    // If called from a 'dynamic archive page', the offset needs to be taken into account.
    if ($Pivot_Vars['o'] > 0) {
        $offset += $Pivot_Vars['o'];
    }
    $db->disallow_write();
    // Select published entries according to order, default is descending
    if ($order == 'asc') {
        $list_entries = $db->getlist($show, $offset, "", $cats, TRUE, "", "publish");
    } else {
        $list_entries = $db->getlist_end(-$show - $offset, "", $cats, TRUE, "publish");
    }
    if (count($list_entries) > 0) {
        foreach ($list_entries as $list_entry) {
            // If descending order we need to handle the offset:
            // if offset > 0, we need to skip this entry
            if ($order == "desc" && $offset > 0) {
                $offset--;
                continue;
            }
            $entry = $db->read_entry($list_entry['code'], TRUE);
            if (!isset($entry['status']) || $entry['status'] == 'publish') {
                // for 'even' and 'odd' messages..
                if ($even_odd == 1) {
                    $even_odd = 0;
                } else {
                    $even_odd = 1;
                }
                // include an anchor, if it's not set manually with the [[id_anchor]] tag
                if (strpos($tag_default_orig, "[[id_anchor]]") == 0) {
                    $entry_html = '<span id="e' . $db->entry['code'] . '"></span>';
                } else {
                    $entry_html = "";
                }
                $entry_html .= parse_step4($tag_default_orig);
                $output .= $entry_html . "\n";
                if ($Weblogs[$Current_weblog]['rss'] == 1) {
                    add_rss($entry['code'], $entry['date'], $entry['title'], $entry['introduction'], $entry['body'], $entry['user'], $entry['category']);
                }
            }
        }
    }
    // perhaps restore the entry
    if (isset($temp_entry)) {
        $db->set_entry($temp_entry);
    }
    return $output;
}
示例#2
0
    reset($Weblogs);
    $Current_weblog = key($Weblogs);
}
// Display the search results.
LoadWeblogLanguage($Weblogs[$Current_weblog]['language']);
$db = new db();
$result = "\n<div class='pivot-search-result'>\n";
$result .= search_result();
$result .= "<!-- Search took " . timetaken() . " seconds -->\n";
$result .= "</div>\n";
unset($db->entry);
// Set the template for the tags page
if (!isset($Pivot_Vars['t']) || empty($Pivot_Vars['t'])) {
    if (isset($Weblogs[$Current_weblog]['extra_template']) && $Weblogs[$Current_weblog]['extra_template'] != "") {
        $template = $Weblogs[$Current_weblog]['extra_template'];
    } else {
        $template = $Weblogs[$Current_weblog]['archive_template'];
    }
} else {
    $template = $Pivot_Vars['t'];
}
$template_html = load_template($template);
$template_html = replace_subweblogs_templates($template_html, $result);
if (!$template_html) {
    piv_error("Template error", "Could not load template file, <i>" . htmlspecialchars($template) . "</i>, because it doesn't exist.");
} else {
    $output = $template_html;
    $output = parse_step4($output);
}
echo $output;
flush();
示例#3
0
if (isset($Pivot_Vars['uid'])) {
    $Pivot_Vars['uid'] = str_replace("standard-", "", $Pivot_Vars['uid']);
    $Pivot_Vars['id'] = $Pivot_Vars['uid'];
}
$override_weblog = "";
// check if we need to override the template.
if (isset($Pivot_Vars['t'])) {
    // explicitly defined template is most important.
    $Pivot_Vars['t'] = basename($Pivot_Vars['t']);
    $override_template = $Pivot_Vars['t'];
} else {
    if (isset($Pivot_Vars['w']) && $Pivot_Vars['w'] != "") {
        $override_weblog = weblog_from_para($Pivot_Vars['w']);
        // Checking if weblog exists
        if (!isset($Weblogs[$override_weblog])) {
            piv_error("Weblog doesn't exist", "Selected weblog \"" . htmlspecialchars($Pivot_Vars['w']) . "\" doesn't exist.");
        }
    } else {
        $override_weblog = find_current_weblog_referer();
    }
}
// If non-crufty URLs (mod_rewrite) is enabled and someone tries to
// access the crufty URL, redirect (if not in preview mode).
