--- a/includes/pageprocess.php Wed Jun 13 16:59:00 2007 -0400
+++ b/includes/pageprocess.php Wed Jun 13 18:59:14 2007 -0400
@@ -194,9 +194,9 @@
{
$this->err_page_not_existent();
}
-
}
+
}
/**
@@ -222,7 +222,7 @@
}
// Does the page "exist"?
- if ( $paths->cpage['urlname_nons'] == $page_id && $paths->namespace == $namespace && !$paths->page_exists && ( $this->namespace == 'Admin' && !function_exists($fname) ) )
+ if ( $paths->cpage['urlname_nons'] == $page_id && $paths->namespace == $namespace && !$paths->page_exists && ( $this->namespace != 'Admin' || ($this->namespace == 'Admin' && !function_exists($fname) ) ) )
{
$this->page_exists = false;
}
--- a/plugins/Decir.php Wed Jun 13 16:59:00 2007 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,92 +0,0 @@
-<?php
-/*
-Plugin Name: Decir
-Plugin URI: javascript: // No URL yet, stay tuned!
-Description: Decir is an advanced bulletin board system (forum) for Enano.
-Author: Dan Fuhry
-Version: 0.1
-Author URI: http://www.enanocms.org/
-*/
-
-/*
- * Decir
- * Version 0.1
- * Copyright (C) 2007 Dan Fuhry
- *
- * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
- * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
- */
-
-define('ENANO_DECIR_VERSION', '0.1');
-define('DECIR_ROOT', ENANO_ROOT . '/decir');
-
-$plugins->attachHook('acl_rule_init', 'decir_early_init($this, $session);');
-$plugins->attachHook('base_classes_initted', '
- $paths->add_page(Array(
- \'name\'=>\'Forum\',
- \'urlname\'=>\'Forum\',
- \'namespace\'=>\'Special\',
- \'special\'=>0,\'visible\'=>0,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
- ));
- ');
-
-function decir_early_init(&$paths, &$session)
-{
- $paths->addAdminNode('Decir forum configuration', 'General settings', 'DecirGeneral');
- $paths->nslist['DecirForum'] = $paths->nslist['Special'] . 'Forum/ViewForum/';
- $paths->nslist['DecirPost'] = $paths->nslist['Special'] . 'Forum/Post/';
- $paths->nslist['DecirTopic'] = $paths->nslist['Special'] . 'Forum/Topic/';
-
- $session->register_acl_type('decir_see_forum', AUTH_ALLOW, 'See forum in index', Array('read'), 'DecirForum');
- $session->register_acl_type('decir_view_forum', AUTH_ALLOW, 'View forum', Array('decir_see_forum'), 'DecirForum');
- $session->register_acl_type('decir_post', AUTH_ALLOW, 'Post new topics', Array('decir_view_forum'), 'DecirForum');
- $session->register_acl_type('decir_reply', AUTH_ALLOW, 'Reply to topics', Array('decir_post'), 'DecirTopic');
-}
-
-function page_Special_Forum()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
-
- if ( getConfig('decir_version') != ENANO_DECIR_VERSION || isset($_POST['do_install_finish']) )
- {
- require(DECIR_ROOT . '/install.php');
- }
-
- $act = strtolower( ( $n = $paths->getParam(0) ) ? $n : 'Index' );
-
- $curdir = getcwd();
- chdir(DECIR_ROOT);
-
- switch($act)
- {
- case 'index':
- default:
- require('forum_index.php');
- break;
- case 'viewforum':
- require('viewforum.php');
- break;
- case 'topic':
- case 'post':
- case 'viewtopic':
- require('viewtopic.php');
- break;
- case 'new':
- require('posting.php');
- break;
- }
-
- chdir($curdir);
-
-}
-
-function page_Admin_DecirGeneral()
-{
- global $db, $session, $paths, $template, $plugins; if($session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN) { header('Location: '.makeUrl($paths->nslist['Special'].'Administration'.urlSeparator.'noheaders')); die('Hacking attempt'); }
- echo 'Hello world!';
-}
-
-?>
--- a/plugins/EnanoPress.php Wed Jun 13 16:59:00 2007 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,767 +0,0 @@
-<?php
-/*
-Plugin Name: EnanoPress
-Plugin URI: http://enano.homelinux.org/EnanoPress
-Description: Adds WordPress-like blogging functionality to the site. The blog can be viewed on the page Special:Blog, and posts can be written with Special:WriteBlogPost.
