<?php /** /news.php (C) Giovanni Capuano 2012 */ require_once 'core/class.Ocarina.php'; $ocarina = new Ocarina(); $titolo = isset($_GET['titolo']) ? $ocarina->purge($_GET['titolo']) : ''; $comment = isset($_POST['comment']) ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['comment'])) : ''; $ocarina->skin = $ocarina->isLogged() ? $ocarina->username[0]->skin : $ocarina->config[0]->skin; if ($titolo == '') { $ocarina->addValue('titolo', $ocarina->config[0]->nomesito); $ocarina->addValue('error', $ocarina->getLanguage('news', 1)); } else { if (!($news = $ocarina->getNews($titolo))) { $ocarina->addValue('error', $ocarina->getLanguage('news', 2)); $ocarina->addValue('titolo', $ocarina->config[0]->nomesito); } else { $ocarina->addValue('description', $ocarina->getDescription($news[0]->contenuto)); $ocarina->addValue('news', $news); $ocarina->addValue('titolo', $news[0]->titolo . $ocarina->getLanguage('title', 2) . $ocarina->config[0]->nomesito); if (!($getComment = $ocarina->getComment($news[0]->minititolo))) { $ocarina->addValue('commenti', $ocarina->getLanguage('news', 3)); } else { $ocarina->addValue('commenti', $getComment); } if ($comment !== '' && $ocarina->isLogged()) { $array = $ocarina->config[0]->approvacommenti == 0 ? array($ocarina->username[0]->nickname, $comment, $news[0]->minititolo, date('d-m-y'), date('G:m:s'), 1) : array($ocarina->username[0]->nickname, $comment, $news[0]->minititolo, date('d-m-y'), date('G:m:s'), 0); if ($ocarina->config[0]->commenti == 0) { $ocarina->addValue('commentsent', $ocarina->getLanguage('news', 4) . header('Refresh: 2; URL=' . $ocarina->config[0]->url_index . '/release/' . $titolo . '.html'));
<?php /** /admin/robots.php (C) Giovanni Capuano 2011 */ require_once '../core/class.Ocarina.php'; $ocarina = new Ocarina(); $robots = isset($_POST['robots']) && $_POST['robots'] !== '' ? $ocarina->purgeByXSS($_POST['robots']) : ''; $submit = isset($_POST['submit']) ? true : false; $ocarina->skin = 'admin'; $ocarina->addValue('titolo', $ocarina->getLanguage('title', 24) . $ocarina->getLanguage('title', 2) . $ocarina->getLanguage('title', 10) . $ocarina->getLanguage('title', 2) . $ocarina->config[0]->nomesito); if ($ocarina->isLogged() && ($ocarina->username[0]->grado < 3 || $ocarina->username[0]->grado == 5)) { if (!$submit) { if (file_exists($ocarina->config[0]->root_index . '/robots.txt')) { $f = fopen($ocarina->config[0]->root_index . '/robots.txt', 'r'); $robots .= fread($f, filesize($ocarina->config[0]->root_index . '/robots.txt')); fclose($f); $ocarina->addValue('robots', $robots); } else { $ocarina->addValue('robots', str_replace('{$date}', date('d-m-y'), $ocarina->getLanguage('robots', 0)) . ' User-agent: * Disallow: Sitemap: ' . $ocarina->config[0]->url_index . '/sitemap.php'); } } else { $f = fopen($ocarina->config[0]->root_index . '/robots.txt', 'w'); fwrite($f, $robots); fclose($f); } } else {
<?php /** /admin/cancellautente.php (C) Giovanni Capuano 2011 */ require_once '../core/class.Ocarina.php'; $ocarina = new Ocarina(); $nickname = isset($_POST['nickname']) && $_POST['nickname'] !== '' ? $ocarina->purgeByXSS($_POST['nickname']) : ''; $all = isset($_POST['all']) ? true : false; $submit = isset($_POST['submit']) ? true : false; $ocarina->skin = 'admin'; $ocarina->addValue('titolo', $ocarina->getLanguage('title', 14) . $ocarina->getLanguage('title', 2) . $ocarina->getLanguage('title', 10) . $ocarina->getLanguage('title', 2) . $ocarina->config[0]->nomesito); if ($ocarina->isLogged() && $ocarina->username[0]->grado == 1) { if (!$submit) { $ocarina->addValue('utenti', $ocarina->getUser()); } else { if (!$all) { if ($ocarina->deleteUser($nickname)) { if ($ocarina->config[0]->log == 1) { $ocarina->log($ocarina->username[0]->nickname, 'Has deleted ' . $nickname . '.'); } $ocarina->addValue('result', $ocarina->getLanguage('deleteuser', 0)); } else { if ($ocarina->config[0]->log == 1) { $ocarina->log($ocarina->username[0]->nickname, 'Has failed the deletion of ' . $nickname . ' and all his contents.'); } $ocarina->addValue('result', str_replace('{$nickname}', $nickname, $ocarina->getLanguage('deleteuser', 1))); } } else { if (!$ocarina->deleteUser($nickname)) {
