}
// echo "$filename ".serialize($_GET);exit;
mail($_GET['email'], "invite", "{$_GET['name']}:\n\nyou have been invited to planwatch. click this link to accept: http://planwatch.org/user/accept_invite/{$_SERVER['USER']}/" . md5("{$_GET['email']}"), "From: system@planwatch.org");
}
if ($_POST['action'] == 'upload smiley') {
include_once 'smiley_functions.php';
smiley_writenew($newsmiley, $newsmileyname);
exit;
}
if ($_GET['action'] == 'archive_search') {
Header("Location: http://{$_SERVER['HTTP_HOST']}{$_SERVER['WEB_ROOT']}/read/{$_GET['writer']}/search/" . urlencode($_GET['keyword']));
exit;
}
if ($_POST['action'] == 'sendmessage') {
include_once 'send.php';
send_find($_POST['message'], $user, $_POST['recipient']);
redirect("/send/{$_POST['recipient']}");
exit;
}
if ($_POST['action'] == 'login') {
login($_POST['user'], $_POST['pass'], $_POST['remember']);
exit;
}
if ($_GET['action'] == 'login_ajax') {
login($_GET['user'], $_GET['pass'], $_GET['remember'], "/watched/{$_GET['user']}");
exit;
}
if ($_POST['data'] && $_POST['filename'] && user_is_administrator()) {
file_put_contents($_POST['filename'], stripslashes($_POST['data']));
redirect('/');
exit;
function plan_write_journaling($edit, $plandata, $private, $nolinebreaks = FALSE, $writer = FALSE)
{
include_once 'plan_read.php';
include_once 'snoop.php';
include_once 'spiel.php';
include_once 'send.php';
$planowner = $writer;
// make sure all the timecodes are the same
$time = time();
// find the character encoding of the plan entry, convert it to something
// more universal
mb_detect_order("UTF-8, UTF-8, Windows-1252");
if (mb_detect_encoding($plandata) == "Windows-1252") {
$plandata = mb_convert_encoding($plandata, UTF - 8, Windows - 1252);
}
// make sure no one can post an update to someone else's plan
// this will need to be smarter if we ever implement group plans
// but probably we won't, so no biggie.
if ($planowner != $_SERVER['USER'] && !user_is_administrator()) {
$planowner = $_SERVER['USER'];
}
$plan_dir = "{$_SERVER['PWUSERS_DIR']}/{$planowner}/plan";
// Find the old snoops. We have to masquerade briefly as 'cacheuser' to do
// this without leaving a spurious snitch or getting private entries.
// We remain 'cacheuser' until after snoop_add() below.
$_SERVER['USER'] = '******';
// find old snoops, for later clearing
$old_snoop_array = snoop_find(plan_read_local($planowner, $_SERVER['USERINFO_ARRAY']['defaultdays'] + 3 . 'd'), $planowner);
// delete the (now-invalid) cache files
cache_clear($planowner);
// leave a reminder to plan_read_local to ignore linebreaks.
if ($nolinebreaks) {
$plandata .= "<!--nolinebreaks-->";
}
if ($_POST['title']) {
$plandata .= "<!--title {$_POST['title']} -->";
}
if ($_POST['tags']) {
$plandata .= "<!--tags {$_POST['tags']} -->";
}
// if we weren't editing an existing (already-posted) entry, set the filename for the current time.
if (!$_POST['edit'] || $_POST['edit'] == $_POST['draft_edit']) {
$_POST['edit'] = ".{$time}";
}
$plan_fn = "{$plan_dir}/plan{$_POST['edit']}.txt{$_POST['private']}";
if (!file_exists($plan_fn)) {
file_put_contents("{$_SERVER['PWUSERS_DIR']}/{$planowner}/stats/lastupdate", $time);
}
if ($_FILES['attached_file']['tmp_name']) {
rename("{$_FILES['attached_file']['tmp_name']}", "{$_SERVER['USER_ROOT']}/files/{$_FILES['attached_file']['name']}");
if (strstr($_FILES['attached_file']['name'], 'jpg') || strstr($_FILES['attached_file']['name'], 'gif') || strstr($_FILES['attached_file']['name'], 'png')) {
$plandata .= "<img src='/userfiles/view/{$writer}/{$_FILES['attached_file']['name']}' />";
} else {
$plandata .= "\n<a href='/userfiles/view/{$writer}/{$_FILES['attached_file']['name']}'>{$_FILES['attached_file']['name']}</a>";
}
}
// else trigger_error("No Files Uploaded");
$plandata .= $_POST['markdown'];
$plandata .= $_POST['nofeed'];
// save old headers and footers.