-Author: Dan Fuhry
-Version: 1.0
-Author URI: http://enano.homelinux.org/
-*/
-
-global $db, $session, $paths, $template, $plugins; // Common objects
-
-$plugins->attachHook('base_classes_initted', '
- $paths->add_page(Array(
- \'name\'=>\'Site Blog\',
- \'urlname\'=>\'Blog\',
- \'namespace\'=>\'Special\',
- \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
- ));
- $paths->add_page(Array(
- \'name\'=>\'Write blog post\',
- \'urlname\'=>\'WriteBlogPost\',
- \'namespace\'=>\'Special\',
- \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
- ));
- $paths->addAdminNode(\'Plugin configuration\', \'EnanoPress settings\', \'EnanoPress\');
- ');
-
-$plugins->attachHook('compile_template', 'global $template; $template->tpl_bool[\'in_blog\'] = false;');
-$plugins->attachHook('paths_init_before', 'global $paths; $paths->create_namespace("Blog", "BlogPost:");');
-$plugins->attachHook('page_not_found', 'return EnanoPress_BlogNamespaceHandler();');
-$plugins->attachHook('page_type_string_set', 'global $paths, $template; if($paths->namespace == "Blog") $template->namespace_string = "blog post";');
-
-define('BLOG_POST_PUBLISHED', 1);
-define('BLOG_POST_DRAFT', 0);
-define('BLOG_POSTS_PER_PAGE', 20);
-
-function EnanoPress_BlogNamespaceHandler()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
- $pid = intval($paths->cpage['urlname_nons']);
- if($pid == 0) return null;
- $q = $db->sql_query('SELECT post_id, post_title, post_content, time, author FROM '.table_prefix.'blog WHERE status='.BLOG_POST_PUBLISHED.' AND post_id='.$pid.';');
- if(!$q) $db->_die('');
- if($db->numrows() < 1) return null;
- $row = $db->fetchrow($q);
- $paths->cpage['name'] = $row['post_title'];
- $template->header();
- echo EnanoPress_FormatBlogPost($row['post_title'], RenderMan::render($row['post_content']), $row['time'], $row['author'], 0, $row['post_id']);
- echo EnanoPress_Separator();
- $sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
- $act = ( isset ($_GET['action']) ) ? $_GET['action'] : false;
- $id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1;
- $comments = EnanoPress_GetComments($id);
- echo $comments;
- $template->footer();
- return true;
-}
-
-function page_Special_Blog()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
- if(!getConfig('blog_table_version'))
- {
- $q = $db->sql_query('CREATE TABLE '.table_prefix.'blog ( post_id mediumint(8) NOT NULL auto_increment, post_title text, post_content text, time int(12), status tinyint(1) NOT NULL DEFAULT 0, author varchar(63) NOT NULL, num_comments mediumint(8) NOT NULL DEFAULT 0, PRIMARY KEY ( post_id ) );');
- if(!$q) $db->_die('The blog table could not be created');
- setConfig('blog_table_version', '1');
- }
- if($n = getConfig('blog_name')) $paths->cpage['name'] = $n;
- if(!defined('ENANO_TEMPLATE_LOADED'))
- $template->init_vars();
- $template->tpl_bool['in_blog'] = true;
- $template->header();
- if($s = $paths->getParam(0))
- {
- if($s == 'archive')
- {
- $y = (int)$paths->getParam(1);
- $m = (int)$paths->getParam(2);
- $d = (int)$paths->getParam(3);
- $t = $paths->getParam(4);
- if(!$y || !$m || !$d || !$t)
- {
- echo '<p>Invalid permalink syntax</p>';
- $template->footer();
- return false;
- }
- $t = $db->escape(str_replace(Array('-', '_'), Array('_', '_'), $t)); // It's impossible to reconstruct the title from the URL, so let MySQL do it for us using wildcards
- // Determine the valid UNIX timestamp values
- $lower_limit = mktime(0, 0, 0, $m, $d, $y);
- // EnanoPress will officially stop working on February 29, 2052. To extend the date, add more leap years here.
- $leapyears = Array(2000,2004,2008,2012,2016,2020,2024,2028,2032,2040,2044,2048);
- // add one to the day
- // 30 days hath September, April, June, and November, all the rest have 31, except el enano, February :-P
- if (in_array($m, Array(4, 6, 9, 11)) && $d == 30) $m++;
- elseif(in_array($m, Array(1, 3, 5, 7, 8, 10, 12)) && $d == 31) $m++;
- elseif($m == 2 && in_array($y, $leapyears) && $d == 29) $m++;
- elseif($m == 2 && !in_array($y, $leapyears) && $d == 28) $m++;
- else $d++;
- $upper_limit = mktime(0, 0, 0, $m, $d, $y);
- $q = $db->sql_query('SELECT b.post_id, b.post_title, b.post_content, b.time, COUNT(c.comment_id) AS num_comments, b.author FROM '.table_prefix.'blog AS b LEFT JOIN '.table_prefix.'comments AS c ON (c.page_id=b.post_id AND c.namespace=\'Blog\' AND c.approved=1) WHERE b.status='.BLOG_POST_PUBLISHED.' AND b.post_title LIKE \''.$t.'\' AND b.time >= '.$lower_limit.' AND b.time <= '.$upper_limit.' GROUP BY b.post_id ORDER BY b.time DESC;');
- if(!$q)
- {
- echo $db->get_error();
- $template->footer();
