function display()
{
$order = 'desc';
if (isset($_GET['order'])) {
$order = $_GET['order'];
$this->tpl->assign('sort', 'ts');
}
// Extra params for pager
$params = array();
if ($order) {
$params = array('order' => $order);
}
// Pager
$this->pager->limit = $this->per_page;
$this->pager->setStart();
$this->pager->setPages($this->log->count($this->users_id));
$this->r->text['pager'] = $this->pager->pageList(suxFunct::makeUrl("/admin/log/{$this->nickname}", $params));
$this->log->setOrder('ts', $order);
$this->r->arr['ulog'] = $this->log->get($this->pager->limit, $this->pager->start, $this->users_id);
foreach ($this->r->arr['ulog'] as $key => $val) {
$tmp = $this->user->getByID($val['users_id']);
$this->r->arr['ulog'][$key]['nickname'] = $tmp['nickname'];
}
// Template
$inverse = $order != 'desc' ? 'desc' : 'asc';
$this->tpl->assign('ts_sort_url', suxFunct::makeUrl("/admin/log/{$this->nickname}", array('order' => $inverse)));
$this->tpl->assign('nickname', $this->nickname);
$this->r->title .= " | {$this->r->gtext['activity_log']}";
$this->tpl->display('log.tpl');
}
/**
* menu
*
* @author Dac Chartrand <*****@*****.**>
* @license http://www.fsf.org/licensing/licenses/gpl-3.0.html
*/
function bookmarks_menu()
{
if (!isset($_SESSION['users_id'])) {
return null;
}
// Check access
$user = new suxUser();
if (!$user->isRoot()) {
$access = $user->getAccess('bookmarks');
if ($access < $GLOBALS['CONFIG']['ACCESS']['bookmarks']['admin']) {
return null;
}
}
$query = 'SELECT COUNT(*) FROM bookmarks WHERE draft = true ';
$db = suxDB::get();
$st = $db->query($query);
$menu = array();
$count = $st->fetchColumn();
$text = suxFunct::gtext('bookmarks');
$menu[$text['admin']] = suxFunct::makeUrl('/bookmarks/admin/');
$tmp = "{$text['approve_2']} ({$count})";
$menu[$tmp] = suxFunct::makeUrl('/bookmarks/approve/');
$menu[$text['new']] = suxFunct::makeUrl('/bookmarks/edit/');
return $menu;
}
/**
* Login
*/
function login()
{
if ($this->user->loginCheck() || !$this->user->loginCheck() && $this->user->authenticate()) {
$this->log->write($_SESSION['users_id'], "sux0r::userAuthenticate() login [IP: {$_SERVER['REMOTE_ADDR']}]", 1);
// Log, private
// Redirect to previous page
if (isset($_SESSION['breadcrumbs'])) {
foreach ($_SESSION['breadcrumbs'] as $val) {
if (!preg_match('#^user/[login|logout|register|edit]#i', $val)) {
suxFunct::redirect(suxFunct::makeUrl($val));
break;
}
}
}
// Nothing of value was found, redirect to user page
suxFunct::redirect(suxFunct::makeUrl('/user/profile/' . $_SESSION['nickname']));
} else {
// Too many password failures?
