示例#1
0
function cn_api_get_entry($id = NULL)
{
    if (is_null($id)) {
        $id = REQ('id');
    }
    $id = cn_id_alias($id);
    $db = db_news_load(db_get_nloc($id));
    // Other meta-information
    if (isset($db[$id])) {
        $_cot = array();
        $_cat = cn_get_categories(true);
        $_cts = spsep($db[$id]['c']);
        foreach ($_cts as $cid) {
            $_cot[$cid] = $_cat[$cid]['name'];
        }
        $db[$id][':cot'] = $_cot;
        return $db[$id];
    } else {
        return array();
    }
}
示例#2
0
>

                <td align="center"><?php 
    echo $id;
    ?>
</td>
                <td><a href="<?php 
    echo cn_url_modify("group_id={$id}");
    ?>
"><?php 
    echo cn_htmlspecialchars($acl['name']);
    ?>
</a></td>
                <td><?php 
    $ps = array();
    $sp = spsep($acl['acl']);
    foreach ($sp as $name) {
        $ps[] = '<a href="#" title="' . join('; ', $form_desc[$name]) . '" onclick="return(tiny_msg(this));">' . $name . '</a>';
    }
    echo join(', ', $ps);
    ?>
                </td>
                <td><?php 
    echo join('<br>', $acl['grp']);
    ?>
</td>
                <td align="center"><?php 
    echo $acl['system'] ? 'Y' : '';
    ?>
 </td>
示例#3
0
    <title><?php 
echo $__title;
?>
</title>
    <link rel="stylesheet" type="text/css" href="<?php 
echo getoption('http_script_dir');
?>
/skins/default.css">
    <script type="text/javascript" src="<?php 
echo getoption('http_script_dir');
?>
/skins/cute.js"></script>
    <style>
        <?php 
if ($__style) {
    $_styles = spsep($__style);
    foreach ($_styles as $_style) {
        $f = fopen(SKIN . DIRECTORY_SEPARATOR . trim($_style), 'r');
        fpassthru($f);
        fclose($f);
    }
    unset($__style, $_styles, $_style);
}
?>

        body { margin: 0; padding: 0; }
    </style>
</head>
<body>

<?php 
示例#4
0
    <?php 
cn_form_open('mod, opt');
?>
    <input type="hidden" name="category_id" value="<?php 
echo $category_id;
?>
" />

    <table class="std-table wide">
        <tr><th>ID</th> <th>Name</th> <th>Memo</th>  <th>Icon</th> <th>Restriction</th> </tr>

        <?php 
if ($categories) {
    foreach ($categories as $id => $category) {
        $acl_message = array();
        $acls = spsep($category['acl']);
        foreach ($acls as $grp) {
            $acl_message[] = ucfirst($groups[$grp]['N']);
        }
        $acl_message = join(', ', $acl_message);
        ?>
            <tr<?php 
        if ($id == $category_id) {
            echo ' class="row_selected"';
        }
        ?>
>
                <td align="center"><?php 
        echo intval($id);
        ?>
</td>
}
$i = 0;
$showed = 0;
$repeat = true;
$url_archive = $archive;
while ($repeat) {
    foreach ($all_news as $news_line) {
        $is_in_cat = false;
        $news_arr = explode("|", $news_line);
        // Prospected news not showing
        if ($news_arr[NEW_ID] > time()) {
            continue;
        }
        if (strstr($news_arr[NEW_CAT], ',')) {
            // if the article is in multiple categories
            $this_cats_arr = spsep($news_arr[NEW_CAT]);
            foreach ($this_cats_arr as $this_single_cat) {
                if (isset($requested_cats[$this_single_cat]) && isset($requested_cats[$this_single_cat])) {
                    $is_in_cat = true;
                }
            }
        } elseif (isset($requested_cats[$news_arr[NEW_CAT]]) && isset($requested_cats[$news_arr[NEW_CAT]])) {
            $is_in_cat = true;
        }
        // if User_By, show news only for this user
        if (!empty($user_by) && $user_by != $news_arr[NEW_USER]) {
            $count_all--;
            continue;
        }
        if (!$is_in_cat and isset($category) and $category) {
            continue;
示例#6
0
 if (!$selected_news) {
     msg("error", lang('Error!'), lang("You have not specified any articles"), "#GOBACK");
 }
 // Check permissions
 $have_perm = 0;
 if ($member_db[UDB_ACL] == ACL_LEVEL_ADMIN or $member_db[UDB_ACL] == ACL_LEVEL_EDITOR) {
     $have_perm = 1;
 } elseif ($member_db[UDB_ACL] == ACL_LEVEL_JOURNALIST and $item_db[1] == $member_db[UDB_NAME]) {
     $have_perm = 1;
 }
 if (!$have_perm) {
     msg("error", lang("No Access"), lang("You dont have access for this action"), "#GOBACK");
 }
 // Check access user for category
 if (!empty($item_db[NEW_CAT])) {
     foreach (spsep($item_db[NEW_CAT]) as $all_this_cat) {
         if (!in_array($all_this_cat, $allowed_cats)) {
             msg("error", lang("Access Denied"), lang("This article is posted under category which you are not allowed to access."), "#GOBACK");
         }
     }
 }
 $CSRF = CSRFMake();
 echoheader("options", "Delete News");
 echo "<form method=post action=\"{$PHP_SELF}\">\n    <table border=0 cellpadding=0 cellspacing=0 width=100% height=100%>\n    <tr><td>" . lang('Are you sure you want to delete all selected news') . " (<b>" . count($selected_news) . "</b>)?<br><br>\n    <input type=button value=\" No \" onclick=\"javascript:document.location='{$PHP_SELF}?mod=editnews&action=list&source={$source}'\"> &nbsp; <input type=submit value=\"   " . lang('Yes') . "   \">\n    <input type=hidden name=action value=\"do_mass_delete\">\n    <input type=hidden name=mod value=\"massactions\">\n    <input type=hidden name=source value=\"{$source}\">\n    <input type=hidden name=csrf_code value=\"{$CSRF}\">";
 if (is_array($selected_news)) {
     foreach ($selected_news as $newsid) {
         echo "<input type=hidden name=selected_news[] value=\"{$newsid}\">\n";
     }
 }
 echo "</td></tr></table></form>";
 echofooter();
示例#7
0
function show_social_code($name = 'fb', $news_arr)
{
    // External
    global $config_http_script_dir, $soc_categories;
    // Facebook
    global $config_use_fbcomments, $config_fb_inactive, $config_fb_comments, $config_fb_box_width, $config_fbcomments_color;
    global $config_use_fblike, $config_fblike_send_btn, $config_fblike_style, $config_fblike_width, $config_fblike_show_faces, $config_fblike_font;
    global $config_fblike_color, $config_fblike_verb;
    // Twitter
    global $config_use_twitter, $config_tw_url, $config_tw_text, $config_tw_via, $config_tw_recommended, $config_tw_show_count, $config_tw_hashtag;
    global $config_tw_lang, $config_tw_large;