- return;
- }
- if($db->numrows() < 1)
- {
- // Try it with no date specifiation
- $q = $db->sql_query('SELECT b.post_id, b.post_title, b.post_content, b.time, COUNT(c.comment_id) AS num_comments, b.author FROM '.table_prefix.'blog AS b LEFT JOIN '.table_prefix.'comments AS c ON (c.page_id=b.post_id AND c.namespace=\'Blog\' AND c.approved=1) WHERE b.status='.BLOG_POST_PUBLISHED.' AND b.post_title LIKE \''.$t.'\' GROUP BY b.post_id ORDER BY b.time DESC;');
- if(!$q)
- {
- echo $db->get_error();
- $template->footer();
- return;
- }
- if($db->numrows() < 1)
- {
- echo '<p>No posts matching that permalink could be found.</p>';
- $template->footer();
- return;
- }
- }
- $row = $db->fetchrow();
- echo EnanoPress_FormatBlogPost($row['post_title'], RenderMan::render($row['post_content']), $row['time'], $row['author'], (int)$row['num_comments'], (int)$row['post_id']);
- echo EnanoPress_Separator();
- $sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
- $act = ( isset ($_GET['action']) ) ? $_GET['action'] : false;
- $id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1;
- $comments = EnanoPress_GetComments((int)$row['post_id']);
- if(is_array($comments))
- {
- $comments = EnanoPress_FormatComments($comments);
- echo $comments;
- }
- $template->footer();
- return;
- }
- else
- {
- $start = intval($s);
- }
- }
- else $start = 0;
- $end = $start + BLOG_POSTS_PER_PAGE + 1;
- $q = $db->sql_query('SELECT b.post_id, b.post_title, b.post_content, b.time, b.author, COUNT(c.comment_id) AS num_comments FROM '.table_prefix.'blog AS b LEFT JOIN '.table_prefix.'comments AS c ON (c.page_id=b.post_id AND c.namespace=\'Blog\' AND c.approved=1) WHERE b.status='.BLOG_POST_PUBLISHED.' GROUP BY b.post_id ORDER BY b.time DESC LIMIT '.$start.','. $end .';');
- if(!$q) { echo $db->get_error('The blog data could not be selected'); $template->footer(); return false; }
- $numrows = $db->numrows();
- if($numrows == BLOG_POSTS_PER_PAGE+1)
- {
- $nextpage = true;
- $numrows = BLOG_POSTS_PER_PAGE;
- }
- if($numrows < 1)
- {
- echo '<p>No posts yet! <a href="'.makeUrlNS('Special', 'WriteBlogPost').'">Write a post...</a></p>';
- }
- else
- {
- $i = 0;
- while($row = $db->fetchrow())
- {
- $i++;
- if($i == BLOG_POSTS_PER_PAGE+1) break;
- echo EnanoPress_FormatBlogPost($row['post_title'], RenderMan::render($row['post_content']), $row['time'], $row['author'], (int)$row['num_comments'], (int)$row['post_id']);
- if($i < $numrows) echo EnanoPress_Separator();
- }
- if($session->user_level >= USER_LEVEL_MOD) echo '<h2>More actions</h2><p><a href="'.makeUrlNS('Special', 'WriteBlogPost').'">Write a post...</a></p>';
- }
- $template->footer();
-}
-
-function page_Special_WriteBlogPost()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
- if($session->user_level < USER_LEVEL_MOD) die_friendly('Access denied', '<p>You are not authorized to post blog messages.</p>');
- $errors = Array();
- $template->header();
- $editing = false;
- if(isset($_POST['__save'])) $status = BLOG_POST_DRAFT;
- if(isset($_POST['__publish'])) $status = BLOG_POST_PUBLISHED;
- if(isset($_POST['__save']) || isset($_POST['__publish']))
- {
- $text = RenderMan::preprocess_text($_POST['content'], false, true);
- $title = $db->escape(htmlspecialchars($_POST['title']));
- $author = $db->escape($session->username);
- $time = time();
- if($text == '') $errors[] = 'You must enter a post.';
- if($title == '') $errors[] = 'You must enter a title for your post.';
- if(sizeof($errors) < 1)
- {
- if(isset($_POST['edit_id']) && preg_match('#^([0-9]+)$#', $_POST['edit_id']))
- {
- $q = $db->sql_query('UPDATE '.table_prefix."blog SET post_title='{$title}',post_content='{$text}',time={$time},author='{$author}',status=".$status." WHERE post_id={$_POST['edit_id']};");
- }
- else
- {
- $q = $db->sql_query('INSERT INTO '.table_prefix."blog(post_title,post_content,time,author,status) VALUES('{$title}', '{$text}', {$time}, '{$author}', ".$status.");");
- }
- if(!$q)
- {
- echo $db->get_error();
- $template->footer();
- return;
- }
- $q = $db->sql_query('SELECT post_id FROM '.table_prefix.'blog WHERE time='.$time.' ORDER BY post_id DESC;');
- if(!$q) { echo $db->get_error(); $template->footer(); return false; }
- if($db->numrows() > 0)
- {
- $row = $db->fetchrow();
- $editing = $row['post_id'];
- }
- switch($status):
- case BLOG_POST_DRAFT:
- echo '<div class="info-box">Your post has been saved; however it will not appear on the main blog page until it is published.</div>';
- break;
- case BLOG_POST_PUBLISHED:
- echo '<div class="info-box">Your post has been published to the main blog page.</div>';
- break;
- endswitch;
- }
-