if ($this->user->maxPasswordFailures()) {
$this->r->title .= " | {$this->r->gtext['pw_failure']}";
$this->tpl->display('pw_failure.tpl');
die;
}
// Note:
// Threre's a conflift with the authenticate procedure and header('Location:')
// The workaround is to echo some spaces and force javascript redirect
echo str_repeat(' ', 40000);
suxFunct::redirect(suxFunct::makeUrl('/home'));
}
}
/**
* @return string html
*/
function feedLink($id)
{
$tmp = $this->rss->getFeedByID($id);
if (!$tmp) {
return null;
}
$url = suxFunct::makeUrl("/feeds/{$id}");
$html = "<a href='{$url}'>{$tmp['title']}</a>";
return $html;
}
/**
* controller
*
* @author Dac Chartrand <*****@*****.**>
* @license http://www.fsf.org/licensing/licenses/gpl-3.0.html
*/
function sux($action, $params = null)
{
switch ($action) {
case 'access':
// --------------------------------------------------------------------
// Access
// --------------------------------------------------------------------
if (empty($params[0])) {
suxFunct::redirect(suxFunct::makeUrl('/admin'));
}
$edit = new adminAccess($params[0]);
if ($edit->formValidate($_POST)) {
$edit->formProcess($_POST);
$edit->formSuccess();
} else {
$edit->formBuild($_POST);
}
break;
case 'log':
// --------------------------------------------------------------------
// Log
// --------------------------------------------------------------------
$nickname = null;
if (!empty($params[0])) {
$nickname = $params[0];
}
$admin = new adminLog($nickname);
$admin->display();
break;
case 'purge':
// --------------------------------------------------------------------
// Purge logs
// --------------------------------------------------------------------
$edit = new adminPurge();
if ($edit->formValidate($_POST)) {
$edit->formProcess($_POST);
$edit->formSuccess();
} else {
$edit->formBuild($_POST);
}
break;
default:
// --------------------------------------------------------------------
// Default
// --------------------------------------------------------------------
$admin = new admin();
if ($admin->formValidate($_POST)) {
$admin->formProcess($_POST);
$admin->formSuccess();
} else {
$admin->formBuild($_POST);
}
break;
}
}
/**
* Return tag cloud
*
* @param array $tags key = tag, val = (quantity, id, size)
* @return string html
*/
function tagcloud($tags)
{
$html = '';
if ($tags) {
foreach ($tags as $key => $val) {
$url = suxFunct::makeURL('/bookmarks/tag/' . $val['id']);
$html .= "<a href='{$url}' style='font-size: {$val['size']}%;' class='tag'>{$key}</a> <span class='quantity' >({$val['quantity']})</span> ";
}
}
return $html;
}
/**
* @param string $url
* @return string returns a contine link
*/
function continueURL($start, $url)
{
if (!filter_var($start, FILTER_VALIDATE_INT)) {
$start = 0;
}
if (trim($url) == '') {
return null;
}
$text = suxFunct::gtext();
// W3C valid url
$q = mb_strpos($url, '?') ? '&' : '?';
$url = $url . $q;
$url = htmlspecialchars($url, ENT_QUOTES, 'UTF-8', false);
$html = "<a href='{$url}start={$start}' class='nextPage'>{$text['continue']} »</a> ";
return "<div class='pager'>{$html}</div> ";
}
/**
* controller
*
* @author Dac Chartrand <*****@*****.**>
* @license http://www.fsf.org/licensing/licenses/gpl-3.0.html
*/
function sux($action, $params = null)
{
switch ($action) {
case 'relationship':
// --------------------------------------------------------------------
// Set a relationship with a user
// --------------------------------------------------------------------
if (empty($params[0])) {
suxFunct::redirect(suxFunct::makeUrl('/society'));
}
$soc = new societyEdit($params[0]);
if ($soc->formValidate($_POST)) {
$soc->formProcess($_POST);
$soc->formSuccess();
} else {
$soc->formBuild($_POST);
}
break;
}
}
/**
* menu
*
* @author Dac Chartrand <*****@*****.**>
* @license http://www.fsf.org/licensing/licenses/gpl-3.0.html
*/
function blog_menu()
{
if (!isset($_SESSION['users_id'])) {
return null;
}
// Check that the user is allowed to admin
$user = new suxUser();
$text = suxFunct::gtext('blog');
$menu = array();
$is_root = $user->isRoot();
$access = $user->getAccess('blog');
