function generate_content(&$title)
{
global $serendipity;
$title = $this->get_config('title', $title);
$login_url = $this->get_config('login_url');
$logout_url = $this->get_config('logout_url');
if ($login_url == "") {
$login_url = serendipity_currentURL();
}
if ($logout_url == "") {
$logout_url = serendipity_currentURL();
}
if (isset($serendipity['POST']['action']) && !isset($serendipity['POST']['logout']) && !serendipity_userLoggedIn()) {
echo '<div class="serendipity_center serendipity_msg_important">' . WRONG_USERNAME_OR_PASSWORD . '</div>';
} elseif (serendipity_userLoggedIn()) {
echo '<div class="serendipity_center">' . WELCOME_BACK . ' ' . $_SESSION['serendipityUser'] . '</div>';
echo '<form id="loginform" action="' . $logout_url . '" method="post">';
echo '<input type="hidden" name="serendipity[logout]" value="true" />';
echo '<input type="submit" name="serendipity[action]" value="' . LOGOUT . ' >" />';
$show_entry = false;
$show_media = false;
if (function_exists('serendipity_checkPermission')) {
if (serendipity_checkPermission('adminEntries')) {
$show_entry = true;
}
if (serendipity_checkPermission('adminImages') && serendipity_checkPermission('adminImagesAdd')) {
$show_media = true;
}
} elseif (!$serendipity['no_create']) {
$show_entry = true;
$show_media = true;
}
if ($show_entry) {
echo '<div class="loginform_link_entry"><a href="' . $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=entries&serendipity[adminAction]=new">' . NEW_ENTRY . '</a></div>';
}
if ($show_media) {
echo '<div class="loginform_link_media"><a href="' . $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=media&serendipity[adminAction]=addSelect">' . ADD_MEDIA . '</a></div>';
}
echo '</form>';
return true;
}
// Logout is performed in bundled event plugin!
echo '<form id="loginform" action="' . $login_url . '" method="post">';
echo '<fieldset id="loginform_userdata" style="border: none;">';
echo '<label for="username">' . USERNAME . '</label>';
echo '<input id="username" type="text" name="serendipity[user]" value="" />';
echo '<label for="s9ypassw">' . PASSWORD . '</label>';
echo '<input id="s9ypassw" type="password" name="serendipity[pass]" value="" />';
echo '</fieldset>';
echo '<fieldset id="loginform_login" style="border: none;">';
echo '<input id="autologin" type="checkbox" name="serendipity[auto]" /><label for="autologin"> ' . AUTOMATIC_LOGIN . '</label>';
echo '<input type="submit" id="loginform_submit" name="serendipity[action]" value="' . LOGIN . ' >" />';
echo '</fieldset>';
echo '</form>';
if (class_exists('serendipity_event_forgotpassword')) {
echo '<div class="forgot_password"><a href="' . $serendipity['baseURL'] . '/serendipity_admin.php?forgotpassword=1">' . PLUGIN_EVENT_FORGOTPASSWORD_LOST_PASSWORD . '</a></div>';
}
return true;
}
function event_hook($event, &$bag, &$eventData, $addData = null)
{
global $serendipity;
$hooks =& $bag->get('event_hooks');
$serendipity['plugin_eventcal_version'] =& $bag->get('version');
if (isset($hooks[$event])) {
switch ($event) {
case 'frontend_configure':
/* checking if db tables exists, otherwise install them */
$cur = $this->get_config('version');
$cur = !empty($cur) ? $cur : $this->get_config('dbversion');
if ($cur == '1.0' && !$this->get_config('dbversion')) {
$this->alter_db($cur);
$this->set_config('dbversion', '1.1');
$this->set_config('version', '');
// unset value to cleanup
$this->cleanup();
// remove_plugin_value - removes empty vars only
} elseif ($cur == '1.1') {
//void
} else {
$this->install();
$this->set_config('dbversion', '1.1');
}
return true;
break;
case 'external_plugin':
// [0]=ics_export/sql_export; [1]=id/filename; [2]=month(cm); [3]=year(cy); [4]=case: no, dl, wc, ml, ud; [5] to=email; (optional) [6] ics=all (admin string)
$evc['export'] = explode('/', $eventData);
if (is_array($evc['export']) && $evc['export'][0] == 'sql_export') {
$file = file_get_contents($serendipity['serendipityPath'] . 'templates_c/eventcal/' . $evc['export'][1]);
echo $file;
header('Status: 302 Found');
header('Content-Type: application/octet-stream; charset=UTF-8');
// text/plain to see as file in browser
header('Content-Disposition: inline; filename=' . $evc['export'][1]);
}
if (is_array($evc['export']) && $evc['export'][0] == 'ics_export') {
$adminrequest = isset($evc['export'][6]) ? true : false;
$icl = $this->draw_icalendar($evc['export'][1], $evc['export'][2], $evc['export'][3], $adminrequest);
}
if (isset($icl) && !empty($eventData) && $evc['export'][4] != 'no') {
/* set the ical url location target to s9y/uploads or reload page with sent result */
if ($evc['export'][4] == 'ml' && !$evc['export'][6]) {
$url = $_SERVER['HTTP_HOST'] . $this->fetchPluginUri() . ($serendipity['rewrite'] == 'rewrite' ? '?' : '&') . 'serendipity[mailData]=';
} elseif ($evc['export'][4] == 'ml' && $evc['export'][6] == 'all') {
$url = $_SERVER['HTTP_HOST'] . $serendipity['serendipityHTTPPath'] . 'serendipity_admin.php?serendipity[adminModule]=event_display&serendipity[adminAction]=eventcal&serendipity[eventcalcategory]=adevplad&serendipity[eventcaldbclean]=dbicalall&serendipity[mailData]=';
} else {
$url = $_SERVER['HTTP_HOST'] . $serendipity['serendipityHTTPPath'] . 'uploads/icalendar.ics';
}
/* write the ical string to ics file if not requested as download */
if ($evc['export'][4] != 'dl') {
$wcal = $this->write_file($icl);
}
if (serendipity_db_bool($this->get_config('log_ical'))) {
$ym = $evc['export'][3] . '-' . sprintf("%02d", $evc['export'][2]);
}
$sendmail = $this->get_config('log_email') ? true : false;
switch ($evc['export'][4]) {
/* download as file */
case 'dl':
echo $icl;
header('Status: 302 Found');
header('Content-Type: text/calendar; charset=UTF-8');
header("Content-Disposition: inline; filename=icalendar.ics");
// Send mail to the admin if he has set log iCal requests in config to receive these mails
if (serendipity_db_bool($this->get_config('log_ical'))) {
$this->send_ical_log_email($this->get_config('log_email'), '', $evc['export'][5], $evc['export'][1], $ym, 'as ics download', $evc['export'][4], $sendmail);
}
break;
/* send file via webcal */
/* send file via webcal */
case 'wc':
if (serendipity_isResponseClean($url) && $wcal === true) {
// Send mail to the admin if he has set log iCal requests in config to receive these mails
if (serendipity_db_bool($this->get_config('log_ical'))) {
$this->send_ical_log_email($this->get_config('log_email'), '', $evc['export'][5], $evc['export'][1], $ym, 'via webcal', $evc['export'][4], $sendmail);
}
header('Status: 302 Found');
header('Content-Type: text/calendar; charset=UTF-8');
header('Location: webcal://' . $url);
}
break;
/* send via email and attachment */
/* send via email and attachment */
case 'ml':
if (!empty($evc['export'][5]) && $evc['export'][5] != 'none') {
$to = $evc['export'][5];
} else {
$to = $this->get_config('log_email') ? $this->get_config('log_email') : $serendipity['serendipityEmail'];
}
if (!empty($to) && $to != '*****@*****.**') {
//* @param string The validated recipient address of the mail, @param string The ical body part of the mail
$result = $this->sendIcalEmail($to, $icl);
//returns true or false
// Send mail to the admin if he has set log iCal requests in config to receive these mails
if (serendipity_db_bool($this->get_config('log_ical'))) {
$this->send_ical_log_email($this->get_config('log_email'), '', $evc['export'][5], $evc['export'][1], $ym, 'as email', $evc['export'][4], $sendmail);
}
}
if (serendipity_isResponseClean($url)) {
header('Location: http://' . $url . ($result ? 1 : 2));
}
break;
default:
return false;
break;
}
exit;
}
case 'genpage':
$args = implode('/', serendipity_getUriArguments($eventData, true));
if ($serendipity['rewrite'] == 'rewrite') {
$nice_url = $serendipity['serendipityHTTPPath'] . $args;
} else {
$nice_url = $serendipity['serendipityHTTPPath'] . $serendipity['indexFile'] . '?/' . $args;
}
if (empty($serendipity['GET']['subpage'])) {
$serendipity['GET']['subpage'] = $nice_url;
}
return true;
break;
case 'entry_display':
if ($this->selected()) {
if (is_array($eventData)) {
$eventData['clean_page'] = true;
// This is important to not display an entry list!
} else {
$eventData = array('clean_page' => true);
}
}
// Silence pedantic warnings about missing default TZ settings
if (function_exists("date_default_timezone_get")) {
$tz = @date_default_timezone_get();
date_default_timezone_set($tz);
}
if (version_compare($serendipity['version'], '1.4', '<=')) {
$this->show();
}
return true;
break;
case 'entries_header':
// this one really rolls up output
$this->show();
return true;
break;
/* put here all you css stuff you need for the frontend of eventcal pages */
/* put here all you css stuff you need for the frontend of eventcal pages */
case 'css':
if (stristr($eventData, '#eventcal_wrapper')) {
// class exists in CSS, so a user has customized it and we don't need default
return true;
}
$tfile = serendipity_getTemplateFile('style_eventcal_backend.css', 'serendipityPath');
if ($tfile) {
echo str_replace('{TEMPLATE_PATH}', 'templates/' . $serendipity['defaultTemplate'] . '/', @file_get_contents($tfile));
}
if (!$tfile || $tfile == 'style_eventcal_backend.css') {
$tfile = dirname(__FILE__) . '/style_eventcal_backend.css';
echo str_replace('{TEMPLATE_PATH}', $serendipity['eventcal']['pluginpath'], @file_get_contents($tfile));
}
return true;
break;
case 'backend_sidebar_entries':
// forbid entry if not admin
if (serendipity_userLoggedIn() && $_SESSION['serendipityAuthedUser'] === true && $_SESSION['serendipityUserlevel'] == '255') {
echo '<li class="serendipitySideBarMenuLink serendipitySideBarMenuEntryLinks">
<a href="?serendipity[adminModule]=event_display&serendipity[adminAction]=eventcal">
' . PLUGIN_EVENTCAL_ADMIN_NAME . '
</a>
</li>';
}
return true;
break;
case 'backend_sidebar_entries_event_display_eventcal':
// forbid entry if not admin
if (serendipity_userLoggedIn() && $_SESSION['serendipityAuthedUser'] === true && $_SESSION['serendipityUserlevel'] == '255') {
if (!is_object($serendipity['smarty'])) {
serendipity_smarty_init();
// if not set to avoid member function assign() on a non-object error, start Smarty templating
}
/* show backend administration menu */
$this->backend_eventcal_menu();
}
return true;
break;
/* put here all you css stuff you need for the backend of eventcal pages */
/* put here all you css stuff you need for the backend of eventcal pages */
case 'css_backend':
if (stristr($eventData, '#eventcal_wrapper')) {
// class exists in CSS, so a user has customized it and we don't need default
return true;
}
$tfile = serendipity_getTemplateFile('style_eventcal_backend.css', 'serendipityPath');
if ($tfile) {
$tfilecontent = str_replace('{TEMPLATE_PATH}', 'templates/' . $serendipity['defaultTemplate'] . '/', @file_get_contents($tfile));
}
if ((!$tfile || $tfile == 'style_eventcal_backend.css') && !$tfilecontent) {
$tfile = dirname(__FILE__) . '/style_eventcal_backend.css';
$tfilecontent = str_replace('{TEMPLATE_PATH}', $serendipity['eventcal']['pluginpath'], @file_get_contents($tfile));
}
// add replaced css content to the end of serendipity_admin.css
if (!empty($tfilecontent)) {
$this->backend_eventcal_css($eventData, $tfilecontent);
}
return true;
break;
default:
return false;
break;
}
// switch end
} else {
return false;
}
// isset hooks end
}
function event_hook($event, &$bag, &$eventData, $addData = null)
{
global $serendipity;
static $login_url = null;
if ($login_url === null) {
$login_url = $serendipity['baseURL'] . $serendipity['indexFile'] . '?/plugin/loginbox';
}
$hooks =& $bag->get('event_hooks');
if (isset($hooks[$event])) {
switch ($event) {
case 'frontend_saveComment':
if (!isset($serendipity['csuccess'])) {
$serendipity['csuccess'] = 'true';
}
if (serendipity_db_bool($this->get_config('registered_only')) && !serendipity_userLoggedIn() && $addData['source2'] != 'adduser') {
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_ADDUSER_REGISTERED_ONLY_REASON;
return false;
}
if (serendipity_db_bool($this->get_config('registered_only')) && !$this->inGroup() && $addData['source2'] != 'adduser') {
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_ADDUSER_REGISTERED_ONLY_REASON;
return false;
}
if (serendipity_db_bool($this->get_config('true_identities')) && !serendipity_userLoggedIn()) {
$user = str_replace(" b", '', $addData['name']);
$user = serendipity_db_escape_string(preg_replace('@\\s+@', ' ', trim($user)));
$user = trim($user);
$authors = serendipity_db_query("SELECT authorid FROM {$serendipity['dbPrefix']}authors WHERE realname = '" . $user . "'");
if (is_array($authors) && isset($authors[0]['authorid'])) {
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = sprintf(PLUGIN_ADDUSER_REGISTERED_CHECK_REASON, $login_url, 'onclick="javascript:loginbox = window.open(this.href, \'loginbox\', \'width=300,height=300,locationbar=no,menubar=no,personalbar=no,statusbar=yes,status=yes,toolbar=no\'); return false;"');
}
}
break;
case 'external_plugin':
if ($eventData != 'loginbox') {
return true;
}
$out = array();
serendipity_plugin_api::hook_event('backend_login_page', $out);
serendipity_smarty_init();
$serendipity['smarty']->assign(array('loginform_add' => $out, 'loginform_url' => $login_url, 'loginform_user' => $_SESSION['serendipityUser'], 'loginform_mail' => $_SESSION['serendipityEmail'], 'close_window' => defined('LOGIN_ACTION'), 'is_logged_in' => serendipity_userLoggedIn(), 'is_error' => defined('LOGIN_ERROR')));
$filename = 'loginbox.tpl';
$tfile = serendipity_getTemplateFile($filename, 'serendipityPath');
if (!$tfile || $tfile == $filename) {
$tfile = dirname(__FILE__) . '/' . $filename;
}
$inclusion = $serendipity['smarty']->security_settings[INCLUDE_ANY];
$serendipity['smarty']->security_settings[INCLUDE_ANY] = true;
$serendipity['smarty']->display($tfile);
break;
case 'frontend_display':
if (serendipity_db_bool($this->get_config('registered_only')) && !serendipity_userLoggedIn()) {
$serendipity['messagestack']['comments'][] = sprintf(PLUGIN_ADDUSER_REGISTERED_ONLY_REASON, $serendipity['baseURL'] . $serendipity['indexFile'] . '?serendipity[subpage]=adduser', $serendipity['baseURL'] . 'serendipity_admin.php');
$eventData['allow_comments'] = false;
}
break;
case 'frontend_configure':
if (isset($serendipity['POST']['action']) && isset($serendipity['POST']['user']) && isset($serendipity['POST']['pass'])) {
serendipity_login();
if (serendipity_userLoggedIn()) {
define('LOGIN_ACTION', 'login');
header('X-s9y-auth: Login');
} else {
define('LOGIN_ERROR', true);
}
} elseif (isset($serendipity['POST']['action']) && isset($serendipity['POST']['logout'])) {
serendipity_logout();
if (!serendipity_userLoggedIn()) {
header('X-s9y-auth: Logout');
define('LOGIN_ACTION', 'logout');
}
}
if ((serendipity_db_bool($this->get_config('registered_only')) || serendipity_db_bool($this->get_config('true_identities'))) && $_SESSION['serendipityAuthedUser']) {
if (defined('IN_serendipity_admin') && $serendipity['GET']['adminAction'] == 'doEdit') {
// void
} else {
$serendipity['COOKIE']['name'] = isset($_SESSION['serendipityRealname']) ? $_SESSION['serendipityRealname'] : $_SESSION['serendipityUser'];
$serendipity['COOKIE']['email'] = $_SESSION['serendipityEmail'];
if ($serendipity['POST']['comment']) {
$serendipity['POST']['name'] = $serendipity['COOKIE']['name'];
$serendipity['POST']['email'] = $serendipity['COOKIE']['email'];
}
}
}
return true;
break;
case 'entry_display':
if ($serendipity['GET']['subpage'] == 'adduser' || $serendipity['POST']['subpage'] == 'adduser' || !empty($serendipity['GET']['adduser_activation']) || !empty($this->clean_page)) {
if (is_array($eventData)) {
$eventData['clean_page'] = true;
}
}
break;
case 'entries_header':
if ($serendipity['GET']['subpage'] == 'adduser' || $serendipity['POST']['subpage'] == 'adduser' || !empty($serendipity['GET']['adduser_activation'])) {
$this->clean_page = true;
$url = $serendipity['baseURL'] . $serendipity['indexFile'];
$hidden['subpage'] = 'adduser';
$username = substr($serendipity['POST']['adduser_user'], 0, 40);
$password = substr($serendipity['POST']['adduser_pass'], 0, 32);
$email = $serendipity['POST']['adduser_email'];
echo '<div id="adduser_form" style="padding-left: 4px; padding-right: 10px"><a id="adduser"></a>';
// Get the config from the sidebar plugin
$pair_config = array('userlevel' => USERLEVEL_EDITOR, 'no_create' => false, 'right_publish' => false, 'instructions' => $this->get_config('instructions', ''), 'usergroups' => array(), 'straight_insert' => false, 'approve' => false, 'use_captcha' => false);
$config = serendipity_db_query("SELECT name, value FROM {$serendipity['dbPrefix']}config WHERE name LIKE 'serendipity_plugin_adduser:%'");
if (is_array($config)) {
foreach ($config as $conf) {
$names = explode('/', $conf['name']);
if ($names[1] == 'instructions' && !empty($pair_config['instructions'])) {
continue;
}
if ($names[1] == 'usergroups') {
$ug = (array) explode(',', $conf['value']);
foreach ($ug as $cid) {
if ($cid === false || empty($cid)) {
continue;
}
$pair_config[$names[1]][$cid] = $cid;
}
} else {
$pair_config[$names[1]] = serendipity_get_bool($conf['value']);
}
}
}
if (!serendipity_common_adduser::adduser($username, $password, $email, $pair_config['userlevel'], $pair_config['usergroups'], $pair_config['no_create'], $pair_config['right_publish'], $pair_config['straight_insert'], $pair_config['approve'], $pair_config['use_captcha'])) {
serendipity_common_adduser::loginform($url, $hidden, $pair_config['instructions'], $username, $password, $email, $pair_config['use_captcha']);
}
echo '</div>';
}
return true;
break;
default:
return false;
}
} else {
return false;
}
}
function event_hook($event, &$bag, &$eventData, $addData = null)
{
global $serendipity;
$debug = true;
$hooks =& $bag->get('event_hooks');
if (isset($hooks[$event])) {
$captchas_ttl = $this->get_config('captchas_ttl', 7);
$_captchas = $this->get_config('captchas', 'yes');
$captchas = $_captchas !== 'no' && ($_captchas === 'yes' || $_captchas === 'scramble' || serendipity_db_bool($_captchas));
// Check if the entry is older than the allowed amount of time. Enforce kaptchas if that is true
// of if kaptchas are activated for every entry
$show_captcha = $captchas && isset($eventData['timestamp']) && ($captchas_ttl < 1 || $eventData['timestamp'] < time() - $captchas_ttl * 60 * 60 * 24) ? true : false;
// Plugins can override with custom captchas
if (isset($serendipity['plugins']['disable_internal_captcha'])) {
$show_captcha = false;
}
$forcemoderation = $this->get_config('forcemoderation', 60);
$forcemoderation_treat = $this->get_config('forcemoderation_treat', 'moderate');
$forcemoderationt = $this->get_config('forcemoderationt', 60);
$forcemoderationt_treat = $this->get_config('forcemoderationt_treat', 'moderate');
$links_moderate = $this->get_config('links_moderate', 10);
$links_reject = $this->get_config('links_reject', 20);
if (function_exists('imagettftext') && function_exists('imagejpeg')) {
$max_char = 5;
$min_char = 3;
$use_gd = true;
} else {
$max_char = $min_char = 5;
$use_gd = false;
}
switch ($event) {
case 'fetchcomments':
if (is_array($eventData) && !$_SESSION['serendipityAuthedUser'] && serendipity_db_bool($this->get_config('hide_email', false))) {
// Will force emails to be not displayed in comments and RSS feed for comments. Will not apply to logged in admins (so not in the backend as well)
@reset($eventData);
while (list($idx, $comment) = each($eventData)) {
$eventData[$idx]['no_email'] = true;
}
}
break;
case 'frontend_saveComment':
/*
$fp = fopen('/tmp/spamblock2.log', 'a');
fwrite($fp, date('Y-m-d H:i') . "\n" . print_r($eventData, true) . "\n" . print_r($addData, true) . "\n");
fclose($fp);
*/
if (!is_array($eventData) || serendipity_db_bool($eventData['allow_comments'])) {
$this->checkScheme();
$serendipity['csuccess'] = 'true';
$logfile = $this->logfile = $this->get_config('logfile', $serendipity['serendipityPath'] . 'spamblock.log');
$required_fields = $this->get_config('required_fields', '');
$checkmail = $this->get_config('checkmail');
// Check CSRF [comments only, cannot be applied to trackbacks]
if ($addData['type'] == 'NORMAL' && serendipity_db_bool($this->get_config('csrf', true))) {
if (!serendipity_checkFormToken(false)) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_CSRF_REASON, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_CSRF_REASON;
}
}
// Check required fields
if ($addData['type'] == 'NORMAL' && !empty($required_fields)) {
$required_field_list = explode(',', $required_fields);
foreach ($required_field_list as $required_field) {
$required_field = trim($required_field);
if (empty($addData[$required_field])) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_REQUIRED_FIELD, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_REQUIRED_FIELD, $required_field);
return false;
}
}
}
/*
if ($addData['type'] != 'NORMAL' && empty($addData['name'])) {
$eventData = array('allow_coments' => false);
$this->log($logfile, $eventData['id'], 'INVALIDGARV', 'INVALIDGARV', $addData);
return false;
}
*/
// Check whether to allow comments from registered authors
if (serendipity_userLoggedIn() && $this->inGroup()) {
return true;
}
// Check if the user has verified himself via email already.
if ($addData['type'] == 'NORMAL' && (string) $checkmail === 'verify_once') {
$auth = serendipity_db_query("SELECT *\n FROM {$serendipity['dbPrefix']}options\n WHERE okey = 'mail_confirm'\n AND name = '" . serendipity_db_escape_string($addData['email']) . "'\n AND value = '" . serendipity_db_escape_string($addData['name']) . "'", true);
if (!is_array($auth)) {
// Filter authors names, Filter URL, Filter Content, Filter Emails, Check for maximum number of links before rejecting
// moderate false
if (false === $this->wordfilter($logfile, $eventData, $wordmatch, $addData, true)) {
// already there #$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_FILTER_WORDS, $addData);
// already there #$eventData = array('allow_comments' => false);
// already there #$serendipity['messagestack']['emails'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
return false;
} elseif (serendipity_db_bool($this->get_config('killswitch', false)) === true) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_KILLSWITCH, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_KILLSWITCH;
return false;
} else {
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL, $addData);
$eventData['moderate_comments'] = true;
$eventData['status'] = 'confirm1';
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL;
return false;
}
} else {
// User is allowed to post message, bypassing other checks as if he were logged in.
return true;
}
}
// Check if entry title is the same as comment body
if (serendipity_db_bool($this->get_config('entrytitle')) && trim($eventData['title']) == trim($addData['comment'])) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_TITLE, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
return false;
}
// Check for global emergency moderation
if (serendipity_db_bool($this->get_config('killswitch', false)) === true) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_KILLSWITCH, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_KILLSWITCH;
return false;
}
// Check for not allowing trackbacks/pingbacks/wfwcomments
if (($addData['type'] != 'NORMAL' || $addData['source'] == 'API') && $this->get_config('disable_api_comments', 'none') != 'none') {
if ($this->get_config('disable_api_comments') == 'reject') {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_API, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_API;
return false;
} elseif ($this->get_config('disable_api_comments') == 'moderate') {
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_REASON_API, $addData);
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_API;
}
}
// Check if sender ip is matching trackback/pingback ip (ip validation)
$trackback_ipvalidation_option = $this->get_config('trackback_ipvalidation', 'moderate');
if (($addData['type'] == 'TRACKBACK' || $addData['type'] == 'PINGBACK') && $trackback_ipvalidation_option != 'no') {
$this->IsHardcoreSpammer();
$exclude_urls = explode(';', $this->get_config('trackback_ipvalidation_url_exclude', $this->get_default_exclude_urls()));
$found_exclude_url = false;
foreach ($exclude_urls as $exclude_url) {
$exclude_url = trim($exclude_url);
if (empty($exclude_url)) {
continue;
}
$found_exclude_url = preg_match('@' . $exclude_url . '@', $addData['url']);
if ($found_exclude_url) {
break;
}
}
if (!$found_exclude_url) {
$parts = @parse_url($addData['url']);
$tipval_method = $trackback_ipvalidation_option == 'reject' ? 'REJECTED' : 'MODERATE';
// Getting host from url successfully?
if (!is_array($parts)) {
// not a valid URL
$this->log($logfile, $eventData['id'], $tipval_method, sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $addData['url'], '', ''), $addData);
if ($trackback_ipvalidation_option == 'reject') {
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $addData['url']);
return false;
} else {
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $addData['url']);
}
}
$trackback_ip = preg_replace('/[^0-9.]/', '', gethostbyname($parts['host']));
$sender_ip = preg_replace('/[^0-9.]/', '', $_SERVER['REMOTE_ADDR']);
$sender_ua = $debug ? ', ua="' . $_SERVER['HTTP_USER_AGENT'] . '"' : '';
// Is host ip and sender ip matching?
if ($trackback_ip != $sender_ip) {
$this->log($logfile, $eventData['id'], $tipval_method, sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $parts['host'], $trackback_ip, $sender_ip . $sender_ua), $addData);
if ($trackback_ipvalidation_option == 'reject') {
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $parts['host'], $trackback_ip, $sender_ip . $sender_ua);
return false;
} else {
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $parts['host'], $trackback_ip, $sender_ip . $sender_ua);
}
}
}
}
// Filter Akismet Blacklist?