// This is search engine friendly.
list($request_script) = explode("?", $_SERVER['REQUEST_URI']);
if (!isset($Pivot_Vars['f_title']) && $Cfg['mod_rewrite'] && basename($request_script) == "entry.php") {
    if ($override_weblog == "") {
        reset($Weblogs);
        $Current_weblog = key($Weblogs);
    } else {
        $Current_weblog = $override_weblog;
示例#4
0
// If you don't want the self-registered users to have access to all
// categories, uncomment the line below (and list only the categories
// the user is allowed to post in).
// $selfreg_cats = array("Category1","Category2");
//
// END USER CONFIGURATION
define('LIVEPAGE', TRUE);
include_once 'pv_core.php';
$override_weblog = find_current_weblog_request();
if (empty($override_weblog)) {
    $override_weblog = find_current_weblog_referer();
}
set_current_weblog($override_weblog);
LoadWeblogLanguage($Weblogs[$Current_weblog]['language']);
if (!$Cfg['selfreg']) {
    piv_error(lang('userinfo', 'selfreg'), lang('userinfo', 'disabled'));
}
// Saving the page contents using
ob_start();
$setupstepn = 5;
$Setupstep1 = array(array('username', lang('userinfo', 'username'), '', 0, '', '', ''), array('pass1', lang('userinfo', 'pass1'), '', 1, '', '', 'maxlength="15"'), array('pass2', lang('userinfo', 'pass2'), '', 1, '', '', 'maxlength="15"'), array('email', lang('userinfo', 'email'), '', 0, '', '', ''), array('nick', lang('userinfo', 'nickname'), '', 0, '', '', ''));
if (!isset($Pivot_Vars['step'])) {
    $setupstepn = 1;
} elseif ($Pivot_Vars['step'] == 1) {
    // Sanitize passed variables to prevent people from inserting characters that
    // could be interpreted as dividers.
    $Pivot_Vars['username'] = preg_replace("/[!|\n]/i", "", $Pivot_Vars['username']);
    $Pivot_Vars['pass1'] = preg_replace("/[!|\n]/i", "", $Pivot_Vars['pass1']);
    $Pivot_Vars['pass2'] = preg_replace("/[!|\n]/i", "", $Pivot_Vars['pass2']);
    $Pivot_Vars['email'] = preg_replace("/[!|\n]/i", "", $Pivot_Vars['email']);
    $Pivot_Vars['nick'] = preg_replace("/[!|\n]/i", "", $Pivot_Vars['nick']);
示例#5
0
            if (count($in_weblogs) != 0) {
                $override_weblog = $in_weblogs[0];
            }
        } else {
            reset($Weblogs);
            $override_weblog = key($Weblogs);
        }
    }
    $Pivot_Vars['w'] = $override_weblog;
} else {
    if ($Pivot_Vars['w'] != "") {
        // Both weblog and category has some value - checking if they match
        if ($Pivot_Vars['c'] != "") {
            $in_weblogs = find_weblogs_with_cat($Pivot_Vars['c']);
            if (!in_array($Pivot_Vars['w'], $in_weblogs)) {
                piv_error("Category/weblog mismatch", 'Category "' . htmlspecialchars($Pivot_Vars['c']) . "\" doesn't belong to selected weblog (" . htmlspecialchars($Pivot_Vars['w']) . ").");
            }
        }
    }
}
if (!isset($Pivot_Vars['c'])) {
    $Pivot_Vars['c'] = "";
}
if (!isset($Pivot_Vars['u'])) {
    $Pivot_Vars['u'] = "";
}
if (!isset($Pivot_Vars['t']) || empty($Pivot_Vars['t'])) {
    if ($Pivot_Vars['w'] != "") {
        $Pivot_Vars['t'] = basename($Weblogs[$Pivot_Vars['w']]['extra_template']);
    } else {
        $Pivot_Vars['t'] = "";
示例#6
0
/**
 * Checks if the Pivot install is OK.