if (!$is_root) {
if ($access < $GLOBALS['CONFIG']['ACCESS']['blog']['publisher']) {
return null;
}
}
if ($is_root || $access >= $GLOBALS['CONFIG']['ACCESS']['blog']['admin']) {
$menu[$text['admin']] = suxFunct::makeUrl('/blog/admin');
}
$menu[$text['new']] = suxFunct::makeUrl('/blog/edit');
return $menu;
}
/**
* Override: build the form and show the template
*
* @param array $dirty reference to unverified $_POST
*/
function formBuild(&$dirty)
{
if (!empty($dirty)) {
$this->tpl->assign($dirty);
} else {
suxValidate::disconnect();
}
if (!suxValidate::is_registered_form()) {
suxValidate::connect($this->tpl, true);
// Reset connection
// Register our validators
// register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default')
suxValidate::register_validator('url', 'url', 'notEmpty', false, false, 'trim');
suxValidate::register_validator('url2', 'url', 'isURL');
}
// Urls
$this->r->text['form_url'] = suxFunct::makeUrl('/user/login/openid');
$this->r->text['back_url'] = suxFunct::getPreviousURL();
$this->r->title .= " | {$this->r->gtext['openid_login']}";
// Template
$this->tpl->display('login_openid.tpl');
}
/**
* Display RSS Feed
*/
function rss()
{
// Cache
$cache_id = $this->profile['nickname'] . '|rss';
$this->tpl->caching = 1;
if (!$this->tpl->isCached('rss.tpl', $cache_id)) {
$fp = $this->log->get($this->minifeed_limit * 5, 0, $this->profile['users_id']);
if ($fp) {
$rss = new suxRSS();
$title = "{$this->r->title} | {$this->profile['nickname']}";
$url = suxFunct::makeUrl('/user/profile/' . $this->profile['nickname'], null, true);
$rss->outputRSS($title, $url, null);
foreach ($fp as $item) {
$url2 = $url . '#' . strtotime($item['ts']);
$rss->addOutputItem($item['ts'], $url2, $item['body_html']);
}
$this->tpl->assign('xml', $rss->saveXML());
}
}
// Template
header('Content-type: text/xml; charset=utf-8');
$this->tpl->display('rss.tpl', $cache_id);
}
/**
* Get the stalkers
*
* @param int $users_id
* @return string html
*/
function stalkers($users_id)
{
if (!filter_var($users_id, FILTER_VALIDATE_INT) || $users_id < 1) {
return null;
}
// Cache
static $html = null;
if ($html != null) {
return $html;
}
$html = '';
$soc = new suxSocialNetwork();
$rel = $soc->getStalkers($users_id);
if (!$rel) {
return $html;
}
$tpl = new suxTemplate('user');
$tpl->configLoad('my.conf', 'user');
$tw = $tpl->getConfigVars('thumbnailWidth');
$th = $tpl->getConfigVars('thumbnailHeight');
foreach ($rel as $val) {
$u = $this->user->getByID($val['users_id'], true);
if (!$u) {
continue;
}
// Skip
$url = suxFunct::makeUrl('/user/profile/' . $u['nickname']);
if (empty($u['image'])) {
$img = suxFunct::makeUrl('/') . "/media/{$this->partition}/assets/proletariat.gif";
} else {
$u['image'] = rawurlencode($u['image']);
$img = suxFunct::makeUrl('/') . "/data/user/{$u['image']}";
}
$html .= "<a href='{$url}' class='stalker'>";
$html .= "<img src='{$img}' class='stalker' width='{$tw}' height='{$th}' alt='{$u['nickname']}' title = '{$u['nickname']}' />";
$html .= "</a>";
}
return $html;
}
function formSuccess()
{
suxFunct::redirect(suxFunct::getPreviousURL('cropper'));
}
/**
* The form was successfuly processed
*/
function formSuccess()
{
suxFunct::redirect(suxFunct::makeUrl("/{$this->module}/admin/"));
}
/**
* Process the form
*
* @param array $clean reference to validated $_POST
*/
function formProcess(&$clean)
{
// --------------------------------------------------------------------
// Clear user caches
// --------------------------------------------------------------------
foreach ($this->caches as $module) {
// clear all caches with "nickname" as the first cache_id group
$tpl = new suxTemplate($module);
$tpl->clearCache(null, "{$_SESSION['nickname']}");
}
// --------------------------------------------------------------------
// Action
// --------------------------------------------------------------------
switch ($clean['action']) {
case 'addvec':
$this->nb->addVectorWithUser($clean['vector'], $_SESSION['users_id']);
unset($clean['vector']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() addvec", 1);
// Private