<?php /** /admin/modificapagina.php (C) Giovanni Capuano 2011 */ require_once '../core/class.Ocarina.php'; $ocarina = new Ocarina(); $titolo_pagina = isset($_POST['titolo']) && $_POST['titolo'] !== '' ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['titolo'])) : ''; $categoria_pagina = isset($_POST['categoria']) && $_POST['categoria'] !== '' ? $ocarina->purge($_POST['categoria']) : ''; $testo_pagina = isset($_POST['testo']) && $_POST['testo'] !== '' ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['testo'])) : ''; $selected = isset($_POST['selected']) && $_POST['selected'] !== '' ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['selected'])) : ''; $submit = isset($_POST['submit']) ? true : false; $ocarina->skin = 'admin'; $ocarina->addValue('titolo', $ocarina->getLanguage('title', 23) . $ocarina->getLanguage('title', 2) . $ocarina->getLanguage('title', 10) . $ocarina->getLanguage('title', 2) . $ocarina->config[0]->nomesito); if ($ocarina->isLogged() && $ocarina->username[0]->grado < 4) { if (!$submit && $selected == '') { $result = '<form action="" method="post">' . $ocarina->getLanguage('editpage', 0) . '<select name="selected">'; if ($ocarina->username[0]->grado == 3) { $pageByUser = $ocarina->searchPageByUser($ocarina->username[0]->nickname); if ($pageByUser !== false) { foreach ($pageByUser as $v) { $result .= '<option value="' . $v->minititolo . '">' . $v->titolo . '</option>'; } } } elseif ($ocarina->username[0]->grado < 3) { $allPage = $ocarina->searchPage('', 'wildcard'); if ($allPage !== false) { foreach ($allPage as $v) { $result .= '<option value="' . $v->minititolo . '">' . $v->titolo . '</option>'; }
/* Commenti */ $handler = fopen('comments.sql', 'r'); $comments = fread($handler, filesize('comments.sql')); fclose($handler); /* Elaborazione */ $news = unserialize($news); $page = unserialize($page); $comments = unserialize($comments); $news_fail = 0; $news_ok = 0; $page_fail = 0; $page_ok = 0; $comments_fail = 0; $comments_ok = 0; foreach ($news as $v) { $array = array($v->autore, $ocarina->purgeSlashes($ocarina->purgeByXSS($v->titolo)), $v->minititolo, $ocarina->purgeSlashes($ocarina->purgeByXSS($v->news)), $v->categoria, $v->data, $v->ora, 1); if (!$ocarina->isCategory('news', $v->categoria)) { $ocarina->createCategory('news', $v->categoria); } if ($ocarina->isNews($v->minititolo)) { ++$news_fail; } else { if ($ocarina->createNews($array)) { ++$news_ok; } else { ++$news_fail; } } } foreach ($page as $v) { $array = array($v->autore == '' ? $v->autoreultimamodifica : $v->autore, $ocarina->purgeSlashes($ocarina->purgeByXSS($v->titolo)), $v->minititolo, $ocarina->purgeSlashes($ocarina->purgeByXSS($v->contenuto)), $v->categoria, $v->datacreazione, '00:00', 1);