- $text =& $_POST['content'];
- $title =& $_POST['title'];
- }
- elseif(isset($_POST['__delete']) && isset($_POST['del_confirm']))
- {
- $pid = intval($_POST['edit_id']);
- if($pid > 0)
- {
- $q = $db->sql_query('DELETE FROM '.table_prefix.'blog WHERE post_id='.$pid.';');
- if(!$q)
- {
- echo $db->get_error();
- $template->footer();
- return;
- }
- else
- echo '<div class="info-box">Your post has been deleted.</div>';
- }
- $text = '';
- $title = '';
- $editing = false;
- }
- elseif($t = $paths->getParam(0))
- {
- $id = intval($t);
- if($t == 0) die('SQL injection attempt');
- $q = $db->sql_query('SELECT post_title,post_content FROM '.table_prefix.'blog WHERE post_id='.$t.';');
- if(!$q) { echo $db->get_error(); $template->footer(); return false; }
- if($db->numrows() > 0)
- {
- $row = $db->fetchrow();
- $text =& $row['post_content'];
- $title =& $row['post_title'];
- $editing = $t;
- }
- else
- {
- $text = '';
- $title = '';
- }
- }
- elseif(isset($_POST['__preview']))
- {
- $text = RenderMan::preprocess_text($_POST['content'], false, false);
- $text = RenderMan::render($text);
- ob_start();
- eval('?>'.$text);
- $text = ob_get_contents();
- ob_end_clean();
- echo '<div class="warning-box"><b>Reminder:</b><br />This is only a preview - your changes to this post will not be saved until you click Save Draft or Save and Publish below.</div>'
- . PageUtils::scrollBox(EnanoPress_FormatBlogPost($_POST['title'], $text, time(), $session->username, 0, false));
- $text =& $_POST['content'];
- $title = $_POST['title'];
- }
- else
- {
- $text = '';
- $title = '';
- }
- if(sizeof($errors) > 0)
- {
- echo '<div class="error-box"><b>The following errors were encountered:</b><br />' . implode('<br />', $errors) . '</div>';
- }
- $q = $db->sql_query('SELECT post_id, post_title FROM '.table_prefix.'blog WHERE status='.BLOG_POST_DRAFT.' ORDER BY post_title ASC;');
- if(!$q) { echo $db->get_error('The blog data could not be selected'); $template->footer(); return false; }
- $n = $db->numrows();
- if($n > 0)
- {
- echo '<br /><div class="mdg-comment"><b>Your drafts: </b>';
- $posts = Array();
- while($r = $db->fetchrow())
- {
- $posts[$r['post_id']] = $r['post_title'];
- }
- $i=0;
- foreach($posts as $id => $t)
- {
- $i++;
- echo '<a href="'.makeUrlNS('Special', 'WriteBlogPost/'.$id).'">'.$t.'</a>';
- if($i < $n) echo ' » ';
- }
- echo '</div>';
- }
- $idthing = ( $editing ) ? '<input type="hidden" name="edit_id" value="'.$editing.'" />' : '';
- $delbtn = ( $editing ) ? ' <input onclick="return confirm(\'Are you REALLY sure you want to delete this post?\')" type="submit" name="__delete" value="Delete this post" style="color: red; font-weight: bold;" /> <label><input type="checkbox" name="del_confirm" /> I\'m sure</label>' : '';
- $textarea = $template->tinymce_textarea('content', $text);
- echo '<form action="'.makeUrl($paths->page).'" method="post">'
- . '<p>Post title:<br /><input type="text" name="title" size="60" style="width: 98%;" value="'.htmlspecialchars($title).'" /><br /><br />Post:<br />'
- . $textarea
- . '<p>The following information will be added to your post:</p><ul><li>Date and time: '.date('F d, Y h:i a').'</li><li>Username: '.$session->username.'</li></ul>'
- . '<p><input type="submit" name="__preview" value="Show preview" title="Allows you to preview your blog post before it is saved or posted" /> <input title="Saves the post but prevents it from being shown on the main blog page" type="submit" name="__save" value="Save Draft" /> <input title="Saves the blog post and shows it on the main blog page" type="submit" name="__publish" value="Save and Publish" />'
- . $delbtn
- . '</p>'
- . $idthing
- . '</form>';
- $template->footer();
-}
-
-/**
- * Convert a blog post to HTML
- * @param string $title the name of the blog post
- * @param string $text the content, needs to be HTML formatted as no renderer is called
- * @param int $time UNIX timestamp for the time of the post
- * @param string $author [user]name of the person who wrote the post
- * @param int $num_comments The number of comments attached to the post
- * @param int $post_id The numerical ID of the post
- * @return string
- */
-
-function EnanoPress_FormatBlogPost($title, $text, $time, $author, $num_comments = 0, $post_id)
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
- static $cached_template = false;
- if(!$cached_template)
- {
- if(file_exists(ENANO_ROOT.'/themes/'.$session->theme.'/blogpost.tpl'))
- $cached_template = file_get_contents(ENANO_ROOT.'/themes/'.$session->theme.'/blogpost.tpl', 'r');
- if(!$cached_template)
- $cached_template = <<<TPLCODE
- <div>