    // allow use fb comments
    $soc_allowed = 1;
    if (!empty($soc_categories)) {
        $tmp_fb_cats = spsep($soc_categories);
        $tmp_nw_cats = spsep($news_arr[NEW_CAT]);
        $soc_allowed = count(array_intersect($tmp_fb_cats, $tmp_nw_cats)) ? 1 : 0;
    }
    // Show FB comments
    if ($name == 'fb' && $config_use_fbcomments == 'yes' && $config_fb_inactive == 'yes' && $soc_allowed) {
        return '<div class="fb-comments cutenews-fb-comments" data-href="' . $config_http_script_dir . '/router.php?subaction=showfull&amp;id=' . $news_arr[NEW_ID] . '" data-num-posts="' . $config_fb_comments . '" data-width="' . $config_fb_box_width . '" data-colorscheme="' . $config_fbcomments_color . '"></div>';
    } elseif ($name == 'fb-like' && $config_use_fblike == 'yes' && $soc_allowed) {
        return '<div class="fb-like cutenews-fb-comments" data-send="' . ($config_fblike_send_btn == "yes" ? "true" : "false") . '" data-layout="' . $config_fblike_style . '" data-width="' . $config_fblike_width . '" data-show-faces="' . ($config_fblike_show_faces == "yes" ? "true" : "false") . '" data-font="' . $config_fblike_font . '" data-colorscheme="' . $config_fblike_color . '" data-action="' . $config_fblike_verb . '"></div>';
    } elseif ($name == 'twitter' && $config_use_twitter == 'yes' && $soc_allowed) {
        return '<div class="cutenews-twitter-send"><a href="https://twitter.com/share" class="twitter-share-button" data-url="' . trim($config_tw_url) . '" data-text="' . trim($config_tw_text) . '" data-via="' . trim($config_tw_via) . '" data-related="' . trim($config_tw_recommended) . '" data-count="' . $config_tw_show_count . '" data-hashtags="' . trim($config_tw_hashtag) . '" data-lang="' . $config_tw_lang . '" data-size="' . ($config_tw_large == "yes" ? "large" : "medium") . '"></a><script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script></div>';
    }
}
            $mail = $user_member[UDB_CBYEMAIL] ? false : $user_member[UDB_EMAIL];
            $captcha_enabled = false;
        } else {
            echo '<div class="blocking_posting_comment">' . lang('Wrong password!') . ' <a href="javascript:document.location = \'' . $_SERVER['HTTP_REFERER'] . '\'">' . lang('Refresh') . '</a></div>';
            add_to_log($name, lang('Wrong password (posting comment with exist username)'));
            return FALSE;
        }
    }
} else {
    $is_member = false;
}
// ---------------------------------
// Converting to UTF8 [Try]
// ---------------------------------
if ($config_useutf8 == "1" && function_exists('iconv')) {
    list($hac) = spsep($config_default_charset);
    $name = iconv($hac, 'utf-8', $name);
    $comments = iconv($hac, 'utf-8', $comments);
}
// Captcha test (if not disabled force)
if ($captcha != $_SESS['CSW'] && $config_use_captcha && $captcha_enabled) {
    echo '<div class="blocking_posting_comment">' . lang('Wrong captcha') . '! <a href="javascript:location.reload(true)">' . lang('Refresh') . '</a></div>';
    add_to_log($ip, 'Attack to captcha');
    return FALSE;
}
//----------------------------------
// Check if only members can comment
//----------------------------------
if ($config_only_registered_comment == "yes" and !$is_member) {
    echo '<div class="blocking_posting_comment">' . lang('Sorry but only registered users can post comments, and') . ' "' . htmlspecialchars($name) . '" ' . lang('is not recognized as valid member') . '.</div>';
    return FALSE;
示例#9
0
 if ($id < $date_from || $id > $date_to) {
     continue;
 }
 $nbp = db_get_nloc($id);
 if ($block !== $nbp) {
     $ent = db_news_load($block = $nbp);
 }
 // @syslog internal error
 if (empty($ent)) {
     continue;
 }
 $item = $ent[$id];
 $MB = function_exists('mb_strtolower');
 $Fs = $MB ? mb_strtolower($item['f'], 'UTF-8') : strtolower($item['f']);
 $Ss = $MB ? mb_strtolower($item['s'], 'UTF-8') : strtolower($item['s']);
 $_query = spsep($search, ' ');
 foreach ($_query as $_id => $_val) {
     $_query[$_id] = preg_quote($_val, '/');
 }
 // By user, but user not match
 if ($user && !$user != $item['u']) {
     continue;
 }
 // Query string not found
 if (!preg_match('/' . join('.*?', $_query) . '/uis', $Fs . $Ss)) {
     continue;
 }
 $st++;
 if ($st < $search_st) {
     continue;
 }
示例#10
0
function dashboard_group()
{
    global $_CN_access;
    $access_desc = array();
    $form_desc = array();
    $gn = file(SKIN . '/defaults/groups_names.tpl');
    foreach ($gn as $G) {
        if (($G = trim($G)) == '') {
            continue;
        }
        list($cc, $xgrp, $name_desc) = explode('|', $G, 3);
        if (!isset($access_desc[$xgrp])) {
            $access_desc[$xgrp] = array();
        }
        $access_desc[$xgrp][$cc] = $name_desc;
        $form_desc[$cc] = explode('|', $name_desc);
    }
    $ATR = array('C' => 'Configs', 'N' => 'New', 'M' => 'Comment', 'B' => 'Behavior');
    // Extension for access rights
    list($access_desc, $ATR) = hook('extend_acl_groups', array($access_desc, $ATR));
    $grp = array();
    $groups = getoption('#grp');
    list($group_name, $group_id, $group_grp, $ACL, $delete_group, $reset_group, $mode) = GET('group_name, group_id, group_grp, acl, delete_group, reset_group,mode');
    $is_add_edit = false;
    // -----------
    if (request_type('POST')) {
        cn_dsi_check();
        if (!$group_name) {
            cn_throw_message("Enter group name", 'e');
        } elseif ($mode == 'edit') {
            $is_edited = true;
            // Update exists or new group
            if ($group_id > 1) {
                if (!empty($groups[$group_id])) {
                    $is_edited = md5($groups[$group_id]['N'] . $groups[$group_id]['G'] . $groups[$group_id]['A']) != md5($group_name . $group_grp . (!empty($ACL) ? join(',', $ACL) : ''));
                }
                if ($is_edited) {
                    $groups[$group_id] = array('#' => $groups[$group_id]['#'], 'N' => $group_name, 'G' => $group_grp, 'A' => !empty($ACL) ? join(',', $ACL) : '');
                }
            }
            if ($group_id == 1) {
                cn_throw_message("Can't update admin group", 'e');
            } elseif ($is_edited) {
                // Save to config
                setoption('#grp', $groups);