$akismet_apikey = $this->get_config('akismet');
$akismet = $this->get_config('akismet_filter');
if (!empty($akismet_apikey) && ($akismet == 'moderate' || $akismet == 'reject') && !isset($addData['skip_akismet'])) {
$spam = $this->getBlacklist('akismet.com', $akismet_apikey, $eventData, $addData);
if ($spam['is_spam'] !== false) {
$this->IsHardcoreSpammer();
if ($akismet == 'moderate') {
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_REASON_AKISMET_SPAMLIST . ': ' . $spam['message'], $addData);
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY . ' (Akismet)';
} else {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_AKISMET_SPAMLIST . ': ' . $spam['message'], $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
return false;
}
}
}
// Check Trackback URLs?
if (($addData['type'] == 'TRACKBACK' || $addData['type'] == 'PINGBACK') && serendipity_db_bool($this->get_config('trackback_check_url'))) {
require_once S9Y_PEAR_PATH . 'HTTP/Request.php';
if (function_exists('serendipity_request_start')) {
serendipity_request_start();
}
$req = new HTTP_Request($addData['url'], array('allowRedirects' => true, 'maxRedirects' => 5, 'readTimeout' => array(5, 0)));
$is_valid = false;
if (PEAR::isError($req->sendRequest()) || $req->getResponseCode() != '200') {
$is_valid = false;
} else {
$fdata = $req->getResponseBody();
// Check if the target page contains a link to our blog
if (preg_match('@' . preg_quote($serendipity['baseURL'], '@') . '@i', $fdata)) {
$is_valid = true;
} else {
$is_valid = false;
}
}
if (function_exists('serendipity_request_end')) {
serendipity_request_end();
}
if ($is_valid === false) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_TRACKBACKURL, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_TRACKBACKURL;
return false;
}
}
if (false === $this->wordfilter($logfile, $eventData, $wordmatch, $addData)) {
return false;
}
// Check for maximum number of links before rejecting
$link_count = substr_count(strtolower($addData['comment']), 'http://');
if ($links_reject > 0 && $link_count > $links_reject) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_LINKS_REJECT, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
return false;
}
// Captcha checking
if ($show_captcha && $addData['type'] == 'NORMAL') {
if (!isset($_SESSION['spamblock']['captcha']) || !isset($serendipity['POST']['captcha']) || strtolower($serendipity['POST']['captcha']) != strtolower($_SESSION['spamblock']['captcha'])) {
$this->log($logfile, $eventData['id'], 'REJECTED', sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_CAPTCHAS, $serendipity['POST']['captcha'], $_SESSION['spamblock']['captcha']), $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_CAPTCHAS;
return false;
} else {
// DEBUG
// $this->log($logfile, $eventData['id'], 'REJECTED', 'Captcha passed: ' . $serendipity['POST']['captcha'] . ' / ' . $_SESSION['spamblock']['captcha'] . ' // Source: ' . $_SERVER['REQUEST_URI'], $addData);
}
} else {
// DEBUG
// $this->log($logfile, $eventData['id'], 'REJECTED', 'Captcha not needed: ' . $serendipity['POST']['captcha'] . ' / ' . $_SESSION['spamblock']['captcha'] . ' // Source: ' . $_SERVER['REQUEST_URI'], $addData);
}
// Check for forced comment moderation (X days)
if ($addData['type'] == 'NORMAL' && $forcemoderation > 0 && $eventData['timestamp'] < time() - $forcemoderation * 60 * 60 * 24) {
$this->log($logfile, $eventData['id'], $forcemoderation_treat, PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION, $addData);
if ($forcemoderation_treat == 'reject') {
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
return false;
} else {
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
}
}
// Check for forced trackback moderation
if ($addData['type'] != 'NORMAL' && $forcemoderationt > 0 && $eventData['timestamp'] < time() - $forcemoderationt * 60 * 60 * 24) {
$this->log($logfile, $eventData['id'], $forcemoderationt_treat, PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION, $addData);
if ($forcemoderationt_treat == 'reject') {
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
return false;
} else {
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
}
}
// Check for maximum number of links before forcing moderation
if ($links_moderate > 0 && $link_count > $links_moderate) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_LINKS_MODERATE, $addData);
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_LINKS_MODERATE;
}
// Check for identical comments. We allow to bypass trackbacks from our server to our own blog.
if ($this->get_config('bodyclone', true) === true && $_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR'] && $addData['type'] != 'PINGBACK') {
$query = "SELECT count(id) AS counter FROM {$serendipity['dbPrefix']}comments WHERE type = '" . $addData['type'] . "' AND body = '" . serendipity_db_escape_string($addData['comment']) . "'";
$row = serendipity_db_query($query, true);
if (is_array($row) && $row['counter'] > 0) {
$this->IsHardcoreSpammer();
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_BODYCLONE, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
return false;
}
}
// Check last IP
if ($addData['type'] == 'NORMAL' && $this->get_config('ipflood', 2) != 0) {
$query = "SELECT max(timestamp) AS last_post FROM {$serendipity['dbPrefix']}comments WHERE ip = '" . serendipity_db_escape_string($_SERVER['REMOTE_ADDR']) . "'";
$row = serendipity_db_query($query, true);
if (is_array($row) && $row['last_post'] > time() - $this->get_config('ipflood', 2) * 60) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_IPFLOOD, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_IP;
return false;
}
}
if ($addData['type'] == 'NORMAL' && (string) $checkmail === 'verify_always') {
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL, $addData);
$eventData['moderate_comments'] = true;
$eventData['status'] = 'confirm';
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL;
return false;
}
// Check invalid email
if ($addData['type'] == 'NORMAL' && serendipity_db_bool($this->get_config('checkmail', false))) {
if (!empty($addData['email']) && strstr($addData['email'], '@') === false) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_CHECKMAIL, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_CHECKMAIL;
return false;
}
}
if ($eventData['moderate_comments'] == true) {
return false;
}
}
return true;
break;
case 'frontend_comment':
if (serendipity_db_bool($this->get_config('hide_email', false))) {
echo '<div class="serendipity_commentDirection serendipity_comment_spamblock">' . PLUGIN_EVENT_SPAMBLOCK_HIDE_EMAIL_NOTICE . '</div>';
}
if ((string) $this->get_config('checkmail') === 'verify_always' || (string) $this->get_config('checkmail') === 'verify_once') {
echo '<div class="serendipity_commentDirection serendipity_comment_spamblock">' . PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_INFO . '</div>';
}
if (serendipity_db_bool($this->get_config('csrf', true))) {
echo serendipity_setFormToken('form');
}
// Check whether to allow comments from registered authors
if (serendipity_userLoggedIn() && $this->inGroup()) {
return true;
}
if ($show_captcha) {
echo '<div class="serendipity_commentDirection serendipity_comment_captcha">';
if (!isset($serendipity['POST']['preview']) || strtolower($serendipity['POST']['captcha'] != strtolower($_SESSION['spamblock']['captcha']))) {
echo '<br />' . PLUGIN_EVENT_SPAMBLOCK_CAPTCHAS_USERDESC . '<br />';
echo $this->show_captcha($use_gd);
echo '<br />';
echo '<label for="captcha">' . PLUGIN_EVENT_SPAMBLOCK_CAPTCHAS_USERDESC3 . '</label><br /><input class="input_textbox" type="text" size="5" name="serendipity[captcha]" value="" id="captcha" />';
} elseif (isset($serendipity['POST']['captcha'])) {
echo '<input type="hidden" name="serendipity[captcha]" value="' . serendipity_specialchars($serendipity['POST']['captcha']) . '" />';
}
echo '</div>';
}
return true;
break;
case 'external_plugin':
$parts = explode('_', (string) $eventData);
if (!empty($parts[1])) {
$param = (int) $parts[1];
} else {
$param = null;
}
$methods = array('captcha');
if (!in_array($parts[0], $methods)) {
return;
}
list($musec, $msec) = explode(' ', microtime());
$srand = (double) $msec + (double) $musec * 100000;
srand($srand);
mt_srand($srand);
$width = 120;
$height = 40;
$bgcolors = explode(',', $this->get_config('captcha_color', '255,255,255'));
$fontfiles = array('Vera.ttf', 'VeraSe.ttf', 'chumbly.ttf', '36daysago.ttf');
if ($use_gd) {
$strings = $this->random_string($max_char, $min_char);
$fontname = $fontfiles[array_rand($fontfiles)];
$font = $serendipity['serendipityPath'] . 'plugins/serendipity_event_spamblock/' . $fontname;
if (!file_exists($font)) {
// Search in shared plugin directory
$font = S9Y_INCLUDE_PATH . 'plugins/serendipity_event_spamblock/' . $fontname;
}
if (!file_exists($font)) {
die(PLUGIN_EVENT_SPAMBLOCK_ERROR_NOTTF);
}
header('Content-Type: image/jpeg');
$image = imagecreate($width, $height);
// recommended use of imagecreatetruecolor() returns a black backgroundcolor
$bgcol = imagecolorallocate($image, trim($bgcolors[0]), trim($bgcolors[1]), trim($bgcolors[2]));
// imagettftext($image, 10, 1, 1, 15, imagecolorallocate($image, 255, 255, 255), $font, 'String: ' . $string);
$pos_x = 5;
foreach ($strings as $idx => $charidx) {
$color = imagecolorallocate($image, mt_rand(50, 235), mt_rand(50, 235), mt_rand(50, 235));
$size = mt_rand(15, 21);
$angle = mt_rand(-20, 20);
$pos_y = ceil($height - mt_rand($size / 3, $size / 2));
imagettftext($image, $size, $angle, $pos_x, $pos_y, $color, $font, $this->chars[$charidx]);
$pos_x = $pos_x + $size + 2;
}
if ($_captchas === 'scramble') {
$line_diff = mt_rand(5, 15);
$pixel_col = imagecolorallocate($image, trim($bgcolors[0]) - mt_rand(10, 50), trim($bgcolors[1]) - mt_rand(10, 50), trim($bgcolors[2]) - mt_rand(10, 50));
for ($y = $line_diff; $y < $height; $y += $line_diff) {
$row_diff = mt_rand(5, 15);
for ($x = $row_diff; $x < $width; $x += $row_diff) {
imagerectangle($image, $x, $y, $x + 1, $y + 1, $pixel_col);
}
}
}
imagejpeg($image, NULL, 90);
// NULL fixes https://bugs.php.net/bug.php?id=63920
imagedestroy($image);
} else {
header('Content-Type: image/png');
$output_char = strtolower($_SESSION['spamblock']['captcha'][$parts[1] - 1]);
$cap = $serendipity['serendipityPath'] . 'plugins/serendipity_event_spamblock/captcha_' . $output_char . '.png';
if (!file_exists($cap)) {
$cap = S9Y_INCLUDE_PATH . 'plugins/serendipity_event_spamblock/captcha_' . $output_char . '.png';
}
if (file_exists($cap)) {
echo file_get_contents($cap);
}
}
return true;
break;
case 'backend_comments_top':
// Tell Akismet about spam or not spam
$tell_id = null;
if (isset($serendipity['GET']['spamIsSpam'])) {
$tell_spam = true;
$tell_id = $serendipity['GET']['spamIsSpam'];
}
if (isset($serendipity['GET']['spamNotSpam'])) {
$tell_spam = false;
$tell_id = $serendipity['GET']['spamNotSpam'];
}
if ($tell_id !== null) {
$akismet_apikey = $this->get_config('akismet');
$akismet = $this->get_config('akismet_filter');
if (!empty($akismet_apikey)) {
$this->tellAboutComment('akismet.com', $akismet_apikey, $tell_id, $tell_spam);
}
}
// Add Author to blacklist. If already filtered, it will be removed from the filter. (AKA "Toggle")
if (isset($serendipity['GET']['spamBlockAuthor'])) {
$item = $this->getComment('author', $serendipity['GET']['spamBlockAuthor']);
$items =& $this->checkFilter('authors', $item, true);
$this->set_config('contentfilter_authors', implode(';', $items));
}
// Add URL to blacklist. If already filtered, it will be removed from the filter. (AKA "Toggle")
if (isset($serendipity['GET']['spamBlockURL'])) {
$item = $this->getComment('url', $serendipity['GET']['spamBlockURL']);
$items =& $this->checkFilter('urls', $item, true);
$this->set_config('contentfilter_urls', implode(';', $items));
}
// Add E-mail to blacklist. If already filtered, it will be removed from the filter. (AKA "Toggle")
if (isset($serendipity['GET']['spamBlockEmail'])) {
$item = $this->getComment('email', $serendipity['GET']['spamBlockEmail']);
$items =& $this->checkFilter('emails', $item, true);
$this->set_config('contentfilter_emails', implode(';', $items));
}
echo '<a class="button_link" title="' . PLUGIN_EVENT_SPAMBLOCK_CONFIG . '" href="serendipity_admin.php?serendipity[adminModule]=plugins&serendipity[plugin_to_conf]=' . $this->instance . '"><span class="icon-medkit"></span><span class="visuallyhidden"> ' . PLUGIN_EVENT_SPAMBLOCK_CONFIG . '</span></a>';
return true;
break;
case 'backend_view_comment':
$author_is_filtered = $this->checkFilter('authors', $eventData['author']);
$clink = 'comment_' . $eventData['id'];
$randomString = '&random=' . substr(sha1(rand()), 0, 10);
# the random string will force browser to reload the page,
# so the server knows who to block/unblock when clicking again on the same link,
# see http://stackoverflow.com/a/2573986/2508518, http://stackoverflow.com/a/14043346/2508518
$akismet_apikey = $this->get_config('akismet');
$akismet = $this->get_config('akismet_filter');
if (!empty($akismet_apikey)) {
$eventData['action_more'] .= ' <a class="button_link actions_extra" title="' . PLUGIN_EVENT_SPAMBLOCK_SPAM . '" href="serendipity_admin.php?serendipity[adminModule]=comments&serendipity[spamIsSpam]=' . $eventData['id'] . $addData . '#' . $clink . '"><span class="icon-block"></span><span class="visuallyhidden"> ' . PLUGIN_EVENT_SPAMBLOCK_SPAM . '</span></a>';
$eventData['action_more'] .= ' <a class="button_link actions_extra" title="' . PLUGIN_EVENT_SPAMBLOCK_NOT_SPAM . '" href="serendipity_admin.php?serendipity[adminModule]=comments&serendipity[spamNotSpam]=' . $eventData['id'] . $addData . '#' . $clink . '"><span class="icon-ok-circled"></span><span class="visuallyhidden"> ' . PLUGIN_EVENT_SPAMBLOCK_NOT_SPAM . '</span></a>';
}
$eventData['action_author'] .= ' <a class="button_link" title="' . ($author_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_AUTHOR : PLUGIN_EVENT_SPAMBLOCK_ADD_AUTHOR) . '" href="serendipity_admin.php?serendipity[adminModule]=comments&serendipity[spamBlockAuthor]=' . $eventData['id'] . $addData . $randomString . '#' . $clink . '"><span class="icon-' . ($author_is_filtered ? 'ok-circled' : 'block') . '"></span><span class="visuallyhidden"> ' . ($author_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_AUTHOR : PLUGIN_EVENT_SPAMBLOCK_ADD_AUTHOR) . '</span></a>';
if (!empty($eventData['url'])) {
$url_is_filtered = $this->checkFilter('urls', $eventData['url']);
$eventData['action_url'] .= ' <a class="button_link" title="' . ($url_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_URL : PLUGIN_EVENT_SPAMBLOCK_ADD_URL) . '" href="serendipity_admin.php?serendipity[adminModule]=comments&serendipity[spamBlockURL]=' . $eventData['id'] . $addData . $randomString . '#' . $clink . '"><span class="icon-' . ($url_is_filtered ? 'ok-circled' : 'block') . '"></span><span class="visuallyhidden"> ' . ($url_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_URL : PLUGIN_EVENT_SPAMBLOCK_ADD_URL) . '</span></a>';
}
if (!empty($eventData['email'])) {
$email_is_filtered = $this->checkFilter('emails', $eventData['email']);
$eventData['action_email'] .= ' <a class="button_link" title="' . ($email_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_EMAIL : PLUGIN_EVENT_SPAMBLOCK_ADD_EMAIL) . '" href="serendipity_admin.php?serendipity[adminModule]=comments&serendipity[spamBlockEmail]=' . $eventData['id'] . $addData . $randomString . '#' . $clink . '"><span class="icon-' . ($email_is_filtered ? 'ok-circled' : 'block') . '"></span><span class="visuallyhidden"> ' . ($email_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_EMAIL : PLUGIN_EVENT_SPAMBLOCK_ADD_EMAIL) . '</span></a>';
}
return true;
break;
case 'backend_sidebar_admin_appearance':
echo '<li><a href="serendipity_admin.php?serendipity[adminModule]=plugins&serendipity[plugin_to_conf]=' . $this->instance . '">' . PLUGIN_EVENT_SPAMBLOCK_TITLE . '</a></li>';
return true;
break;
default:
return false;
break;
}
} else {
return false;
}
}
<?php
if (IN_serendipity !== true) {
die("Don't hack!");
}
$probelang = dirname(__FILE__) . '/' . $serendipity['charset'] . 'lang_' . $serendipity['lang'] . '.inc.php';
if (file_exists($probelang)) {
include $probelang;
}
include dirname(__FILE__) . '/lang_en.inc.php';
$serendipity['smarty']->assign(array('currpage' => "http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']));
$template_config = array(array('var' => 'feedburner', 'name' => FEEDBURNER_102, 'type' => 'string', 'default' => ''), array('var' => 'delicious', 'name' => DELICIOUS_102, 'type' => 'string', 'default' => ''), array('var' => 'flickr', 'name' => 'flickr URI', 'type' => 'string', 'default' => ''), array('var' => 'technorati', 'name' => 'technorati URI', 'type' => 'string', 'default' => ''), array('var' => 'addthiswidget', 'name' => 'addthis.com Bookmark Widget', 'type' => 'boolean', 'default' => 'false'), array('var' => 'addthisaccount', 'name' => 'addthis.com Account', 'type' => 'string', 'default' => ''), array('var' => 'amount', 'name' => NAVLINK_AMOUNT, 'type' => 'string', 'default' => '5'));
$template_loaded_config = serendipity_loadThemeOptions($template_config, $serendipity['smarty_vars']['template_option']);
if (isset($_POST['serendipity']['template']['amount']) && serendipity_userLoggedIn() && serendipity_checkPermission('adminTemplates')) {
$temp_post = $_POST['serendipity']['template']['amount'];
if (is_numeric($temp_post)) {
$template_loaded_config['amount'] = $temp_post;
}
}
$navlinks = array();
for ($i = 0; $i < $template_loaded_config['amount']; $i++) {
$navlinks[] = array('title' => $template_loaded_config['navlink' . $i . 'text'], 'href' => $template_loaded_config['navlink' . $i . 'url'], 'akey' => $template_loaded_config['navlink' . $i . 'key']);
$template_config[] = array('var' => 'navlink' . $i . 'text', 'name' => NAV_LINK_TEXT . ' #' . $i, 'type' => 'string', 'default' => 'Link #' . $i);
$template_config[] = array('var' => 'navlink' . $i . 'url', 'name' => NAV_LINK_URL . ' #' . $i, 'type' => 'string', 'default' => '#');
$template_config[] = array('var' => 'navlink' . $i . 'key', 'name' => NAV_LINK_KEY . ' #' . $i, 'type' => 'string', 'default' => $i);
}
$serendipity['smarty']->assign_by_ref('navlinks', $navlinks);
function generate_content(&$title)
{
global $serendipity;
$title = $this->get_config('title');
if (!serendipity_db_bool($this->get_config('sidebar_login', true))) {
// Disable sidebar; Fallback to Event-Plugin.
return false;
}
if (serendipity_userLoggedIn()) {
return false;
}
$ug = (array) explode(',', $this->get_config('usergroups', false));
foreach ($ug as $cid) {
if ($cid === false || empty($cid)) {
continue;
}
$this->usergroups[$cid] = $cid;
}
$url = serendipity_currentURL();
$username = substr($serendipity['POST']['adduser_user'], 0, 40);
$password = substr($serendipity['POST']['adduser_pass'], 0, 32);
$email = $serendipity['POST']['adduser_email'];
echo '<div style="padding-left: 4px; padding-right: 10px"><a id="adduser"></a>';
if (!serendipity_common_adduser::adduser($username, $password, $email, $this->get_config('userlevel', USERLEVEL_EDITOR), $this->usergroups, serendipity_db_bool($this->get_config('no_create', false)), serendipity_db_bool($this->get_config('right_publish', true)), serendipity_db_bool($this->get_config('straight_insert', false)), serendipity_db_bool($this->get_config('approve', false)), serendipity_db_bool($this->get_config('use_captcha', false)))) {
serendipity_common_adduser::loginform($url, array(), $this->get_config('instructions'), $username, $password, $email, serendipity_db_bool($this->get_config('use_captcha', false)));
}
echo '</div>';
return true;
}
/**
* Print a list of comments to an entry
*
* @access public
* @param array The list of comments to display
* @param int The parentID of a comment to show. Can contain the constant for VIEWMODE_THREADED/LINEAR. [recursive usage]
* @param int The current nesting depth of a comment [recursive usage]
* @param string A string repesenting the actual comment (1.1.2.1)
* @return string The HTML construct of all comments
*/
function serendipity_printComments($comments, $parentid = 0, $depth = 0, $trace = null, $smarty_block = 'COMMENTS', $smarty_file = 'comments.tpl')
{
global $serendipity;
static $_smartyComments;
/* - $_smartyComments holds the ending smarty array.
- $depth is the current depth of the recurrence.
- $i is the position in the current depth. */
if ($parentid === VIEWMODE_THREADED) {
$parentid = 0;
}
/* Wait a second, we just got attacked by a call with level 0,
this must mean we've started over */
if ($depth == 0) {
$_smartyComments = array();
}
$i = 0;
foreach ($comments as $comment) {
if ($parentid === VIEWMODE_LINEAR || !isset($comment['parent_id']) || $comment['parent_id'] == $parentid) {
$i++;
$comment['comment'] = serendipity_specialchars(strip_tags($comment['body']));
$comment['url'] = strip_tags($comment['url']);
$comment['link_delete'] = $serendipity['baseURL'] . 'comment.php?serendipity[delete]=' . $comment['id'] . '&serendipity[entry]=' . $comment['entry_id'] . '&serendipity[type]=comments';
/* Fix invalid cases in protocoll part */
if (!empty($comment['url'])) {
$comment['url'] = preg_replace('@^http://@i', 'http://', $comment['url']);
$comment['url'] = preg_replace('@^https://@i', 'https://', $comment['url']);
}
/* Fix f****d links */
if (!empty($comment['url']) && substr($comment['url'], 0, 7) != 'http://' && substr($comment['url'], 0, 8) != 'https://') {
$comment['url'] = 'http://' . $comment['url'];
}
if (!empty($comment['url'])) {
if (!@parse_url($comment['url'])) {
$comment['url'] = '';
}
$comment['url'] = serendipity_specialchars($comment['url'], ENT_QUOTES);
}
$addData = array('from' => 'functions_entries:printComments');
serendipity_plugin_api::hook_event('frontend_display', $comment, $addData);
if (isset($comment['no_email']) && $comment['no_email']) {
$comment['email'] = false;
} elseif (!empty($comment['email'])) {
$comment['clear_email'] = $comment['email'];
$comment['email'] = serendipity_specialchars(str_replace('@', '[at]', $comment['email']));
}
$comment['body'] = $comment['comment'];
$comment['pos'] = $i;
$comment['trace'] = $trace . $i;
$comment['depth'] = $depth;
$comment['author'] = serendipity_specialchars($comment['author']);
if (isset($comment['title'])) {
$comment['title'] = serendipity_specialchars($comment['title']);
}
if (serendipity_userLoggedIn()) {
if ($comment['subscribed'] == 'true') {
if ($comment['status'] == 'approved') {
$comment['body'] .= '<div class="serendipity_subscription_on"><em>' . ACTIVE_COMMENT_SUBSCRIPTION . '</em></div>';
} else {
$comment['body'] .= '<div class="serendipity_subscription_pending"><em>' . PENDING_COMMENT_SUBSCRIPTION . '</em></div>';
}
} else {
#$comment['body'] .= '<div class="serendipity_subscription_off"><em>' . NO_COMMENT_SUBSCRIPTION . '</em></div>';
}
}
$_smartyComments[] = $comment;
if ($comment['id'] && $parentid !== VIEWMODE_LINEAR) {
serendipity_printComments($comments, $comment['id'], $depth + 1, $trace . $i . '.', $smarty_block, $smarty_file);
}
}
}
/* We are inside a recusive child, and we need to break out */
if ($depth !== 0) {
return true;
}
$serendipity['smarty']->assignByRef($smarty_block == 'COMMENTS' ? 'comments' : 'trackbacks', $_smartyComments);
unset($_smartyComments);
return serendipity_smarty_fetch($smarty_block, $smarty_file);
}
if (is_array($metadata['additional_fields'])) {
// Fix up array keys, because "." are not allowed when wanting to output using Smarty
foreach ($metadata['additional_fields'] as $_aid => $af) {
$aid = str_replace('.', '', $_aid);
$metadata['additional_fields'][$aid] = $af;
}
}
$metadata['fullFeed'] = $plugin->get_config('fullfeed', false);
if ($metadata['fullFeed'] === 'client') {
if ($_GET['fullFeed'] || $serendipity['GET']['fullFeed']) {
$metadata['fullFeed'] = true;
} else {
$metadata['fullFeed'] = false;
}
}
if ($_GET['type'] == 'content' && !isset($_GET['category']) && !isset($serendipity['GET']['tag']) && $plugin->get_config('show_feedburner') === 'force' && !preg_match('@FeedBurn@i', $_SERVER['HTTP_USER_AGENT']) && !(serendipity_userLoggedIn() && isset($_GET['forceLocal']))) {
$fbid = $plugin->get_config('fb_id');
if (stristr($fbid, 'http://')) {
$url = $fbid;
} else {
$url = 'http://feeds.feedburner.com/' . $fbid;
}
header('Status: 302 Found');
header('Location: ' . $url);
exit;
}
$metadata['showMail'] = serendipity_db_bool($plugin->get_config('show_mail', $metadata['showMail']));
break;
}
}
}
function event_hook($event, &$bag, &$eventData, $addData = null)
{
global $serendipity;
$hooks =& $bag->get('event_hooks');
$serendipity['plugin_dlm_version'] =& $bag->get('version');
if (isset($hooks[$event])) {
switch ($event) {
case 'entry_display':
if ($this->selected()) {
if (is_array($eventData)) {
$eventData['clean_page'] = true;
} else {
$eventData = array('clean_page' => true);
}
}
return true;
break;
case 'backend_sidebar_entries':
$this->setupDB();
// forbid entry if not admin
if (serendipity_userLoggedIn() && $_SESSION['serendipityAuthedUser'] === true && $_SESSION['serendipityUserlevel'] == '255') {
?>
<li class="serendipitySideBarMenuLink serendipitySideBarMenuEntryLinks"><a href="?serendipity[adminModule]=event_display&serendipity[adminAction]=downloadmanager"><?php
echo PLUGIN_DOWNLOADMANAGER_TITLE;
?>
</a></li>
<?php
}
break;
case 'backend_dlm_filecopy':
if (!serendipity_db_bool($this->get_config('chg2archivespath'))) {
$oldfilepath = $this->get_config('absdownloadspath') ? $this->get_config('absdownloadspath') : $serendipity['serendipityPath'] . 'templates_c/.dlmanager/files';
$newfilepath = $serendipity['serendipityPath'] . 'archives/.dlm/files';
// upgrade the old encoded files to new dir
$updown = $this->backend_dlm_upgrade($oldfilepath, $newfilepath, 'absdownloadspath');
$oldinpath = $this->get_config('absincomingpath') ? $this->get_config('absincomingpath') : $serendipity['serendipityPath'] . $serendipity['uploadPath'] . '.dlmanager/incoming';
$newinpath = $serendipity['serendipityPath'] . 'archives/.dlm/ftpin';
// upgrade the old incoming ftp/trash files to new dir
$upin = $this->backend_dlm_upgrade($oldinpath, $newinpath, 'absincomingpath');
if (true === ($updown || $upin)) {
$this->set_config('chg2archivespath', true);
$url = $_SERVER['PHP_SELF'] . '?serendipity[adminModule]=event_display&serendipity[adminAction]=downloadmanager&cpdone=1';
$this->backend_dlm_refresh($url);
}
}
break;
case 'backend_sidebar_entries_event_display_downloadmanager':
$serendipity['dlm']['stopadminprocess'] = false;
if (!is_object(isset($serendipity['smarty']))) {
serendipity_smarty_init();
// if not set to avoid member function assign() on a non-object error, start Smarty templating
}
// load the 0.24 upgrade hook
if (version_compare($serendipity['plugin_dlm_version'], '0.24', '<=')) {
serendipity_plugin_api::hook_event('backend_dlm_filecopy', $addData);
} else {
if (!serendipity_db_bool($this->get_config('chg2archivespath'))) {
$this->set_config('chg2archivespath', true);
}
}
if (intval($_GET['cpdone']) == 0) {
$this->set_config('chg2archivespath', true);
}
if (intval(isset($_GET['cpdone'])) || $serendipity['dlm']['stopadminprocess'] === false) {
$this->ADMIN_showDownloads();
}
break;
case 'external_plugin':
$uri_parts = explode('?', str_replace('&', '&', $eventData));
// Try to get request parameters from eventData name
if (!empty($uri_parts[1])) {
$reqs = explode('&', $uri_parts[1]);
foreach ($reqs as $id => $req) {
$val = explode('=', $req);
if (empty($_REQUEST[$val[0]])) {
$_REQUEST[$val[0]] = $val[1];
}
}
}
$parts = explode('_', $uri_parts[0]);
if (!empty($parts[1])) {
$param = (int) $parts[1];
} else {
$param = null;
}
switch ($parts[0]) {
case 'dlfile':
$fileid = intval($parts[1]);
serendipity_db_query("UPDATE {$serendipity['dbPrefix']}dma_downloadmanager_files SET dlcount = dlcount+1 WHERE id = " . $fileid);
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_downloadmanager_files WHERE id = " . $fileid;
$file = serendipity_db_query($sql);
$mime = $this->getMime($file[0]['realfilename']);
$contenttype = $mime['TYPE'];
$filename = $file[0]['realfilename'];
$filename = str_replace(' ', '_', $filename);
$path = $this->globs['dlmpath'];
$sysname = $file[0]['systemfilename'];
$filesize = $file[0]['filesize'];
if (function_exists("getallheaders")) {
$headers = getallheaders();
}
if (substr($headers["Range"], 0, 6) == "bytes=") {
header("HTTP/1.1 206 Partial Content");
header("Content-Type: {$contenttype}");
header("Content-Disposition: attachment; filename=" . $filename);
header("Accept-Ranges: bytes");
header("Connection: close");
$bytes = explode("=", $headers["Range"]);
$bytes = $bytes[1];
if (preg_match("@^-([0-9]+)@", $bytes, $bytes_len)) {
$bytes_len = $bytes_len[1];
$bytes_start = $filesize - $bytes_len;
$bytes_end = $filesize - 1;
header("Content-Length: " . $bytes_len);
} elseif (preg_match("@([0-9]+)-\$@", $bytes, $bytes_start)) {
$bytes_start = $bytes_start[1];
$bytes_end = $filesize - 1;
$bytes_len = $filesize - $bytes_start;
header("Content-Length: {$bytes_len}");
} elseif (preg_match("@^([0-9]+)-([0-9]+)\$@", $bytes, $bytes_pos)) {
$bytes_start = $bytes_pos[0];
$bytes_end = $bytes_pos[1];
if ($bytes_start < 0 || $bytes_start > $filesize - 1) {
$bytes_start = 0;
}
if ($bytes_end < $bytes_start || $bytes_end > $filesize - 1) {
$bytes_end = $filesize - 1;
}
$bytes_len = $bytes_end - $bytes_start + 1;
header("Content-Length: {$bytes_len}");
} else {
$bytes_start = 0;
$bytes_end = $filesize - 1;
$bytes_len = $bytes_end - $bytes_start + 1;
header("Content-Length: {$bytes_len}");
}
header("Content-Range: bytes {$bytes_start}-{$bytes_end}/" . $filesize);
$fp = fopen($path . "/" . $sysname, "rb");
fseek($fp, $bytes_start);
$contents = fread($fp, $bytes_len);
fclose($fp);
echo $contents;
} else {
$fp = fopen($path . "/" . $sysname, "rb");
$contents = fread($fp, $filesize);
fclose($fp);
header("Content-Type: {$contenttype}");
header("Content-Disposition: attachment; filename=" . $filename);
header("Accept-Ranges: bytes");
header("Content-Length: " . strlen($contents));
header("Connection: close");
echo $contents;
}
break;
}
return true;
break;
/* put here all your css stuff you need for the downloadmanagers plugin frontend output */
/* put here all your css stuff you need for the downloadmanagers plugin frontend output */
case 'css':
if (stristr($eventData, '#downloadmanager')) {
// class exists in CSS, so a user has customized it and we don't need default
return true;
}
$tfile = serendipity_getTemplateFile('style_dlmanager_frontend.css', 'serendipityPath');
if ($tfile) {
echo @file_get_contents($tfile);
}
if (!$tfile || $tfile == 'style_dlmanager_frontend.css') {
$tfile = dirname(__FILE__) . '/style_dlmanager_frontend.css';
echo @file_get_contents($tfile);
}
return true;
break;
/* put here all you css stuff you need for the backend of dlm */
/* put here all you css stuff you need for the backend of dlm */
case 'css_backend':
if (stristr($eventData, '#backend_downloadmanager')) {
// class exists in CSS, so a user has customized it and we don't need default
return true;
}
$tfile = serendipity_getTemplateFile('style_dlmanager_backend.css', 'serendipityPath');
if ($tfile) {
$tfilecontent = @file_get_contents($tfile);
}
if ((!$tfile || $tfile == 'style_dlmanager_backend.css') && !$tfilecontent) {
$tfile = dirname(__FILE__) . '/style_dlmanager_backend.css';
$tfilecontent = @file_get_contents($tfile);
}
// add replaced css content to the end of serendipity_admin.css
if (!empty($tfilecontent)) {
$this->backend_dlm_css($eventData, $tfilecontent);
}
return true;
break;
case 'entries_header':
//this shows our page and not an empty one
$this->show();
return true;
break;
default:
return false;
break;
}
// switch end
}
return true;
}
function event_hook($event, &$bag, &$eventData, $addData = null)
{
global $serendipity;
static $cache = null;
static $method = null;
$hooks =& $bag->get('event_hooks');
if (isset($hooks[$event])) {
switch ($event) {
case 'css':
if (strpos($eventData, '#twitter_update_list')) {
// class exists in CSS, so a user has customized it and we don't need default
return true;
}
$this->addToCSS($eventData);
return true;
break;
case 'backend_header':
$this->add_backend_header_parts();
return true;
case 'backend_publish':
// If signaled, we don't want to announce, don't do it!