- <div style="border-bottom: 1px solid #AAAAAA;">
- <p style="float: right; background-color: #F0F0F0; margin: 3px 10px 0 0; padding: 8px 3px; width: 55px; text-align: center;">{D} {j} {M} {Y}</p>
- <div style="margin-bottom: 16px;"><h3 style="margin-bottom: 0;"><a href="{PERMALINK}" rel="bookmark" title="Permanent link to this post">{TITLE}</a></h3>Posted by <a href="{AUTHOR_LINK}" {AUTHOR_USERPAGE_CLASS}>{AUTHOR}</a><br /><a href="{COMMENT_LINK}">{COMMENT_LINK_TEXT}</a><!-- BEGIN can_edit --> | <a href="{EDIT_LINK}">edit this post</a><!-- END can_edit --></div>
- </div>
- <div>
- {CONTENT}
- </div>
- </div>
-TPLCODE;
- }
- $parser = $template->makeParserText($cached_template);
- $datechars = 'dDjlSwzWFmMntLYyaABGhHisIOTZrU'; // A list of valid metacharacters for date()
- $datechars = enano_str_split($datechars);
- $datevals = Array();
- foreach($datechars as $d)
- {
- $datevals[$d] = date($d, $time);
- }
- unset($datechars);
- $parser->assign_vars($datevals);
- $parser->assign_bool(Array(
- 'can_edit'=> ( $session->user_level >= USER_LEVEL_MOD ),
- ));
- $permalink = makeUrlNS('Special', 'Blog/archive/'.date('Y', $time).'/'.date('m', $time).'/'.date('d', $time).'/'.enanopress_sanitize_title($title));
- $commentlink = $permalink . '#post-comments';
- if($num_comments == 0) $ctext = 'No comments';
- elseif($num_comments == 1) $ctext = '1 comment';
- else $ctext = $num_comments . ' comments';
- $edit_link = ( is_int($post_id) ) ? makeUrlNS('Special', 'WriteBlogPost/'.$post_id) : '#" onclick="return false;';
- $parser->assign_vars(Array(
- 'TITLE' => $title,
- 'PERMALINK' => $permalink,
- 'AUTHOR' => $author,
- 'AUTHOR_LINK' => makeUrlNS('User', $author),
- 'AUTHOR_USERPAGE_CLASS' => ( isset($paths->pages[$paths->nslist['User'].$author]) ) ? '' : ' class="wikilink-nonexistent" ',
- 'COMMENT_LINK' => $commentlink,
- 'COMMENT_LINK_TEXT' => $ctext,
- 'CONTENT' => $text,
- 'EDIT_LINK' => $edit_link,
- ));
- return $parser->run();
-}
-
-/**
- * Draws a separator for use between blog posts - searches for the appropriate template file
- * @return string
- */
-
-function EnanoPress_Separator()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
- static $cached_template = false;
- if(!$cached_template)
- {
- if(file_exists(ENANO_ROOT.'/themes/'.$session->theme.'/blogseparator.tpl'))
- $cached_template = file_get_contents(ENANO_ROOT.'/themes/'.$session->theme.'/blogseparator.tpl');
- if(!$cached_template)
- $cached_template = <<<TPLCODE
- <div style="border-bottom: 1px dashed #666666; margin: 15px auto; width: 200px;"></div>
-TPLCODE;
- }
- $parser = $template->makeParserText($cached_template);
- return $parser->run();
-}
-
-/**
- * Make a blog post title acceptable for URLs
- * @param string $text the input text
- * @return string
- */
-
-function enanopress_sanitize_title($text)
-{
- $text = strtolower(str_replace(' ', '_', $text));
- $badchars = '/*+-,.?!@#$%^&*|{}[];:\'"`~';
- $badchars = enano_str_split($badchars);
- $dash = Array();
- foreach($badchars as $i => $b) $dash[] = "-";
- $text = str_replace($badchars, $dash, $text);
- return $text;
-}
-
-/**
- * Fetch comments for a post
- * @param int $post_id The numerical ID of the post to get comments for
- * @return array A hierarchial array - numbered keys, each key is a subarray with keys "name", "subject", "text", "time", and "comment_id" with time being a UNIX timestamp
- */
-
-function EnanoPress_GetComments($post_id)
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
-
- if(!is_int($post_id)) return false;
-
- if(isset($_GET['sub']))
- {
- $e = $db->sql_query('SELECT comment_id,name,subject,comment_data,user_id FROM '.table_prefix.'comments WHERE comment_id='.intval($_REQUEST['id']).';');
- if($e)
- {
- $comment = $db->fetchrow();
- $auth_edit = ( ( intval($comment['user_id']) == $session->user_id && $session->user_logged_in ) || $session->user_level >= USER_LEVEL_MOD );
- if($auth_edit)
- {
- switch($_GET['sub'])
- {
- case 'editcomment':
- if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; }
- $row =& $comment;
- echo '<h3>Edit comment</h3><form action="'.makeUrl($paths->fullpage, 'sub=savecomment').'" method="post">';
- echo "<br /><div class='mdg-comment' style='padding: 0;'><table border='0' width='100%' cellspacing='1' cellpadding='4'>
- <tr><td class='row1'>Subject:</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr>
- <tr><td class='row2'>Comment:</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr>
- <tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='Save Changes' /></td></tr>
- </table></div>";
- echo '</form>';
- return false;
- break;
- case 'savecomment':