break;
case 'remvec':
// Security check
if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) {
// Remove vector
$this->nb->removeVector($clean['vector_id']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remvec id: {$clean['vector_id']}", 1);
// Private
}
unset($clean['vector_id']);
break;
case 'addcat':
// Security check
if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) {
$this->nb->addCategory($clean['category'], $clean['vector_id']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() addcat", 1);
// Private
}
unset($clean['category']);
break;
case 'remcat':
// Security check
if ($this->nb->isCategoryOwner($clean['category_id'], $_SESSION['users_id'])) {
// Remove category
$this->nb->removeCategory($clean['category_id']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remcat id: {$clean['category_id']}", 1);
// Private
}
unset($clean['category_id']);
break;
case 'adddoc':
// Security check
if ($this->nb->isCategoryTrainer($clean['category_id'], $_SESSION['users_id'])) {
$this->nb->trainDocument($clean['document'], $clean['category_id']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() adddoc", 1);
// Private
}
unset($clean['document']);
break;
case 'remdoc':
// Security check
if ($this->nb->isDocumentOwner($clean['document_id'], $_SESSION['users_id'])) {
// Remove document
$this->nb->untrainDocument($clean['document_id']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remdoc id: {$clean['document_id']}", 1);
// Private
}
unset($clean['document_id']);
break;
case 'sharevec':
// Security check
if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) {
$clean['trainer'] = isset($clean['trainer']) && $clean['trainer'] ? true : false;
$clean['owner'] = isset($clean['owner']) && $clean['owner'] ? true : false;
$this->nb->shareVector($clean['users_id'], $clean['vector_id'], $clean['trainer'], $clean['owner']);
$u = $this->user->getByID($clean['users_id']);
// clear caches
foreach ($this->caches as $module) {
$tpl = new suxTemplate($module);
$tpl->clearCache(null, $_SESSION['nickname']);
$tpl->clearCache(null, $u['nickname']);
}
// Log message
$log = '';
$url = suxFunct::makeUrl("/user/profile/{$_SESSION['nickname']}", null, true);
$log .= "<a href='{$url}'>{$_SESSION['nickname']}</a> ";
$log .= mb_strtolower($this->r->gtext['share_category']);
$url = suxFunct::makeUrl("/user/profile/{$u['nickname']}", null, true);
$log .= " <a href='{$url}'>{$u['nickname']}</a>";
// Log
$this->log->write($_SESSION['users_id'], $log);
$this->log->write($u['users_id'], $log);
// Clear caches
$tpl = new suxTemplate('user');
$tpl->clearCache(null, $_SESSION['nickname']);
$tpl->clearCache(null, $u['nickname']);
}
break;
case 'unsharevec':
foreach ($clean['unshare'] as $val) {
foreach ($val as $vectors_id => $users_id) {
$this->nb->unshareVector($users_id, $vectors_id);
$u = $this->user->getByID($users_id);
// Clear caches
foreach ($this->caches as $module) {
$tpl = new suxTemplate($module);
$tpl->clearCache(null, $_SESSION['nickname']);
$tpl->clearCache(null, $u['nickname']);
}
// Log message
$log = '';
$url = suxFunct::makeUrl("/user/profile/{$_SESSION['nickname']}", null, true);
$log .= "<a href='{$url}'>{$_SESSION['nickname']}</a> ";
$log .= mb_strtolower($this->r->gtext['unshare_category']);
$url = suxFunct::makeUrl("/user/profile/{$u['nickname']}", null, true);
$log .= " <a href='{$url}'>{$u['nickname']}</a>";
// Log
$this->log->write($_SESSION['users_id'], $log);
$this->log->write($u['users_id'], $log);
// Clear caches
$tpl = new suxTemplate('user');
$tpl->clearCache(null, $_SESSION['nickname']);
$tpl->clearCache(null, $u['nickname']);
}
}
break;
}
}
/**
* Get thumbnail
*
* @param int $photoalbums_id
* @return int
*/
function getThumbnail($photoalbums_id)
{
$image = null;
$tmp = $this->photo->getThumbnail($photoalbums_id);
if ($tmp) {
$image = suxFunct::myHttpServer() . $GLOBALS['CONFIG']['URL'] . '/data/photos/' . rawurlencode($tmp['image']);
}
return $image;
}
/**
* Get the requested url
* @return string url
*/
private function getReqUrl()
{
$path = $_SERVER['REQUEST_URI'];