if (isset($serendipity['POST']['properties']['microblogging_dontannounce'])) {
return true;
}
// eventData is the entry here
return $this->twitter_published_entry($eventData);
break;
case 'backend_delete_entry':
$this->entry_deleted((int) $eventData);
return true;
break;
case 'external_plugin':
$parts = explode('_', $eventData);
$command = $parts[0];
if ($command == 'cacheplugintwitter') {
$next_check = (int) $this->updateTwitterTimelineCache($parts);
$this->show_img(dirname(__FILE__) . '/img/pixel.png', (int) $next_check);
return true;
}
$parts = explode('=', $eventData);
$command = $parts[0];
$fparts = explode('&', $parts[1]);
if ($command == "tweetback") {
if (!$_SESSION['serendipityAuthedUser']) {
echo "DON'T HACK!<br>";
return true;
}
$article_url = preg_replace('@^tweetback=@', '', $eventData);
$article_url = $this->urldecode($article_url);
if (empty($article_url)) {
echo "Dont hack!";
}
$shorturls = $this->create_short_urls($article_url);
$entries = $entries = $this->search($article_url, null);
if (is_array($entries)) {
$this->debug_entries($entries, $article_url, $shorturls);
} else {
echo "<p><b>ERROR</b> while fetching search results for URL {$article_url}<br/>Might be a Twitter Overload.<br/>Try again later</p>";
}
return true;
} else {
if ($command == "gtweetback.png") {
$nextcheck = $this->check_tweetbacks_global();
if (empty($nextcheck)) {
$nextcheck = time() + 30 * 60;
}
// Default for hackers
$this->show_img(dirname(__FILE__) . '/img/pixel.png', $nextcheck, 'image/png');
return true;
} else {
if ($command == "twitteroa-del") {
$this->twitteroalog($command);
// Remove current twitter OAuth key and token to allow to re-connect
if (!serendipity_userLoggedIn()) {
die("Don't hack!");
}
$idx = $fparts[0];
// Remove access tokens
$u = $this->get_config('twittername' . $idx);
$kd = $this->set_config('twitteroa_key_' . $idx . $u, '');
$td = $this->set_config('twitteroa_token_' . $idx . $u, '');
// Remove old application, so it will change to the s9y app next time:
$csecret = $this->set_config('twitteroa_consumer_secret' . $idx, '');
$ckey = $this->set_config('twitteroa_consumer_key' . $idx, '');
serendipity_die('<div align="center">
<h1>' . PLUGIN_EVENT_TWITTER_VERBINDUNG_DEL_OK . '</h1>
<a href="javascript:window.close()">' . PLUGIN_EVENT_TWITTER_CLOSEWINDOW . '</a>
</div>');
return true;
} else {
if ($command == "twitteroa-redirect") {
$this->twitteroalog($command);
if (!serendipity_userLoggedIn()) {
die("Don't hack!");
}
$idx = $fparts[0];
$u = $this->get_config('twittername' . $idx);
$kd = $this->get_config('twitteroa_key_' . $idx . $u);
$td = $this->get_config('twitteroa_token_' . $idx . $u);
$ckey = $this->get_config('twitteroa_consumer_key' . $idx);
$csecret = $this->get_config('twitteroa_consumer_secret' . $idx);
require_once dirname(__FILE__) . '/twitteroauth/twitteroauth.php';
$twittername = $u;
$callbackurl = $serendipity['baseURL'] . $serendipity['indexFile'] . '?/' . TwitterPluginFileAccess::get_permaplugin_path() . '/twitteroa-callback=' . $idx . "&twittername=" . $twittername;
define('CONSUMER_KEY', $ckey);
define('CONSUMER_SECRET', $csecret);
define('OAUTH_CALLBACK', $callbackurl);
/* Build TwitterOAuth object with client credentials. */
$connection = new TwitterOAuth($ckey, $csecret);
/* Get temporary credentials. */
$request_token = $connection->getRequestToken(OAUTH_CALLBACK);
/* Save temporary credentials to session. */
$_SESSION['oauth_token'] = $token = $request_token['oauth_token'];
$_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
/* If last connection failed don't display authorization link. */
switch ($connection->http_code) {
case 200:
/* Build authorize URL and redirect user to Twitter. */
$url = $connection->getAuthorizeURL($token);
header('Location: ' . $url);
exit;
break;
default:
serendipity_die('<div align="center">
<h1>' . PLUGIN_EVENT_TWITTER_VERBINDUNG_ERROR . '</h1>
<div align="left"><pre>' . print_r($connection, true) . '</pre>
<pre>' . print_r($request_token, true) . '</pre>
<pre>' . print_r($_SESSION, true) . '</pre>
<pre>' . print_r($_REQUEST, true) . '</pre></div>
<a href="javascript:window.close()">' . PLUGIN_EVENT_TWITTER_CLOSEWINDOW . '</a>
</div>');
}
return true;
} else {
if ($command == "twitteroa-callback") {
$this->twitteroalog($command);
if (!serendipity_userLoggedIn()) {
die("Don't hack!");
}
$idx = $fparts[0];
$u = $this->get_config('twittername' . $idx);
$kd = $this->get_config('twitteroa_key_' . $idx . $u);
$td = $this->get_config('twitteroa_token_' . $idx . $u);
$ckey = $this->get_config('twitteroa_consumer_key' . $idx);
$csecret = $this->get_config('twitteroa_consumer_secret' . $idx);
require_once dirname(__FILE__) . '/twitteroauth/twitteroauth.php';
define('CONSUMER_KEY', $ckey);
define('CONSUMER_SECRET', $csecret);
/* If the oauth_token is old redirect to the connect page. */
if (isset($_REQUEST['oauth_token']) && $_SESSION['oauth_token'] !== $_REQUEST['oauth_token']) {
$_SESSION['oauth_status'] = 'oldtoken';
$url = $serendipity['baseURL'] . $serendipity['indexFile'] . '?/' . TwitterPluginFileAccess::get_permaplugin_path() . '/twitteroa-redirect=' . $idx;
header('Location: ' . $url);
exit;
}
/* Create TwitteroAuth object with app key/secret and token key/secret from default phase */
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
/* Request access tokens from twitter */
$access_token = $connection->getAccessToken($_REQUEST['oauth_verifier']);
$this->set_config('twitteroa_key_' . $idx . $u, $access_token['oauth_token']);
$this->set_config('twitteroa_token_' . $idx . $u, $access_token['oauth_token_secret']);
/* Remove no longer needed request tokens */
unset($_SESSION['oauth_token']);
unset($_SESSION['oauth_token_secret']);
/* If HTTP response is 200 continue otherwise send to connect page to retry */
if (200 == $connection->http_code) {
serendipity_die('<div align="center">
<h1>' . PLUGIN_EVENT_TWITTER_VERBINDUNG_OK . '</h1>
<a href="javascript:window.close()">' . PLUGIN_EVENT_TWITTER_CLOSEWINDOW . '</a>
</div>');
} else {
serendipity_die('<div align="center">
<h1>' . PLUGIN_EVENT_TWITTER_VERBINDUNG_ERROR . '</h1>
<pre>' . print_r($connection, true) . '</pre>
<pre>' . print_r($access_token, true) . '</pre>
<pre>' . print_r($_SESSION, true) . '</pre>
<pre>' . print_r($_REQUEST, true) . '</pre>
<a href="javascript:window.close()">' . PLUGIN_EVENT_TWITTER_CLOSEWINDOW . '</a>
</div>');
}
return true;
}
}
}
}
}
return false;
break;
case 'entry_display':
$this->display_entry($eventData, $addData);
return true;
case 'backend_frontpage_display':
if ($this->get_config('tweeter_show', 'disable') == 'frontpage') {
$this->display_twitter_client(false);
}
return true;
case 'backend_sidebar_entries':
if ($serendipity['version'][0] == '1') {
if ($this->get_config('tweeter_show', 'disable') == 'sidebar') {
?>
<li class="serendipitySideBarMenuLink serendipitySideBarMenuEntryLinks"><a href="?serendipity[adminModule]=event_display&serendipity[adminAction]=tweeter"><?php
echo PLUGIN_EVENT_TWITTER_TWEETER_SIDEBARTITLE;
?>
</a></li>
<?php
} else {
}
}
return true;
case 'backend_sidebar_admin_appearance':
if ($serendipity['version'][0] == '1') {
} else {
if ($this->get_config('tweeter_show', 'disable') == 'sidebar') {
?>
<li><a href="?serendipity[adminModule]=event_display&serendipity[adminAction]=tweeter"><?php
echo PLUGIN_EVENT_TWITTER_TWEETER_SIDEBARTITLE;
?>
</a></li>
<?php
}
}
return true;
case 'backend_sidebar_entries_event_display_tweeter':
echo '<h2>' . PLUGIN_EVENT_TWITTER_TWEETER_SIDEBARTITLE . '</h2>';
$this->display_twitter_client(true);
return true;
case 'frontend_footer':
$this->display_frontend_footer();
return true;
case 'frontend_saveComment':
$this->hook_saveComment($eventData, $addData);
return true;
case 'backend_display':
if (!serendipity_db_bool($this->get_config('announce_articles'))) {
return true;
}
if (isset($serendipity['POST']['properties']['microblogging_tagList'])) {
$tagList = $serendipity['POST']['properties']['microblogging_tagList'];
} else {
$tagList = '';
}
if (isset($serendipity['POST']['properties']['microblogging_dontannounce'])) {
$checked_dontannounce = "checked='checked'";
} else {
$checked_dontannounce = '';
}
if (serendipity_db_bool($this->get_config('announce_articles_default_no'))) {
$checked_dontannounce = "checked='checked'";
}
if ($serendipity['version'][0] == '1') {
?>
<fieldset style="margin: 5px">
<a name="microbloggingAnchor"></a>
<legend><?php
echo PLUGIN_EVENT_TWITTER_NAME;
?>
</legend>
<div class="entryproperties_microblogging_dontannounce">
<input id="properties_microblogging_dontannounce" class="input_checkbox" type="checkbox" name="serendipity[properties][microblogging_dontannounce]" <?php
echo $checked_dontannounce;
?>
/>
<label for="properties_microblogging_dontannounce" title="<?php
echo PLUGIN_EVENT_TWITTER_BACKEND_DONTANNOUNCE;
?>
"> <?php
echo PLUGIN_EVENT_TWITTER_BACKEND_DONTANNOUNCE;
?>
</label>
</div>
<label for="serendipity[properties][microblogging_tagList]" title="<?php
echo PLUGIN_EVENT_TWITTER_NAME;
?>
">
<?php
echo PLUGIN_EVENT_TWITTER_BACKEND_ENTERDESC;
?>
</label><br/>
<input type="text" name="serendipity[properties][microblogging_tagList]" id="properties_microblogging_tagList" class="wickEnabled input_textbox" value="<?php
echo function_exists('serendipity_specialchars') ? serendipity_specialchars($tagList) : htmlspecialchars($tagList, ENT_COMPAT, LANG_CHARSET);
?>
" style="width: 100%" />
</fieldset>
<?php
} else {
?>
<fieldset class="entryproperties">
<a name="microbloggingAnchor"></a>
<span class="wrap_legend"><legend><?php
echo PLUGIN_EVENT_TWITTER_NAME;
?>
</legend></span>
<div class="entryproperties_microblogging_dontannounce form_check">
<input id="properties_microblogging_dontannounce" name="serendipity[properties][microblogging_dontannounce]" type="checkbox" <?php
echo $checked_dontannounce;
?>
>
<label for="properties_microblogging_dontannounce"><?php
echo PLUGIN_EVENT_TWITTER_BACKEND_DONTANNOUNCE;
?>
</label>
</div>
<div class="form_field">
<label for="serendipity[properties][microblogging_tagList]" class="block_level"><?php
echo PLUGIN_EVENT_TWITTER_BACKEND_ENTERDESC;
?>
</label>
<input id="properties_microblogging_tagList" class="wickEnabled" name="serendipity[properties][microblogging_tagList]" type="text" value="<?php
echo function_exists('serendipity_specialchars') ? serendipity_specialchars($tagList) : htmlspecialchars($tagList, ENT_COMPAT, LANG_CHARSET);
?>
">
</div>
</fieldset>
<?php
}
return true;
}
}
}
/**
* Guestbook form submit POST checks, validate & insert into db
*
* @return boolean on error
*/
function checkSubmit()
{
global $serendipity;
global $messages;
if (!is_array($messages)) {
$messages = array();
}
$valid['captcha'] = FALSE;
$valid['data_length'] = FALSE;
$valid['data_email'] = FALSE;
$valid['message'] = FALSE;
$serendipity['guestbook_message_header'] = FALSE;
$authenticated_user = serendipity_userLoggedIn() ? true : false;
$gb_automoderate = serendipity_db_bool($this->get_config('automoderate'), false);
if (empty($serendipity['POST']['guestbookform'])) {
return false;
}
if (!isset($serendipity['POST']['email']) || empty($serendipity['POST']['email'])) {
$serendipity['POST']['email'] = '*****@*****.**';
}
if (empty($serendipity['POST']['name']) && empty($serendipity['POST']['email']) && empty($serendipity['POST']['comment'])) {
array_push($messages, PLUGIN_GUESTBOOK_MESSAGE . ': ' . PLUGIN_GUESTBOOK_ERROR_DATA . ' - ' . ERROR_NOINPUT);
return false;
}
if (!$serendipity['POST']['email'] || !$serendipity['POST']['name'] || !$serendipity['POST']['comment']) {
array_push($messages, ERROR_NOINPUT);
return false;
}
// do not allow non logged-in manual BBCode in comments
if (!$authenticated_user) {
$serendipity['POST']['comment'] = $this->bbc_reverse($serendipity['POST']['comment']);
}
// find Spamblock global set force auto moderation
if ($hit = preg_grep("|/forcemoderation_treat|i", array_keys($serendipity))) {
$forcemoderate = array_values($hit);
}
// if force moderate is set to moderate, advice security to not support 'stripped' or 'stripped-by-key' POST mark
// this does only happen true, if not automoderate is set in both plugins and strip tags really removed some tags.
if (isset($serendipity[$forcemoderate[0]]) == 'moderate' && $gb_automoderate === true) {
$serendipity['POST'] = $this->strip_security($serendipity['POST'], array('name', 'email', 'comment', 'admincomment', 'url'), false, false);
} else {
$serendipity['POST'] = $this->strip_security($serendipity['POST'], array('name', 'email', 'comment', 'admincomment', 'url'));
}
if ($serendipity['POST']['stripped'] === true) {
array_push($messages, ERROR_OCCURRED . '<br>' . ERROR_DATASTRIPPED);
return false;
}
// Fake call to spamblock and other comment plugins, if not in backend.
$ca = array('id' => 0, 'allow_comments' => true, 'last_modified' => time(), 'timestamp' => strtotime("-8 day", time()));
if (!is_numeric($_POST['guestbook']['id'])) {
$commentInfo = array('type' => 'NORMAL', 'source' => 'guestbookform', 'name' => $serendipity['POST']['name'], 'email' => $serendipity['POST']['email'], 'url' => $serendipity['POST']['url'], 'comment' => $serendipity['POST']['comment']);
serendipity_plugin_api::hook_event('frontend_saveComment', $ca, $commentInfo);
}
// End of fake call.
// listen to Spamblock Plugin and do some specific guestbook checks, if captcha and entry were allowed
if (serendipity_db_bool($ca['allow_comments']) === true) {
if (trim($serendipity['POST']['name']) == '') {
array_push($messages, ERROR_NAMEEMPTY);
}
if (isset($serendipity['POST']['url'])) {
$serendipity['POST']['url'] = trim($serendipity['POST']['url']);
}
if (trim($serendipity['POST']['comment']) == '') {
array_push($messages, ERROR_TEXTEMPTY);
}
if (trim($serendipity['POST']['email']) == '') {
array_push($messages, ERROR_EMAILEMPTY);
}
if (strlen(trim($serendipity['POST']['name'])) < 3 || strlen(trim($serendipity['POST']['comment'])) < 10) {
array_push($messages, ERROR_DATATOSHORT);
} else {
$valid['data_length'] = TRUE;
}
if ($this->strip_input($serendipity['POST']['comment']) === false) {
array_push($messages, ERROR_DATANOTAGS . ' ' . $serendipity['messagestack']['comments'][0]);
if (!empty($serendipity['messagestack']['comments'][0])) {
unset($serendipity['messagestack']['comments']);
}
}
if (isset($serendipity['POST']['email']) && !empty($serendipity['POST']['email']) && trim($serendipity['POST']['email']) != '') {
if (!$this->is_valid_email($serendipity['POST']['email'])) {
array_push($messages, ERROR_NOVALIDEMAIL . ' <span class="gb_msgred">' . $this->html_specialchars($serendipity['POST']['email']) . '</span>');
} else {
$valid['data_email'] = TRUE;
}
}
if (isset($serendipity['POST']['captcha']) && !empty($serendipity['POST']['captcha'])) {
if (serendipity_db_bool($ca['allow_comments']) === true || strtolower($serendipity['POST']['captcha']) == strtolower($_SESSION['spamblock']['captcha'])) {
$valid['captcha'] = TRUE;
} elseif (!$authenticated_user) {
if ($serendipity['csuccess'] != 'moderate') {
array_push($messages, ERROR_ISFALSECAPTCHA);
}
/* else {
array_push($messages, $serendipity['moderate_reason'] . PLUGIN_GUESTBOOK_AUTOMODERATE_ERROR . PLUGIN_GUESTBOOK_DBDONE_APP);
}*/
}
}
// Captcha checking - if set to FALSE in guestbook config and spamblock plugin catchas is set to no, follow db insert procedure
if (!serendipity_db_bool($this->get_config('showcaptcha'))) {
if (!isset($_SESSION['spamblock']['captcha']) || !isset($serendipity['POST']['captcha']) || strtolower($serendipity['POST']['captcha']) != strtolower($_SESSION['spamblock']['captcha'])) {
$valid['captcha'] = TRUE;
}
}
if ($authenticated_user && $_SESSION['serendipityAuthedUser'] === true) {
$valid['captcha'] = TRUE;
$valid['data_length'] = TRUE;
$valid['data_email'] = TRUE;
}
// spamblock allows comments end
} else {
// drop entry back to form - beware 'allow_comments' return value is empty, not false, if false
array_push($messages, PLUGIN_GUESTBOOK_MESSAGE . ': ' . PLUGIN_GUESTBOOK_ERROR_DATA);
}
// set valid messages to true, if no errors occured
$valid['message'] = count($messages) < 1 ? TRUE : FALSE;
// no errors and messages
if ($valid['message'] === true) {
// set var, if not set by backend form
if (!is_numeric($_POST['guestbook']['approved'])) {
$_POST['guestbook']['approved'] = '';
}
if (is_numeric($_POST['guestbook']['id'])) {
$_POST['guestbook']['approved'] = 1;
}
/***
allow the spamblock wordfilter plugin to set an entry as non-approved,
accordingly to stopwords and content filter set to 'moderation' in spamblock plugin.
extends new auto-moderate option setting to true in guestbooks config
***/
// keep this for future finetuning via SPAMBLOCK plugin
if (array_key_exists('moderate_comments', $ca)) {
if (serendipity_db_bool($ca['moderate_comments']) === true && $gb_automoderate === true) {
// set entries to get approved in backend, before they can appear in frontent
$_POST['guestbook']['approved'] = 0;
}
}
}
// write new entry into database, if input is valid
if (!empty($serendipity['POST']['guestbookform']) && $valid['captcha'] === true && $valid['data_length'] === true && $valid['data_email'] === true && $valid['message'] === true) {
$admincomment = !empty($serendipity['POST']['admincomment']) ? '[ac] ' . $serendipity['POST']['admincomment'] . ' [/ac]' : '';
$acapp = $authenticated_user && $_SESSION['serendipityAuthedUser'] === true ? 1 : NULL;
$acapp = is_numeric($_POST['guestbook']['approved']) ? $_POST['guestbook']['approved'] : $acapp;
if (is_numeric($_POST['guestbook']['id'])) {
// update validated form values into db
$this->insertEntriesDB($_POST['guestbook']['id'], $_POST['guestbook']['ip'], $serendipity['POST']['name'], $serendipity['POST']['url'], $serendipity['POST']['email'], $serendipity['POST']['comment'] . $admincomment, $_POST['guestbook']['approved'], $_POST['guestbook']['timestamp'], true);
} else {
// insert validated form values into db
$this->insertEntriesDB(NULL, NULL, $serendipity['POST']['name'], $serendipity['POST']['url'], $serendipity['POST']['email'], $serendipity['POST']['comment'], $acapp, NULL, false);
}
// claim insertEntriesDB is true
$showapp = serendipity_db_bool($this->get_config('showapp'));
$showapptxt = $showapp && !$authenticated_user ? ' ' . PLUGIN_GUESTBOOK_DBDONE_APP : '';
if (!$authenticated_user) {
// be strict here, since it could be null also
if ($showapp === false && $acapp === 0 || $serendipity['csuccess'] == 'moderate') {
if (isset($serendipity[$forcemoderate[0]]) == 'moderate') {
$showapptxt = '<br>' . $serendipity['moderate_reason'] . '<br>' . PLUGIN_GUESTBOOK_AUTOMODERATE_ERROR . PLUGIN_GUESTBOOK_DBDONE_APP;
}
}
}
array_push($messages, PLUGIN_GUESTBOOK_MESSAGE . ': ' . PLUGIN_GUESTBOOK_DBDONE . $showapptxt);
// flag global meassage header to have successfully checked and safed the entry
$serendipity['guestbook_message_header'] = true;
// reset post values
unset($serendipity['POST']);
unset($_POST);
// set startpage back to 1
$serendipity['GET']['page'] = 1;
if ($serendipity['guestbook_message_header'] === false) {
array_push($messages, PLUGIN_GUESTBOOK_UNKNOWN_ERROR);
return false;
}
}
}
$startpagerows = array();
for ($j = 0; $j < $template_loaded_config['startpage_cat_windows']; $j++) {
$startpagerows[] = array('cat_intro' => $template_loaded_config['startpagerow' . $j . 'cat_intro'], 'win_column' => $template_loaded_config['startpagerow' . $j . 'win_column'], 'kategorie' => $template_loaded_config['startpagerow' . $j . 'kategorie'], 'show_title' => $template_loaded_config['startpagerow' . $j . 'show_title'], 'title_text' => $template_loaded_config['startpagerow' . $j . 'title_text'], 'truncated_qty' => $template_loaded_config['startpagerow' . $j . 'truncated_qty'], 'titlesonly_qty' => $template_loaded_config['startpagerow' . $j . 'titlesonly_qty'], 'thedesign' => $template_loaded_config['startpagerow' . $j . 'thedesign'], 'the_title' => $template_loaded_config['startpagerow' . $j . 'the_title'], 'catdescription' => $template_loaded_config['startpagerow' . $j . 'catdescription']);
$template_config[] = array('var' => 'startpagerow' . $j . 'cat_intro', 'type' => 'content', 'default' => ' <b><p style="color:#FFFFFF; background-color: blue">' . STARTROWS_TITLE . ' #' . $j . STARTROW . ' </p></b>');
$template_config[] = array('var' => 'startpagerow' . $j . 'win_column', 'name' => WIN_COLUMN, 'type' => 'select', 'default' => '3', 'select_values' => array('3' => '3 Spalten'));
$template_config[] = array('var' => 'startpagerow' . $j . 'kategorie', 'name' => STARTROW_ASSIGN_ID, 'type' => 'select', 'default' => '', 'select_values' => $catsel);
$template_config[] = array('var' => 'startpagerow' . $j . 'show_title', 'name' => STARTROW_SHOW_TITLE, 'type' => 'boolean', 'default' => 'true');
$template_config[] = array('var' => 'startpagerow' . $j . 'title_text', 'name' => STARTROW_TITLE_TEXT, 'type' => 'string', 'default' => '');
$template_config[] = array('var' => 'startpagerow' . $j . 'truncated_qty', 'name' => STARTROW_TRUNCATE_QTY, 'type' => 'string', 'default' => '100');
$template_config[] = array('var' => 'startpagerow' . $j . 'titlesonly_qty', 'name' => STARTROW_TITLES_ONLY_QTY, 'type' => 'string', 'default' => '3');
$template_config[] = array('var' => 'startpagerow' . $j . 'thedesign', 'name' => THE_DESIGN, 'type' => 'select', 'default' => 'design1', 'select_values' => array('design1' => 'Design 1', 'design2' => 'Design 2', 'designac' => 'Acordion', 'designslide' => 'Slider Design', 'designtabs' => 'Design Tabs'));
$template_config[] = array('var' => 'startpagerow' . $j . 'the_title', 'name' => THE_TITLE, 'type' => 'string', 'default' => 'A Title for row ' . $j);
$template_config[] = array('var' => 'startpagerow' . $j . 'catdescription', 'name' => CATDESCRIPTION, 'type' => 'string', 'default' => 'This is Description ' . $j);
}
$serendipity['smarty']->assign_by_ref('startpagerows', $startpagerows);
if (isset($_POST['serendipity']['template']['startpage_cat_windows']) && serendipity_userLoggedIn() && serendipity_checkPermission('adminTemplates')) {
$temp_post = $_POST['serendipity']['template']['startpage_cat_windows'];
if (is_numeric($temp_post)) {
$template_loaded_config['startpage_cat_windows'] = $temp_post;
}
}
// Save custom field variables within the serendipity "Edit/Create Entry" backend.