- if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; }
- $r = PageUtils::savecomment_neater((string)$post_id, 'Blog', $_POST['subj'], $_POST['text'], (int)$_POST['id']);
- if($r != 'good') { echo "<pre>$r</pre>"; return false; }
- break;
- case 'deletecomment':
- if(isset($_GET['id']))
- {
- $q = 'DELETE FROM '.table_prefix.'comments WHERE comment_id='.intval($_GET['id']).' LIMIT 1;';
- $e=$db->sql_query($q);
- if(!$e)
- {
- echo 'Error during query: '.mysql_error().'<br /><br />Query:<br />'.$q;
- return false;
- }
- $e=$db->sql_query('UPDATE '.table_prefix.'blog SET num_comments=num_comments-1 WHERE post_id='.$post_id.';');
- if(!$e)
- {
- echo 'Error during query: '.mysql_error().'<br /><br />Query:<br />'.$q;
- return false;
- }
- }
- break;
- case 'admin':
- if(isset($_GET['action']) && $session->user_level >= USER_LEVEL_MOD) // Nip hacking attempts in the bud
- {
- switch($_GET['action']) {
- case "delete":
- if(isset($_GET['id']))
- {
- $q = 'DELETE FROM '.table_prefix.'comments WHERE comment_id='.intval($_GET['id']).' LIMIT 1;';
- $e=$db->sql_query($q);
- if(!$e)
- {
- echo 'Error during query: '.mysql_error().'<br /><br />Query:<br />'.$q;
- return false;
- }
- $e=$db->sql_query('UPDATE '.table_prefix.'blog SET num_comments=num_comments-1 WHERE post_id='.$post_id.';');
- if(!$e)
- {
- echo 'Error during query: '.mysql_error().'<br /><br />Query:<br />'.$q;
- return false;
- }
- }
- break;
- case "approve":
- if(isset($_GET['id']))
- {
- $where = 'comment_id='.intval($_GET['id']);
- $q = 'SELECT approved FROM '.table_prefix.'comments WHERE '.$where.' LIMIT 1;';
- $e = $db->sql_query($q);
- if(!$e) die('alert(unesape(\''.rawurlencode('Error selecting approval status: '.mysql_error().'\n\nQuery:\n'.$q).'\'));');
- $r = $db->fetchrow();
- $a = ( $r['approved'] ) ? '0' : '1';
- $q = 'UPDATE '.table_prefix.'comments SET approved='.$a.' WHERE '.$where.';';
- $e=$db->sql_query($q);
- if(!$e)
- {
- echo 'Error during query: '.mysql_error().'<br /><br />Query:<br />'.$q;
- return false;
- }
- if($a == '1')
- {
- $q = 'UPDATE '.table_prefix.'blog SET num_comments=num_comments+1 WHERE post_id='.$post_id.';';
- }
- else
- {
- $q = 'UPDATE '.table_prefix.'blog SET num_comments=num_comments-1 WHERE post_id='.$post_id.';';
- }
- $e=$db->sql_query($q);
- if(!$e)
- {
- echo 'Error during query: '.mysql_error().'<br /><br />Query:<br />'.$q;
- return false;
- }
- }
- break;
- }
- }
- break;
- }
- }
- else
- {
- echo '<div class="error-box">You are not authorized to perform this action.</div>';
- }
- }
- }
-
- if(isset($_POST['__doPostBack']))
- {
- if(getConfig('comments_need_login') == '2' && !$session->user_logged_in) echo('Access denied to post comments: you need to be logged in first.');
- else
- {
- $cb=false;
- if(getConfig('comments_need_login') == '1' && !$session->user_logged_in)
- {
- if(!isset($_POST['captcha_input']) || !isset($_POST['captcha_id']))
- {
- echo('BUG: PageUtils::addcomment: no CAPTCHA data passed to method');
- $cb=true;
- }
- else
- {
- $result = $session->get_captcha($_POST['captcha_id']);
- if($_POST['captcha_input'] != $result) { $cb=true; echo('The confirmation code you entered was incorrect.'); }
- }
- }
- if(!$cb)
- {
- $text = RenderMan::preprocess_text($_POST['text']);
- $name = $session->user_logged_in ? RenderMan::preprocess_text($session->username) : RenderMan::preprocess_text($_POST['name']);
- $subj = RenderMan::preprocess_text($_POST['subj']);
- if(getConfig('approve_comments')=='1') $appr = '0'; else $appr = '1';
- $q = 'INSERT INTO '.table_prefix.'comments(page_id,namespace,subject,comment_data,name,user_id,approved,time) VALUES(\''.$post_id.'\',\'Blog\',\''.$subj.'\',\''.$text.'\',\''.$name.'\','.$session->user_id.','.$appr.','.time().')';
- $e = $db->sql_query($q);
- if(!$e) echo 'Error inserting comment data: '.mysql_error().'<br /><br />Query:<br />'.$q;
- else
- {
- echo '<div class="info-box">Your comment has been posted.</div>';
- if(getConfig('approve_comments')=='1')
- {
- $e=$db->sql_query('UPDATE '.table_prefix.'blog SET num_comments=num_comments+1 WHERE post_id='.$post_id.';');
- if(!$e)
- {
- echo 'Error during query: '.mysql_error().'<br /><br />Query:<br />'.$q;
- return false;
- }
- }
- }
- }
- }
- }
-
- $apprv_clause = ( $session->user_level >= USER_LEVEL_MOD ) ? '' : 'AND approved=1';
-
- $q = $db->sql_query('SELECT c.comment_id,c.subject,c.comment_data,c.name,c.time,c.approved,c.time,u.signature,u.user_level,u.user_id FROM '.table_prefix.'comments AS c
- LEFT JOIN '.table_prefix.'users AS u
- ON u.user_id=c.user_id
- WHERE page_id='.$post_id.'
- AND namespace=\'Blog\'
- '.$apprv_clause.'