return suxFunct::myHttpServer() . $path;
}
/**
* Autogenerate cheap SQL SEARCH query, for a table with `title`
* and `body_plaintext` columns
*
* @param string $table the name of a table to insert into
* @param string $string search query
* @param string $op SQL operator, AND/OR
* @param string $key PDO dsn key
* @return string|false SQL query
*/
static function prepareSearchQuery($table, $string, $where = '', $op = 'AND', $key = null)
{
$tokens = suxFunct::parseTokens($string);
$op = mb_strtoupper($op);
if ($op != 'AND') {
$op = 'OR';
}
// Enforce OR/AND
$db = self::get($key);
$q = "SELECT * FROM {$table} WHERE ( ";
foreach ($tokens as $string) {
//quote
$string = $db->quote($string);
// replace the first character
$tmp = substr($string, 0, 1);
$string = substr_replace($string, "{$tmp}%", 0, 1);
// replace the last character
$tmp = substr($string, -1, 1);
$string = substr_replace($string, "%{$tmp}", -1, 1);
// append to query
$q .= "(title LIKE {$string} OR body_plaintext LIKE {$string}) {$op} ";
}
$q = rtrim($q, "{$op} ");
// Remove trailing OR
if (trim($where)) {
$q .= "AND {$where} ";
}
// Append additional $where query
$q .= ') ';
return $q;
}
/**
* The form was successfuly processed
*/
function formSuccess()
{
// Template
$this->r->text['back_url'] = suxFunct::getPreviousURL();
$this->r->title .= " | {$this->r->gtext['success']}";
$this->tpl->display('success.tpl');
}
/**
* Display RSS Feed
*/
function rss()
{
// Cache
$cache_id = 'rss';
$this->tpl->caching = 1;
if (!$this->tpl->isCached('rss.tpl', $cache_id)) {
$fp = $this->bm->get($this->pager->limit);
if ($fp) {
$rss = new suxRSS();
$title = "{$this->r->title} | {$this->r->gtext['bookmarks']}";
$url = suxFunct::makeUrl('/bookmarks', null, true);
$rss->outputRSS($title, $url, null);
foreach ($fp as $item) {
$rss->addOutputItem($item['title'], $item['url'], $item['body_html']);
}
$this->tpl->assign('xml', $rss->saveXML());
}
}
// Template
header('Content-type: text/xml; charset=utf-8');
$this->tpl->display('rss.tpl', $cache_id);
}
/**
* @param string $string the string to get the tokens from
* @param bool $stopwords use stopwords?
* @return array keys = tokens, values = count
*/
private function parseTokens($string, $stopwords = true)
{
return suxFunct::parseTokens($string, $stopwords, true);
}
<?php
require_once dirname(__FILE__) . '/../includes/suxFunct.php';
// Configuration
// Cache dirs to delete
$cache = array();
$cache[] = realpath(dirname(__FILE__) . '/../temporary/cache/');
$cache[] = realpath(dirname(__FILE__) . '/../temporary/rss_cache/');
$cache[] = realpath(dirname(__FILE__) . '/../temporary/templates_c/');
// Go!
foreach ($cache as $dir) {
suxFunct::obliterateDir($dir);
}
// Set utf-8
header('Content-Type: text/html;charset=utf-8');
mb_internal_encoding('UTF-8');
mb_regex_encoding('UTF-8');
mb_language('uni');
// Avoid problems with arg_separator.output
ini_set('arg_separator.output', '&');
// Set the default timezone
date_default_timezone_set($GLOBALS['CONFIG']['TIMEZONE']);
// Get rid of magic quotes
if (get_magic_quotes_gpc() && !ini_get('magic_quotes_sybase')) {
$in = array(&$_GET, &$_POST, &$_REQUEST, &$_COOKIE, &$_FILES);
while (list($k, $v) = each($in)) {
foreach ($v as $key => $val) {
if (!is_array($val)) {
$in[$k][$key] = stripslashes($val);
continue;
}
$in[] =& $in[$k][$key];
}
}
unset($in);
}
// Include suxUser
require_once $GLOBALS['CONFIG']['PATH'] . '/includes/suxUser.php';
// Validate user $_SESSION
if (isset($_SESSION['users_id']) || isset($_SESSION['nickname'])) {
$u = new suxUser();
$u->loginCheck(suxFunct::makeUrl('/home'));
}
unset($u);
/**
* Listing
*
* @param int $feeds_id a feed id
*/
function listing($feeds_id = null)
{
// Check if the user has any subscriptions
$subscriptions = array();
if (isset($_SESSION['users_id'])) {
$subscriptions = $this->link->getLinks('link__rss_feeds__users', 'users', $_SESSION['users_id']);
$this->tpl->assign('users_id', $_SESSION['users_id']);
}
// Assign stuff
$this->r->text['form_url'] = suxFunct::makeUrl("/feeds/{$feeds_id}");
// Forum Url
$cache_id = null;