 *
 * Currently it only checks if the config files are writable.
 */
function CheckSanity()
{
    global $pivot_path;
    $insane = false;
    if (!is_writeable($pivot_path . "pv_cfg_settings.php")) {
        $insane = "pv_cfg_settings.php";
    } else {
        if (!is_writeable($pivot_path . "pv_cfg_weblogs.php")) {
            $insane = "pv_cfg_weblogs.php";
        }
    }
    if ($insane) {
        PageHeader("FATAL ERROR", 0);
        echo "<div class='showlog'>&nbsp;</div><div class='main'><h1>FATAL ERROR</h1>\n";
        piv_error("Insufficient permissions", "Admin pages can't be used - \"{$insane}\" isn't writable.");
        PageFooter();
    }
}
示例#7
0
            @mail($addr, $subject, $body, $add_header);
            debug("Send Mail to {$addr} for '" . $my_comment['name'] . "'");
        }
    }
    // Handle the users that want to be notified via email..
    notify_new('comment', array($db->entry, $my_comment, $Cfg['moderate_comments']));
}
$Pivot_Vars['piv_name'] = strip_tags($Pivot_Vars['piv_name']);
$Pivot_Vars['piv_email'] = strip_tags($Pivot_Vars['piv_email']);
$Pivot_Vars['piv_url'] = strip_tags($Pivot_Vars['piv_url']);
$Current_weblog = $Pivot_Vars['piv_weblog'];
// switch to weblog's language
LoadWeblogLanguage($Weblogs[$Current_weblog]['language']);
if (ip_check_block($Pivot_Vars['REMOTE_ADDR'])) {
    debug("Blocked user from {$ip} tried to comment");
    piv_error("You are Blocked", "Your IP-address has been blocked, so you are not" . " allowed to leave comments on this site. We know IP-adresses can easily be faked," . " but it helps. Have a nice day<br /><br />Go <a href='javascript:history.go(-1)'>" . "back</a> to the last page, and do something else.", 0);
}
// set cookies (or delete) only if explicitely told so..
if ($Pivot_Vars['piv_rememberinfo'] == "yes") {
    // If magic_quotes_gpc is set, we need to strip slashes..
    if (get_magic_quotes_gpc()) {
        setcookie("piv_name", stripslashes($Pivot_Vars['piv_name']), time() + 2592000, $Paths['cookie_url']);
        setcookie("piv_email", stripslashes($Pivot_Vars['piv_email']), time() + 2592000, $Paths['cookie_url']);
        setcookie("piv_url", stripslashes($Pivot_Vars['piv_url']), time() + 2592000, $Paths['cookie_url']);
    } else {
        setcookie("piv_name", $Pivot_Vars['piv_name'], time() + 2592000, $Paths['cookie_url']);
        setcookie("piv_email", $Pivot_Vars['piv_email'], time() + 2592000, $Paths['cookie_url']);
        setcookie("piv_url", $Pivot_Vars['piv_url'], time() + 2592000, $Paths['cookie_url']);
    }
    setcookie("piv_rememberinfo", "yes", time() + 2592000, $Paths['cookie_url']);
    //debug ("cookiezet: ". stripslashes($Pivot_Vars['piv_name']));
示例#8
0
function save_serialize($filename, &$data)
{
    global $Cfg;
    $filename = fixPath($filename);
    $ser_string = "<?php /* pivot */ die(); ?>" . serialize($data);
    // disallow user to interrupt
    ignore_user_abort(TRUE);
    $old_umask = umask(0111);
    if ($Cfg['unlink'] == 1 && file_exists($filename)) {
        /* unlinking is good for some safe_mode users */
        /* and bad for some others.. i hate safe_mode */
        @unlink($filename);
    }
    // open the file and lock it.