                cn_throw_message("Group updated");
            } else {
                cn_throw_message("No data for update", 'w');
            }
        } elseif ($mode == 'add') {
            $is_exists = FALSE;
            // Check group exists
            foreach ($groups as $id => $dt) {
                if ($dt['N'] == $group_name) {
                    $is_exists = TRUE;
                    break;
                }
            }
            $group_id = max(array_keys($groups)) + 1;
            // Update exists or new group
            if ($group_id > 1 && !$is_exists) {
                $groups[$group_id] = array('#' => '', 'N' => $group_name, 'G' => $group_grp, 'A' => !empty($ACL) ? join(',', $ACL) : '');
                // Save to config
                setoption('#grp', $groups);
                cn_throw_message("Group added");
            } elseif ($is_exists) {
                cn_throw_message("Group with that name already exist", 'e');
                $group_id = 0;
            } else {
                cn_throw_message("Group not added", 'e');
            }
        } else {
            $edit_system = FALSE;
            $edit_exists = FALSE;
            $is_add_edit = TRUE;
            // Check group exists
            foreach ($groups as $id => $dt) {
                if ($id == $group_id && $dt['#']) {
                    $edit_system = TRUE;
                }
                if ($dt['N'] == $group_name) {
                    $edit_exists = TRUE;
                }
            }
            // Reset group rights
            if ($reset_group && $group_id) {
                $cgrp = file(SKIN . '/defaults/groups.tpl');
                foreach ($cgrp as $G) {
                    $G = trim($G);
                    if ($G[0] === '#') {
                        continue;
                    }
                    list($id, $name, $group, $access) = explode('|', $G);
                    $id = intval($id);
                    if ($id == $group_id) {
                        $ACL = spsep($access === '*' ? $_CN_access['C'] . ',' . $_CN_access['N'] . ',' . $_CN_access['M'] : $access);
                        $groups[$group_id] = array('#' => TRUE, 'N' => $name, 'G' => $group, 'A' => !empty($ACL) ? join(',', $ACL) : '');
                        cn_throw_message("Group reset");
                    }
                }
                $is_add_edit = FALSE;
            } elseif ($edit_exists && !$delete_group) {
                if ($group_id == 1) {
                    cn_throw_message("Can't update admin group", 'e');
                } else {
                    cn_throw_message('Parameters for a group are not correct specified or group already exists', 'e');
                }
            } elseif ($delete_group && $edit_exists) {
                if ($edit_system) {
                    cn_throw_message("Unable remove system group");
                } else {
                    unset($groups[$group_id]);
                    $ACL = array();
                    $group_id = 0;
                    cn_throw_message("Group removed");
                }
            }
            // Save to config
            setoption('#grp', $groups);
        }
    }
    foreach ($groups as $name => $data) {
        $_gtext = array();
        $G = spsep($data['G']);
        foreach ($G as $id) {
            if (isset($groups[$id])) {
                $_gtext[] = $groups[$id]['N'];
            }
        }
        $grp[$name] = array('system' => $data['#'], 'name' => $data['N'], 'grp' => $_gtext, 'acl' => $data['A']);
    }
    // Translate ACL to view
    $access = array();
    $bc = array();
    // Get user acl data
    if ($group_id && $groups[$group_id]) {
        $bc = spsep($groups[$group_id]['A']);
    }
    foreach ($_CN_access as $Gp => $Ex) {
        $Gz = array();
        $Ex = spsep($Ex);
        $Tr = $access_desc[$ATR[$Gp]];
        foreach ($Ex as $id) {
            $trp = explode('|', $Tr[$id]);
            $d = isset($trp[0]) ? $trp[0] : '';
            $t = isset($trp[1]) ? $trp[1] : '';
            $c = in_array($id, $bc);
            if ($is_add_edit) {
                $c = FALSE;
            }
            $Gz[$id] = array('d' => i18n(array($d, 'DS-')), 't' => i18n(array($t, 'DS-')), 'c' => $c);
        }
        $access[$ATR[$Gp]] = $Gz;
    }
    // Group is system
    $group_system = $group_id && $groups[$group_id]['#'];
    if ($group_id) {
        if (!$is_add_edit) {
            $group_name = $groups[$group_id]['N'];
            $group_grp = $groups[$group_id]['G'];
        } else {
            $group_name = $group_grp = '';
            $group_id = 0;
        }
    }
    cn_assign('grp, group_name, group_id, group_grp, group_system, access, form_desc', $grp, $group_name, $group_id, $group_grp, $group_system, $access, $form_desc);
    echoheader('-@dashboard/style.css', 'Groups');
    echo exec_tpl('dashboard/group');
    echofooter();
}
示例#11
0
function cn_modify_bb_cat($e, $t, $c)
{
    $rc = intval(substr($c, 1));
    $cw = spsep($e['c']);
    $c = intval(substr($c, 1)) - 1;
    if (count($cw) == 1) {
        $c = 0;
    }
    if (isset($cw[$c]) && $cw[$c] == $rc) {
        return str_replace('[$catid]', $cw[$c], $t);
    }
    return '';
}
示例#12
0
function media_invoke()
{
    $popup_form = '';
    list($path, $opt) = GET('folder, opt', 'GETPOST');
    list($do_action, $pending) = GET('do_action, pending', 'POST');
    // Change default uploads dir
    $udir = cn_path_construct(SERVDIR, 'uploads');
    if (getoption('uploads_dir')) {
        $udir = preparation_path(getoption('uploads_dir'));
    }
    $edir = getoption('uploads_ext') ? getoption('uploads_ext') : getoption('http_script_dir') . '/uploads';
    $dfile = cn_path_construct($udir, $path);
    // Remove root identifier
    $path = preparation_path($path);
    // Path detection
    $path = preg_replace('/[^a-z0-9\\/_\\\\]/i', '-', $path);
    $root_dir = cn_path_construct($udir, $path) . DIRECTORY_SEPARATOR;
    $just_uploaded = array();
    // Get path struct
    $pathes = spsep($path, DIRECTORY_SEPARATOR);
    if (isset($pathes[0]) && $pathes[0] === '') {
        unset($pathes[0]);
    }
    // Do upload files
    if (request_type('POST')) {
        cn_dsi_check();
        // Allowed Exts.