// Any custom variables can later be queried inside the .tpl files through
// {if $entry.properties.key_value == 'true'}...{/if}
// Function to get the content of a non-boolean entry variable
function entry_option_get_value($property_key, &$eventData)
{
global $serendipity;
if (isset($eventData['properties'][$property_key])) {
return $eventData['properties'][$property_key];
}
/**
* Initialize the Smarty framework for use in Serendipity
*
* @access public
* @return null
*/
function serendipity_smarty_init($vars = array())
{
global $serendipity, $template_config;
if (!isset($serendipity['smarty'])) {
$template_dir = $serendipity['serendipityPath'] . $serendipity['templatePath'] . $serendipity['template'];
if (!defined('IN_serendipity_admin') && file_exists($template_dir . '/template.inc.php')) {
// If this file exists, a custom template engine will be loaded.
// Beware: Smarty is used in the Admin backend, despite of this.
include $template_dir . '/template.inc.php';
} else {
// Set a session variable if Smarty fails:
$prev_smarty = $_SESSION['no_smarty'];
$_SESSION['no_smarty'] = true;
// Default Smarty Engine will be used
@define('SMARTY_DIR', S9Y_PEAR_PATH . 'Smarty/libs/');
if (!class_exists('Smarty')) {
include SMARTY_DIR . 'Smarty.class.php';
}
if (!class_exists('Smarty')) {
return false;
}
$serendipity['smarty'] = new Smarty();
if ($serendipity['production'] === 'debug') {
$serendipity['smarty']->force_compile = true;
$serendipity['smarty']->debugging = true;
}
$serendipity['smarty']->template_dir = array($template_dir);
$p = explode(',', $serendipity['template_engine']);
foreach ($p as $te) {
$serendipity['smarty']->template_dir[] = $serendipity['serendipityPath'] . $serendipity['templatePath'] . $te;
}
$serendipity['smarty']->template_dir[] = $serendipity['serendipityPath'] . $serendipity['templatePath'] . 'default';
$serendipity['smarty']->compile_dir = $serendipity['serendipityPath'] . PATH_SMARTY_COMPILE;
if (!is_dir($serendipity['smarty']->compile_dir) || !is_writable($serendipity['smarty']->compile_dir)) {
printf(DIRECTORY_WRITE_ERROR, $serendipity['smarty']->compile_dir);
return false;
}
// Hooray for Smarty:
$_SESSION['no_smarty'] = $prev_smarty;
$serendipity['smarty']->config_dir = $template_dir;
$serendipity['smarty']->secure_dir = array($serendipity['serendipityPath'] . $serendipity['templatePath']);
$serendipity['smarty']->security_settings['MODIFIER_FUNCS'] = array('sprintf', 'sizeof', 'count', 'rand', 'print_r', 'str_repeat');
$serendipity['smarty']->security_settings['ALLOW_CONSTANTS'] = true;
$serendipity['smarty']->security = true;
$serendipity['smarty']->use_sub_dirs = false;
$serendipity['smarty']->compile_check = true;
$serendipity['smarty']->compile_id =& $serendipity['template'];
$serendipity['smarty']->register_modifier('makeFilename', 'serendipity_makeFilename');
$serendipity['smarty']->register_modifier('xhtml_target', 'serendipity_xhtml_target');
$serendipity['smarty']->register_modifier('emptyPrefix', 'serendipity_emptyPrefix');
$serendipity['smarty']->register_modifier('formatTime', 'serendipity_smarty_formatTime');
$serendipity['smarty']->register_modifier('serendipity_utf8_encode', 'serendipity_utf8_encode');
$serendipity['smarty']->register_modifier('ifRemember', 'serendipity_ifRemember');
$serendipity['smarty']->register_modifier('checkPermission', 'serendipity_checkPermission');
$serendipity['smarty']->register_modifier('serendipity_refhookPlugin', 'serendipity_smarty_refhookPlugin');
$serendipity['smarty']->register_function('serendipity_printSidebar', 'serendipity_smarty_printSidebar');
$serendipity['smarty']->register_function('serendipity_hookPlugin', 'serendipity_smarty_hookPlugin');
$serendipity['smarty']->register_function('serendipity_showPlugin', 'serendipity_smarty_showPlugin');
$serendipity['smarty']->register_function('serendipity_getFile', 'serendipity_smarty_getFile');
$serendipity['smarty']->register_function('serendipity_printComments', 'serendipity_smarty_printComments');
$serendipity['smarty']->register_function('serendipity_printTrackbacks', 'serendipity_smarty_printTrackbacks');
$serendipity['smarty']->register_function('serendipity_rss_getguid', 'serendipity_smarty_rss_getguid');
$serendipity['smarty']->register_function('serendipity_fetchPrintEntries', 'serendipity_smarty_fetchPrintEntries');
$serendipity['smarty']->register_function('serendipity_getTotalCount', 'serendipity_smarty_getTotalCount');
$serendipity['smarty']->register_function('pickKey', 'serendipity_smarty_pickKey');
$serendipity['smarty']->register_function('serendipity_showCommentForm', 'serendipity_smarty_showCommentForm');
$serendipity['smarty']->register_function('serendipity_getImageSize', 'serendipity_smarty_getImageSize');
$serendipity['smarty']->register_prefilter('serendipity_replaceSmartyVars');
}
if (!isset($serendipity['smarty_raw_mode'])) {
if (file_exists($serendipity['smarty']->config_dir . '/layout.php') && $serendipity['template'] != 'default') {
$serendipity['smarty_raw_mode'] = true;
} else {
$serendipity['smarty_raw_mode'] = false;
}
}
if (!isset($serendipity['smarty_file'])) {
$serendipity['smarty_file'] = 'index.tpl';
}
$category = false;
$category_info = array();
if (isset($serendipity['GET']['category'])) {
$category = (int) $serendipity['GET']['category'];
if (isset($GLOBALS['cInfo'])) {
$category_info = $GLOBALS['cInfo'];
} else {
$category_info = serendipity_fetchCategoryInfo($category);
}
}
if (!isset($serendipity['smarty_vars']['head_link_stylesheet'])) {
$serendipity['smarty_vars']['head_link_stylesheet'] = serendipity_rewriteURL('serendipity.css');
}
$serendipity['smarty']->assign(array('head_charset' => LANG_CHARSET, 'head_version' => $serendipity['version'], 'head_title' => $serendipity['head_title'], 'head_subtitle' => $serendipity['head_subtitle'], 'head_link_stylesheet' => $serendipity['smarty_vars']['head_link_stylesheet'], 'is_xhtml' => true, 'use_popups' => $serendipity['enablePopup'], 'is_embedded' => !$serendipity['embed'] || $serendipity['embed'] === 'false' || $serendipity['embed'] === false ? false : true, 'is_raw_mode' => $serendipity['smarty_raw_mode'], 'is_logged_in' => serendipity_userLoggedIn(), 'entry_id' => isset($serendipity['GET']['id']) && is_numeric($serendipity['GET']['id']) ? $serendipity['GET']['id'] : false, 'is_single_entry' => isset($serendipity['GET']['id']) && is_numeric($serendipity['GET']['id']), 'blogTitle' => $serendipity['blogTitle'], 'blogSubTitle' => !empty($serendipity['blogSubTitle']) ? $serendipity['blogSubTitle'] : '', 'blogDescription' => $serendipity['blogDescription'], 'serendipityHTTPPath' => $serendipity['serendipityHTTPPath'], 'serendipityBaseURL' => $serendipity['baseURL'], 'serendipityRewritePrefix' => $serendipity['rewrite'] == 'none' ? $serendipity['indexFile'] . '?/' : '', 'serendipityIndexFile' => $serendipity['indexFile'], 'serendipityVersion' => $serendipity['expose_s9y'] ? $serendipity['version'] : '', 'lang' => $serendipity['lang'], 'category' => $category, 'category_info' => $category_info, 'template' => $serendipity['template'], 'dateRange' => !empty($serendipity['range']) ? $serendipity['range'] : array()));
if (count($vars) > 0) {
$serendipity['smarty']->assign($vars);
}
// For advanced usage, we allow template authors to create a file 'config.inc.php' where they can
// setup custom smarty variables, modifiers etc. to use in their templates.
@(include_once $serendipity['smarty']->config_dir . '/config.inc.php');
if (is_array($template_loaded_config)) {
$template_vars =& $template_loaded_config;
$serendipity['smarty']->assign_by_ref('template_option', $template_vars);
} elseif (is_array($template_config)) {
$template_vars =& serendipity_loadThemeOptions($template_config, $serendipity['smarty_vars']['template_option']);
$serendipity['smarty']->assign_by_ref('template_option', $template_vars);
}
}
return true;
}
function showForum()
{
global $serendipity;
if (!headers_sent()) {
header('HTTP/1.0 200');
header('Status: 200 OK');
}
$ERRORMSG = "";
$THREAD_UNREAD_ANNOUNCEMENT = "<img src=\"" . $this->DMA_forum_getRelPath() . "/img/thread_unread_announce.png\" width=\"20\" height=\"20\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_READ . "\" title=\"" . PLUGIN_FORUM_ALT_READ . "\" />";
$THREAD_READ_ANNOUNCEMENT = "<img src=\"" . $this->DMA_forum_getRelPath() . "/img/thread_read_announce.png\" width=\"20\" height=\"20\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_READ . "\" title=\"" . PLUGIN_FORUM_ALT_READ . "\" />";
$THREAD_UNREAD = "<img src=\"" . $this->DMA_forum_getRelPath() . "/img/thread_unread.png\" width=\"20\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_UNREAD . "\" title=\"" . PLUGIN_FORUM_ALT_UNREAD . "\" />";
$THREAD_HUGE_UNREAD = "<img src=\"" . $this->DMA_forum_getRelPath() . "/img/thread_huge_unread.png\" width=\"20\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_UNREAD . "\" title=\"" . PLUGIN_FORUM_ALT_UNREAD . "\" />";
$THREAD_READ = "<img src=\"" . $this->DMA_forum_getRelPath() . "/img/thread_read.png\" width=\"20\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_READ . "\" title=\"" . PLUGIN_FORUM_ALT_READ . "\" />";
$THREAD_HUGE_READ = "<img src=\"" . $this->DMA_forum_getRelPath() . "/img/thread_huge_read.png\" width=\"20\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_READ . "\" title=\"" . PLUGIN_FORUM_ALT_READ . "\" />";
$DEL_FILE_BUTTON = "<img src=\"" . serendipity_getTemplateFile('admin/img/delete.png') . "\" width=\"18\" height=\"18\" border=\"0\" alt=\"" . DELETE . "\" title=\"" . DELETE . "\" />";
if (!isset($_SESSION['forum_visited']) || intval($_SESSION['forum_visited']) <= 0) {
if (serendipity_userLoggedIn()) {
$sql = "SELECT visits, lastvisit FROM {$serendipity['dbPrefix']}dma_forum_users WHERE authorid = '" . intval($serendipity['authorid']) . "'";
$visits = serendipity_db_query($sql);
if (is_array($visits) && count($visits) >= 1) {
$q = "UPDATE {$serendipity['dbPrefix']}dma_forum_users SET visits = visits+1, lastvisit = '" . time() . "' WHERE authorid = '" . intval($serendipity['authorid']) . "'";
serendipity_db_query($q);
} else {
$q = "INSERT INTO {$serendipity['dbPrefix']}dma_forum_users (authorid, visits, lastvisit) VALUES ('" . intval($serendipity['authorid']) . "', '1', '" . time() . "')";
serendipity_db_query($q);
}
$_SESSION['forum_visited'] = 1;
}
}
if (is_array($_COOKIE) && trim($_COOKIE['s9yread']) != "") {
$READARRAY = unserialize(stripslashes(trim($_COOKIE['s9yread'])));
} else {
$READARRAY = array();
}
// POST part
if (isset($serendipity['POST']['action']) && trim($serendipity['POST']['action']) == "reply") {
if (!isset($serendipity['POST']['authorname']) || trim($serendipity['POST']['authorname']) == "") {
if (serendipity_userLoggedIn()) {
$serendipity['POST']['authorname'] = $serendipity['serendipityUser'];
} else {
$serendipity['POST']['authorname'] = PLUGIN_FORUM_GUEST;
}
}
if ($this->get_config('use_captchas')) {
// Fake call to spamblock and other comment plugins.
$ca = array('id' => 0, 'allow_comments' => 'true', 'moderate_comments' => false, 'last_modified' => 1, 'timestamp' => 1);
$commentInfo = array('type' => 'NORMAL', 'source' => 'commentform', 'name' => $serendipity['POST']['authorname'], 'url' => '', 'comment' => $serendipity['POST']['comment'], 'email' => '');
serendipity_plugin_api::hook_event('frontend_saveComment', $ca, $commentInfo);
} else {
$ca['allow_comments'] = true;
}
if ($ca['allow_comments'] === false) {
$ERRORMSG = PLUGIN_FORUM_ERR_WRONG_CAPTCHA_STRING;
} else {
$serendipity['POST']['title'] = trim($serendipity['POST']['title']);
$serendipity['POST']['comment'] = trim($serendipity['POST']['comment']);
$serendipity['POST']['authorname'] = trim($serendipity['POST']['authorname']);
if (!isset($serendipity['POST']['comment']) || strlen(trim($serendipity['POST']['comment'])) <= 3) {
$ERRORMSG = PLUGIN_FORUM_ERR_MISSING_MESSAGE;
} else {
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_threads WHERE threadid='" . intval($serendipity['POST']['threadid']) . "'";
$thread = serendipity_db_query($sql);
if ($thread[0]['flag'] == 1) {
$ERRORMSG = PLUGIN_FORUM_ERR_THREAD_CLOSED;
} else {
if (trim($serendipity['POST']['comment']) == $_SESSION['lastposttext']) {
$ERRORMSG = PLUGIN_FORUM_ERR_DOUBLE_POST;
} elseif ($_SESSION['lastposttime'] >= time() - 10) {
$ERRORMSG = PLUGIN_FORUM_ERR_POST_INTERVAL;
} else {
$now = time();
$postid = DMA_forum_InsertReply(intval($serendipity['POST']['boardid']), intval($serendipity['POST']['threadid']), intval($serendipity['POST']['replyto']), trim($serendipity['POST']['authorname']), trim($serendipity['POST']['title']), trim($serendipity['POST']['comment']), $this->get_config('itemsperpage'), $this->get_config('notifymail_from'), $this->get_config('notifymail_name'), $this->get_config('pageurl'), $this->get_config('admin_notify'));
if (serendipity_userLoggedIn() && $this->get_config('fileupload_reguser') || $this->get_config('fileupload_guest')) {
DMA_forum_uploadFiles($postid, $this->get_config('uploaddir'));
if ($this->SUCCESS <= 0) {
if (count($this->UPLOAD_TOOBIG) >= 1) {
$ERRORMSG = PLUGIN_FORUM_ERR_FILE_TOO_BIG;
} elseif (count($this->UPLOAD_NOTCOPIED) >= 1) {
$ERRORMSG = PLUGIN_FORUM_ERR_FILE_NOT_COPIED;
}
}
}
}
}
}
}
if (serendipity_userLoggedIn()) {
$POST_AUTHORNAME = $serendipity['serendipityUser'];
} else {
$POST_AUTHORNAME = trim($serendipity['POST']['authorname']);
}
$POST_TITLE = trim($serendipity['POST']['title']);
$POST_MESSAGE = trim($serendipity['POST']['comment']);
if (isset($ERRORMSG) && trim($ERRORMSG) != "") {
$_GET['boardid'] = intval($serendipity['POST']['boardid']);
$_GET['threadid'] = intval($serendipity['POST']['threadid']);
$_GET['replyto'] = intval($serendipity['POST']['replyto']);
$_GET['quote'] = 0;
}
} elseif (isset($serendipity['POST']['action']) && trim($serendipity['POST']['action']) == "edit") {
if (!isset($serendipity['POST']['authorname']) || trim($serendipity['POST']['authorname']) == "") {
if (serendipity_userLoggedIn()) {
$serendipity['POST']['authorname'] = $serendipity['serendipityUser'];
} else {
$serendipity['POST']['authorname'] = PLUGIN_FORUM_GUEST;
}
}
$serendipity['POST']['title'] = trim($serendipity['POST']['title']);
$serendipity['POST']['comment'] = trim($serendipity['POST']['comment']);
$serendipity['POST']['authorname'] = trim($serendipity['POST']['authorname']);
if (!isset($serendipity['POST']['comment']) || strlen(trim($serendipity['POST']['comment'])) <= 3) {
$ERRORMSG = PLUGIN_FORUM_ERR_MISSING_MESSAGE;
} else {
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_posts WHERE postid='" . intval($serendipity['POST']['edit']) . "'";
$post = serendipity_db_query($sql);
if (serendipity_userLoggedIn() && ($serendipity['serendipityUser'] == $post[0]['authorname'] && $serendipity['authorid'] == $post[0]['authorid'] || $serendipity['serendipityUserlevel'] == 255)) {
if (serendipity_userLoggedIn() && $serendipity['serendipityUserlevel'] == USERLEVEL_ADMIN) {
if (isset($serendipity['POST']['announcement']) && intval($serendipity['POST']['announcement']) == 1) {
$announce = 1;
} else {
$announce = 0;
}
} else {
$announce = 0;
}
DMA_forum_EditReply(intval($serendipity['POST']['boardid']), intval($serendipity['POST']['threadid']), intval($serendipity['POST']['edit']), trim($serendipity['POST']['authorname']), trim($serendipity['POST']['title']), trim($serendipity['POST']['comment']), intval($serendipity['POST']['page']), $announce);
if (serendipity_userLoggedIn() && $this->get_config('fileupload_reguser') || $this->get_config('fileupload_guest')) {
DMA_forum_uploadFiles(intval($serendipity['POST']['edit']), $this->get_config('uploaddir'));
if ($this->SUCCESS <= 0) {
if (count($this->UPLOAD_TOOBIG) >= 1) {
$ERRORMSG = PLUGIN_FORUM_ERR_FILE_TOO_BIG;
} elseif (count($this->UPLOAD_NOTCOPIED) >= 1) {
$ERRORMSG = PLUGIN_FORUM_ERR_FILE_NOT_COPIED;
}
}
}
} else {
$ERRORMSG = PLUGIN_FORUM_ERR_EDIT_NOT_ALLOWED;
}
}
if (serendipity_userLoggedIn()) {
$POST_AUTHORNAME = $serendipity['serendipityUser'];
} else {
$POST_AUTHORNAME = trim($serendipity['POST']['authorname']);
}
$POST_TITLE = trim($serendipity['POST']['title']);
$POST_MESSAGE = trim($serendipity['POST']['comment']);
if (isset($ERRORMSG) && trim($ERRORMSG) != "") {
$_GET['boardid'] = intval($serendipity['POST']['boardid']);
$_GET['threadid'] = intval($serendipity['POST']['threadid']);
$_GET['edit'] = intval($serendipity['POST']['edit']);
}
} elseif (isset($serendipity['POST']['action']) && trim($serendipity['POST']['action']) == "delete") {
if (!isset($serendipity['POST']['no']) || trim($serendipity['POST']['no']) == "") {
if (!isset($serendipity['serendipityUserlevel']) || $serendipity['serendipityUserlevel'] != 255) {
$ERRORMSG = PLUGIN_FORUM_ERR_DELETE_NOT_ALLOWED;
} else {
DMA_forum_DeletePost(intval($serendipity['POST']['boardid']), intval($serendipity['POST']['threadid']), intval($serendipity['POST']['delete']), intval($serendipity['POST']['page']), $this->get_config('uploaddir'), $this->get_config('itemsperpage'));
}
}
if (isset($ERRORMSG) && trim($ERRORMSG) != "") {
$_GET['boardid'] = intval($serendipity['POST']['boardid']);
$_GET['threadid'] = intval($serendipity['POST']['threadid']);
}
} elseif (isset($serendipity['POST']['action']) && trim($serendipity['POST']['action']) == "newthread") {
if (!isset($serendipity['POST']['authorname']) || trim($serendipity['POST']['authorname']) == "") {
if (serendipity_userLoggedIn()) {
$serendipity['POST']['authorname'] = $serendipity['serendipityUser'];
} else {
$serendipity['POST']['authorname'] = PLUGIN_FORUM_GUEST;
}
}
if ($this->get_config('use_captchas')) {
// Fake call to spamblock and other comment plugins.