// Title
if ($feeds_id) {
$this->r->title .= " | {$this->r->gtext['feed']}";
$tmp = $this->rss->getFeedByID($feeds_id);
if ($tmp) {
$this->r->title .= " | {$tmp['title']}";
}
} else {
$this->r->title .= " | {$this->r->gtext['feeds']}";
}
if (list($vec_id, $cat_id, $threshold, $start, $search) = $this->nb->isValidFilter()) {
// ---------------------------------------------------------------
// Filtered results
// ---------------------------------------------------------------
if ($feeds_id || !count($subscriptions)) {
// Regular queries
$max = $this->rss->countItems($feeds_id);
$eval = '$this->rss->getItems($this->pager->limit, $start, ' . ($feeds_id ? $feeds_id : 'null') . ')';
} else {
// User has subscriptions, we need special JOIN queries
$max = $this->countUserItems($_SESSION['users_id']);
$eval = '$this->getUserItems($_SESSION[\'users_id\'], $this->pager->limit, $start)';
}
$this->r->arr['feeds'] = $this->filter($max, $vec_id, $cat_id, $threshold, $start, $eval, $search);
// Important: $start is a reference
if ($start < $max) {
if ($threshold !== false) {
$params = array('threshold' => $threshold, 'filter' => $cat_id);
} else {
$params = array('filter' => $cat_id);
}
$params['search'] = $search;
$url = suxFunct::makeUrl("/feeds/{$feeds_id}", $params);
$this->r->text['pager'] = $this->pager->continueURL($start, $url);
}
} else {
// ---------------------------------------------------------------
// Paged results, cached
// ---------------------------------------------------------------
// Get nickname
if (isset($_SESSION['nickname'])) {
$nn = $_SESSION['nickname'];
} else {
$nn = 'nobody';
}
$this->pager->setStart();
// Start pager
// "Cache Groups" using a vertical bar |
$cache_id = "{$nn}|listing|{$feeds_id}|{$this->pager->start}";
$this->tpl->caching = 1;
if (!$this->tpl->isCached('scroll.tpl', $cache_id)) {
if ($feeds_id || !count($subscriptions)) {
// Regular queries
$this->pager->setPages($this->rss->countItems($feeds_id));
$this->r->arr['feeds'] = $this->rss->getItems($this->pager->limit, $this->pager->start, $feeds_id);
} else {
// User has subscriptions, we need special JOIN queries
$this->pager->setPages($this->countUserItems($_SESSION['users_id']));
$this->r->arr['feeds'] = $this->getUserItems($_SESSION['users_id'], $this->pager->limit, $this->pager->start);
}
$this->r->text['pager'] = $this->pager->pageList(suxFunct::makeUrl("/feeds/{$feeds_id}"));
if (!count($this->r->arr['feeds'])) {
$this->tpl->caching = 0;
}
// Nothing to cache, avoid writing to disk
}
}
$this->tpl->display('scroll.tpl', $cache_id);
}
/**
* array_walk_recursive wrapper to sanitizeHtml()
*
* array_walk needs to be working with the actual values of the array,
* so the parameter of funcname is specified as a reference (i.e. &)
*
* @param string &$value
*/
private function sanitizeByReference(&$value)
{
// Reverse htmlentities, we want usable html
$value = html_entity_decode(stripslashes($value), ENT_QUOTES, 'UTF-8');
// Get rid of font tags before handing off to htmLawed,
// see: http://www.bioinformatics.org/phplabware/forum/viewtopic.php?id=64
$value = preg_replace('/<font([^>]+)>/i', '', $value);
$value = str_ireplace('</font>', '', $value);
// Sanitize
$value = suxFunct::sanitizeHtml($value, 0);
}
/**
* The form was successfuly processed
*/
function formSuccess()
{
$this->tpl->clearCache(null, $_SESSION['nickname']);
// Clear cache
suxFunct::redirect(suxFunct::makeUrl('/blog/bookmarks/' . $this->id));
// Pass this on to bookmarks for scanning
}
// ---------------------------------------------------------------------------
if (!isset($_SESSION['users_id'])) {
exit;
}
if (!isset($_POST['id']) || !filter_var($_POST['id'], FILTER_VALIDATE_INT)) {
exit;
}
if (!isset($_POST['description'])) {
exit;
}
// ---------------------------------------------------------------------------
// Secondary error checking
// ---------------------------------------------------------------------------
$log = new suxLog();
$photo = new suxPhoto();
$text = suxFunct::gtext('photos');
// Verify if user is allowed to edit this photo.