        $AE = spsep(getoption('allowed_extensions'));
        // Generate thumbnail after upload
        $thumbnail_with_upload = getoption('thumbnail_with_upload');
        // UPLOAD FILES
        if (REQ('upload', 'POST')) {
            list($overwrite) = GET('overwrite');
            $is_uploaded = FALSE;
            // Try for fopen url upload
            if ($upload_from_inet = REQ('upload_from_inet')) {
                if (ini_get('allow_url_fopen')) {
                    // Get filename
                    $url_name = spsep($upload_from_inet, '/');
                    $url_name = $url_name[count($url_name) - 1];
                    $url_name = preg_replace('/(%20|\\s|\\?|&|\\/)/', '_', $url_name);
                    $url_name = str_replace('%', '_', $url_name);
                    // resolve filename
                    $c_file = $dfile . $url_name;
                    // Overwrite [if can], or add file
                    if ($overwrite && file_exists($c_file) || !file_exists($c_file)) {
                        // Use context for disable error notices
                        if (function_exists('stream_context_create')) {
                            $context = stream_context_create(array('http' => array('ignore_errors' => true)));
                            $fw = fopen($upload_from_inet, 'rb', false, $context);
                        } else {
                            // Read file
                            $fw = fopen($upload_from_inet, 'rb');
                        }
                        // --------- (fetch content) ------
                        ob_start();
                        fpassthru($fw);
                        $file_image = ob_get_clean();
                        fclose($fw);
                        // ---------
                        // write2disk
                        if ($wf = fopen($c_file, 'w')) {
                            fwrite($wf, $file_image);
                            fclose($wf);
                        }
                        // check image
                        list($w, $h) = getimagesize($c_file);
                        if ($w && $h) {
                            cn_throw_message('File uploaded');
                            $max_width = getoption('max_thumbnail_width');
                            if ($w > $max_width && $thumbnail_with_upload) {
                                $resize_result = resize_image($c_file, $max_width, 0);
                                cn_throw_message($resize_result['msg'], $resize_result['status'] ? 'n' : 'w');
                            }
                            $is_uploaded = TRUE;
                            $just_uploaded[$url_name] = TRUE;
                        } else {
                            cn_throw_message("Wrong image file", 'e');
                            unlink($c_file);
                        }
                    } else {
                        cn_throw_message("Can't overwrite or save", 'e');
                    }
                } else {
                    cn_throw_message('allow_url_fopen=0, check server configurations');
                }
            }
            // Upload from local
            foreach ($_FILES['upload_file']['name'] as $id => $name) {
                if ($name) {
                    $ext = NULL;
                    if (preg_match('/\\.(\\w+)$/i', $name, $c)) {
                        $ext = strtolower($c[1]);
                    }
                    // Check allowed ext
                    if ($ext && in_array($ext, $AE)) {
                        // encode url
                        $name = str_replace('%2F', '/', urlencode($name));
                        // encoded? replace filename
                        if (strpos($name, '%') !== FALSE) {
                            $name = str_replace('%', '', strtolower($name));
                        }
                        // check file for exist
                        if (file_exists($c_file = $dfile . $name)) {
                            if ($overwrite) {
                                cn_throw_message('File [' . cn_htmlspecialchars($c_file) . '] overwritten', 'w');
                            } else {
                                cn_throw_message('File [' . cn_htmlspecialchars($c_file) . '] already exists', 'e');
                                continue;
                            }
                        }
                        // Upload file to server
                        if (move_uploaded_file($_FILES['upload_file']['tmp_name'][$id], $c_file)) {
                            $just_uploaded[$name] = TRUE;
                            cn_throw_message('File uploaded [<b>' . cn_htmlspecialchars($name) . '</b>]');
                            $max_width = getoption('max_thumbnail_width');
                            list($w, $h) = getimagesize($c_file);
                            if ($w > $max_width && $thumbnail_with_upload) {
                                $resize_result = resize_image($c_file, $max_width, 0);
                                cn_throw_message($resize_result['msg'], $resize_result['status'] ? 'n' : 'w');
                            }
                        } else {
                            cn_throw_message('File [' . cn_htmlspecialchars($c_file) . '] not uploaded! Please, check upload_max_filesize in PHP settings.', 'e');
                        }
                    } else {
                        cn_throw_message('File extension [' . cn_htmlspecialchars($ext) . '] not allowed', 'e');
                    }
                } elseif (!$is_uploaded) {
                    cn_throw_message('No selected files for upload', 'e');
                }
            }
        } elseif ($do_action || $pending) {
            list($rm) = GET('rm', 'POST');
            // action --> delete entries
            if ($do_action == 'delete') {
                if (empty($rm)) {
                    cn_throw_message('No files selected', 'w');
                } else {
                    foreach ($rm as $file) {
                        if (file_exists($cfile = $dfile . $file)) {
                            if (is_dir($cfile)) {
                                rmdir($cfile);
                            } else {
                                //get thumbnail path
                                $path_parts = pathinfo($cfile);
                                $thumbnail_path = $path_parts['dirname'] . DIRECTORY_SEPARATOR . '.thumb.' . $path_parts['basename'];
                                if (file_exists($thumbnail_path)) {
                                    unlink($thumbnail_path);
                                }
                                unlink($cfile);
                            }
                        }
                        if (file_exists($cfile)) {
                            cn_throw_message('File [' . cn_htmlspecialchars($cfile) . '] not deleted!', 'e');
                        } else {
                            cn_throw_message('File [' . cn_htmlspecialchars($file) . '] deleted successfully');
                        }
                    }
                }
            } elseif ($do_action == 'create') {
                $popup_form = i18n('Enter directory name') . ' <input type="text" name="new_dir" value="" />';
            } elseif ($pending == 'create') {
                $new_dir_arr = GET('new_dir', 'POST');
                $new_folder = array_pop($new_dir_arr);
                $new_folder = preg_replace('/[^a-z0-9_]/i', '-', $new_folder);
                if ($new_folder) {
                    $cfile = $dfile . $new_folder;
                    if (is_dir($cfile)) {
                        cn_throw_message('Folder [' . $new_folder . '] already exists!', 'e');
                    } else {
                        mkdir($cfile);
                        if (!is_dir($cfile)) {
                            cn_throw_message('Folder [' . cn_htmlspecialchars($cfile) . ' not created]', 'e');
                        } else {
                            cn_throw_message('Folder [' . $new_folder . '] created!');
                        }
                    }
                } else {
                    cn_throw_message('Specify folder name', 'w');
                }
                $popup_form = '';
            } elseif ($do_action == 'rename') {
                if ($rm) {
                    $popup_form = '<div class="big_font">' . i18n('Rename file to') . '</div>';
                    $popup_form .= i18n('Tip: Write new file name') . '<br />';
                    $popup_form .= '<table>';
                    foreach ($rm as $id => $fn) {
                        $hfn = cn_htmlspecialchars($fn);
                        $popup_form .= '<tr><td align="right" class="indent"><b>' . $hfn . '</b><td>';
                        $popup_form .= '<td><input type="hidden" name="ids[' . $id . ']" value="' . $hfn . '"/>&rarr;</td>';
                        $popup_form .= '<td><input style="width: 300px;" type="text" name="place[' . $id . ']" value="' . $hfn . '" /> ';
                        $popup_form .= '</td></tr>';
                    }
                    $popup_form .= '</table>';
                } else {
                    cn_throw_message('Select files to rename', 'w');
                }
            } elseif ($pending == 'rename') {
                // ...