$ca = array('id' => 0, 'allow_comments' => 'true', 'moderate_comments' => false, 'last_modified' => 1, 'timestamp' => 1);
$commentInfo = array('type' => 'NORMAL', 'source' => 'commentform', 'name' => $serendipity['POST']['authorname'], 'url' => '', 'comment' => $serendipity['POST']['comment'], 'email' => '');
serendipity_plugin_api::hook_event('frontend_saveComment', $ca, $commentInfo);
} else {
$ca['allow_comments'] = true;
}
if ($ca['allow_comments'] === false) {
$ERRORMSG = PLUGIN_FORUM_ERR_WRONG_CAPTCHA_STRING;
} else {
$serendipity['POST']['title'] = trim($serendipity['POST']['title']);
$serendipity['POST']['comment'] = trim($serendipity['POST']['comment']);
$serendipity['POST']['authorname'] = trim($serendipity['POST']['authorname']);
if (!isset($serendipity['POST']['title']) || strlen(trim($serendipity['POST']['title'])) <= 3) {
$ERRORMSG = PLUGIN_FORUM_ERR_MISSING_THREADTITLE;
} elseif (!isset($serendipity['POST']['comment']) || strlen(trim($serendipity['POST']['comment'])) <= 3) {
$ERRORMSG = PLUGIN_FORUM_ERR_MISSING_MESSAGE;
} else {
if (trim($serendipity['POST']['comment']) == $_SESSION['lastthreadtext']) {
$ERRORMSG = PLUGIN_FORUM_ERR_DOUBLE_THREAD;
} elseif ($_SESSION['lastposttime'] >= time() - 10) {
$ERRORMSG = PLUGIN_FORUM_ERR_POST_INTERVAL;
} else {
$now = time();
if (serendipity_userLoggedIn() && $serendipity['serendipityUserlevel'] == USERLEVEL_ADMIN) {
if (isset($serendipity['POST']['announcement']) && intval($serendipity['POST']['announcement']) == 1) {
$announce = 1;
} else {
$announce = 0;
}
} else {
$announce = 0;
}
$postid = DMA_forum_InsertThread(intval($serendipity['POST']['boardid']), trim($serendipity['POST']['authorname']), trim($serendipity['POST']['title']), trim($serendipity['POST']['comment']), $announce, $this->get_config('notifymail_from'), $this->get_config('notifymail_name'), $this->get_config('pageurl'), $this->get_config('admin_notify'));
if (serendipity_userLoggedIn() && $this->get_config('fileupload_reguser') || $this->get_config('fileupload_guest')) {
DMA_forum_uploadFiles($postid, $this->get_config('uploaddir'));
if ($this->SUCCESS <= 0) {
if (count($this->UPLOAD_TOOBIG) >= 1) {
$ERRORMSG = PLUGIN_FORUM_ERR_FILE_TOO_BIG;
} elseif (count($this->UPLOAD_NOTCOPIED) >= 1) {
$ERRORMSG = PLUGIN_FORUM_ERR_FILE_NOT_COPIED;
}
}
}
}
}
}
if (serendipity_userLoggedIn()) {
$POST_AUTHORNAME = $serendipity['serendipityUser'];
} else {
$POST_AUTHORNAME = trim($serendipity['POST']['authorname']);
}
$POST_TITLE = trim($serendipity['POST']['title']);
$POST_MESSAGE = trim($serendipity['POST']['comment']);
if (isset($ERRORMSG) && trim($ERRORMSG) != "") {
$_GET['boardid'] = intval($serendipity['POST']['boardid']);
$_GET['action'] = "newthread";
} else {
$_GET['boardid'] = intval($serendipity['POST']['boardid']);
unset($_GET['action']);
}
}
// GET part
if (isset($_GET['replyto']) && !isset($_GET['edit']) && !isset($_GET['delete']) && (isset($_GET['boardid']) && intval($_GET['boardid']) >= 1) && (isset($_GET['threadid']) && intval($_GET['threadid']) >= 1)) {
// replyform
$filename = 'templates/replyform.tpl';
if (!is_object($serendipity['smarty'])) {
serendipity_smarty_init();
}
if (isset($ERRORMSG) && trim($ERRORMSG) != "") {
$serendipity['smarty']->assign('ERRORMSG', $ERRORMSG);
}
if (isset($_GET['quote']) && intval($_GET['quote']) >= 1) {
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_posts WHERE postid='" . intval($_GET['replyto']) . "'";
$post = serendipity_db_query($sql);
}
if (!isset($POST_MESSAGE) || trim($POST_MESSAGE) == "") {
if (isset($_GET['quote']) && intval($_GET['quote']) >= 1) {
$POST_MESSAGE = "[quote=" . stripslashes($post[0]['authorname']) . "]" . stripslashes($post[0]['message']) . "[/quote]\n\n";
}
}
if (!isset($POST_TITLE) || trim($POST_TITLE) == "") {
if (isset($_GET['quote']) && intval($_GET['quote']) >= 1) {
$POST_TITLE = "Re: " . stripslashes($post[0]['title']);
}
}
if (serendipity_userLoggedIn()) {
$POST_AUTHORNAME = $serendipity['serendipityUser'];
}
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_threads WHERE threadid='" . intval($_GET['threadid']) . "'";
$thread = serendipity_db_query($sql);
$serendipity['smarty']->assign(array('pagetitle' => $this->get_config('pagetitle'), 'headline' => $this->get_config('headline'), 'threadtitle' => function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes(trim($thread[0]['title']))) : htmlspecialchars(stripslashes(trim($thread[0]['title'])), ENT_COMPAT, LANG_CHARSET), 'bgcolor2' => $this->get_config('bgcolor2'), 'ACTUALURL' => $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']), 'boardid' => intval($_GET['boardid']), 'threadid' => intval($_GET['threadid']), 'replyto' => intval($_GET['replyto']), 'relpath' => $this->DMA_forum_getRelPath(), 'POST_AUTHORNAME' => function_exists('serendipity_specialchars') ? serendipity_specialchars($POST_AUTHORNAME) : htmlspecialchars($POST_AUTHORNAME, ENT_COMPAT, LANG_CHARSET), 'POST_TITLE' => function_exists('serendipity_specialchars') ? serendipity_specialchars($POST_TITLE) : htmlspecialchars($POST_TITLE, ENT_COMPAT, LANG_CHARSET), 'POST_MESSAGE' => function_exists('serendipity_specialchars') ? serendipity_specialchars($POST_MESSAGE) : htmlspecialchars($POST_MESSAGE, ENT_COMPAT, LANG_CHARSET)));
$serendipity['smarty']->assign('bbcode', BBCODE);
if (serendipity_userLoggedIn() && $this->get_config('fileupload_reguser') || $this->get_config('fileupload_guest')) {
$upload_max_filesize = ini_get('upload_max_filesize');
$upload_max_filesize = preg_replace('/M/', '000000', $upload_max_filesize);
$MAX_FILE_SIZE = intval($upload_max_filesize);
$MAX_SIZE_PER_FILE = $MAX_FILE_SIZE / 1000000 . " MB";
$max_possible = intval($this->get_config('max_simultaneous_fileuploads'));
if ($max_possible >= intval($this->get_config('max_files_per_post'))) {
$max_possible = intval($this->get_config('max_files_per_post'));
}
if (serendipity_userLoggedIn()) {
$authorid = intval($serendipity['authorid']);
} else {
$authorid = 0;
}
$sql = "SELECT COUNT(*) FROM {$serendipity['dbPrefix']}dma_forum_uploads WHERE authorid = '" . $authorid . "'";
$uploadnum = serendipity_db_query($sql);
$uploaduserrest = intval($this->get_config('max_files_per_user')) - intval($uploadnum[0][0]);
if ($max_possible >= $uploaduserrest) {
$max_possible = $uploaduserrest;
}
$uploads = array();
for ($x = 0; $x < $max_possible; $x++) {
$uploads[] = $x + 1;
}
$serendipity['smarty']->assign(array('uploadform' => true, 'MAX_FILE_SIZE' => $MAX_FILE_SIZE, 'MAX_SIZE_PER_FILE' => $MAX_SIZE_PER_FILE, 'uploads' => $uploads, 'uploads_post_left' => intval($this->get_config('max_files_per_post')), 'uploads_user_left' => $uploaduserrest));
}
if ($this->get_config('use_captchas')) {
$serendipity['smarty']->assign('commentform_entry', array('timestamp' => 1));
}
} elseif (!isset($_GET['replyto']) && isset($_GET['edit']) && !isset($_GET['delete']) && (isset($_GET['boardid']) && intval($_GET['boardid']) >= 1) && (isset($_GET['threadid']) && intval($_GET['threadid']) >= 1)) {
// editform
$filename = 'templates/editform.tpl';
if (!is_object($serendipity['smarty'])) {
serendipity_smarty_init();
}
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_threads WHERE threadid='" . intval($_GET['threadid']) . "'";
$thread = serendipity_db_query($sql);
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_posts WHERE postid='" . intval($_GET['edit']) . "'";
$post = serendipity_db_query($sql);
if (serendipity_userLoggedIn() && ($serendipity['serendipityUser'] == $post[0]['authorname'] && $serendipity['authorid'] == $post[0]['authorid'] || $serendipity['serendipityUserlevel'] == 255)) {
$serendipity['smarty']->assign('CANEDIT', true);
} else {
$ERRORMSG = PLUGIN_FORUM_ERR_EDIT_NOT_ALLOWED;
}
if (isset($ERRORMSG) && trim($ERRORMSG) != "") {
$serendipity['smarty']->assign('ERRORMSG', $ERRORMSG);
}
$serendipity['smarty']->assign(array('pagetitle' => $this->get_config('pagetitle'), 'headline' => $this->get_config('headline'), 'threadtitle' => function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes(trim($thread[0]['title']))) : htmlspecialchars(stripslashes(trim($thread[0]['title'])), ENT_COMPAT, LANG_CHARSET), 'bgcolor2' => $this->get_config('bgcolor2'), 'ACTUALURL' => $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&page=" . intval($_GET['page']), 'boardid' => intval($_GET['boardid']), 'threadid' => intval($_GET['threadid']), 'relpath' => $this->DMA_forum_getRelPath(), 'page' => intval($_GET['page']), 'edit' => intval($_GET['edit']), 'POST_AUTHORNAME' => function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes(trim($post[0]['authorname']))) : htmlspecialchars(stripslashes(trim($post[0]['authorname'])), ENT_COMPAT, LANG_CHARSET), 'POST_TITLE' => function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes(trim($post[0]['title']))) : htmlspecialchars(stripslashes(trim($post[0]['title'])), ENT_COMPAT, LANG_CHARSET), 'POST_MESSAGE' => function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes(trim($post[0]['message']))) : htmlspecialchars(stripslashes(trim($post[0]['message'])), ENT_COMPAT, LANG_CHARSET)));
$serendipity['smarty']->assign('bbcode', BBCODE);
if (serendipity_userLoggedIn() && $serendipity['serendipityUserlevel'] == USERLEVEL_ADMIN) {
$serendipity['smarty']->assign('announcement', true);
if (intval($thread[0]['announce']) == 1) {
$serendipity['smarty']->assign('checked', " checked");
} else {
$serendipity['smarty']->assign('checked', "");
}
}
if (serendipity_userLoggedIn() && $this->get_config('fileupload_reguser') || $this->get_config('fileupload_guest')) {
$upload_max_filesize = ini_get('upload_max_filesize');
$upload_max_filesize = preg_replace('/M/', '000000', $upload_max_filesize);
$MAX_FILE_SIZE = intval($upload_max_filesize);
$MAX_SIZE_PER_FILE = $MAX_FILE_SIZE / 1000000 . " MB";
$max_possible = intval($this->get_config('max_simultaneous_fileuploads'));
if ($max_possible >= intval($this->get_config('max_files_per_post'))) {
$max_possible = intval($this->get_config('max_files_per_post'));
}
if (serendipity_userLoggedIn()) {
$authorid = intval($serendipity['authorid']);
} else {
$authorid = 0;
}
$sql = "SELECT COUNT(*) FROM {$serendipity['dbPrefix']}dma_forum_uploads WHERE authorid = '" . $authorid . "'";
$uploadnum = serendipity_db_query($sql);
$uploaduserrest = intval($this->get_config('max_files_per_user')) - intval($uploadnum[0][0]);
if ($max_possible >= $uploaduserrest) {
$max_possible = $uploaduserrest;
}
$sql = "SELECT COUNT(*) FROM {$serendipity['dbPrefix']}dma_forum_uploads WHERE postid = '" . intval($_GET['edit']) . "'";
$postuploadnum = serendipity_db_query($sql);
$uploadpostrest = intval($this->get_config('max_files_per_post')) - intval($postuploadnum[0][0]);
if ($max_possible >= $uploadpostrest) {
$max_possible = $uploadpostrest;
}
$uploads = array();
for ($x = 0; $x < $max_possible; $x++) {
$uploads[] = $x + 1;
}
$serendipity['smarty']->assign(array('uploadform' => true, 'MAX_FILE_SIZE' => $MAX_FILE_SIZE, 'MAX_SIZE_PER_FILE' => $MAX_SIZE_PER_FILE, 'uploads' => $uploads, 'uploads_post_left' => $uploadpostrest, 'uploads_user_left' => $uploaduserrest));
}
} elseif (!isset($_GET['replyto']) && !isset($_GET['edit']) && isset($_GET['delete']) && (isset($_GET['boardid']) && intval($_GET['boardid']) >= 1) && (isset($_GET['threadid']) && intval($_GET['threadid']) >= 1)) {
// deleteform
$filename = 'templates/deleteform.tpl';
if (!is_object($serendipity['smarty'])) {
serendipity_smarty_init();
}
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_threads WHERE threadid='" . intval($_GET['threadid']) . "'";
$thread = serendipity_db_query($sql);
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_posts WHERE postid='" . intval($_GET['delete']) . "'";
$post = serendipity_db_query($sql);
if (serendipity_userLoggedIn() && $serendipity['serendipityUserlevel'] == 255) {
$serendipity['smarty']->assign('CANDELETE', true);
} else {
$ERRORMSG = PLUGIN_FORUM_ERR_DELETE_NOT_ALLOWED;
}
if (isset($ERRORMSG) && trim($ERRORMSG) != "") {
$serendipity['smarty']->assign('ERRORMSG', $ERRORMSG);
}
if ($this->get_config('apply_markup')) {
$temp_array = array('body' => function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes(trim($post[0]['message']))) : htmlspecialchars(stripslashes(trim($post[0]['message'])), ENT_COMPAT, LANG_CHARSET));
serendipity_plugin_api::hook_event('frontend_display', $temp_array);
$post['message'] = trim($temp_array['body']);
} else {
$post['message'] = nl2br(function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes(trim($post[0]['message']))) : htmlspecialchars(stripslashes(trim($post[0]['message'])), ENT_COMPAT, LANG_CHARSET));
}
$serendipity['smarty']->assign(array('pagetitle' => $this->get_config('pagetitle'), 'headline' => $this->get_config('headline'), 'threadtitle' => function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes(trim($thread[0]['title']))) : htmlspecialchars(stripslashes(trim($thread[0]['title'])), ENT_COMPAT, LANG_CHARSET), 'bgcolor1' => $this->get_config('bgcolor1'), 'bgcolor2' => $this->get_config('bgcolor2'), 'ACTUALURL' => $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&page=" . intval($_GET['page']), 'boardid' => intval($_GET['boardid']), 'threadid' => intval($_GET['threadid']), 'page' => intval($_GET['page']), 'delete' => intval($_GET['delete']), 'POST_AUTHORNAME' => function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes(trim($post[0]['authorname']))) : htmlspecialchars(stripslashes(trim($post[0]['authorname'])), ENT_COMPAT, LANG_CHARSET), 'POST_DATE' => date($this->get_config('dateformat') . " " . $this->get_config('timeformat'), $post[0]['postdate']), 'POST_TITLE' => function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes(trim($post[0]['title']))) : htmlspecialchars(stripslashes(trim($post[0]['title'])), ENT_COMPAT, LANG_CHARSET), 'POST_MESSAGE' => $post['message'], 'relpath' => $this->DMA_forum_getRelPath()));
} elseif (isset($_GET['action']) && trim($_GET['action']) == "close") {
$sql = "UPDATE {$serendipity['dbPrefix']}dma_forum_threads SET\n flag = '1'\n WHERE threadid = '" . intval($_GET['threadid']) . "'";
serendipity_db_query($sql);
} elseif (isset($_GET['action']) && trim($_GET['action']) == "reopen") {
$sql = "UPDATE {$serendipity['dbPrefix']}dma_forum_threads SET\n flag = '0'\n WHERE threadid = '" . intval($_GET['threadid']) . "'";
serendipity_db_query($sql);
}
if (isset($_GET['delfile']) && intval($_GET['delfile']) >= 1) {
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_uploads WHERE uploadid = '" . intval($_GET['delfile']) . "'";
$upload = serendipity_db_query($sql);
if (serendipity_userLoggedIn() && ($serendipity['serendipityUserlevel'] == USERLEVEL_ADMIN || intval($upload[0]['authorid']) == intval($serendipity['authorid']))) {
@unlink($this->get_config('uploaddir') . "/" . $upload[0]['sysfilename']);
$q = "DELETE FROM {$serendipity['dbPrefix']}dma_forum_uploads WHERE uploadid = '" . intval($_GET['delfile']) . "'";
$sql = serendipity_db_query($q);
}
}
if (isset($_GET['subscribe']) && intval($_GET['subscribe']) == 1 && isset($_GET['threadid'])) {
if (serendipity_userLoggedIn()) {
$sql = "SELECT notifymails FROM {$serendipity['dbPrefix']}dma_forum_threads WHERE threadid='" . intval($_GET['threadid']) . "'";
$notifymails = serendipity_db_query($sql);
if (trim($thread[0]['notifymails']) != "") {
$NOTIFYARRAY = unserialize(stripslashes(trim($thread[0]['notifymails'])));
} else {
$NOTIFYARRAY = array();
}
$NOTIFYARRAY[] = trim($serendipity['email']);
$updatearray = trim(serialize($NOTIFYARRAY));
$sql = "UPDATE {$serendipity['dbPrefix']}dma_forum_threads SET notifymails = '" . $updatearray . "' WHERE threadid='" . intval($_GET['threadid']) . "'";
serendipity_db_query($sql);
}
} elseif (isset($_GET['unsubscribe']) && intval($_GET['unsubscribe']) == 1 && isset($_GET['threadid'])) {
if (serendipity_userLoggedIn()) {
$sql = "SELECT notifymails FROM {$serendipity['dbPrefix']}dma_forum_threads WHERE threadid='" . intval($_GET['threadid']) . "'";
$notifymails = serendipity_db_query($sql);
if (trim($thread[0]['notifymails']) != "") {
$NOTIFYARRAY = unserialize(stripslashes(trim($thread[0]['notifymails'])));
} else {
$NOTIFYARRAY = array();
}
$newarray = DMA_forum_array_remove($NOTIFYARRAY, trim($serendipity['email']));
if (count($newarray) <= 0) {
$updatearray = "";
} else {
$updatearray = trim(serialize($NOTIFYARRAY));
}
$sql = "UPDATE {$serendipity['dbPrefix']}dma_forum_threads SET notifymails = '" . $updatearray . "' WHERE threadid='" . intval($_GET['threadid']) . "'";
serendipity_db_query($sql);
}
}
/** Jahr des getrigen Tages */
$yesterday_year = intval(date("Y", time() - 86400));
/** Monat des getrigen Tages */
$yesterday_month = intval(date("n", time() - 86400));
/** Tageszahl des getrigen Tages */
$yesterday_day = intval(date("j", time() - 86400));
/** Letzter Timestamp des getrigen Tages (23:59:59 Uhr) */
$yesterday_lasttstamp = mktime(23, 59, 59, $yesterday_month, $yesterday_day, $yesterday_year);
/** Erster Timestamp des getrigen Tages (00:00:00 Uhr) */
$yesterday_firsttstamp = mktime(0, 0, 0, $yesterday_month, $yesterday_day, $yesterday_year);
if ((!isset($_GET['boardid']) || intval($_GET['boardid']) <= 0) && (!isset($_GET['replyto']) && !isset($_GET['edit']) && !isset($_GET['delete']) && !isset($_GET['quote']))) {
// BOARDLIST
$filename = 'templates/boardlist.tpl';
if (!is_object($serendipity['smarty'])) {
serendipity_smarty_init();
}
$serendipity['smarty']->assign('pagetitle', $this->get_config('pagetitle'));
$serendipity['smarty']->assign('headline', $this->get_config('headline'));
$BOARDLIST = "";
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_boards ORDER BY sortorder";
$boards = serendipity_db_query($sql);
$mainpage_link = "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "\">" . $this->get_config('pagetitle') . "</a>";
$serendipity['smarty']->assign('MAINPAGE', $mainpage_link);
if (is_array($boards) && count($boards) >= 1) {
$serendipity['smarty']->assign('bgcolor_head', $this->get_config('bgcolor_head'));
for ($a = 0, $b = count($boards); $a < $b; $a++) {
if (intval($boards[$a]['threads']) >= 1) {
if (intval($boards[$a]['lastposttime']) >= intval($yesterday_lasttstamp) + 1) {
$lastpost = "<span style=\"color:" . $this->get_config('color_today') . ";font-weight:bolder\">" . PLUGIN_FORUM_TODAY . " " . date($this->get_config('timeformat'), $boards[$a]['lastposttime']) . "</span><br />";
} elseif (intval($boards[$a]['lastposttime']) <= intval($yesterday_lasttstamp) && intval($boards[$a]['lastposttime']) >= intval($yesterday_firsttstamp)) {
$lastpost = "<span style=\"color:" . $this->get_config('color_yesterday') . "\">" . PLUGIN_FORUM_YESTERDAY . " " . date($this->get_config('timeformat'), $boards[$a]['lastposttime']) . "</span><br />";
} else {
$lastpost = date($this->get_config('dateformat') . " " . $this->get_config('timeformat'), $boards[$a]['lastposttime']) . "<br />";
}
$lastpost .= (function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes($boards[$a]['lastauthorname'])) : htmlspecialchars(stripslashes($boards[$a]['lastauthorname']), ENT_COMPAT, LANG_CHARSET)) . " ";
$sql = "SELECT COUNT(*) FROM {$serendipity['dbPrefix']}dma_forum_posts WHERE threadid='" . intval($boards[$a]['lastthreadid']) . "'";
$postnum = serendipity_db_query($sql);
$page = ceil(intval($postnum[0][0]) / intval($this->get_config('itemsperpage')));
$lastpost .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($boards[$a]['boardid']) . "&threadid=" . intval($boards[$a]['lastthreadid']) . "&page=" . $page . "#" . intval($boards[$a]['lastpostid']) . "\"><img src=\"" . $this->DMA_forum_getRelPath() . "/img/icon_latest_reply.gif\" width=\"18\" height=\"9\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_DIRECTGOTOPOST . "\" title=\"" . PLUGIN_FORUM_ALT_DIRECTGOTOPOST . "\" /></a>";
$boards[$a]['lastpost'] = $lastpost;
} else {
$boards[$a]['lastpost'] = PLUGIN_FORUM_NO_ENTRIES;
}
if ($thiscolor == $this->get_config('bgcolor2')) {
$thiscolor = $this->get_config('bgcolor1');
} else {
$thiscolor = $this->get_config('bgcolor2');
}
$boards[$a]['color'] = $thiscolor;
$boards[$a]['name'] = function_exists('serendipity_specialchars') ? serendipity_specialchars($boards[$a]['name']) : htmlspecialchars($boards[$a]['name'], ENT_COMPAT, LANG_CHARSET);
$temp_array = array('body' => function_exists('serendipity_specialchars') ? serendipity_specialchars(trim(stripslashes($boards[$a]['description']))) : htmlspecialchars(trim(stripslashes($boards[$a]['description'])), ENT_COMPAT, LANG_CHARSET));
serendipity_plugin_api::hook_event('frontend_display', $temp_array);
$boards[$a]['description'] = trim($temp_array['body']);
}
$serendipity['smarty']->assign(array('pagetitle' => $this->get_config('pagetitle'), 'headline' => $this->get_config('headline'), 'pageurl' => $this->get_config('pageurl'), 'boards' => $boards));
} else {
$noboards .= PLUGIN_FORUM_NO_BOARDS;
$serendipity['smarty']->assign('noboards', $noboards);
}
} elseif (intval($_GET['boardid']) >= 1 && (!isset($_GET['threadid']) || intval($_GET['threadid']) <= 0) && (!isset($_GET['replyto']) && !isset($_GET['edit']) && !isset($_GET['delete']) && !isset($_GET['quote']))) {
// New thread
if (isset($_GET['action']) && trim($_GET['action']) == "newthread") {
$filename = 'templates/newthread.tpl';
if (!is_object($serendipity['smarty'])) {
serendipity_smarty_init();
}
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_boards WHERE boardid='" . intval($_GET['boardid']) . "'";
$board = serendipity_db_query($sql);
if (serendipity_userLoggedIn()) {
$POST_AUTHORNAME = $serendipity['serendipityUser'];
}
if (isset($ERRORMSG) && trim($ERRORMSG) != "") {
$serendipity['smarty']->assign('ERRORMSG', $ERRORMSG);
}
$serendipity['smarty']->assign('bbcode', BBCODE);
$serendipity['smarty']->assign(array('pagetitle' => $this->get_config('pagetitle'), 'headline' => $this->get_config('headline'), 'bgcolor2' => $this->get_config('bgcolor2'), 'ACTUALURL' => $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']), 'boardid' => intval($_GET['boardid']), 'POST_AUTHORNAME' => function_exists('serendipity_specialchars') ? serendipity_specialchars($POST_AUTHORNAME) : htmlspecialchars($POST_AUTHORNAME, ENT_COMPAT, LANG_CHARSET), 'POST_TITLE' => function_exists('serendipity_specialchars') ? serendipity_specialchars($POST_TITLE) : htmlspecialchars($POST_TITLE, ENT_COMPAT, LANG_CHARSET), 'POST_MESSAGE' => function_exists('serendipity_specialchars') ? serendipity_specialchars($POST_MESSAGE) : htmlspecialchars($POST_MESSAGE, ENT_COMPAT, LANG_CHARSET), 'relpath' => $this->DMA_forum_getRelPath(), 'newthreadurl' => $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&action=newthread&boardid=" . intval($_GET['boardid']), 'boardname' => function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes(trim($board[0]['name']))) : htmlspecialchars(stripslashes(trim($board[0]['name'])), ENT_COMPAT, LANG_CHARSET)));
if (serendipity_userLoggedIn() && $serendipity['serendipityUserlevel'] == USERLEVEL_ADMIN) {
$serendipity['smarty']->assign('announcement', true);
}
if (serendipity_userLoggedIn() && $this->get_config('fileupload_reguser') || $this->get_config('fileupload_guest')) {
$upload_max_filesize = ini_get('upload_max_filesize');
$upload_max_filesize = preg_replace('/M/', '000000', $upload_max_filesize);
$MAX_FILE_SIZE = intval($upload_max_filesize);
$MAX_SIZE_PER_FILE = $MAX_FILE_SIZE / 1000000 . " MB";
$max_possible = intval($this->get_config('max_simultaneous_fileuploads'));
if ($max_possible >= intval($this->get_config('max_files_per_post'))) {
$max_possible = intval($this->get_config('max_files_per_post'));
}
if (serendipity_userLoggedIn()) {
$authorid = intval($serendipity['authorid']);
} else {
$authorid = 0;
}
$sql = "SELECT COUNT(*) FROM {$serendipity['dbPrefix']}dma_forum_uploads WHERE authorid = '" . $authorid . "'";
$uploadnum = serendipity_db_query($sql);
$uploaduserrest = intval($this->get_config('max_files_per_user')) - intval($uploadnum[0][0]);
if ($max_possible >= $uploaduserrest) {
$max_possible = $uploaduserrest;
}
$uploads = array();
for ($x = 0; $x < $max_possible; $x++) {
$uploads[] = $x + 1;
}
$serendipity['smarty']->assign(array('uploadform' => true, 'MAX_FILE_SIZE' => $MAX_FILE_SIZE, 'MAX_SIZE_PER_FILE' => $MAX_SIZE_PER_FILE, 'uploads' => $uploads, 'uploads_post_left' => intval($this->get_config('max_files_per_post')), 'uploads_user_left' => $uploaduserrest));
}
if ($this->get_config('use_captchas')) {
$serendipity['smarty']->assign('commentform_entry', array('timestamp' => 1));
}
} else {
// THREADLIST
$filename = 'templates/threadlist.tpl';
if (!is_object($serendipity['smarty'])) {
serendipity_smarty_init();
}
$serendipity['smarty']->assign('pagetitle', $this->get_config('pagetitle'));
$serendipity['smarty']->assign('headline', $this->get_config('headline'));
$serendipity['smarty']->assign('relpath', $this->DMA_forum_getRelPath());
$serendipity['smarty']->assign('newthreadurl', $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&action=newthread&boardid=" . intval($_GET['boardid']));
$THREADLIST = "";
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_boards WHERE boardid='" . intval($_GET['boardid']) . "'";
$board = serendipity_db_query($sql);
// paging
if (isset($_GET['page']) && intval($_GET['page']) >= 1) {
$page = intval($_GET['page']);
} else {
$page = 1;
}
$postnum = intval($board[0]['threads']);
$maxpages = ceil($postnum / intval($this->get_config('itemsperpage')));