<?php /** /admin/approva.php (C) Giovanni Capuano 2011 */ require_once '../core/class.Ocarina.php'; $ocarina = new Ocarina(); $minititolo_news = isset($_POST['news']) && $_POST['news'] !== '' ? $ocarina->purgeByXSS($_POST['news']) : ''; $minititolo_pagina = isset($_POST['pagina']) && $_POST['pagina'] !== '' ? $ocarina->purgeByXSS($_POST['pagina']) : ''; $id_commento = isset($_POST['commento']) && $_POST['commento'] !== '' && is_numeric($_POST['commento']) ? (int) $_POST['commento'] : ''; $submit = isset($_POST['submit']) ? true : false; $ocarina->skin = 'admin'; $ocarina->addValue('titolo', $ocarina->getLanguage('title', 11) . $ocarina->getLanguage('title', 2) . $ocarina->getLanguage('title', 10) . $ocarina->getLanguage('title', 2) . $ocarina->config[0]->nomesito); if ($ocarina->isLogged() && $ocarina->username[0]->grado < 3) { if (!$submit) { $ocarina->addValue('news', $ocarina->searchNewsByApprovation()); $ocarina->addValue('pagine', $ocarina->searchPageByApprovation()); $ocarina->addValue('commenti', $ocarina->searchCommentByApprovation()); } else { if ($minititolo_news !== '') { if ($ocarina->editNews('approvato', '1', $minititolo_news)) { if ($ocarina->config[0]->log == 1) { $ocarina->log($ocarina->username[0]->nickname, 'News ' . $minititolo_news . ' approved.'); } $ocarina->addValue('result', $ocarina->getLanguage('approve', 0)); } else { if ($ocarina->config[0]->log == 1) { $ocarina->log($ocarina->username[0]->nickname, 'News ' . $minititolo_news . ' approvation failed.'); } $ocarina->addValue('result', $ocarina->getLanguage('approve', 1));
<?php /** /admin/creanews.php (C) Giovanni Capuano 2011 */ require_once '../core/class.Ocarina.php'; $ocarina = new Ocarina(); $titolo_news = isset($_POST['titolo']) && $_POST['titolo'] !== '' ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['titolo'])) : ''; $categoria_news = isset($_POST['categoria']) && $_POST['categoria'] !== '' ? $ocarina->purge($_POST['categoria']) : ''; $testo_news = isset($_POST['testo']) && $_POST['testo'] !== '' ? $ocarina->purgeSlashes($ocarina->purgeByXSS($_POST['testo'])) : ''; $submit = isset($_POST['submit']) ? true : false; $ocarina->skin = 'admin'; $ocarina->addValue('titolo', $ocarina->getLanguage('title', 16) . $ocarina->getLanguage('title', 2) . $ocarina->getLanguage('title', 10) . $ocarina->getLanguage('title', 2) . $ocarina->config[0]->nomesito); if ($ocarina->isLogged() && $ocarina->username[0]->grado <= 3) { if (!$submit) { $ocarina->addValue('categorie', $ocarina->getCategory('news')); } else { if ($titolo_news !== '' && $categoria_news !== '' && $testo_news !== '') { if ($ocarina->username[0]->grado == 3) { $approva_news = 0; } else { $approva_news = 1; } // approvato $array = array($ocarina->username[0]->nickname, $titolo_news, $ocarina->permalink($titolo_news), $testo_news, $categoria_news, date('d-m-y'), date('G:m:i'), $approva_news); if ($ocarina->isNews($ocarina->permalink($titolo_news))) { $ocarina->addValue('result', $ocarina->getLanguage('createnews', 0)); } elseif ($ocarina->createNews($array)) { if ($approva_news == 0) { $ocarina->addValue('result', $ocarina->getLanguage('createnews', 1));
<?php /** /admin/preview.php (C) Giovanni Capuano 2011 */ require_once '../core/class.Ocarina.php'; $ocarina = new Ocarina(); $type = isset($_GET['type']) && $_GET['type'] !== '' ? $ocarina->purgeByXSS($_GET['type']) : ''; $text = isset($_POST['text']) && $_POST['text'] !== '' ? $ocarina->purgeByXSS($_POST['text']) : die('Text not found.'); if ($ocarina->config[0]->plugin == 1) { $plugins = Plugin::listPlugins(); $varList = $ocarina->getValues(); foreach ($plugins as $element) { if (Plugin::getMetadata($element, 'enabled', '') == 'true' && Plugin::getMetadata($element, 'textmanipulation', '') == 'true' && file_exists($ocarina->config[0]->root_index . '/plugin/plugins/' . Plugin::getMetadata($element, 'path', ''))) { try { $plugin = Plugin::loadPlugin($element); $text = $plugin->manipulate($type, $text); } catch (Exception $e) { if ($ocarina->config[0]->log == 1) { $ocarina->log($element, $e->getMessage()); } echo '<!-- ' . $e->getMessage() . ' -->'; } } } unset($plugins); } echo $text;