                list($ids, $place) = GET('ids, place', 'POST');
                // prevent illegal moves
                $safe_dir = scan_dir($root_dir);
                foreach ($safe_dir as $id => $v) {
                    $safe_dir[$id] = md5($v);
                }
                // do move all files / dirs
                foreach ($ids as $id => $file) {
                    if (in_array(md5($file), $safe_dir)) {
                        $filename = $place[$id];
                        if (strpos($filename, '\\') || strpos($filename, '/')) {
                            cn_throw_message(i18n('The name of file [%1] should not contain special characters', cn_htmlspecialchars($file)), 'e');
                            continue;
                        }
                        $renameto = $root_dir . $filename;
                        $thumb = $root_dir . '.thumb.' . $file;
                        // do move
                        if (rename($root_dir . $file, $renameto)) {
                            if (file_exists($thumb)) {
                                rename($thumb, $root_dir . '.thumb.' . $filename);
                            }
                            cn_throw_message(i18n('File [%1] renamed to [%2]', cn_htmlspecialchars($file), cn_htmlspecialchars($filename)));
                        } else {
                            cn_throw_message(i18n('File [%1] not renamed', cn_htmlspecialchars($file)), 'e');
                        }
                    }
                }
            } elseif ($do_action == 'move') {
                if ($rm) {
                    $popup_form = '<div class="big_font">' . i18n('Move files to') . '</div>';
                    $popup_form .= i18n('Tip: You can select the folder to move the file') . '<br />';
                    $popup_form .= '<table>';
                    $folders = array();
                    $dirs = scan_dir($root_dir);
                    foreach ($dirs as $entry) {
                        if (is_dir($root_dir . $entry) && !($entry === '..' || $entry === '.')) {
                            $folders[] = $entry;
                        }
                    }
                    foreach ($rm as $id => $fn) {
                        $hfn = cn_htmlspecialchars($fn);
                        $popup_form .= '<tr><td align="right" class="indent"><b>' . $hfn . '</b><td>';
                        $popup_form .= '<td><input type="hidden" name="ids[' . $id . ']" value="' . $hfn . '"/>&rarr;</td>';
                        $popup_form .= '<td>';
                        $cnt_folders = count($folders);
                        if ($cnt_folders != 0 && !($cnt_folders == 1 && in_array($hfn, $folders))) {
                            $popup_form .= '<select name="place_folder_' . $id . '">';
                            foreach ($folders as $dirn) {
                                if ($dirn != $hfn) {
                                    $popup_form .= '<option value="' . $dirn . '">' . $dirn . '</option>';
                                }
                            }
                            $popup_form .= '</select>';
                        }
                        if ($root_dir != $udir) {
                            $popup_form .= '<nobr><input type="checkbox" onclick="javascript:hideFolderList(this,' . $id . ')" name="moveup[' . $id . ']" value="Y" /> Move up</nobr>';
                        } else {
                            $popup_form .= '<nobr> X Move up (You are in root folder)</nobr>';
                        }
                        $popup_form .= '</td></tr>';
                    }
                    $popup_form .= '</table>';
                } else {
                    cn_throw_message('Select files to move', 'w');
                }
            } elseif ($pending == 'move') {
                // ...
                list($ids, $moveup) = GET('ids, moveup', 'POST');
                // prevent illegal moves
                $safe_dir = scan_dir($root_dir);
                foreach ($safe_dir as $id => $v) {
                    $safe_dir[$id] = md5($v);
                }
                // do move all files / dirs
                foreach ($ids as $id => $file) {
                    list($place_folder) = GET('place_folder_' . $id);
                    if (in_array(md5($file), $safe_dir)) {
                        $NF = '';
                        $foldername = preg_replace('/\\.\\//i', '', $place_folder);
                        // move this file up
                        if (isset($moveup[$id]) && count($pathes) > 0) {
                            $nwfolder = dirname($root_dir);
                            $foldername = 'up folder';
                        } else {
                            $nwfolder = $root_dir . ($NF = isset($rm[0]) ? $rm[0] : '') . DIRECTORY_SEPARATOR . $foldername;
                            if ($rm[0]) {
                                $NF = $rm[0] . DIRECTORY_SEPARATOR;
                            }
                        }
                        $moveto = $nwfolder . DIRECTORY_SEPARATOR . $file;
                        //check for image thumbnail
                        $thumb = $root_dir . '.thumb.' . $file;
                        // do move
                        if (rename($root_dir . $file, $moveto)) {
                            if (file_exists($thumb)) {
                                rename($thumb, $nwfolder . DIRECTORY_SEPARATOR . '.thumb.' . $file);
                            }
                            cn_throw_message(i18n('File [%1] moved to [%2]', cn_htmlspecialchars($file), cn_htmlspecialchars($foldername)));
                        } else {
                            cn_throw_message(i18n('File [%1] not moved', cn_htmlspecialchars($file)), 'e');