if ($maxpages >= 2) {
if (!isset($page) or trim($page) == "" or $page <= 0) {
$page = 1;
}
if ($page > $maxpages) {
$page = $maxpages;
}
$multiplicator = $page * intval($this->get_config('itemsperpage')) - intval($this->get_config('itemsperpage'));
if (!isset($page) or $page == 1) {
$LIMIT = serendipity_db_limit(0, intval($this->get_config('itemsperpage')));
} else {
$LIMIT = serendipity_db_limit($multiplicator, intval($this->get_config('itemsperpage')));
}
$LIMIT = serendipity_db_limit_sql($LIMIT);
$paging = "";
if ($page > 1) {
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&page=1\">1</a> ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&page=" . ($page - 10) . "\"><<</a> ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&page=" . ($page - 1) . "\"><</a> ";
} elseif ($page == 1) {
$paging .= "[ 1 ] ";
}
if ($maxpages >= 2) {
for ($b = $page - 5; $b <= $page + 5; $b++) {
if ($b > 1 and $b < $maxpages) {
if ($b == $page) {
$paging .= "[ " . $b . " ] ";
} elseif ($b >= $maxpages) {
} else {
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&page=" . $b . "\">" . $b . "</a> ";
}
}
}
}
if ($page < $maxpages) {
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&page=" . ($page + 1) . "\">></a> ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&page=" . ($page + 10) . "\">>></a> ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&page=" . $maxpages . "\">" . $maxpages . "</a> ";
} elseif ($page == $maxpages and $page != 1) {
$paging .= "[ " . $maxpages . " ]";
}
if (isset($paging) && trim($paging) != "") {
$serendipity['smarty']->assign('paging', $paging);
}
} else {
$LIMIT = "";
}
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_threads WHERE boardid='" . intval($_GET['boardid']) . "' ORDER BY announce DESC, lastposttime DESC" . $LIMIT;
$threads = serendipity_db_query($sql);
$mainpage_link = "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "\">" . $this->get_config('pagetitle') . "</a>";
$threadlist_link = "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "\">" . (function_exists('serendipity_specialchars') ? serendipity_specialchars($board[0]['name']) : htmlspecialchars($board[0]['name'], ENT_COMPAT, LANG_CHARSET)) . "</a>";
$serendipity['smarty']->assign('MAINPAGE', $mainpage_link);
$serendipity['smarty']->assign('THREADLIST', $threadlist_link);
if (is_array($threads) && count($threads) >= 1) {
$serendipity['smarty']->assign('bgcolor_head', $this->get_config('bgcolor_head'));
for ($a = 0, $b = count($threads); $a < $b; $a++) {
if (intval($threads[$a]['lastpostid']) >= 1) {
if (intval($threads[$a]['lastposttime']) >= intval($yesterday_lasttstamp) + 1) {
$lastpost = "<span style=\"color:" . $this->get_config('color_today') . ";font-weight:bolder\">" . PLUGIN_FORUM_TODAY . " " . date($this->get_config('timeformat'), $threads[$a]['lastposttime']) . "</span><br />";
} elseif (intval($threads[$a]['lastposttime']) <= intval($yesterday_lasttstamp) && intval($threads[$a]['lastposttime']) >= intval($yesterday_firsttstamp)) {
$lastpost = "<span style=\"color:" . $this->get_config('color_yesterday') . "\">" . PLUGIN_FORUM_YESTERDAY . " " . date($this->get_config('timeformat'), $threads[$a]['lastposttime']) . "</span><br />";
} else {
$lastpost = date($this->get_config('dateformat') . " " . $this->get_config('timeformat'), $threads[$a]['lastposttime']) . "<br />";
}
$lastpost .= (function_exists('serendipity_specialchars') ? serendipity_specialchars(stripslashes($threads[$a]['lastauthorname'])) : htmlspecialchars(stripslashes($threads[$a]['lastauthorname']), ENT_COMPAT, LANG_CHARSET)) . " ";
$sql = "SELECT COUNT(*) FROM {$serendipity['dbPrefix']}dma_forum_posts WHERE threadid='" . intval($threads[$a]['threadid']) . "'";
$postnum = serendipity_db_query($sql);
$page = ceil(intval($postnum[0][0]) / intval($this->get_config('itemsperpage')));
$lastpost .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($threads[$a]['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=" . $page . "#" . intval($threads[$a]['lastpostid']) . "\"><img src=\"" . $this->DMA_forum_getRelPath() . "/img/icon_latest_reply.gif\" width=\"18\" height=\"9\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_DIRECTGOTOPOST . "\" title=\"" . PLUGIN_FORUM_ALT_DIRECTGOTOPOST . "\" /></a>";
} else {
$lastpost = PLUGIN_FORUM_NO_REPLIES;
}
$threads[$a]['lastpost'] = $lastpost;
if ($thiscolor == $this->get_config('bgcolor2')) {
$thiscolor = $this->get_config('bgcolor1');
} else {
$thiscolor = $this->get_config('bgcolor2');
}
$threads[$a]['color'] = $thiscolor;
$threads[$a]['title'] = function_exists('serendipity_specialchars') ? serendipity_specialchars($threads[$a]['title']) : htmlspecialchars($threads[$a]['title'], ENT_COMPAT, LANG_CHARSET);
if (intval($threads[$a]['announce']) == 1 && intval($threads[$a + 1]['announce']) != 1) {
$threads[$a]['trenner'] = true;
} else {
$threads[$a]['trenner'] = false;
}
if (intval($threads[$a]['announce']) == 1) {
$threads[$a]['icon'] = $THREAD_UNREAD_ANNOUNCEMENT;
if (isset($READARRAY[intval($threads[$a]['threadid'])]) && intval($READARRAY[intval($threads[$a]['threadid'])]) >= intval($threads[$a]['lastposttime'])) {
$threads[$a]['icon'] = $THREAD_READ_ANNOUNCEMENT;
}
} else {
if (intval($threads[$a]['replies']) >= 15) {
$threads[$a]['icon'] = $THREAD_HUGE_UNREAD;
} else {
$threads[$a]['icon'] = $THREAD_UNREAD;
}
if (isset($READARRAY[intval($threads[$a]['threadid'])]) && intval($READARRAY[intval($threads[$a]['threadid'])]) >= intval($threads[$a]['lastposttime'])) {
if (intval($threads[$a]['replies']) >= 15) {
$threads[$a]['icon'] = $THREAD_HUGE_READ;
} else {
$threads[$a]['icon'] = $THREAD_READ;
}
}
}
$paging = "";
$sql = "SELECT COUNT(*) FROM {$serendipity['dbPrefix']}dma_forum_posts WHERE threadid='" . intval($threads[$a]['threadid']) . "'";
$postnum = serendipity_db_query($sql);
$maxpages = ceil(intval($postnum[0][0]) / intval($this->get_config('itemsperpage')));
if ($maxpages >= 2) {
$paging = PLUGIN_FORUM_PAGES . ": ";
if ($maxpages <= 10) {
$pages = "";
for ($c = 0; $c < $maxpages; $c++) {
if ($pages != "") {
$pages .= ", ";
}
$pages .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=" . ($c + 1) . "\">" . ($c + 1) . "</a>";
}
$paging .= $pages;
} elseif ($maxpages <= 20) {
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=1\">1</a>, ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=2\">2</a>, ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=3\">3</a>, ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=4\">4</a>, ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=5\">5</a>";
$paging .= "... <a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=10\">10</a>";
$paging .= "... <a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=" . $maxpages . "\">" . $maxpages . "</a>";
} elseif ($maxpages <= 50) {
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=1\">1</a>, ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=2\">2</a>, ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=3\">3</a>, ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=4\">4</a>";
$paging .= "... <a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=10\">10</a>";
$paging .= "... <a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=20\">20</a>";
$paging .= "... <a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=" . $maxpages . "\">" . $maxpages . "</a>";
} else {
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=1\">1</a>, ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=2\">2</a>, ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=3\">3</a>";
$paging .= "... <a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=10\">10</a>";
$paging .= "... <a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=20\">20</a>";
$paging .= "... <a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=50\">50</a>";
$paging .= "... <a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($threads[$a]['threadid']) . "&page=" . $maxpages . "\">" . $maxpages . "</a>";
}
}
if ($paging != "") {
$threads[$a]['paging'] = $paging;
}
}
$serendipity['smarty']->assign(array('pagetitle' => $this->get_config('pagetitle'), 'headline' => $this->get_config('headline'), 'pageurl' => $this->get_config('pageurl'), 'threads' => $threads));
} else {
$nothreads .= PLUGIN_FORUM_NO_THREADS;
$serendipity['smarty']->assign('nothreads', $nothreads);
}
}
} elseif (intval($_GET['boardid']) >= 1 && intval($_GET['threadid']) >= 1 && (!isset($_GET['replyto']) && !isset($_GET['edit']) && !isset($_GET['delete']) && !isset($_GET['quote']))) {
// POSTS
$filename = 'templates/postlist.tpl';
if (!is_object($serendipity['smarty'])) {
serendipity_smarty_init();
}
$serendipity['smarty']->assign('pagetitle', $this->get_config('pagetitle'));
$serendipity['smarty']->assign('headline', $this->get_config('headline'));
if (isset($ERRORMSG) && trim($ERRORMSG) != "") {
$serendipity['smarty']->assign('ERRORMSG', $ERRORMSG);
}
$q = "UPDATE {$serendipity['dbPrefix']}dma_forum_threads SET views = views+1 WHERE threadid = '" . intval($_GET['threadid']) . "'";
serendipity_db_query($q);
// Set the cookie for threadicon (read/unread)
$cookie = array('setthreadcookie' => intval($_GET['threadid']));
serendipity_plugin_api::hook_event('external_plugin', $cookie);
$POSTLIST = "";
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_boards WHERE boardid='" . intval($_GET['boardid']) . "'";
$board = serendipity_db_query($sql);
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_threads WHERE threadid='" . intval($_GET['threadid']) . "'";
$thread = serendipity_db_query($sql);
$mainpage_link = "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "\">" . $this->get_config('pagetitle') . "</a>";
$threadlist_link = "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "\">" . (function_exists('serendipity_specialchars') ? serendipity_specialchars($board[0]['name']) : htmlspecialchars($board[0]['name'], ENT_COMPAT, LANG_CHARSET)) . "</a>";
$posts_link = "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($thread[0]['threadid']) . "\">" . (function_exists('serendipity_specialchars') ? serendipity_specialchars($thread[0]['title']) : htmlspecialchars($thread[0]['title'], ENT_COMPAT, LANG_CHARSET)) . "</a>";
$serendipity['smarty']->assign('MAINPAGE', $mainpage_link);
$serendipity['smarty']->assign('THREADLIST', $threadlist_link);
$serendipity['smarty']->assign('POSTS', $posts_link);
// paging
if (isset($_GET['page']) && intval($_GET['page']) >= 1) {
$page = intval($_GET['page']);
} else {
$page = 1;
}
$postnum = intval($thread[0]['replies']) + 1;
$maxpages = ceil($postnum / intval($this->get_config('itemsperpage')));
if ($maxpages >= 2) {
if (!isset($page) or trim($page) == "" or $page <= 0) {
$page = 1;
}
if ($page > $maxpages) {
$page = $maxpages;
}
$multiplicator = $page * intval($this->get_config('itemsperpage')) - intval($this->get_config('itemsperpage'));
if (!isset($page) or $page == 1) {
$LIMIT = serendipity_db_limit(0, intval($this->get_config('itemsperpage')));
} else {
$LIMIT = serendipity_db_limit($multiplicator, intval($this->get_config('itemsperpage')));
}
$LIMIT = serendipity_db_limit_sql($LIMIT);
$paging = "";
if ($page > 1) {
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($thread[0]['threadid']) . "&page=1\">1</a> ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($thread[0]['threadid']) . "&page=" . ($page - 10) . "\"><<</a> ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($thread[0]['threadid']) . "&page=" . ($page - 1) . "\"><</a> ";
} elseif ($page == 1) {
$paging .= "[ 1 ] ";
}
if ($maxpages >= 2) {
for ($b = $page - 5; $b <= $page + 5; $b++) {
if ($b > 1 and $b < $maxpages) {
if ($b == $page) {
$paging .= "[ " . $b . " ] ";
} elseif ($b >= $maxpages) {
} else {
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($thread[0]['threadid']) . "&page=" . $b . "\">" . $b . "</a> ";
}
}
}
}
if ($page < $maxpages) {
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($thread[0]['threadid']) . "&page=" . ($page + 1) . "\">></a> ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($thread[0]['threadid']) . "&page=" . ($page + 10) . "\">>></a> ";
$paging .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($thread[0]['threadid']) . "&page=" . $maxpages . "\">" . $maxpages . "</a> ";
} elseif ($page == $maxpages and $page != 1) {
$paging .= "[ " . $maxpages . " ]";
}
if (isset($paging) && trim($paging) != "") {
$serendipity['smarty']->assign('paging', $paging);
}
} else {
$LIMIT = "";
}
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_posts WHERE threadid='" . intval($_GET['threadid']) . "' ORDER BY postdate ASC" . $LIMIT;
$posts = serendipity_db_query($sql);
if (is_array($posts) && count($posts) >= 1) {
$serendipity['smarty']->assign('threadtitle', function_exists('serendipity_specialchars') ? serendipity_specialchars($thread[0]['title']) : htmlspecialchars($thread[0]['title'], ENT_COMPAT, LANG_CHARSET));
$serendipity['smarty']->assign('bgcolor_head', $this->get_config('bgcolor_head'));
for ($a = 0, $b = count($posts); $a < $b; $a++) {
if ($thiscolor == $this->get_config('bgcolor2')) {
$thiscolor = $this->get_config('bgcolor1');
} else {
$thiscolor = $this->get_config('bgcolor2');
}
$posts[$a]['color'] = $thiscolor;
if ($this->get_config('apply_markup')) {
if ($this->get_config('unreg_nomarkups') && (!isset($posts[$a]['authorid']) || intval($posts[$a]['authorid']) <= 0)) {
$posts[$a]['message'] = nl2br(function_exists('serendipity_specialchars') ? serendipity_specialchars(trim(stripslashes($posts[$a]['message']))) : htmlspecialchars(trim(stripslashes($posts[$a]['message'])), ENT_COMPAT, LANG_CHARSET));
} else {
$temp_array = array('body' => function_exists('serendipity_specialchars') ? serendipity_specialchars(trim(stripslashes($posts[$a]['message']))) : htmlspecialchars(trim(stripslashes($posts[$a]['message'])), ENT_COMPAT, LANG_CHARSET));
serendipity_plugin_api::hook_event('frontend_display', $temp_array);
$posts[$a]['message'] = trim($temp_array['body']);
}
} else {
$posts[$a]['message'] = nl2br(function_exists('serendipity_specialchars') ? serendipity_specialchars(trim(stripslashes($posts[$a]['message']))) : htmlspecialchars(trim(stripslashes($posts[$a]['message'])), ENT_COMPAT, LANG_CHARSET));
}
unset($email);
unset($gravatar_array);
unset($posts[$a]['gravatar']);
$authorid = intval(trim($posts[$a]['authorid']));
if ($authorid >= 1) {
$sql = "SELECT email FROM {$serendipity['dbPrefix']}authors WHERE authorid = '" . $authorid . "'";
$email = serendipity_db_query($sql);
$gravatar_array = array('comment' => "", 'email' => trim($email[0][0]));
serendipity_plugin_api::hook_event('frontend_display', $gravatar_array);
if (isset($gravatar_array['comment']) && trim($gravatar_array['comment']) != "") {
$posts[$a]['gravatar'] = $gravatar_array['comment'];
}
}
$POSTBUTTONS = "";
if ($thread[0]['flag'] != 1) {
$POSTBUTTONS = "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&replyto=" . $posts[$a]['postid'] . "&quote=0\"><img src=\"" . $this->DMA_forum_getRelPath() . "/img/reply.png\" width=\"60\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_REPLY . "\" title=\"" . PLUGIN_FORUM_ALT_REPLY . "\" /></a> ";
$POSTBUTTONS .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&replyto=" . $posts[$a]['postid'] . "&quote=1\"><img src=\"" . $this->DMA_forum_getRelPath() . "/img/quote.png\" width=\"60\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_QUOTE . "\" title=\"" . PLUGIN_FORUM_ALT_QUOTE . "\" /></a> ";
}
if (serendipity_userLoggedIn() && ($serendipity['serendipityUser'] == $posts[$a]['authorname'] && $serendipity['authorid'] == $posts[$a]['authorid'] || $serendipity['serendipityUserlevel'] == 255)) {
$POSTBUTTONS .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&page=" . $page . "&edit=" . $posts[$a]['postid'] . "\"><img src=\"" . $this->DMA_forum_getRelPath() . "/img/edit.png\" width=\"60\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_EDIT . "\" title=\"" . PLUGIN_FORUM_ALT_EDIT . "\" /></a> ";
}
if (serendipity_userLoggedIn() && $serendipity['serendipityUserlevel'] == 255) {
$POSTBUTTONS .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&page=" . $page . "&delete=" . $posts[$a]['postid'] . "\"><img src=\"" . $this->DMA_forum_getRelPath() . "/img/delete.png\" width=\"60\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_DELETE_POST . "\" title=\"" . PLUGIN_FORUM_ALT_DELETE_POST . "\" /></a> ";
}
$posts[$a]['postbuttons'] = $POSTBUTTONS;
$AUTHORDETAILS = "";
if (isset($posts[$a]['authorid']) && intval($posts[$a]['authorid']) >= 1) {
$AUTHORDETAILS .= "<b>" . PLUGIN_FORUM_REG_USER . "</b><br />";
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_users WHERE authorid = '" . intval($posts[$a]['authorid']) . "'";
$userdetails = serendipity_db_query($sql);
if (is_array($userdetails) && count($userdetails) >= 1) {
$AUTHORDETAILS .= PLUGIN_FORUM_POSTS . ": " . intval($userdetails[0]['posts']) . "<br />";
$AUTHORDETAILS .= PLUGIN_FORUM_VISITS . ": " . intval($userdetails[0]['visits']) . "<br />";
} else {
$AUTHORDETAILS .= PLUGIN_FORUM_POSTS . ": 0<br />";
$AUTHORDETAILS .= PLUGIN_FORUM_VISITS . ": 0<br />";
}
}
$sql = "SELECT * FROM {$serendipity['dbPrefix']}dma_forum_uploads WHERE postid = '" . $posts[$a]['postid'] . "'";
$uploads = serendipity_db_query($sql);
if (is_array($uploads) && count($uploads) >= 1) {
$posts[$a]['uploads'] = true;
for ($y = 0, $z = count($uploads); $y < $z; $y++) {
$filesize = DMA_forum_calcFilesize($uploads[$y]['filesize']);
$mime = DMA_forum_getMime(function_exists('serendipity_specialchars') ? serendipity_specialchars(basename($uploads[$y]['realfilename'])) : htmlspecialchars(basename($uploads[$y]['realfilename']), ENT_COMPAT, LANG_CHARSET), $this->DMA_forum_getRelPath());
$fileicon = "<img src=\"" . $mime['ICON'] . "\" width=\"18\" height=\"20\" border=\"0\" />";
$content_type = $mime['TYPE'];
$posts[$a]['upload'][$y]['filename'] = "<a href=\"" . $serendipity['baseURL'] . ($serendipity['rewrite'] == "none" ? $serendipity['indexFile'] . "?/" : "") . "plugin/forumdl_" . intval($uploads[$y]['uploadid']) . "\">" . (function_exists('serendipity_specialchars') ? serendipity_specialchars(basename($uploads[$y]['realfilename'])) : htmlspecialchars(basename($uploads[$y]['realfilename']), ENT_COMPAT, LANG_CHARSET)) . "</a>";
$posts[$a]['upload'][$y]['filesize'] = $filesize;
$posts[$a]['upload'][$y]['fileicon'] = $fileicon;
$posts[$a]['upload'][$y]['filetype'] = $content_type;
$posts[$a]['upload'][$y]['dlcount'] = intval($uploads[$y]['dlcount']);
if (serendipity_userLoggedIn() && ($serendipity['serendipityUserlevel'] == USERLEVEL_ADMIN || intval($uploads[$y]['authorid']) == intval($serendipity['authorid']))) {
$posts[$a]['upload'][$y]['delbutton'] = "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&page=" . $page . "&delfile=" . intval($uploads[$y]['uploadid']) . "#" . intval($posts[$a]['postid']) . "\">" . $DEL_FILE_BUTTON . "</a>";
}
}
} else {
$posts[$a]['uploads'] = false;
}
$posts[$a]['authordetails'] = $AUTHORDETAILS;
$posts[$a]['title'] = function_exists('serendipity_specialchars') ? serendipity_specialchars($posts[$a]['title']) : htmlspecialchars($posts[$a]['title'], ENT_COMPAT, LANG_CHARSET);
$posts[$a]['authorname'] = function_exists('serendipity_specialchars') ? serendipity_specialchars($posts[$a]['authorname']) : htmlspecialchars($posts[$a]['authorname'], ENT_COMPAT, LANG_CHARSET);
if (intval($posts[$a]['postdate']) >= intval($yesterday_lasttstamp) + 1) {
$posts[$a]['postdate'] = "<span style=\"color:" . $this->get_config('color_today') . ";font-weight:bolder\">" . PLUGIN_FORUM_TODAY . " " . date($this->get_config('timeformat'), $posts[$a]['postdate']) . "</span>";
} elseif (intval($posts[$a]['postdate']) <= intval($yesterday_lasttstamp) && intval($posts[$a]['postdate']) >= intval($yesterday_firsttstamp)) {
$posts[$a]['postdate'] = "<span style=\"color:" . $this->get_config('color_yesterday') . "\">" . PLUGIN_FORUM_YESTERDAY . " " . date($this->get_config('timeformat'), $posts[$a]['postdate']) . "</span>";
} else {
$posts[$a]['postdate'] = date($this->get_config('dateformat') . " " . $this->get_config('timeformat'), $posts[$a]['postdate']);
}
}
if (serendipity_userLoggedIn()) {
if (trim($thread[0]['notifymails']) != "") {
$NOTIFYARRAY = unserialize(stripslashes(trim($thread[0]['notifymails'])));
} else {
$NOTIFYARRAY = array();
}
if (in_array($serendipity['email'], $NOTIFYARRAY)) {
$serendipity['smarty']->assign('notify', 2);
} else {
$serendipity['smarty']->assign('notify', 1);
}
$subscribeurl = $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&page=" . $page . "&subscribe=1";
$unsubscribeurl = $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&page=" . $page . "&unsubscribe=1";
$serendipity['smarty']->assign('subscribeurl', $subscribeurl);
$serendipity['smarty']->assign('unsubscribeurl', $unsubscribeurl);
}
$serendipity['smarty']->assign(array('pagetitle' => $this->get_config('pagetitle'), 'headline' => $this->get_config('headline'), 'pageurl' => $this->get_config('pageurl'), 'posts' => $posts));
} else {
$noposts = PLUGIN_FORUM_NO_POSTS;
$serendipity['smarty']->assign('noposts', $noposts);
}
// Display thread buttons regardless of number of posts
$THREADBUTTONS = "";
if (serendipity_userLoggedIn() && $serendipity['serendipityUserlevel'] == 255) {
if ($thread[0]['flag'] == 1) {
$THREADBUTTONS .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&action=reopen\"><img src=\"" . $this->DMA_forum_getRelPath() . "/img/reopen.png\" width=\"60\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_REOPEN . "\" title=\"" . PLUGIN_FORUM_ALT_REOPEN . "\" /></a> ";
} else {
$THREADBUTTONS .= "<a href=\"" . $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&action=close\"><img src=\"" . $this->DMA_forum_getRelPath() . "/img/close.png\" width=\"60\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_CLOSE . "\" title=\"" . PLUGIN_FORUM_ALT_CLOSE . "\" /></a> ";
}
$THREADBUTTONS .= "<a href=\"" . $serendipity['baseURL'] . "serendipity_admin.php?serendipity[adminModule]=event_display&serendipity[adminAction]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&action=move\"><img src=\"" . $this->DMA_forum_getRelPath() . "/img/move.png\" width=\"60\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_MOVE . "\" title=\"" . PLUGIN_FORUM_ALT_MOVE . "\" /></a> ";
$THREADBUTTONS .= "<a href=\"" . $serendipity['baseURL'] . "serendipity_admin.php?serendipity[adminModule]=event_display&serendipity[adminAction]=" . $this->get_config('pageurl') . "&boardid=" . intval($_GET['boardid']) . "&threadid=" . intval($_GET['threadid']) . "&action=delete\"><img src=\"" . $this->DMA_forum_getRelPath() . "/img/delete.png\" width=\"60\" height=\"18\" border=\"0\" alt=\"" . PLUGIN_FORUM_ALT_DELETE . "\" title=\"" . PLUGIN_FORUM_ALT_DELETE . "\" /></a>";
}
$serendipity['smarty']->assign('THREADBUTTONS', $THREADBUTTONS);
}
$serendipity['smarty']->assign('plugin_eventforum_not20', $serendipity['version'][0] < 2 ? true : false);
$filename = $filename;
$tfile = serendipity_getTemplateFile($filename, 'serendipityPath');
if (!$tfile || $tfile == $filename) {
$tfile = dirname(__FILE__) . '/' . $filename;
}
$inclusion = $serendipity['smarty']->security_settings[INCLUDE_ANY];
$serendipity['smarty']->security_settings[INCLUDE_ANY] = true;
$content = $serendipity['smarty']->fetch('file:' . $tfile);
$serendipity['smarty']->security_settings[INCLUDE_ANY] = $inclusion;
echo $content;
}
function logger($type = 'frontend_login', $eventData = array())
{
global $serendipity;
$f2b = $this->get_config('fail2ban');
if ($f2b != '') {
$fp = fopen($f2b, 'a');
if ($type == 'fail') {
if (empty($eventData['user'])) {
return false;
}
if ($this->failtrack) {
return false;
}
$this->failtrack = true;
$msg = date('M d H:i:s ') . $_SERVER['HTTP_HOST'] . ' s9y[' . $_SERVER['REMOTE_PORT'] . $eventData['mode'] . ']: auth failure username: '******'user'] . ' from ' . $_SERVER['REMOTE_ADDR'] . ' / ' . $_SERVER['REQUEST_URI'] . " (" . serialize($eventData['ext']) . ")\n";
} elseif (serendipity_userLoggedIn() && !$_SESSION['login_tracked_' . $type]) {
$msg = date('M d H:i:s ') . $_SERVER['HTTP_HOST'] . ' s9y[' . $_SERVER['REMOTE_PORT'] . ']: auth okay: ' . $serendipity['serendipityUser'] . ' from ' . $_SERVER['REMOTE_ADDR'] . ' / ' . $_SERVER['REQUEST_URI'] . "\n";
}
fwrite($fp, $msg);
fclose($fp);
}
if ($type == 'fail') {
return false;
}
if (!serendipity_userLoggedIn()) {
return false;
}
if ($_SESSION['login_tracked_' . $type]) {
return false;
}
$timestamp = time();
$authorid = (int) $serendipity['authorid'];
$referer = serendipity_db_escape_string($_SERVER['HTTP_REFERER']);
$ip = serendipity_db_escape_string($_SERVER['REMOTE_ADDR']);
$ua = serendipity_db_escape_string($_SERVER['HTTP_USER_AGENT']);
$i = serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}loginlog (timestamp, authorid, action, ip, referer, user_agent)\n VALUES ({$timestamp}, {$authorid}, '{$type}', '{$ip}', '{$referer}', '{$ua}')");
$_SESSION['login_tracked_' . $type] = true;
return true;
}
function event_hook($event, &$bag, &$eventData, $addData = null)
{
global $serendipity;
$hooks =& $bag->get('event_hooks');
if (isset($hooks[$event])) {
$captchas_ttl = $this->get_config('captchas_ttl', 7);
$_recaptcha = $this->get_config('recaptcha', 'no');
$recaptcha = $_recaptcha === 'yes' || $_recaptcha !== 'no' || serendipity_db_bool($_recaptcha);
// Check if the entry is older than the allowed amount of time.