    if ($fp = fopen($filename, "w")) {
        flock($fp, LOCK_EX);
        // write it
        if (fwrite($fp, $ser_string)) {
            flock($fp, LOCK_UN);
            fclose($fp);
        } else {
            flock($fp, LOCK_UN);
            fclose($fp);
            piv_error("Error writing file", "The file <b>{$filename}</b> could not be written! Current path: " . getcwd() . ".");
            return FALSE;
        }
    } else {
        piv_error("Error opening file", "The file <b>{$filename}</b> could not be opened for writing! Current path: " . getcwd() . ".");
        return FALSE;
    }
    umask($old_umask);
    // reset the users ability to interrupt the script
    ignore_user_abort(FALSE);
    return TRUE;
}
示例#9
0
function get_entry_xml($entry_file)
{
    global $row, $global_pref;
    //	debug("get_entry_xml: file: $entry_file");
    $entry_file = "db/" . $entry_file;
    $xml = new XMLFile();
    $fh = fopen($entry_file, 'r');
    if ($fh == false) {
        piv_error("Index File corrupt!", "One of the xml files needed could not be found. <br /><br />This is can normally be fixed by recreating the index-file. Click <a href='reindex.php'>reindex</a> to do so now, and then go <a href='javascript:history.go(-1)'>back</a> to the last page.", 0);
    }
    $xml->read_file_handle($fh);
    fclose($fh);
    $row_entrypoint =& $xml->roottag->tags[0];
    $row['code'] = rem_code_padding($row_entrypoint->attributes['CODE']);
    $row['id'] = $row_entrypoint->attributes['UID'];
    $row['template'] = $row_entrypoint->tags[0]->cdata;
    $row['date'] = $row_entrypoint->tags[1]->cdata;
    $row['user'] = $row_entrypoint->tags[2]->cdata;
    $row['title'] = rem_entities($row_entrypoint->tags[3]->cdata);
    $row['subtitle'] = rem_entities($row_entrypoint->tags[4]->cdata);
    $row['introduction'] = rem_entities($row_entrypoint->tags[5]->cdata);
    $row['body'] = rem_entities($row_entrypoint->tags[6]->cdata);
    $row['media'] = $row_entrypoint->tags[7]->cdata;
    $row['links'] = $row_entrypoint->tags[8]->cdata;
    $row['url'] = $global_pref['pivot_url'] . str_replace("%1", $row['code'], $global_pref['file_format']);
    $row['xmlfilename'] = $entry_file;
    $commcount = 0;
    unset($row['comments']);
    //debug("user: "******"") {
        $row['comments'][$commcount]['name'] = rem_entities($row_entrypoint->tags[9 + $commcount]->tags[0]->cdata);
        $row['comments'][$commcount]['email'] = rem_entities($row_entrypoint->tags[9 + $commcount]->tags[1]->cdata);
        $row['comments'][$commcount]['url'] = $row_entrypoint->tags[9 + $commcount]->tags[2]->cdata;
        $row['comments'][$commcount]['ip'] = $row_entrypoint->tags[9 + $commcount]->tags[3]->cdata;
        $row['comments'][$commcount]['date'] = $row_entrypoint->tags[9 + $commcount]->tags[4]->cdata;
        $row['comments'][$commcount]['comment'] = rem_entities($row_entrypoint->tags[9 + $commcount]->tags[5]->cdata);
        $commcount++;
    }
    $xml->cleanup();
}
示例#10
0
 function read_entry($filename, $updateindex = TRUE)
 {
     global $global_pref;
     $xml = new XMLFile();
     if ($filename == "") {
         $filename = $this->entry['filename'];
     }
     //debug("read entry: $filename". ( ($updateindex) ? "(T)" : "(F)"));
     if ($this->entry['filename'] == "ROOT") {
         debug("root lezen");
         $this->entry['template'] = "weblog.html";
         return;
     }
     @($fh = fopen($filename, 'r'));
     if ($fh == false) {
         piv_error("File Does not Exist!", "One of the xml files needed ({$filename}) could not be found. <br /><br />This can normally be fixed by recreating the index-file. Click <a href='reindex.php'>reindex</a> to do so now, and then go <a href='javascript:history.go(-1)'>back</a> to the last page.", 0);