                        }
                    }
                }
            } elseif ($do_action == 'thumb') {
                if (!empty($_POST['rm'])) {
                    $popup_form = get_sizes_form('Make thumbnails', $do_action);
                } else {
                    cn_throw_message('Select files to make thumbnail', 'w');
                }
            } elseif ($pending == 'thumb') {
                do_resize_image($root_dir);
            } elseif ($do_action == 'resize') {
                if (!empty($_POST['rm'])) {
                    $popup_form = get_sizes_form('Resize source image', $do_action);
                } else {
                    cn_throw_message('Select files to resize', 'w');
                }
            } elseif ($pending == 'resize') {
                do_resize_image($root_dir, false);
            } elseif (!hook('media/post_action')) {
                msg_info("Action error");
            }
        }
    }
    // Check dir exists
    if (is_dir($root_dir)) {
        $raw_files = scan_dir($root_dir);
    } else {
        cn_throw_message('Dir not exists', 'e');
        $raw_files = array();
    }
    $dirs = $files = array();
    foreach ($raw_files as $file) {
        if (preg_match('/avatar_/', $file)) {
            continue;
        }
        $file_location = "{$root_dir}/{$file}";
        if (is_dir($file_location)) {
            $dirs[] = array('url' => "{$path}/{$file}", 'name' => $file);
        } elseif (filesize(cn_path_construct($udir, $path) . $file) != 0) {
            list($w, $h) = getimagesize(cn_path_construct($udir, $path) . $file);
            $is_thumb = preg_match('/\\.thumb\\./', $file);
            $files[] = array('name' => $file, 'url' => $edir . '/' . ($path ? $path . '/' : '') . $file, 'thumb' => file_exists($root_dir . '/.thumb.' . pathinfo($file, PATHINFO_BASENAME)) ? $edir . '/' . ($path ? $path . '/' : '') . '.thumb.' . pathinfo($file, PATHINFO_BASENAME) : '', 'local' => ($path ? $path . '/' : '') . $file, 'just_uploaded' => isset($just_uploaded[$file]) ? TRUE : FALSE, 'is_thumb' => $is_thumb, 'w' => $w, 'h' => $h, 'fs' => round(filesize($file_location) / 1024, 1));
        }
    }
    uasort($dirs, 'usort_by_name_asc');
    uasort($files, 'usort_by_name_asc');
    // Top level (dashboard)
    cn_bc_add('Dashboard', cn_url_modify(array('reset')));
    cn_bc_add('Media manager', cn_url_modify());
    cn_assign("files, dirs, path, pathes, popup_form, root_dir", $files, $dirs, $path, $pathes, $popup_form, $root_dir);
    if ($opt === 'inline') {
        echo exec_tpl('window', 'title=Quick insert image', 'style=media/style.css', 'content=' . exec_tpl('media/general'));
    } else {
        echoheader('-@media/style.css', 'Media manager');
        echo exec_tpl('media/general');
        echofooter();
    }
}
示例#13
0
 $use_wysiwyg = $config_use_wysiwyg == "no" ? 0 : 1;
 $item_db[NEW_SHORT] = replace_news("admin", $item_db[NEW_SHORT], $use_wysiwyg);
 $item_db[NEW_FULL] = replace_news("admin", $item_db[NEW_FULL], $use_wysiwyg);
 $CSRF = CSRFMake();
 echoheader("editnews", lang("Edit News"));
 // make category lines
 $i = 0;
 if ($subaction == 'doeditnews') {
     $item_db[NEW_CAT] = join(',', $category);
 }
 if (count($cat_lines) > 0) {
     $lines_html = false;
     foreach ($cat_lines as $single_line) {
         $cat_arr = explode("|", $single_line);
         $lines_html .= "<td style='font-size:10px;' valign=top><label for='cat{$cat_arr[0]}'>";
         if (in_array($cat_arr[NEW_ID], spsep($item_db[NEW_CAT]))) {
             $lines_html .= "<input checked style='background-color:transparent; border:0px;' type='checkbox' name='category[]' id='cat{$cat_arr[0]}' value='{$cat_arr[0]}'>{$cat_arr['1']}</label>";
         } else {
             $lines_html .= "<input style='background-color:transparent; border:0px;' type='checkbox' name='category[]' id='cat{$cat_arr[0]}' value='{$cat_arr[0]}'>{$cat_arr['1']}</label>";
         }
         $i++;
         if ($i % 4 == 0) {
             $lines_html .= '<tr>';
         }
     }
     $lines_html .= "</tr>";
 }
 // Show the Comments for Editing
 $Comments_HTML = false;
 if ($source == "" or $source == "postponed" or $source == "unapproved") {
     $all_comments_db = file(SERVDIR . "/cdata/comments.txt");
示例#14
0
function edit_news_action_edit()
{
    $flatdb = new FlatDB();
    $preview_html = $preview_html_full = '';
    $ID = $gstamp = intval(REQ('id', 'GETPOST'));
    list($status, $preview) = GET('m, preview');
    list($vConcat, $vTags, $faddm, $archive_id, $source) = GET('concat, tags, faddm, archive_id, source', 'GETPOST');
    // get news part by day
    $news = db_news_load(db_get_nloc($ID));
    if ($ID == 0) {
        msg_info("Can't edit news without ID");
    }
    if (!isset($news[$ID])) {
        msg_info("News entry not found!");
    }
    // load entry
    $entry = $news[$ID];
    $oldentry = $entry;
    // disallowed by category
    if (!test_cat($entry['c'])) {
        msg_info("You can't view entry. Category disallow");
    }
    // set status message
    if ($status == 'added') {
        cn_throw_message('News was added');
    }
    if ($status == 'moved') {
        cn_throw_message('Moved to another time');
    }
    // load more fields
    list($morefields) = cn_get_more_fields($entry['mf']);
    // do save news?
    if (request_type('POST')) {
        $flatdb->cache_clean();
        // check exists news
        if (isset($news[$ID])) {
            // extract data
            $entry = $storent = $news[$ID];
            // Prepare text
            list($title, $page, $category, $short_story, $full_story, $if_use_html, $postpone_draft) = GET('title, page, category, short_story, full_story, if_use_html, postpone_draft', 'GETPOST');
            // Change date?