// Enforce captchas if that is true of if captchas are activated
// for every entry
$show_captcha = $recaptcha && isset($eventData['timestamp']) && ($captchas_ttl < 1 || $eventData['timestamp'] < time() - $captchas_ttl * 60 * 60 * 24) ? true : false;
switch ($event) {
case 'frontend_configure':
// set a variable, so that the spamblock plugin can disable the captcha when recaptcha is found.
if ($_recaptcha) {
$serendipity['plugins']['disable_internal_captcha'] = true;
}
return true;
break;
case 'frontend_saveComment':
if (!is_array($eventData) || serendipity_db_bool($eventData['allow_comments'])) {
//$serendipity['csuccess'] = 'true';
$logfile = $this->logfile = $this->get_config('logfile', $serendipity['serendipityPath'] . 'spamblock.log');
// Check whether to allow comments from registered authors
if (serendipity_userLoggedIn() && $this->inGroup()) {
return true;
}
// Captcha checking
if ($show_captcha && $addData['type'] == 'NORMAL') {
$privatekey = $this->get_config('recaptcha_priv');
if ($_POST["recaptcha_response_field"] != 1) {
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
# set the error code so that we can display it
$this->error = $resp->error;
$this->log($logfile, $eventData['id'], 'REJECTED', $this->error, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_RECAPTCHA_ERROR_CAPTCHAS;
return false;
}
} else {
return false;
}
}
}
return true;
break;
case 'frontend_comment':
// Check whether to allow comments from registered authors
if (serendipity_userLoggedIn() && $this->inGroup()) {
return true;
}
if ($show_captcha) {
$pubkey = $this->get_config('recaptcha_pub');
$privkey = $this->get_config('recaptcha_priv');
if ($recaptcha && ($pubkey == null || $pubkey == '' || ($privkey == null || $pubkey == ''))) {
$recaptcha = false;
//$captchas = true;
printf('<div class="serendipity_center serendipity_msg_important">%s</div>', PLUGIN_EVENT_RECAPTCHA_ERROR_RECAPTCHA);
}
// The response from recaptcha.net
$resp = null;
$theme = $this->get_config('recaptcha_style', 'red');
echo "\n<script type=\"text/javascript\">\n var RecaptchaOptions = { theme : '" . $theme . "', lang : '" . $serendipity['lang'] . "' };\n</script>";
echo recaptcha_get_html($pubkey, $this->error);
}
return true;
break;
default:
return false;
break;
}
} else {
return false;
}
}
function event_hook($event, &$bag, &$eventData)
{
global $serendipity;
static $markup = null;
static $isolate = null;
static $p_tags = null;
static $isobr = null;
static $clean_tags = null;
global $_buf;
$hooks =& $bag->get('event_hooks');
if ($markup === null) {
$markup = serendipity_db_bool($this->get_config('check_markup'));
}
if ($p_tags === null) {
$p_tags = serendipity_db_bool($this->get_config('p_tags'));
}
if ($isobr === null) {
$isobr = serendipity_db_bool($this->get_config('isobr'));
}
if ($clean_tags === null) {
$clean_tags = serendipity_db_bool($this->get_config('clean_tags'));
}
if (isset($hooks[$event])) {
switch ($event) {
case 'frontend_display':
// check single entry for temporary disabled markups
if (!$eventData['properties']['ep_disable_markup_' . $this->instance] && !in_array($this->instance, (array) $serendipity['POST']['properties']['disable_markups']) && !$eventData['properties']['ep_no_textile'] && !isset($serendipity['POST']['properties']['ep_no_textile']) && !$eventData['properties']['ep_no_markdown'] && !isset($serendipity['POST']['properties']['ep_no_markdown'])) {
// yes, this markup shall be applied
$serendipity['nl2br']['entry_disabled_markup'] = false;
} else {
// no, do not apply markup
$serendipity['nl2br']['entry_disabled_markup'] = true;
}
// don't add additional br or p tags, if the wysiwyg-editor, the textile, or markdown plugin already took care about markup
if ($markup) {
if ($serendipity['wysiwyg'] && serendipity_userLoggedIn() || $serendipity['nl2br']['entry_disabled_markup'] === false && (class_exists('serendipity_event_textile') || class_exists('serendipity_event_markdown'))) {
return true;
}
}
// check for users isolation tags
if ($isolate === null) {
$isolate = $this->get_config('isolate');
$tags = (array) explode(',', $isolate);
$isolate = array();
foreach ($tags as $tag) {
$tag = trim($tag);
if (!empty($tag)) {
$isolate[] = $tag;
}
}
if (count($isolate) < 1) {
$isolate = false;
}
}
foreach ($this->markup_elements as $temp) {
if (serendipity_db_bool($this->get_config($temp['name'], true)) && isset($eventData[$temp['element']]) && !$eventData['properties']['ep_disable_markup_' . $this->instance] && !in_array($this->instance, (array) $serendipity['POST']['properties']['disable_markups']) && !$eventData['properties']['ep_no_nl2br'] && !isset($serendipity['POST']['properties']['ep_no_nl2br'])) {
$element = $temp['element'];
if ($p_tags) {
$eventData[$element] = $this->nl2p($eventData[$element]);
} else {
if ($isolate) {
$eventData[$element] = $this->isolate($eventData[$element], '~[<\\[](' . implode('|', $isolate) . ').*?[>\\]].*?[<\\[]/\\1[>\\]]~si');
$eventData[$element] = nl2br($eventData[$element]);
$eventData[$element] = $this->restore($eventData[$element]);
} else {
if ($isobr) {
$eventData[$element] = $this->isolate($eventData[$element], '~[<\\[](nl).*?[>\\]].*?[<\\[]/\\1[>\\]]~si');
$eventData[$element] = nl2br($eventData[$element]);
$eventData[$element] = $this->restore($eventData[$element]);
// unset nl tagline, if is
$eventData[$element] = str_replace(array("<nl>", "</nl><br />", "</nl><br/>", "</nl>"), "", $eventData[$element]);
} else {
$eventData[$element] = nl2br($eventData[$element]);
}
}
}
/* this is an option if not using new isobr default config setting */
if (!$p_tags && $isobr === false && $clean_tags === true) {
// convert line endings to Unix style, if not already done
$eventData[$element] = str_replace(array("\r\n", "\r"), "\n", $eventData[$element]);
// clean special tags from nl2br
$eventData[$element] = $this->clean_nl2brtags($eventData[$element]);
}
}
}
return true;
break;
case 'backend_configure':
// check single entry for temporary disabled markups
if ($isobr) {
if (!is_object($serendipity['smarty'])) {
serendipity_smarty_init();
// if not set to avoid member function assign() on a non-object error, start Smarty templating
}
// hook into default/admin/entries.tpl somehow via the Heart Of Gold = serendipity_printEntryForm() before! it is loaded
$serendipity['smarty']->assign('iso2br', true);
}
return true;
break;
case 'css':
?>
p.whiteline {
margin-top: 0em;
margin-bottom: 1em;
}
p.break {
margin-top: 0em;
margin-bottom: 0em;
}
<?php
return true;
break;
default:
return false;
}
} else {
return false;
}
}
/**
* Initialize the Smarty framework for use in Serendipity
*
* @access public
* @return null
*/
function serendipity_smarty_init($vars = array())
{
global $serendipity, $template_config, $template_global_config, $template_config_groups;
if (!isset($serendipity['smarty'])) {
$template_dir = $serendipity['serendipityPath'] . $serendipity['templatePath'] . $serendipity['template'];
if (!defined('IN_serendipity_admin') && file_exists($template_dir . '/template.inc.php')) {
// If this file exists, a custom template engine will be loaded.
// Beware: Smarty is used in the Admin backend, despite of this.
include_once $template_dir . '/template.inc.php';
} else {
// Backend template overwritten here (NOT earlier due to frontend specific check)
if (defined('IN_serendipity_admin')) {
$template_dir = $serendipity['serendipityPath'] . $serendipity['templatePath'] . $serendipity['template_backend'];
}
// Set a session variable if Smarty fails:
$prev_smarty = $_SESSION['no_smarty'];
$_SESSION['no_smarty'] = true;
if (LANG_CHARSET != 'UTF-8') {
@define('SMARTY_MBSTRING', false);
@define('SMARTY_RESOURCE_CHAR_SET', LANG_CHARSET);
}
// define cache resources to load with smarty - see smarty cache readme - needs enabled cache!
#@define('APC_EXTENSION_LOADED', extension_loaded('apc') && ini_get('apc.enabled'));
#@define('MEMCACHE_EXTENSION_LOADED', (class_exists('Memcached',false) || class_exists('Memcache',false)) && (extension_loaded("memcached") || extension_loaded("memcache")));
// Default Smarty Engine will be used
@define('SMARTY_DIR', S9Y_PEAR_PATH . 'Smarty/libs/');
if (!class_exists('Smarty')) {
include_once SMARTY_DIR . 'Smarty.class.php';
}
if (!class_exists('Smarty')) {
return false;
}
// include the serendipity smarty constructor
if (!class_exists('Serendipity_Smarty')) {
include_once S9Y_INCLUDE_PATH . '/include/serendipity_smarty_class.inc.php';
}
if (!class_exists('Serendipity_Smarty')) {
return false;
}
// set smarty instance
#$serendipity['smarty'] = new Serendipity_Smarty;
// initialize smarty object by instance
$serendipity['smarty'] = Serendipity_Smarty::getInstance();
// debug moved to class
// Hooray for Smarty:
$_SESSION['no_smarty'] = $prev_smarty;
// enable security policy by instance of the Smarty_Security class
$serendipity['smarty']->enableSecurity('Serendipity_Smarty_Security_Policy');
// debugging...
#echo '<pre>';print_r($serendipity['smarty']);echo '</pre>';#exit;
#$serendipity['smarty']->testInstall();exit;
// extreme debugging with undocumented internal flag which enables a trace output from the parser during debugging
#$serendipity['smarty']->_parserdebug = true; // be careful!
/**
* ToDo: Check for possible API changes in Smarty 3.2 [smarty_modifier_foobar, --> [smarty_modifier_foobar, smarty_function_foobar, smarty_block_foobar] (in class)]
* smarty_modifier_foobar(Smarty $smarty, $string, ...) vs. smarty_modifier_foobar($string, ...)
**/
$serendipity['smarty']->registerPlugin('modifier', 'makeFilename', 'serendipity_makeFilename');
$serendipity['smarty']->registerPlugin('modifier', 'xhtml_target', 'serendipity_xhtml_target');
$serendipity['smarty']->registerPlugin('modifier', 'emptyPrefix', 'serendipity_emptyPrefix');
$serendipity['smarty']->registerPlugin('modifier', 'formatTime', 'serendipity_smarty_formatTime');
$serendipity['smarty']->registerPlugin('modifier', 'serendipity_utf8_encode', 'serendipity_utf8_encode');
$serendipity['smarty']->registerPlugin('modifier', 'ifRemember', 'serendipity_ifRemember');
$serendipity['smarty']->registerPlugin('modifier', 'checkPermission', 'serendipity_checkPermission');
$serendipity['smarty']->registerPlugin('modifier', 'serendipity_refhookPlugin', 'serendipity_smarty_refhookPlugin');
$serendipity['smarty']->registerPlugin('modifier', 'serendipity_html5time', 'serendipity_smarty_html5time');
$serendipity['smarty']->registerPlugin('modifier', 'rewriteURL', 'serendipity_rewriteURL');
$serendipity['smarty']->registerPlugin('function', 'serendipity_printSidebar', 'serendipity_smarty_printSidebar');
$serendipity['smarty']->registerPlugin('function', 'serendipity_hookPlugin', 'serendipity_smarty_hookPlugin');
$serendipity['smarty']->registerPlugin('function', 'serendipity_showPlugin', 'serendipity_smarty_showPlugin');
$serendipity['smarty']->registerPlugin('function', 'serendipity_getFile', 'serendipity_smarty_getFile');
$serendipity['smarty']->registerPlugin('function', 'serendipity_printComments', 'serendipity_smarty_printComments');
$serendipity['smarty']->registerPlugin('function', 'serendipity_printTrackbacks', 'serendipity_smarty_printTrackbacks');
$serendipity['smarty']->registerPlugin('function', 'serendipity_rss_getguid', 'serendipity_smarty_rss_getguid');
$serendipity['smarty']->registerPlugin('function', 'serendipity_fetchPrintEntries', 'serendipity_smarty_fetchPrintEntries');
$serendipity['smarty']->registerPlugin('function', 'serendipity_getTotalCount', 'serendipity_smarty_getTotalCount');
$serendipity['smarty']->registerPlugin('function', 'pickKey', 'serendipity_smarty_pickKey');
$serendipity['smarty']->registerPlugin('function', 'serendipity_showCommentForm', 'serendipity_smarty_showCommentForm');
$serendipity['smarty']->registerPlugin('function', 'serendipity_getImageSize', 'serendipity_smarty_getImageSize');
$serendipity['smarty']->registerPlugin('function', 'serendipity_getConfigVar', 'serendipity_smarty_getConfigVar');
$serendipity['smarty']->registerPlugin('function', 'serendipity_setFormToken', 'serendipity_smarty_setFormToken');
$serendipity['smarty']->registerFilter('pre', 'serendipity_replaceSmartyVars');
}
if (!isset($serendipity['smarty_file'])) {
$serendipity['smarty_file'] = 'index.tpl';
}
$category = false;
$category_info = array();
if (isset($serendipity['GET']['category'])) {
$category = (int) $serendipity['GET']['category'];
if (isset($GLOBALS['cInfo'])) {
$category_info = $GLOBALS['cInfo'];
} else {
$category_info = serendipity_fetchCategoryInfo($category);
}
}
if (!isset($serendipity['smarty_vars']['head_link_stylesheet'])) {
$serendipity['smarty_vars']['head_link_stylesheet_frontend'] = serendipity_rewriteURL('serendipity.css');
if (IN_serendipity_admin === true) {
$serendipity['smarty_vars']['head_link_stylesheet'] = serendipity_rewriteURL('serendipity_admin.css');
} else {
$serendipity['smarty_vars']['head_link_stylesheet'] = serendipity_rewriteURL('serendipity.css');
}
// When templates are switched, append a specific version string to make sure the browser does not cache the CSS
if (strstr($serendipity['smarty_vars']['head_link_stylesheet'], '?')) {
$serendipity['smarty_vars']['head_link_stylesheet'] .= '&v=' . $serendipity['last_template_change'];
$serendipity['smarty_vars']['head_link_stylesheet_frontend'] .= '&v=' . $serendipity['last_template_change'];
} else {
$serendipity['smarty_vars']['head_link_stylesheet'] .= '?v=' . $serendipity['last_template_change'];
$serendipity['smarty_vars']['head_link_stylesheet_frontend'] .= '?v=' . $serendipity['last_template_change'];
}
}
if (!isset($serendipity['smarty_vars']['head_link_script'])) {
if (IN_serendipity_admin === true) {
$serendipity['smarty_vars']['head_link_script'] = serendipity_rewriteURL('serendipity_admin.js');
} else {
$serendipity['smarty_vars']['head_link_script'] = serendipity_rewriteURL('serendipity.js');
}
if (strstr($serendipity['smarty_vars']['head_link_script'], '?')) {
$serendipity['smarty_vars']['head_link_script'] .= '&v=' . $serendipity['last_template_change'];
} else {
$serendipity['smarty_vars']['head_link_script'] .= '?v=' . $serendipity['last_template_change'];
}
}
$wysiwyg_customPlugin = $wysiwyg_customConfig = null;
if (defined('IN_serendipity_admin') && $serendipity['wysiwyg']) {
// check force internal toolbar config file
if (strpos($serendipity['wysiwygToolbar'], 'NOCC-') !== false) {
$serendipity['wysiwygToolbar'] = substr($serendipity['wysiwygToolbar'], 5);
$force_internal_toolbar = true;
}
// check ckeditor custom plugin file
$ccp = serendipity_getTemplateFile('admin/ckeditor_custom_plugin.js', 'serendipityHTTPPath', true);
$wysiwyg_customPlugin = !empty($ccp) && !$force_internal_toolbar ? $ccp : $serendipity['serendipityHTTPPath'] . 'htmlarea/ckeditor_s9y_plugin.js';
// check ckeditor custom config file
$ccc = serendipity_getTemplateFile('admin/ckeditor_custom_config.js', 'serendipityHTTPPath', true);
$wysiwyg_customConfig = !empty($ccc) && !$force_internal_toolbar ? $ccc : $serendipity['serendipityHTTPPath'] . 'htmlarea/ckeditor_s9y_config.js';
}
$_force_backendpopups = explode(',', $serendipity['enableBackendPopupGranular']);
$force_backendpopups = array();
foreach ($_force_backendpopups as $fbp_key => $fbp_val) {
$fbp_val = trim($fbp_val);
if (empty($fbp_val)) {
continue;
}
$force_backendpopups[$fbp_val] = $fbp_val;
}
$serendipity['smarty']->assign(array('head_charset' => LANG_CHARSET, 'head_version' => $serendipity['version'], 'head_title' => $serendipity['head_title'], 'head_subtitle' => $serendipity['head_subtitle'], 'head_link_stylesheet' => $serendipity['smarty_vars']['head_link_stylesheet'], 'head_link_script' => $serendipity['smarty_vars']['head_link_script'], 'head_link_stylesheet_frontend' => $serendipity['smarty_vars']['head_link_stylesheet_frontend'], 'is_xhtml' => true, 'use_popups' => $serendipity['enablePopup'], 'use_backendpopups' => $serendipity['enableBackendPopup'], 'force_backendpopups' => $force_backendpopups, 'is_embedded' => !$serendipity['embed'] || $serendipity['embed'] === 'false' || $serendipity['embed'] === false ? false : true, 'is_raw_mode' => $serendipity['smarty_raw_mode'], 'is_logged_in' => serendipity_userLoggedIn(), 'entry_id' => isset($serendipity['GET']['id']) && is_numeric($serendipity['GET']['id']) ? $serendipity['GET']['id'] : false, 'is_single_entry' => isset($serendipity['GET']['id']) && is_numeric($serendipity['GET']['id']), 'blogTitle' => $serendipity['blogTitle'], 'blogSubTitle' => !empty($serendipity['blogSubTitle']) ? $serendipity['blogSubTitle'] : '', 'blogDescription' => $serendipity['blogDescription'], 'serendipityHTTPPath' => $serendipity['serendipityHTTPPath'], 'serendipityDefaultBaseURL' => $serendipity['defaultBaseURL'], 'serendipityBaseURL' => $serendipity['baseURL'], 'serendipityRewritePrefix' => $serendipity['rewrite'] == 'none' ? $serendipity['indexFile'] . '?/' : '', 'serendipityIndexFile' => $serendipity['indexFile'], 'serendipityVersion' => $serendipity['expose_s9y'] ? $serendipity['version'] : '', 'lang' => $serendipity['lang'], 'category' => $category, 'category_info' => $category_info, 'template' => $serendipity['template'], 'template_backend' => $serendipity['template_backend'], 'wysiwygToolbar' => $serendipity['wysiwygToolbar'], 'wysiwyg_customPlugin' => $wysiwyg_customPlugin, 'wysiwyg_customConfig' => $wysiwyg_customConfig, 'use_autosave' => serendipity_db_bool($serendipity['use_autosave']) ? 'true' : 'false', 'dateRange' => !empty($serendipity['range']) ? $serendipity['range'] : array()));
if (count($vars) > 0) {
$serendipity['smarty']->assign($vars);
}
// For advanced usage, we allow template authors to create a file 'config.inc.php' where they can
// setup custom smarty variables, modifiers etc. to use in their templates.
// If a template engine is defined we need that config.inc.php file as well. The template's actual file is loaded after that to be able to overwrite config.
if (isset($serendipity['template_engine']) && $serendipity['template_engine'] != null) {
$p = explode(',', $serendipity['template_engine']);
foreach ($p as $te) {
$config = $serendipity['serendipityPath'] . $serendipity['templatePath'] . trim($te) . '/config.inc.php';
if (file_exists($config)) {
include_once $config;
}
}
}
// FIRST: Load config of the currently configured FRONTEND template. We might actually need this in the backend (sidebar configuration, IPTC options, some others).
// SECOND: Load config of the currently set template, which can also be the BACKEND template, or be the same as before. include_once takes care of only including the file once.
$config = $serendipity['serendipityPath'] . $serendipity['templatePath'] . $serendipity['template'] . '/config.inc.php';
if (file_exists($config)) {
include_once $config;
}
$config = $serendipity['smarty']->getConfigDir(0) . '/config.inc.php';
if (file_exists($config)) {
include_once $config;
}
if (is_array($template_loaded_config)) {
$template_vars =& $template_loaded_config;
$serendipity['smarty']->assignByRef('template_option', $template_vars);
} elseif (is_array($template_config)) {
$template_vars =& serendipity_loadThemeOptions($template_config, $serendipity['smarty_vars']['template_option']);
$serendipity['smarty']->assignByRef('template_option', $template_vars);
}
}
return true;
}
function picasa_upload()
{
global $serendipity;
if (!serendipity_userLoggedIn()) {
$this->report_upload_result('You must be logged in to upload an album.');
}
if (!count($_FILES)) {
$this->report_upload_result('Missing files');
return;
}
if (!isset($_POST['albumName'])) {
$this->report_upload_result('Missing album name');
return;
}
if (!isset($_POST['parentDir'])) {
$this->report_upload_result('Missing parent directory');
return;
}
if (!isset($_SESSION['picasa_rss_parsed'])) {
$this->report_upload_result('Missing parsed rss (needed for descriptions)');
return;
}
$albumName = html_entity_decode($_POST['albumName'], ENT_QUOTES, LANG_CHARSET);
$decodedParentDir = html_entity_decode($_POST['parentDir'], ENT_QUOTES, LANG_CHARSET);
$albumDir = $decodedParentDir . $albumName;
$dirname = $this->get_config('picasapath') . '/' . $albumDir;
if (file_exists($dirname)) {
$this->report_upload_result(PLUGIN_EVENT_PICASA_ERR_UPLOAD_DIR_ALREADY_EXISTS);
return;
}
$this->mkdir_recursive($dirname, 0755);
if (!is_dir($dirname)) {
$this->report_upload_result(PLUGIN_EVENT_PICASA_ERR_DIR_CREATION_FAILED);
return;
}
// first move all the files to their final destination and put their information
// in a map. Match up thumbs with their main image.
foreach ($_FILES as $key => $file) {
if (!empty($file)) {
// obtain the original filename from Picasa
$tmpfile = $file['tmp_name'];
$fname = $file['name'];
// If this is the thumbnail, change the path from name.ext to name.thumb.ext
// The image and thumbnail keys look like:
// http://localhost:3671/92c624539502989c5b1d84401a47f03d/image/1262eaef64f127c2_jpg?size=640
// http://localhost:3671/92c624539502989c5b1d84401a47f03d/thumb/1262eaef64f127c2_jpg?size=90
if (strpos($key, '/thumb/') != false) {
$periodPos = strrpos($fname, '.');
$destName = substr($fname, 0, $periodPos) . ".thumb" . substr($fname, $periodPos);
$imageType = 'thumb';
} else {
$destName = $fname;
$imageType = 'image';
}
$destPath = "{$dirname}/{$destName}";
if (move_uploaded_file($tmpfile, $destPath)) {
chmod($destPath, 0644);
}
$dims = serendipity_getimagesize($destPath);
$entriesByName[$fname][$imageType] = $destName;
$entriesByName[$fname][$imageType . 'width'] = $dims[0];
$entriesByName[$fname][$imageType . 'height'] = $dims[1];
}
}
// go through the captions and associate them with the correct image
foreach ($_SESSION['picasa_rss_parsed'] as $e) {
if (array_key_exists('description', $e) && isset($e['title']) && array_key_exists($e['title'], $entriesByName)) {
$entriesByName[$e['title']]['caption'] = $e['description'];
}
}
// put the map into an array
$entries = array();
foreach ($entriesByName as $key => $value) {
$value['name'] = $key;
$entries[] = $value;
}
$imageCount = count($entries);
$albumDesc = html_entity_decode($_POST['albumDescription'], ENT_QUOTES, LANG_CHARSET);
$xmlPath = "{$dirname}/index.xml";
$xmlFile = fopen($xmlPath, 'w+');
fputs($xmlFile, "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n");
fputs($xmlFile, "<album>\n");
$this->writeXMLTag($xmlFile, "albumName", $albumName);
$this->writeXMLTag($xmlFile, "albumItemCount", $imageCount);
$this->writeXMLTag($xmlFile, "albumCaption", $albumDesc);
fputs($xmlFile, "<images>\n");
$emptyEntry = array('name' => '', 'image' => '', 'thumb' => '', 'caption' => '');
$firstImage = $entries[0];
$lastImage = $entries[count($entries) - 1];
foreach ($entries as $index => $data) {
if (!array_key_exists('caption', $data)) {
$data['caption'] = $data['image'];
}
$prev = array_key_exists($index - 1, $entries) ? $entries[$index - 1] : $emptyEntry;
$next = array_key_exists($index + 1, $entries) ? $entries[$index + 1] : $emptyEntry;
fputs($xmlFile, "<image>\n");
$this->writeXMLTagBool($xmlFile, "isFirstImage", $index == 0);
$this->writeXMLTagBool($xmlFile, "isPrevImage", $index != 0);
$this->writeXMLTagBool($xmlFile, "isLastImage", $index == $imageCount - 1);
$this->writeXMLTagBool($xmlFile, "isNextImage", $index != $imageCount - 1);
$this->writeXMLTag($xmlFile, "firstImage", $firstImage['image']);
$this->writeXMLTag($xmlFile, "itemLargeImage", $data['image']);
$this->writeXMLTag($xmlFile, "nextImage", $next['image']);
$this->writeXMLTag($xmlFile, "nextThumbnail", $next['thumb']);
$this->writeXMLTag($xmlFile, "prevImage", $prev['image']);
$this->writeXMLTag($xmlFile, "prevThumbnail", $prev['thumb']);
$this->writeXMLTag($xmlFile, "lastImage", $lastImage['image']);
$this->writeXMLTag($xmlFile, "lastThumbnail", $lastImage['thumb']);
$this->writeXMLTag($xmlFile, "itemWidth", $data['imagewidth']);
$this->writeXMLTag($xmlFile, "itemHeight", $data['imageheight']);
$this->writeXMLTag($xmlFile, "itemThumbnailImage", $data['thumb']);
$this->writeXMLTag($xmlFile, "itemThumbnailWidth", $data['thumbwidth']);
$this->writeXMLTag($xmlFile, "itemThumbnailHeight", $data['thumbheight']);
$this->writeXMLTag($xmlFile, "itemName", $data['image']);
$this->writeXMLTag($xmlFile, "itemNumber", $index);
$this->writeXMLTag($xmlFile, "itemOriginalPath", "");
$this->writeXMLTag($xmlFile, "itemNameOnly", "");
$this->writeXMLTag($xmlFile, "itemCaption", $data['caption']);
$this->writeXMLTag($xmlFile, "itemSize", "");
fputs($xmlFile, "</image>\n");
}
fputs($xmlFile, "</images>\n");
fputs($xmlFile, "</album>\n");
fclose($xmlFile);
if ($this->get_config('create_entry_after_upload')) {
// create a new entry using the newly uploaded album
$entry = array();
$entry['isdraft'] = 'true';
$entry['title'] = $albumName;
$entry['body'] = '<p>[picasa]' . $albumDir . '[/picasa]</p>';
$entry['authorid'] = $serendipity['authorid'];
$entry['exflag'] = false;
$entry['allow_comments'] = 'true';
$entry['moderate_comments'] = 'false';
$id = serendipity_updertEntry($entry);
$retUrl = $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[action]=admin&serendipity[adminModule]=entries&serendipity[adminAction]=edit&serendipity[id]=' . $id;
echo $retUrl;
} else {
$this->report_upload_result(PLUGIN_EVENT_PICASA_UPLOAD_SUCCESS);
}
}
/**
* Check, if visit counting for the actual visitor should be done.
*/
function track_clicks_allowed_by_user()
{
if (!$this->get_config('track_visits_of_loggedin_users', true) && serendipity_userLoggedIn()) {
return false;
}
return true;
}
function generate_content(&$title)
{
global $serendipity;
$title = $this->get_config('title');
$language = $this->get_config('language', 'all');
$show_where = $this->get_config('show_where', 'both');
// if the language doesn't match, do not display
if ($language != 'all' && $serendipity['lang'] != $language) {
return false;
}
// where to show
if ($show_where == 'extended' && (!isset($serendipity['GET']['id']) || !is_numeric($serendipity['GET']['id']))) {
return false;
} else {
if ($show_where == 'overview' && isset($serendipity['GET']['id']) && is_numeric($serendipity['GET']['id'])) {
return false;
}
}
// apply markup?
if (serendipity_db_bool($this->get_config('markup', 'true'))) {
$entry = array('html_nugget' => $this->get_config('content'));
serendipity_plugin_api::hook_event('frontend_display', $entry);
echo $entry['html_nugget'];
} else {
echo $this->get_config('content');
}
if (serendipity_userLoggedIn()) {
$is_plugin_owner = $this->serendipity_owner == $serendipity['authorid'] || serendipity_checkPermission('adminPluginsMaintainOthers');
if ($is_plugin_owner) {
echo '<div class="serendipity_edit_nugget"><a href="' . $serendipity['baseURL'] . '/serendipity_admin.php?serendipity[adminModule]=plugins&serendipity[plugin_to_conf]=' . htmlentities($this->instance, ENT_COMPAT, LANG_CHARSET) . '">' . EDIT . '</a></div>';
}
}
}
function selected()
{
global $serendipity;
static $cached = false;
if (empty($serendipity['GET']['subpage']) && empty($serendipity['GET']['staticid'])) {
return false;
}
if ($cached) {
return true;
}
$sql_where = '';
if (serendipity_userLoggedIn()) {
// User is authenticated; drafts and published pages are displayed as equals
// Previews will thus only work when being logged in.
} else {
// User is not authenticated. Only published documents shall be revealed.