if (!$photo->isPhotoOwner($_POST['id'], $_SESSION['users_id'])) {
exit;
}
$clean = array('id' => $_POST['id'], 'description' => $_POST['description']);
try {
$photo->savePhoto($_SESSION['users_id'], $clean);
$tmp = $photo->getPhotoByID($clean['id']);
if ($tmp['description']) {
echo $tmp['description'];
} else {
echo $text['clickme'];
}
$log->write($_SESSION['users_id'], "sux0r::photos::describe() photos_id: {$clean['id']}", 1);
// Private
/**
* Saves an album to the database
*
* @param int $users_id users_id
* @param array $album required keys => (url, title, body) optional keys => (id, published_on, draft)
* @param int $trusted passed on to sanitizeHtml()
* @return int insert id
*/
function saveAlbum($users_id, array $album, $trusted = -1)
{
// -------------------------------------------------------------------
// Sanitize
// -------------------------------------------------------------------
if (!filter_var($users_id, FILTER_VALIDATE_INT) || $users_id < 1) {
throw new Exception('Invalid user id');
}
if (!isset($album['title']) || !isset($album['body'])) {
throw new Exception('Invalid $album array');
}
// Album id
if (isset($album['id'])) {
if (!filter_var($album['id'], FILTER_VALIDATE_INT) || $album['id'] < 1) {
throw new Exception('Invalid album id');
} else {
$clean['id'] = $album['id'];
}
}
// Users id
$clean['users_id'] = $users_id;
// No HTML in title
$clean['title'] = strip_tags($album['title']);
// Sanitize HTML in body
$clean['body_html'] = suxFunct::sanitizeHtml($album['body'], $trusted);
// Convert and copy body to UTF-8 plaintext
$converter = new suxHtml2UTF8($clean['body_html']);
$clean['body_plaintext'] = $converter->getText();
// Draft, boolean / tinyint
$clean['draft'] = false;
if (isset($album['draft']) && $album['draft']) {
$clean['draft'] = true;
}
// Publish date
if (isset($album['published_on'])) {
// ISO 8601 date format
// regex must match '2008-06-18 16:53:29' or '2008-06-18T16:53:29-04:00'
$regex = '/^(\\d{4})-(0[0-9]|1[0,1,2])-([0,1,2][0-9]|3[0,1]).+(\\d{2}):(\\d{2}):(\\d{2})/';
if (!preg_match($regex, $album['published_on'])) {
throw new Exception('Invalid date');
}
$clean['published_on'] = $album['published_on'];
} else {
$clean['published_on'] = date('Y-m-d H:i:s');
}
// We now have the $clean[] array
// --------------------------------------------------------------------
// Go!
// --------------------------------------------------------------------
// http://bugs.php.net/bug.php?id=44597
// As of 5.2.6 you still can't use this function's $input_parameters to
// pass a boolean to PostgreSQL. To do that, you'll have to call
// bindParam() with explicit types for *each* parameter in the query.
// Annoying much? This sucks more than you can imagine.