            list($from_date_hour, $from_date_minutes, $from_date_seconds, $from_date_month, $from_date_day, $from_date_year) = GET('from_date_hour, from_date_minutes, from_date_seconds, from_date_month, from_date_day, from_date_year', 'GETPOST');
            $c_time = intval(mktime($from_date_hour, $from_date_minutes, $from_date_seconds, $from_date_month, $from_date_day, $from_date_year));
            // sanitize page name
            $page = preg_replace('/[^a-z0-9_\\.]/i', '-', $page);
            if (empty($page) && !empty($title) && getoption('auto_news_alias')) {
                $page = strtolower(preg_replace('/[^a-z0-9_\\.]/i', '-', cn_transliterate($title)));
            }
            // current source is archive, active (postponed) or draft news
            $draft_target = $postpone_draft === 'draft';
            // User can't post active news
            if (test('Bd') && $draft_target !== 'draft') {
                $draft_target = 'draft';
            }
            // if archive_id is present, unable send to draft
            $current_source = $archive_id ? "archive-{$archive_id}" : ($source == 'draft' ? 'draft' : '');
            $target_source = $archive_id ? "archive-{$archive_id}" : ($draft_target ? 'draft' : '');
            $if_use_html = $if_use_html ? TRUE : (getoption('use_wysiwyg') ? TRUE : FALSE);
            $entry['t'] = cn_htmlclear($title);
            $entry['c'] = is_array($category) ? join(',', $category) : $category;
            $entry['s'] = cn_htmlclear($short_story);
            $entry['f'] = cn_htmlclear($full_story);
            $entry['ht'] = $if_use_html;
            $entry['st'] = $draft_target ? 'd' : '';
            $entry['pg'] = $page;
            $entry['cc'] = $vConcat ? TRUE : FALSE;
            $entry['tg'] = strip_tags($vTags);
            // apply more field (for news & frontend)
            list($entry, $disallow_message) = cn_more_fields_apply($entry, $faddm);
            list($morefields) = cn_get_more_fields($faddm);
            // has message from function
            if ($disallow_message) {
                cn_throw_message($disallow_message, 'e');
            }
            // Make preview
            if ($preview) {
                //correct preview links
                $gstamp = $entry['id'] = $c_time;
                $preview_html = preg_replace('/href="(.*?)"/', 'href="#"', entry_make($entry, 'active'));
                $preview_html_full = preg_replace('/href="(.*?)"/', 'href="#"', entry_make($entry, 'full'));
            } elseif (REQ('do_editsave', 'POST')) {
                if (!getoption('disable_title') && empty($title)) {
                    cn_throw_message('The title cannot be blank', 'e');
                }
                if (!getoption('disable_short') && empty($short_story)) {
                    cn_throw_message('The story cannot be blank', 'e');
                }
                // Check for change alias
                $pgts = bt_get_id($ID, 'ts_pg');
                if ($pgts && $pgts !== $page) {
                    if ($page) {
                        if (bt_get_id($page, 'pg_ts')) {
                            cn_throw_message('For other news page alias already exists!', 'e');
                        }
                    } else {
                        bt_del_id($pgts, 'pg_ts');
                        bt_del_id($ID, 'ts_pg');
                    }
                }
                // no errors in a[rticle] area
                if (cn_get_message('e', 'c') == 0) {
                    $FlatDB = new FlatDB();
                    $ida = db_index_load($current_source);
                    $idd = db_index_load($target_source);
                    // Time is changed
                    if ($c_time != intval($ID)) {
                        // Load next block (or current)
                        $next = db_news_load(db_get_nloc($c_time));
                        if (isset($next[$c_time])) {
                            cn_throw_message('The article time already busy, select another', 'e');
                        } else {
                            // set new time
                            $entry['id'] = $c_time;
                            $next[$c_time] = $entry;
                            // remove old news [from source / dest]
                            if (isset($news[$ID])) {
                                unset($news[$ID]);
                            }
                            if (isset($next[$ID])) {
                                unset($next[$ID]);
                            }
                            // remove old index
                            if (isset($idd[$ID])) {
                                unset($idd[$ID]);
                            }
                            // Delete old indexes
                            $_ts_id = bt_get_id($ID, 'nts_id');
                            bt_del_id($ID, 'nts_id');
                            // Update
                            bt_set_id($_ts_id, $c_time, 'nid_ts');
                            bt_set_id($c_time, $_ts_id, 'nts_id');
                            // save 2 blocks
                            db_save_news($news, db_get_nloc($ID));
                            db_save_news($next, db_get_nloc($c_time));
                            cn_throw_message('News moved from <b>' . date('Y-m-d H:i:s', $ID) . '</b> to <b>' . date('Y-m-d H:i:s', $c_time) . '</b>');
                        }
                    } else {
                        $news[$ID] = $entry;
                        db_save_news($news, db_get_nloc($ID));
                        cn_throw_message('News was edited');
                    }
                    // Update page aliases
                    $_ts_pg = bt_get_id($ID, 'ts_pg');
                    bt_del_id($ID, 'ts_pg');
                    bt_del_id($_ts_pg, 'pg_ts');
                    if ($page) {
                        bt_set_id($c_time, $page, 'ts_pg');
                        bt_set_id($page, $c_time, 'pg_ts');
                    }
                    // 1) remove from old index
                    if (isset($ida[$ID])) {
                        unset($ida[$ID]);
                    }
                    // Fill probably unused
                    $storent['tg'] = isset($storent['tg']) ? $storent['tg'] : '';
                    // 2) add new index
                    $idd[$c_time] = db_index_create($entry);
                    // 3) sync indexes
                    db_index_save($ida, $current_source);
                    db_index_update_overall($current_source);
                    db_index_save($idd, $target_source);
                    db_index_update_overall($target_source);
                    // ------
                    // UPDATE categories
                    $FlatDB->cn_remove_categories($storent['c'], $storent['id']);
                    $FlatDB->cn_add_categories($entry['c'], $c_time);
                    // UPDATE tags
                    $FlatDB->cn_remove_tags($storent['tg'], $storent['id']);
                    $FlatDB->cn_add_tags($entry['tg'], $c_time);
                    // UPDATE date / id storage [with comments count]
                    $FlatDB->cn_update_date($entry['id'], $storent['id'], count($storent['co']));
                    // ------
                }
            }
        } else {
            msg_info("News entry not found or has been deleted");
        }
    }
    if (empty($entry['pg']) && isset($entry['t']) && getoption('auto_news_alias')) {
        $entry['pg'] = strtolower(preg_replace('/[^a-z0-9_\\.]/i', '-', cn_transliterate($entry['t'])));