- ORDER BY time DESC;');
- if(!$q)
- {
- echo $db->get_error();
- return false;
- }
- $posts = Array();
- while($row = $db->fetchrow())
- {
- $row['text'] =& $row['comment_data'];
- $posts[] = $row;
- }
- return $posts;
-}
-
-/**
- * Formats a comments array from EnanoPress_GetComments() as HTML
- * @param array $comments The array of fetched comments
- * @return string
- */
-
-function EnanoPress_FormatComments($comments)
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
-
- ob_start();
- $tpl = $template->makeParser('comment.tpl');
-
- $seed = substr(md5(microtime() . mt_rand()), 0, 12);
-
- ?>
- <script type="text/javascript">
- function toggleCommentForm()
- {
- document.getElementById('commentform_<?php echo $seed; ?>').style.display = 'block';
- document.getElementById('commentlink_<?php echo $seed; ?>').style.display = 'none';
- }
- </script>
- <?php
-
- echo "<h3 id='post-comments'>Post comments</h3>";
- if ( count($comments) < 1 )
- {
- $commentlink = ( getConfig('comments_need_login') == '2' && !$session->user_logged_in ) ? '<a href="'.makeUrl('Special:Login/'.$paths->fullpage).'">Log in to post a comment...</a>' : '<a href="'.makeUrl($paths->fullpage, 'act=postcomment', true).'" id="commentlink_'.$seed.'" onclick="toggleCommentForm(); return false;">Leave a comment...</a>' ;
- echo '<p>There are no comments on this post. Yours could be the first! '.$commentlink.'</p>';
- }
- $i = -1;
-
- foreach($comments as $comment)
- {
- $auth_edit = ( ( intval($comment['user_id']) == $session->user_id && $session->user_logged_in ) || $session->user_level >= USER_LEVEL_MOD );
- $auth_mod = ( $session->user_level >= USER_LEVEL_MOD );
-
- // Comment ID (used in the Javascript apps)
- $strings['ID'] = (string)$i;
-
- // Determine the name, and whether to link to the user page or not
- $name = '';
- if($comment['user_id'] > 0) $name .= '<a href="'.makeUrlNS('User', str_replace(' ', '_', $comment['name'])).'">';
- $name .= $comment['name'];
- if($comment['user_id'] > 0) $name .= '</a>';
- $strings['NAME'] = $name; unset($name);
-
- // Subject
- $s = $comment['subject'];
- if(!$comment['approved']) $s .= ' <span style="color: #D84308">(Unapproved)</span>';
- $strings['SUBJECT'] = $s;
-
- // Date and time
- $strings['DATETIME'] = date('F d, Y h:i a', $comment['time']);
-
- // User level
- switch($comment['user_level'])
- {
- default:
- case USER_LEVEL_GUEST:
- $l = 'Guest';
- break;
- case USER_LEVEL_MEMBER:
- $l = 'Member';
- break;
- case USER_LEVEL_MOD:
- $l = 'Moderator';
- break;
- case USER_LEVEL_ADMIN:
- $l = 'Administrator';
- break;
- }
- $strings['USER_LEVEL'] = $l; unset($l);
-
- // The actual comment data
- $strings['DATA'] = RenderMan::render($comment['text']);
-
- // Edit link
- $strings['EDIT_LINK'] = '<a href="'.makeUrl($paths->fullpage, 'sub=editcomment&id='.$comment['comment_id']).'" id="editbtn_'.$i.'">edit</a>';
-
- // Delete link
- $strings['DELETE_LINK'] = '<a href="'.makeUrl($paths->fullpage, 'sub=deletecomment&id='.$comment['comment_id']).'">delete</a>';
-
- // Send PM link
- $strings['SEND_PM_LINK'] = ( $session->user_logged_in && $comment['user_id'] > 0 ) ? '<a href="'.makeUrlNS('Special', 'PrivateMessages/Compose/To/'.$comment['name']).'">Send private message</a>' : '';
-
- // Add Buddy link
- $strings['ADD_BUDDY_LINK'] = ( $session->user_logged_in && $comment['user_id'] > 0 ) ? '<a href="'.makeUrlNS('Special', 'PrivateMessages/FriendList/Add/'.$comment['name']).'">Add Buddy</a>' : '';
-
- // Mod links
- $applink = '';
- $applink .= '<a href="'.makeUrl($paths->fullpage, 'sub=admin&action=approve&id='.$comment['comment_id']).'" id="mdgApproveLink'.$i.'">';
- if($comment['approved']) $applink .= 'Unapprove';
- else $applink .= 'Approve';
- $applink .= '</a>';
- $strings['MOD_APPROVE_LINK'] = $applink;
- unset($applink);
- $strings['MOD_DELETE_LINK'] = '<a href="'.makeUrl($paths->fullpage, 'sub=admin&action=delete&id='.$comment['comment_id']).'">Delete</a>';
-
- // Signature
- $strings['SIGNATURE'] = '';
- if($comment['signature'] != '') $strings['SIGNATURE'] = RenderMan::render($comment['signature']);
-
- $bool['auth_mod'] = $auth_mod;
- $bool['can_edit'] = $auth_edit;
- $bool['signature'] = ( $strings['SIGNATURE'] == '' ) ? false : true;
-
- $tpl->assign_vars($strings);
- $tpl->assign_bool($bool);
- echo $tpl->run();
- }
-
- $sn = $session->user_logged_in ? $session->username . '<input name="name" id="mdgScreenName" type="hidden" value="'.$session->username.'" />' : '<input name="name" id="mdgScreenName" type="text" size="35" />';
- if(getConfig('comments_need_login') == '1')
- {
- $session->kill_captcha();
- $captcha = $session->make_captcha();
- }
- $captcha = ( getConfig('comments_need_login') == '1' && !$session->user_logged_in ) ? '<tr><td>Visual confirmation:<br /><small>Please enter the code you see on the right.</small></td><td><img src="'.makeUrlNS('Special', 'Captcha/'.$captcha).'" alt="Visual confirmation" style="cursor: pointer;" onclick="this.src = \''.makeUrlNS("Special", "Captcha/".$captcha).'/\'+Math.floor(Math.random() * 100000);" /><input name="captcha_id" id="mdgCaptchaID" type="hidden" value="'.$captcha.'" /><br />Code: <input name="captcha_input" id="mdgCaptchaInput" type="text" size="10" /><br /><small><script type="text/javascript">document.write("If you can\'t read the code, click on the image to generate a new one.");</script><noscript>If you can\'t read the code, please refresh this page to generate a new one.</noscript></small></td></tr>' : '';
-
- echo '<div id="commentform_'.$seed.'">
- '.EnanoPress_Separator().'
- <form action="'.makeUrl($paths->fullpage, 'act=postcomment', true).'" method="post">
- <table border="0">
- <tr><td>Your name or screen name:</td><td>'.$sn.'</td></tr>
- <tr><td>Comment subject:</td><td><input name="subj" id="mdgSubject" type="text" size="35" /></td></tr>
- '.$captcha.'