if (isset($clean['id'])) {
// UPDATE
unset($clean['users_id']);
// Don't override the original submitter
$query = suxDB::prepareUpdateQuery($this->db_albums, $clean);
$st = $this->db->prepare($query);
if ($this->db_driver == 'pgsql') {
$st->bindParam(':id', $clean['id'], PDO::PARAM_INT);
$st->bindParam(':title', $clean['title'], PDO::PARAM_STR);
$st->bindParam(':body_html', $clean['body_html'], PDO::PARAM_STR);
$st->bindParam(':body_plaintext', $clean['body_plaintext'], PDO::PARAM_STR);
$st->bindParam(':draft', $clean['draft'], PDO::PARAM_BOOL);
$st->bindParam(':published_on', $clean['published_on'], PDO::PARAM_STR);
$st->execute();
} else {
$st->execute($clean);
}
} else {
// INSERT
$query = suxDB::prepareInsertQuery($this->db_albums, $clean);
$st = $this->db->prepare($query);
if ($this->db_driver == 'pgsql') {
$st->bindParam(':users_id', $clean['users_id'], PDO::PARAM_INT);
$st->bindParam(':title', $clean['title'], PDO::PARAM_STR);
$st->bindParam(':body_html', $clean['body_html'], PDO::PARAM_STR);
$st->bindParam(':body_plaintext', $clean['body_plaintext'], PDO::PARAM_STR);
$st->bindParam(':draft', $clean['draft'], PDO::PARAM_BOOL);
$st->bindParam(':published_on', $clean['published_on'], PDO::PARAM_STR);
$st->execute();
} else {
$st->execute($clean);
}
if ($this->db_driver == 'pgsql') {
$clean['id'] = $this->db->lastInsertId("{$this->db_albums}_id_seq");
} else {
$clean['id'] = $this->db->lastInsertId();
}
}
return $clean['id'];
}
<?php
/* Navigation menu */
$gtext['navcontainer'] = array('Home' => suxFunct::makeUrl('/home'), 'Blog' => array(suxFunct::makeUrl('/blog'), suxFunct::getModuleMenu('blog')), 'Feeds' => array(suxFunct::makeUrl('/feeds'), suxFunct::getModuleMenu('feeds')), 'Bookmarks' => array(suxFunct::makeUrl('/bookmarks'), suxFunct::getModuleMenu('bookmarks')), 'Photos' => array(suxFunct::makeUrl('/photos'), suxFunct::getModuleMenu('photos')), 'Source Code' => 'http://sourceforge.net/projects/sux0r/');
/* Copyright */
$gtext['copyright'] = '<a href="http://sux0r.trotch.com/">sux0r</a> is copyleft ©
<a href="http://www.trotch.com/">Trotch.com</a> ' . date('Y') . ' and is distributed under
the <a href="http://www.fsf.org/licensing/licenses/gpl-3.0.html">GNU General Public License</a>.
Hosting by <a href="http://www.networkredux.com/">Network Redux</a>.';
$gtext['data_license'] = 'Unless otherwise specified, contents of this site are copyright by the contributors and available under the <br />
<a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a>.
Contributors should be attributed by full name or nickname.';
/* Now back our regular scheduled program */
$gtext['404_continue'] = 'Click here to continue';
$gtext['404_h1'] = 'Oops, Page Not Found (Error 404)';
$gtext['404_p1'] = 'For some reason (mis-typed URL, faulty referral from another site, out-of-date search engine listing or we simply deleted a file) the page you were after is not here.';
$gtext['admin'] = 'Administration';
$gtext['banned_continue'] = 'Click here to continue';
$gtext['banned_h1'] = 'Banned';
$gtext['banned_p1'] = 'You have been a bad person, a very very bad person.';
$gtext['continue'] = 'Continue';
$gtext['home'] = 'Home';
$gtext['login'] = '******';
$gtext['logout'] = 'Logout';
$gtext['register'] = 'Register';
$gtext['welcome'] = 'Welcome';
<?php
// Ajax
// Echo the content of a bayesian document
if (isset($_POST['id']) && filter_var($_POST['id'], FILTER_VALIDATE_INT)) {
require_once dirname(__FILE__) . '/../../config.php';
require_once dirname(__FILE__) . '/../../initialize.php';
$nb = new suxNaiveBayesian();
$doc = $nb->getDocument($_POST['id']);
if ($doc) {
$text = suxFunct::gtext('bayes');
$tmp = null;
$link = new suxLink();
foreach ($link->getLinkTables('bayes_documents') as $table) {
$links = $link->getLinks($table, 'bayes_documents', $_POST['id']);
if ($links && count($links)) {
$table = str_replace('link__', '', $table);
$table = str_replace('bayes_documents', '', $table);
$table = str_replace('__', '', $table);
$tmp .= "[ {$text['to']} {$table}_id -> ";
foreach ($links as $val) {
$tmp .= " {$val},";
}
$tmp = rtrim($tmp, ', ');
$tmp .= ' ]';
}
}
echo '<em>bayes_document_id: ', $_POST['id'], '</em><br />';
if ($tmp) {
echo "<em><strong>{$text['is_linked']}</strong></em> ";
echo $tmp;