    }
    // Assign template vars
    $category = spsep($entry['c']);
    $categories = cn_get_categories(false);
    $title = isset($entry['t']) ? $entry['t'] : '';
    $short_story = isset($entry['s']) ? $entry['s'] : '';
    $page = isset($entry['pg']) ? $entry['pg'] : '';
    $full_story = isset($entry['f']) ? $entry['f'] : '';
    $is_draft = isset($entry['st']) ? $entry['st'] == 'd' : false;
    $vConcat = isset($entry['cc']) ? $entry['cc'] : '';
    $vTags = isset($entry['tg']) ? $entry['tg'] : '';
    $if_use_html = isset($entry['ht']) ? $entry['ht'] : false;
    $is_active_html = test('Csr');
    cn_assign('categories, vCategory, vTitle, vPage, vShort, vFull, vUseHtml, preview_html, preview_html_full, gstamp, is_draft, vConcat, vTags, morefields, archive_id, is_active_html', $categories, $category, $title, $page, $short_story, $full_story, $if_use_html, $preview_html, $preview_html_full, $gstamp, $is_draft, $vConcat, $vTags, $morefields, $archive_id, $is_active_html);
    cn_assign("EDITMODE", 1);
    // show edit page
    echoheader("addedit@addedit/main.css", i18n("Edit news"));
    echo exec_tpl('addedit/main');
    echofooter();
}
示例#15
0
}
if ($archive) {
    $news_file = SERVDIR . "/cdata/archives/{$archive}.news.arch";
    $comm_file = SERVDIR . "/cdata/archives/{$archive}.comments.arch";
} else {
    $news_file = SERVDIR . "/cdata/news.txt";
    $comm_file = SERVDIR . "/cdata/comments.txt";
}
$allow_add_comment = false;
$allow_full_story = false;
$allow_active_news = false;
$allow_comments = false;
$is_in_category = false;
// article is in multiple categories
$ucat = isset($_GET['ucat']) && $_GET['ucat'] ? $_GET['ucat'] : $category;
foreach (spsep($ucat) as $one_cat) {
    if (isset($requested_cats[$one_cat]) && $requested_cats[$one_cat]) {
        $is_in_category = true;
    }
}
// Default variables
if (empty($number)) {
    $number = 0;
}
if (empty($template)) {
    $template = 'Default';
}
// <<<------------ Determine what user want to do
hook('show_news_determine_before');
if (empty($CN_HALT) and empty($static) and in_array($subaction, array("showcomments", "showfull", "addcomment")) and (empty($category) or $is_in_category)) {
    if ($subaction == "addcomment") {
示例#16
0
$start_from = intval($start_from);
// Set default vars
if (!$template) {
    $template = 'Default';
}
if (!$number) {
    $number = getoption('active_news_def');
}
if (!is_array($requested_cats)) {
    $requested_cats = array();
}
if (!is_array($translate)) {
    $translate = array();
}
if ($user_by) {
    $user_by = spsep($user_by);
}
if ($static_path) {
    $PHP_SELF = $static_path;
}
// Backup for PHP_SELF
$_bc_PHP_SELF = $PHP_SELF;
// Reverse news (by user, or site option)
if ($reverse || getoption('reverse_active')) {
    $sortby = '';
    $dir = 'R';
}
// Override site option by user
if (getoption('reverse_active') && !is_null($reverse) && !$reverse) {
    $dir = '';
}
示例#17
0
// Get extrn variables
list($snippet) = GET('snippet', 'GPG');
// Default values
if (!$snippet) {
    $snippet = 'sandbox';
}
$_snipdb = getoption('#snippets');
$_html = isset($_snipdb[$snippet]) ? $_snipdb[$snippet] : '';
$_assign = array();
// Catch all brackets
if (preg_match_all('/\\[(.*?)\\]/is', $_html, $_c, PREG_SET_ORDER)) {
    foreach ($_c as $_vs) {
        $_echo = '';
        $_options = array();
        list($_mod, $_opt) = explode('|', $_vs[1], 2);
        $_opts = spsep($_opt);
        foreach ($_opts as $_opt) {
            list($_id, $_value) = explode('=', $_opt, 2);
            $_options[$_id] = is_null($_value) ? TRUE : $_value;
        }
        // MODULES
        if ($_mod == 'news') {
            $_gGET = $_GET;
            $_GET = array();
            foreach ($_options as $_id => $_var) {
                ${$_id} = $_var;
            }
            ob_start();
            include dirname(__FILE__) . '/show_news.php';
            $_echo = ob_get_clean();
            $_GET = $_gGET;
示例#18
0
            echo cn_snippet_open_win(cn_url_modify('mod=media', 'opt=inline', 'faddm=Y', 'callback=faddm_' . $name), array('w' => 1000));
            ?>
">Select resource</a>
                </div>

            <?php 
        } elseif ($item['type'] == 'select') {
            ?>

                <div style="margin: 4px 0 4px 0;">
                    <select name="faddm[<?php 
            echo $name;
            ?>
]">
                    <?php 
            $opts = spsep($item['meta'], ';');
            foreach ($opts as $opt) {
                $lr = explode('=', $opt, 2);
                if (count($lr) == 2) {
                    $r = $lr[1];
                } else {
                    $r = $lr[0];
                }
                // show option
                echo '<option value="' . cn_htmlspecialchars($lr[0]) . '" ' . ($lr[0] === $item['#value'] ? 'selected' : '') . '>' . cn_htmlspecialchars($r) . '</option>';
            }
            ?>
                    </select>
                    <span class="name"><?php 
            echo $name;
            ?>
示例#19
0
// plugin tells us: he is fork, stop
if (hook('fork_archives', false)) {
    return;
}
// Check including
$Uri = '//' . dirname($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
if (strpos($config_http_script_dir, $Uri) !== false && strpos($PHP_SELF, 'show_archives.php') !== false) {
    die_stat(403, 'Wrong including show_archives.php! Check manual to get more information about this issue.');
}
// Prepare requested categories
if (preg_match('/[a-z]/i', $category)) {
    die_stat(false, "<b>Error</b>!<br>CuteNews has detected that you use \$category = \"" . htmlspecialchars($category) . "\"; but you can call the categories only with their <b>ID</b> numbers and not with names<br>example:<br><blockquote>&lt;?PHP<br>\$category = \"1\";<br>include(\"path/to/show_archives.php\");<br>?&gt;</blockquote>");
}
hook('show_archives_init');
$category = preg_replace("/ /", "", $category);
$tmp_cats_arr = spsep($category);
foreach ($tmp_cats_arr as $key => $value) {
    if ($value != "") {
        $requested_cats[$value] = true;
    }
}
if (empty($archive)) {
    $news_file = SERVDIR . "/cdata/news.txt";
    $comm_file = SERVDIR . "/cdata/comments.txt";
} elseif (is_numeric($archive)) {
    $news_file = SERVDIR . "/cdata/archives/{$archive}.news.arch";
    $comm_file = SERVDIR . "/cdata/archives/{$archive}.comments.arch";
} else {
    die_stat(false, "Archive variable is invalid");
}
if ($subaction == "" or !isset($subaction)) {
示例#20
0
function GET($var, $method = 'POST')
{
    $result = array();
    $vars = spsep($var);
    foreach ($vars as $var) {
        $value = false;
        if ($method == 'POST' && isset($_POST[$var])) {
            $value = $_POST[$var];
        } elseif ($method == 'GET' && isset($_GET[$var])) {
            $value = $_GET[$var];
        } elseif ($method == 'POSTGET') {
            if (isset($_POST[$var])) {
                $value = $_POST[$var];
            } elseif (isset($_GET[$var])) {
                $value = $_GET[$var];
            }
        } elseif ($method == 'GETPOST') {
            if (isset($_GET[$var])) {
                $value = $_GET[$var];
            } elseif (isset($_POST[$var])) {
                $value = $_POST[$var];
            }
        } elseif ($method == 'REQUEST' && isset($_REQUEST[$var])) {
            $value = $_REQUEST[$var];
        } elseif ($method == 'COOKIES' && isset($_COOKIES[$var])) {
            $value = $_COOKIES[$var];
        }
        $result[] = $value;
    }
    return $result;
}