if (strstr($plan_fn, 'header') || strstr($plan_fn, 'footer')) {
exec("mv {$plan_fn} {$plan_fn}.{$time}");
}
// write the update to disk.
file_put_contents($plan_fn, $plandata);
// new feature: SPIEL
// here's the part where spiels are found
// TODO(v4.5): replace spiel syntax with hashtags
if (!$private && !$edit) {
spiel_find($plandata, $planowner, $time);
}
// here's the part where sends are found
if (!$private && !$edit) {
send_find($plandata, $planowner, $time);
}
if (file_exists($plan_fn)) {
if ($private && file_exists("{$plan_dir}/plan{$edit}.txt")) {
exec("mv {$plan_dir}/plan{$edit}.txt {$plan_dir}/rem.plan{$edit}.txt");
}
if (!$private && file_exists("{$plan_dir}/plan{$edit}.txt.p")) {
exec("mv {$plan_dir}/plan{$edit}.txt.p {$plan_dir}/rem.plan{$edit}.txt.p");
}
if ($_POST['draft_edit'] && file_exists("{$plan_dir}/draft{$_POST['draft_edit']}.txt")) {
unlink("{$plan_dir}/draft{$_POST['draft_edit']}.txt");
}
// clean up old drafts
if ($drafts = files_list("{$plan_dir}/", "draft*.txt")) {
foreach ($drafts as $draft) {
if (filemtime("{$plan_dir}/{$draft}") < time() - 7 * 24 * 3600) {
unlink("{$plan_dir}/{$draft}");
}
}
}
}
@chmod($plan_fn, 0755);
// clean old snoops and add new ones
$new_snoop_array = snoop_find(plan_read_local($planowner), $planowner);
$snoops_to_remove = array_unique(array_diff($old_snoop_array, $new_snoop_array));
$snoops_to_set = array_unique(array_diff($new_snoop_array, $old_snoop_array));
$remove_status = snoop_clean($snoops_to_remove, $planowner);
$add_status = snoop_add($snoops_to_set, $planowner);
$_SERVER['USER'] = $_SERVER['USERINFO_ARRAY']['username'];
// done masquerading
// report the good news if we wrote the post to disk.
if (file_exists($plan_fn)) {
if ($_SERVER['AJAX_POST']) {
return $plandata;
}
if (!$_SERVER['BLOGPOST']) {
if ($_COOKIE[$_SERVER['AUTH_COOKIE']]) {
if ($_SERVER['AJAX_POST']) {
return $plandata;
} else {
redirect("/read/{$planowner}");
}
} elseif (user_is_valid($_SERVER['USERINFO_ARRAY']['username'], $_SERVER['USERINFO_ARRAY']['userpass'])) {
if ($_POST['mailpost']) {
echo "posted";
exit;
} else {
// If the writer's cookie expired while updating, log her back in.
login($_SERVER['USERINFO_ARRAY']['username'], $_SERVER['USERINFO_ARRAY']['userpass'], 0, "/read/{$planowner}");
exit;
}
}
} else {
return ".{$time}";
}
} else {
if ($_SERVER['BLOGPOST']) {
return FALSE;
} else {
output('Error Updating', "<div class='alert'>There was an error writing {$_SERVER['USER']}'s plan entry to {$plan_fn} {$edit}. <a href='{$_SERVER['WEB_ROOT']}/feature'>File a bug</a> so we know about this problem. Here's your plan text for safekeeping:<br /><br />{$plandata}</div>", '', ' had an error');
}
}
}