$sql_where .= ' AND publishstatus = 1 ';
}
if (empty($serendipity['GET']['staticid'])) {
$q = "SELECT *\n FROM {$serendipity['dbPrefix']}staticpages\n WHERE (pagetitle = '" . serendipity_db_escape_string($serendipity['GET']['subpage']) . "'\n OR permalink = '" . serendipity_db_escape_string($serendipity['GET']['subpage']) . "') {$sql_where}\n LIMIT 1";
} else {
$q = "SELECT *\n FROM {$serendipity['dbPrefix']}staticpages\n WHERE (id = '" . serendipity_db_escape_string($serendipity['GET']['staticid']) . "') {$sql_where}\n LIMIT 1";
}
$page = serendipity_db_query($q, true, 'assoc');
if (is_array($page)) {
$this->staticpage =& $page;
$this->checkPage();
$cached = true;
$serendipity['is_staticpage'] = true;
return true;
}
return false;
}
// No multipart-message, so this is the body:
$body =& $structure->body;
}
if ($params['auth'] == 'mailbody') {
preg_match('@^\\(([^:]*):(.*)\\)@', $body, $matches);
$body = trim(preg_replace('@^\\(' . preg_quote($matches[1]) . ':' . preg_quote($matches[2]) . '\\)@', '', $body));
$serendipity['POST']['user'] = $matches[1];
$serendipity['POST']['pass'] = $matches[2];
} elseif ($params['auth'] == 'mailsubject') {
preg_match('@^\\(([^:]*):(.*)\\)@', $subject, $matches);
$subject = trim(preg_replace('@^\\(' . preg_quote($matches[1]) . ':' . preg_quote($matches[2]) . '\\)@', '', $subject));
$serendipity['POST']['user'] = $matches[1];
$serendipity['POST']['pass'] = $matches[2];
}
$serendipity['POST']['auto'] = 'true';
if (serendipity_userLoggedIn() || function_exists('serendipity_login') && serendipity_login()) {
logger(sprintf(MAIL2S9Y_AUTHENTICATION_GRANTED, $params['auth']));
} else {
logger(sprintf(MAIL2S9Y_AUTHENTICATION_FAILED, $params['auth']));
die(sprintf(MAIL2S9Y_AUTHENTICATION_FAILED, $params['auth']));
mail($from, MAIL2S9Y_POSTING_FAILED, sprintf(MAIL2S9Y_AUTHENTICATION_FAILED, $params['auth']));
}
if (count($writefiles) > 0) {
foreach ($writefiles as $idx => $filearray) {
$fd = fopen($filearray['image'], 'w');
fwrite($fd, $filearray['data']);
fclose($fd);
}
}
logger(sprintf(MAIL2S9Y_MAILINFO, $from, $subject, strlen($body), $images));
if ($post > 0) {
/**
* Get a list of Sidebar plugins and pass them to Smarty
*
* @access public
* @param string The side of plugins to show (left/right/hide/event/eventh)
* @param string deprecated: Indicated which wrapping HTML element to use for plugins
* @param boolean Indicates whether only all plugins should be shown that are not in the $side list
* @param string Only show plugins of this plugin class
* @param string Only show a plugin with this instance ID
* @return string Smarty HTML output
*/
function generate_plugins($side, $tag = '', $negate = false, $class = null, $id = null, $tpl = 'sidebar.tpl')
{
global $serendipity;
/* $tag parameter is deprecated and used in Smarty templates instead. Only use it in function
* header for layout.php BC.
*/
$plugins = serendipity_plugin_api::enum_plugins($side, $negate, $class, $id);
if (!is_array($plugins)) {
return;
}
if (!isset($serendipity['smarty'])) {
$serendipity['smarty_raw_mode'] = true;
serendipity_smarty_init();
}
$pluginData = array();
$addData = func_get_args();
serendipity_plugin_api::hook_event('frontend_generate_plugins', $plugins, $addData);
if (count($plugins) == 0) {
$serendipity['prevent_sidebar_plugins_' . $side] = true;
}
$loggedin = false;
if (serendipity_userLoggedIn() && serendipity_checkPermission('adminPlugins')) {
$loggedin = true;
}
foreach ($plugins as $plugin_data) {
$plugin =& serendipity_plugin_api::load_plugin($plugin_data['name'], $plugin_data['authorid'], $plugin_data['path']);
if (is_object($plugin)) {
$class = get_class($plugin);
$title = '';
/* TODO: make generate_content NOT echo its output */
ob_start();
$show_plugin = $plugin->generate_content($title);
$content = ob_get_contents();
ob_end_clean();
if ($loggedin) {
$content .= '<div class="serendipity_edit_nugget"><a href="' . $serendipity['serendipityHTTPPath'] . 'serendipity_admin.php?serendipity[adminModule]=plugins&serendipity[plugin_to_conf]=' . htmlentities($plugin->instance) . '">' . EDIT . '</a></div>';
}
if ($show_plugin !== false) {
$pluginData[] = array('side' => $side, 'class' => $class, 'title' => $title, 'content' => $content, 'id' => $plugin->instance);
}
} else {
$pluginData[] = array('side' => $side, 'title' => ERROR, 'class' => $class, 'content' => sprintf(INCLUDE_ERROR, $plugin_data['name']));
}
}
serendipity_plugin_api::hook_event('frontend_sidebar_plugins', $pluginData, $addData);
$serendipity['smarty']->assign_by_ref('plugindata', $pluginData);
$serendipity['smarty']->assign('pluginside', ucfirst($side));
return serendipity_smarty_fetch('sidebar_' . $side, $tpl, true);
}
function DMA_forum_InsertThread($boardid, $authorname, $title, $message, $announce = 0, $frommail, $fromname, $pageurl, $admin_notify = true)
{
global $serendipity;
if (serendipity_userLoggedIn()) {
$authorname = $serendipity['serendipityUser'];
$KEXTRA = ", authorid";
$VEXTRA = ", '" . $serendipity['authorid'] . "'";
$EEXTRA = " lastauthorid = '" . $serendipity['authorid'] . "', ";
} else {
$KEXTRA = "";
$VEXTRA = "";
$EEXTRA = "";
}
$now = time();
$q = "INSERT INTO {$serendipity['dbPrefix']}dma_forum_threads (\n boardid,\n title,\n lastposttime,\n announce\n ) VALUES (\n '" . intval($boardid) . "',\n '" . serendipity_db_escape_string(trim($title)) . "',\n '" . $now . "',\n '" . $announce . "'\n )";
$sql = serendipity_db_query($q);
$threadid = serendipity_db_insert_id('dma_forum_threads', 'threadid');
$q = "INSERT INTO {$serendipity['dbPrefix']}dma_forum_posts (\n threadid,\n postdate,\n title,\n message,\n authorname" . $KEXTRA . "\n ) VALUES (\n '" . intval($threadid) . "',\n '" . $now . "',\n '" . serendipity_db_escape_string(trim($title)) . "',\n '" . serendipity_db_escape_string(trim($message)) . "',\n '" . serendipity_db_escape_string(trim($authorname)) . "'" . $VEXTRA . "\n )";
$sql = serendipity_db_query($q);
$postid = serendipity_db_insert_id('dma_forum_posts', 'postid');
if (isset($_SESSION['forum_visited']) && intval($_SESSION['forum_visited']) >= 1) {
$q = "UPDATE {$serendipity['dbPrefix']}dma_forum_users SET posts = posts+1, lastpost = '" . $postid . "' WHERE authorid = '" . intval($serendipity['authorid']) . "'";
serendipity_db_query($q);
}
DMA_forum_CheckLastProperties(intval($boardid));
$_SESSION['lastthreadtext'] = trim($message);
$_SESSION['lastposttime'] = time();
$fromname = DMA_strip($fromname);
$frommail = DMA_strip($frommail);
if ($admin_notify === true) {
$subject = str_replace("{postauthor}", trim($authorname), PLUGIN_FORUM_EMAIL_NOTIFY_SUBJECT);
$subject = str_replace("{blogurl}", $serendipity['baseURL'], $subject);
$body = PLUGIN_FORUM_EMAIL_NOTIFY_PART1 . PLUGIN_FORUM_EMAIL_NOTIFY_PART2 . PLUGIN_FORUM_EMAIL_NOTIFY_PART3;
$body = str_replace("{postauthor}", trim($authorname), $body);
$body = str_replace("{forumurl}", $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $pageurl, $body);
$body = str_replace("{threadtitle}", function_exists('serendipity_specialchars') ? serendipity_specialchars(trim($title)) : htmlspecialchars(trim($title), ENT_COMPAT, LANG_CHARSET), $body);
$body = str_replace("{replytext}", function_exists('serendipity_specialchars') ? serendipity_specialchars(strip_tags(trim($message))) : htmlspecialchars(strip_tags(trim($message)), ENT_COMPAT, LANG_CHARSET), $body);
$body = str_replace("{posturl}", $serendipity['baseURL'] . "index.php?serendipity[subpage]=" . $pageurl . "&boardid=" . intval($boardid) . "&threadid=" . intval($threadid), $body);
$from = "{$fromname} <{$frommail}>";
$to = "" . $serendipity['blogMail'] . "";
$headers = "From: {$from}\r\n";
$headers .= "Reply-To: {$frommail}\r\n";
$headers .= 'X-Mailer: PHP/' . phpversion() . "\r\n\r\n";
mail($to, $subject, $body, $headers);
}
unset($_GET);
$_GET['boardid'] = intval($boardid);
$_GET['threadid'] = intval($threadid);
return $postid;
}
/**
* Cycle a serendipity_traversePath resultset and apply read/write ACLs.
*
* @access public
* @param array serendipity_traversePath result array
* @param string ACL type ('read', 'write')
*/
function serendipity_directoryACL(&$paths, $type = 'read')
{
global $serendipity;
static $debug = false;
if ($debug) {
echo "Applying ACL for mode '{$type}'.<br />\n";
}
if (!is_array($paths)) {
return true;
}
$startCount = count($paths);
if (!isset($serendipity['enableACL']) || $serendipity['enableACL'] == true) {
// Check if we are a cool superuser. Bail out if we are.
$logged_in = serendipity_userLoggedIn();
if ($logged_in && serendipity_checkPermission('adminImagesMaintainOthers') && serendipity_checkPermission('adminImagesDirectories')) {
if (!$debug) {
return true;
}
}
// Get list of all ACLs for directories.
$q = "SELECT a.artifact_index AS directory,\n a.groupid\n FROM {$serendipity['dbPrefix']}access AS a\n WHERE a.artifact_type = 'directory'\n AND a.artifact_mode = '" . serendipity_db_escape_string($type) . "'";
$allowed = serendipity_db_query($q);
if (!is_array($allowed)) {
return true;
}
// Get a list of all the groups for this user. Pipe it into a usable array.
if ($logged_in) {
$my_groups =& serendipity_getGroups($serendipity['authorid']);
$acl_allowed_groups = array();
foreach ($my_groups as $my_group) {
$acl_allowed_groups[$my_group['id']] = true;
}
} else {
// Only the 'ALL AUTHORS' group is valid for non-logged in authors.
$acl_allowed_groups = array(0 => true);
}
// Iterate every ACL and check if we are allowed to use it. Parse that data into a workable array.
$acl_allowed = array();
foreach ($allowed as $row) {
$acl_allowed[$row['directory']][$row['groupid']] = true;
}
// Iterate the input path array and check it against ACL.
foreach ($paths as $idx => $info) {
if (!isset($acl_allowed[$info['relpath']])) {
// ACL for directory not set. Assume we are allowed to access.
continue;
}
$granted = false;
foreach ($acl_allowed[$info['relpath']] as $groupid => $set) {
if ($groupid === 0 || isset($acl_allowed_groups[$groupid])) {
// We are allowed to access this element
$granted = true;
break;
}
}
if ($granted === false) {
// We are not allowed to access this element
if ($debug) {
echo "ACL for " . $info['relpath'] . " DENIED.<br />\n";
}
unset($paths[$idx]);
} else {
if ($debug) {
echo "ACL for " . $info['relpath'] . " granted.<br />\n";
}
}
}
if (count($paths) < $startCount) {
if ($debug) {
echo "ACL denied all.<br />\n";
}
return false;
}
}
return true;
}
/**
* Initialize the Smarty framework for use in Serendipity
*
* @access public
* @return null
*/
function serendipity_smarty_init($vars = array())
{
global $serendipity, $template_config, $template_global_config, $template_config_groups;
if (!isset($serendipity['smarty'])) {
$template_dir = $serendipity['serendipityPath'] . $serendipity['templatePath'] . $serendipity['template'];
if (!defined('IN_serendipity_admin') && file_exists($template_dir . '/template.inc.php')) {
// If this file exists, a custom template engine will be loaded.
// Beware: Smarty is used in the Admin backend, despite of this.
include $template_dir . '/template.inc.php';
} else {
// Set a session variable if Smarty fails:
$prev_smarty = $_SESSION['no_smarty'];
$_SESSION['no_smarty'] = true;
// Default Smarty Engine will be used
@define('SMARTY_DIR', S9Y_PEAR_PATH . 'Smarty/libs/');
if (!class_exists('Smarty')) {
include SMARTY_DIR . 'Smarty.class.php';
}
if (!class_exists('Smarty')) {
return false;
}
// Load serendipity smarty class loading class
if (!class_exists('Serendipity_Smarty')) {
include 'serendipity_smarty_class.inc.php';
}
if (!class_exists('Serendipity_Smarty')) {
return false;
}
// set smarty instance
#$serendipity['smarty'] = new Serendipity_Smarty;
// initialize smarty object by instance
$serendipity['smarty'] = Serendipity_Smarty::getInstance();
// debug moved to class
// Hooray for Smarty:
$_SESSION['no_smarty'] = $prev_smarty;
// enable security policy by instance of the Smarty_Security class
$serendipity['smarty']->enableSecurity('Serendipity_Smarty_Security_Policy');
// debugging...
#echo '<pre>';print_r($serendipity['smarty']);echo '</pre>';#exit;
#$serendipity['smarty']->testInstall();exit;
/**
* prüfe auf eventuelle API Änderungen in 3.2 [smarty_modifier_foobar, --> [smarty_modifier_foobar, smarty_function_foobar, smarty_block_foobar] (siehe class) ]
* smarty_modifier_foobar(Smarty $smarty, $string, …) vs. smarty_modifier_foobar($string, …)
**/
$serendipity['smarty']->registerPlugin('modifier', 'makeFilename', 'serendipity_makeFilename');
$serendipity['smarty']->registerPlugin('modifier', 'xhtml_target', 'serendipity_xhtml_target');
$serendipity['smarty']->registerPlugin('modifier', 'emptyPrefix', 'serendipity_emptyPrefix');
$serendipity['smarty']->registerPlugin('modifier', 'formatTime', 'serendipity_smarty_formatTime');
$serendipity['smarty']->registerPlugin('modifier', 'serendipity_utf8_encode', 'serendipity_utf8_encode');
$serendipity['smarty']->registerPlugin('modifier', 'ifRemember', 'serendipity_ifRemember');
$serendipity['smarty']->registerPlugin('modifier', 'checkPermission', 'serendipity_checkPermission');
$serendipity['smarty']->registerPlugin('modifier', 'serendipity_refhookPlugin', 'serendipity_smarty_refhookPlugin');
$serendipity['smarty']->registerPlugin('function', 'serendipity_printSidebar', 'serendipity_smarty_printSidebar');
$serendipity['smarty']->registerPlugin('function', 'serendipity_hookPlugin', 'serendipity_smarty_hookPlugin');
$serendipity['smarty']->registerPlugin('function', 'serendipity_showPlugin', 'serendipity_smarty_showPlugin');
$serendipity['smarty']->registerPlugin('function', 'serendipity_getFile', 'serendipity_smarty_getFile');
$serendipity['smarty']->registerPlugin('function', 'serendipity_printComments', 'serendipity_smarty_printComments');
$serendipity['smarty']->registerPlugin('function', 'serendipity_printTrackbacks', 'serendipity_smarty_printTrackbacks');
$serendipity['smarty']->registerPlugin('function', 'serendipity_rss_getguid', 'serendipity_smarty_rss_getguid');
$serendipity['smarty']->registerPlugin('function', 'serendipity_fetchPrintEntries', 'serendipity_smarty_fetchPrintEntries');
$serendipity['smarty']->registerPlugin('function', 'serendipity_getTotalCount', 'serendipity_smarty_getTotalCount');
$serendipity['smarty']->registerPlugin('function', 'pickKey', 'serendipity_smarty_pickKey');
$serendipity['smarty']->registerPlugin('function', 'serendipity_showCommentForm', 'serendipity_smarty_showCommentForm');
$serendipity['smarty']->registerPlugin('function', 'serendipity_getImageSize', 'serendipity_smarty_getImageSize');
$serendipity['smarty']->registerFilter('pre', 'serendipity_replaceSmartyVars');
}
if (!isset($serendipity['smarty_raw_mode'])) {
if (file_exists($serendipity['smarty']->getConfigDir(0) . '/layout.php') && $serendipity['template'] != 'default') {
$serendipity['smarty_raw_mode'] = true;
} else {
$serendipity['smarty_raw_mode'] = false;
}
}
if (!isset($serendipity['smarty_file'])) {
$serendipity['smarty_file'] = 'index.tpl';
}
$category = false;
$category_info = array();
if (isset($serendipity['GET']['category'])) {
$category = (int) $serendipity['GET']['category'];
if (isset($GLOBALS['cInfo'])) {
$category_info = $GLOBALS['cInfo'];
} else {
$category_info = serendipity_fetchCategoryInfo($category);
}
}
if (!isset($serendipity['smarty_vars']['head_link_stylesheet'])) {
$serendipity['smarty_vars']['head_link_stylesheet'] = serendipity_rewriteURL('serendipity.css');
}
$serendipity['smarty']->assign(array('head_charset' => LANG_CHARSET, 'head_version' => $serendipity['version'], 'head_title' => $serendipity['head_title'], 'head_subtitle' => $serendipity['head_subtitle'], 'head_link_stylesheet' => $serendipity['smarty_vars']['head_link_stylesheet'], 'is_xhtml' => true, 'use_popups' => $serendipity['enablePopup'], 'is_embedded' => !$serendipity['embed'] || $serendipity['embed'] === 'false' || $serendipity['embed'] === false ? false : true, 'is_raw_mode' => $serendipity['smarty_raw_mode'], 'is_logged_in' => serendipity_userLoggedIn(), 'entry_id' => isset($serendipity['GET']['id']) && is_numeric($serendipity['GET']['id']) ? $serendipity['GET']['id'] : false, 'is_single_entry' => isset($serendipity['GET']['id']) && is_numeric($serendipity['GET']['id']), 'blogTitle' => $serendipity['blogTitle'], 'blogSubTitle' => !empty($serendipity['blogSubTitle']) ? $serendipity['blogSubTitle'] : '', 'blogDescription' => $serendipity['blogDescription'], 'serendipityHTTPPath' => $serendipity['serendipityHTTPPath'], 'serendipityDefaultBaseURL' => $serendipity['defaultBaseURL'], 'serendipityBaseURL' => $serendipity['baseURL'], 'serendipityRewritePrefix' => $serendipity['rewrite'] == 'none' ? $serendipity['indexFile'] . '?/' : '', 'serendipityIndexFile' => $serendipity['indexFile'], 'serendipityVersion' => $serendipity['expose_s9y'] ? $serendipity['version'] : '', 'lang' => $serendipity['lang'], 'category' => $category, 'category_info' => $category_info, 'template' => $serendipity['template'], 'dateRange' => !empty($serendipity['range']) ? $serendipity['range'] : array()));
if (count($vars) > 0) {
$serendipity['smarty']->assign($vars);
}
// For advanced usage, we allow template authors to create a file 'config.inc.php' where they can
// setup custom smarty variables, modifiers etc. to use in their templates.
@(include_once $serendipity['smarty']->getConfigDir(0) . '/config.inc.php');
if (is_array($template_loaded_config)) {
$template_vars =& $template_loaded_config;
$serendipity['smarty']->assignByRef('template_option', $template_vars);
} elseif (is_array($template_config)) {
$template_vars =& serendipity_loadThemeOptions($template_config, $serendipity['smarty_vars']['template_option']);
$serendipity['smarty']->assignByRef('template_option', $template_vars);
}
}
return true;
}
$serendipity['GET'] =& $_SESSION['save_entry_POST'];
// GET-Vars are the same as POST to ensure compatibility.
$serendipity['hidefooter'] = true;
ignore_user_abort(true);
echo serendipity_iframe($_SESSION['save_entry'], $iframe_mode);
return true;
}
if (isset($serendipity['GET']['no_smarty']) || isset($serendipity['no_smarty'])) {
$_SESSION['no_smarty'] = true;
}
if (defined('IS_up2date') && IS_up2date === true && IS_installed === true) {
$admin_installed = true;
} else {
$admin_installed = false;
}
$is_logged_in = serendipity_userLoggedIn();
if ($is_logged_in) {
$self_info = sprintf(USER_SELF_INFO, serendipity_specialchars($serendipity['serendipityUser']), $serendipity['permissionLevels'][$serendipity['serendipityUserlevel']]);
} else {
$self_info = '';
}
$serendipity['ajax'] = $ajax = !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest';
$no_banner = isset($serendipity['GET']['noBanner']) || isset($serendipity['POST']['noBanner']);
$no_sidebar = isset($serendipity['GET']['noSidebar']) || isset($serendipity['POST']['noSidebar']);
$no_footer = isset($serendipity['GET']['noFooter']) || isset($serendipity['POST']['noFooter']);
$use_installer = !isset($serendipity['serendipityPath']) || IS_installed === false || IS_up2date === false;
$post_action = $serendipity['POST']['action'];
$main_content = '';
if (!$use_installer && $is_logged_in) {
if (!isset($serendipity['GET']['adminModule'])) {
$serendipity['GET']['adminModule'] = isset($serendipity['POST']['adminModule']) ? $serendipity['POST']['adminModule'] : '';
/**
* Wikifies:
* [[ENTRY|DESC]] is an internal link
* ((ENTRY|DESC)) is a staticpage link.
*/
function _wikify($buffer)
{
global $serendipity;
$debug = true;
$admin_url = false;
$cidx = 2;
if ($buffer[1] == '((') {
$type = $otype = 'staticpage';
} elseif ($buffer[1] == '{{') {
$type = $otype = 'mixed';
} else {
$type = $otype = 'internal';
}
$parts = explode('|', $buffer[$cidx]);
if (isset($parts[1])) {
$desc = $parts[1];
$ltitle = $parts[0];
} else {
$desc = $ltitle = $buffer[$cidx];
}
// ltitle might contain entities, convert them:
$ltitle = @html_entity_decode($ltitle, ENT_COMPAT, LANG_CHARSET);
$sql = '';
if ($type == 'staticpage') {
$entry = serendipity_db_query("SELECT id, permalink FROM {$serendipity['dbPrefix']}staticpages WHERE headline = '" . serendipity_db_escape_string($ltitle) . "'" . " ORDER BY timestamp DESC LIMIT 1", true, 'assoc');
} elseif ($type == 'mixed') {
$entry = serendipity_db_query("SELECT * FROM {$serendipity['dbPrefix']}entries WHERE title = '" . serendipity_db_escape_string($ltitle) . "'" . " ORDER BY timestamp DESC LIMIT 1", true, 'assoc');
$type = 'internal';
if (!is_array($entry)) {
$entry = serendipity_db_query("SELECT id, permalink FROM {$serendipity['dbPrefix']}staticpages WHERE headline = '" . serendipity_db_escape_string($ltitle) . "'" . " ORDER BY timestamp DESC LIMIT 1", true, 'assoc');
$type = 'staticpage';
}
} else {
$entry = serendipity_db_query("SELECT * FROM {$serendipity['dbPrefix']}entries WHERE title = '" . serendipity_db_escape_string($ltitle) . "'" . " ORDER BY timestamp DESC LIMIT 1", true, 'assoc');
}
if (is_array($entry)) {
// The entry exists.
// check, wether we don't want draft or future links:
//if (serendipity_db_bool($this->get_config('generate_draft_links', false)) || !$entry['isdraft']){
if (serendipity_db_bool($this->get_config('generate_future_links', false)) || $entry['timestamp'] <= serendipity_db_time()) {
if ($type == 'staticpage') {
$entry_url = $entry['permalink'];
} else {
$entry_url = serendipity_archiveURL($entry['id'], $entry['title'], 'serendipityHTTPPath', true, array('timestamp' => $entry['timestamp']));
}
}
if (serendipity_userLoggedIn()) {
$mode = 'edit';
if ($type == 'staticpage') {
$admin_url = $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=event_display&serendipity[adminAction]=staticpages&serendipity[staticid]=' . $entry['id'];
$admin_title = PLUGIN_EVENT_WIKILINKS_EDIT_STATICPAGE;
} else {
$admin_url = $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[action]=admin&serendipity[adminModule]=entries&serendipity[adminAction]=edit&serendipity[id]=' . $entry['id'];
$admin_title = PLUGIN_EVENT_WIKILINKS_EDIT_INTERNAL;
}
}
} else {
// The entry does not yet exist.
$entry_url = '';
if (serendipity_userLoggedIn()) {
$mode = 'create';
$title = urlencode($ltitle);
$body = '<h1>' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($ltitle) : htmlspecialchars($ltitle, ENT_COMPAT, LANG_CHARSET)) . '</h1>';
$admin_url2 = $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=event_display&serendipity[adminAction]=staticpages&serendipity[pre][headline]=' . $title . '&serendipity[pre][content]=' . $body . '&serendipity[pre][pagetitle]=' . $title;
if ($otype == 'staticpage') {
$admin_url = $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=event_display&serendipity[adminAction]=staticpages&serendipity[staticpagecategory]=pages&serendipity[pre][headline]=' . $title . '&serendipity[pre][content]=' . $body . '&serendipity[pre][pagetitle]=' . $title;
$admin_title = PLUGIN_EVENT_WIKILINKS_CREATE_STATICPAGE;
} elseif ($otype == 'mixed') {
$admin_url = $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=entries&serendipity[adminAction]=new&serendipity[title]=' . $title . '&serendipity[body]=' . $body;
$admin_title = PLUGIN_EVENT_WIKILINKS_CREATE_INTERNAL;
} else {
$admin_url = $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=entries&serendipity[adminAction]=new&serendipity[title]=' . $title . '&serendipity[body]=' . $body;
$admin_title = PLUGIN_EVENT_WIKILINKS_CREATE_INTERNAL;
}
} else {
$ltitle .= '?';
}
}
$out = '<span class="serendipity_wikilink_' . $type . '">';
if ($entry_url) {
$out .= '<a class="serendipity_wikilink_visitor" href="' . $entry_url . '">';
}
$out .= $desc;
if ($entry_url) {
$out .= '</a>';
}
if ($admin_url) {
if ($otype == 'mixed') {
$imgurl = $this->get_config('imgpath') . $mode . '_internal.png';
$img1 = '<img style="border: 0px" alt="?" src="' . $imgurl . '" width="16" height="16" />';
$out .= '<a title="' . $admin_title . '" class="serendipity_wikilink_editor_internal" href="' . $admin_url . '">' . $img1 . '</a>';
if ($admin_url2) {
$imgurl = $this->get_config('imgpath') . $mode . '_staticpage.png';
$img2 = '<img style="border: 0px" alt="?" src="' . $imgurl . '" width="16" height="16" />';
$out .= '<a title="' . PLUGIN_EVENT_WIKILINKS_CREATE_STATICPAGE . '" class="serendipity_wikilink_editor_staticpage" href="' . $admin_url2 . '">' . $img2 . '</a>';
}
} else {
$imgurl = $this->get_config('imgpath') . $mode . '_' . $type . '.png';
$img = '<img style="border: 0px" alt="?" src="' . $imgurl . '" width="16" height="16" />';
$out .= '<a title="' . $admin_title . '" class="serendipity_wikilink_editor_' . $type . '" href="' . $admin_url . '">' . $img . '</a>';
}
}
$out .= '</span>';
return $out;
}