     }
     $xml->read_file_handle($fh);
     fclose($fh);
     $row_entrypoint =& $xml->roottag->tags[0];
     $row =& $xml->roottag->tags[0]->make_array();
     $this->entry['code'] = rem_code_padding($row_entrypoint->attributes['CODE']);
     $this->entry['id'] = $this->set_id();
     @($this->entry['category'] = trim($row_entrypoint->attributes['CATEGORY']));
     debug("leescat2: " . $this->entry['category']);
     $this->entry['template'] = $row['template'];
     $this->entry['date'] = $row['date'];
     $this->entry['user'] = $row['user'];
     $this->entry['title'] = rem_entities($row['title']);
     $this->entry['subtitle'] = rem_entities($row['subtitle']);
     $this->entry['introduction'] = rem_entities($row['introduction']);
     $this->entry['body'] = rem_entities($row['body']);
     $this->entry['media'] = $row['media'];
     $this->entry['links'] = $row['links'];
     $this->entry['url'] = $this['url'];
     $this->entry['filename'] = $filename;
     unset($commnames);
     if (isset($row['comment'])) {
         for ($i = 0; $i < count($row['comment']); $i++) {
             $row['comment'][$i]['name'] = substr(rem_entities($row['comment'][$i]['name']), 0, 30);
             $row['comment'][$i]['email'] = rem_entities($row['comment'][$i]['email']);
             $row['comment'][$i]['comment'] = rem_entities($row['comment'][$i]['comment']);
             $commnames[] = $row['comment'][$i]['name'];
         }
         $this->entry['comments'] = $row['comment'];
         $this->entry['commnames'] = implode(", ", array_unique($commnames));
         $commcount = count($commnames);
     } else {
         unset($this->entry['comments']);
         $commcount = 0;
     }
     $this->entry['commcount'] = $commcount;
     if ($commcount == 0) {
         $commcount_str = $global_pref['commentsarr'][0];
         $this->entry['commcount_str'] = str_replace("%num%", $global_pref['comments_numbersarr'][0], $commcount_str);
     } else {
         if ($commcount == 1) {
             $commcount_str = $global_pref['commentsarr'][1];
             $this->entry['commcount_str'] = str_replace("%num%", $global_pref['comments_numbersarr'][1], $commcount_str);
         } else {
             if (isset($global_pref['comments_numbersarr'][$commcount])) {
                 $num = $global_pref['comments_numbersarr'][$commcount];
             } else {
                 $num = $commcount;
             }
             $commcount_str = $global_pref['commentsarr'][2];
             $this->entry['commcount_str'] = str_replace("%num%", $num, $commcount_str);
         }
     }
     if ($this->entry['media'] != "") {
         $media_lines = explode("#", $this->entry['media']);
         $i = 0;
         unset($this->entry['media']);
         foreach ($media_lines as $media_line) {
             @(list($file, $width, $height, $name) = explode("|", $media_line));
             $i++;
             $this->entry['media'][] = array("file" => $file, "width" => $width, "height" => $height, "name" => $name);
         }
     }
     if ($this->entry['category'] == "") {
         $this->entry['category'] = "standard";
     }
     $xml->cleanup();
     $this->update_index(FALSE);
     // Sometimes the code is another number than the filename would suggest. If so,
     // this needs to be fixed, by renaming the file.
     if ($filename != $this->set_filename($this->entry['code'])) {
         debug("rename: " . $filename . " , ", $this->set_filename($this->entry['code']));
         rename($filename, $this->set_filename($this->entry['code']));
     }
     return TRUE;
 }