- <tr><td valign="top">Comment text:<br />(most HTML will be stripped)</td><td><textarea name="text" id="mdgCommentArea" rows="10" cols="40"></textarea></td></tr>
- <tr><td colspan="2" style="text-align: center;"><input type="submit" name="__doPostBack" value="Submit Comment" /></td></tr>
- </table>
- </form>
- </div>
- <script type="text/javascript">
- document.getElementById(\'commentform_'.$seed.'\').style.display = \'none\';
- </script>
-';
-
- $ret = ob_get_contents();
- ob_end_clean();
- return $ret;
-}
-
-function page_Admin_EnanoPress()
-{
- global $db, $session, $paths, $template, $plugins; if($session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN) { header('Location: '.makeUrl($paths->nslist['Special'].'Administration'.urlSeparator.'noheaders')); die('Hacking attempt'); }
- echo '<p>Coming soon!</p>';
-}
-
-?>
\ No newline at end of file
--- a/plugins/Newsboy.php Wed Jun 13 16:59:00 2007 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,1033 +0,0 @@
-<?php
-/*
-Plugin Name: Newsboy
-Plugin URI: javascript: // No URL yet, stay tuned!
-Description: Newsboy adds a news management system to Enano. It can integrate with the Feed Me plugin to provide an additional RSS feed.
-Author: Dan Fuhry
-Version: 0.1
-Author URI: http://www.enanocms.org/
-*/
-
-/*
- * Newsboy
- * Version 0.1
- * Copyright (C) 2007 Dan Fuhry
- *
- * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
- * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
- */
-
-// Insert our News namespace
-$plugins->attachHook('acl_rule_init', 'NewsBoy_namespace_setup($this);');
-
-// Hook into page rendering
-$plugins->attachHook('page_not_found', 'NewsBoy_namespace_handler();');
-$plugins->attachHook('send_page_footers', 'NewsBoy_PortalLink();');
-
-// String to determine page type string
-$plugins->attachHook('page_type_string_set', 'NewsBoy_set_page_string();');
-
-// Attach to the Feed Me plugin, if it's loaded (if not, the feed handler simply won't get called)
-$plugins->attachHook('feed_me_request', 'NewsBoy_feed_handler($mode);');
-
-function NewsBoy_namespace_setup(&$paths)
-{
- $paths->create_namespace('NewsBoy', 'News:');
- $paths->addAdminNode('Newsboy portal', 'Configuration', 'NewsboyConfiguration');
- $paths->addAdminNode('Newsboy portal', 'Manage news items', 'NewsboyItemManager');
-
- global $db, $session, $paths, $template, $plugins; // Common objects
-
- $session->acl_extend_scope('read', 'NewsBoy', $paths);
- $session->acl_extend_scope('post_comments', 'NewsBoy', $paths);
- $session->acl_extend_scope('edit_comments', 'NewsBoy', $paths);
- $session->acl_extend_scope('edit_page', 'NewsBoy', $paths);
- $session->acl_extend_scope('view_source', 'NewsBoy', $paths);
- $session->acl_extend_scope('mod_comments', 'NewsBoy', $paths);
- $session->acl_extend_scope('history_view', 'NewsBoy', $paths);
- $session->acl_extend_scope('history_rollback', 'NewsBoy', $paths);
- $session->acl_extend_scope('history_rollback_extra', 'NewsBoy', $paths);
- $session->acl_extend_scope('protect', 'NewsBoy', $paths);
- $session->acl_extend_scope('rename', 'NewsBoy', $paths);
- $session->acl_extend_scope('clear_logs', 'NewsBoy', $paths);
- $session->acl_extend_scope('vote_delete', 'NewsBoy', $paths);
- $session->acl_extend_scope('vote_reset', 'NewsBoy', $paths);
- $session->acl_extend_scope('delete_page', 'NewsBoy', $paths);
- $session->acl_extend_scope('set_wiki_mode', 'NewsBoy', $paths);
- $session->acl_extend_scope('password_set', 'NewsBoy', $paths);
- $session->acl_extend_scope('password_reset', 'NewsBoy', $paths);
- $session->acl_extend_scope('mod_misc', 'NewsBoy', $paths);
- $session->acl_extend_scope('edit_cat', 'NewsBoy', $paths);
- $session->acl_extend_scope('even_when_protected', 'NewsBoy', $paths);
- $session->acl_extend_scope('upload_files', 'NewsBoy', $paths);
- $session->acl_extend_scope('upload_new_version', 'NewsBoy', $paths);
- $session->acl_extend_scope('create_page', 'NewsBoy', $paths);
- $session->acl_extend_scope('php_in_pages', 'NewsBoy', $paths);
- $session->acl_extend_scope('edit_acl', 'NewsBoy', $paths);
-
-}
-
-function NewsBoy_namespace_handler()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
-
- if ( defined('ENANO_FEEDBURNER_INCLUDED') )
- {
- $template->add_header('<link rel="alternate" title="'.getConfig('site_name').' News feed" href="'.makeUrlNS('Special', 'RSS/news', null, true).'" type="application/rss+xml" />');
- }
-
- if ( $paths->namespace != 'NewsBoy' )
- return;
-
- $chk = $paths->page;
- $chk1 = substr($chk, 0, ( strlen($paths->nslist['NewsBoy']) + 8 ));
- $chk2 = substr($chk, 0, ( strlen($paths->nslist['NewsBoy']) + 7 ));
-
- if ( $paths->cpage['urlname_nons'] == 'Portal' || $paths->cpage['urlname_nons'] == 'Archive' || $chk1 == $paths->nslist['NewsBoy'] . 'Archive/' || $chk2 == $paths->nslist['NewsBoy'] . 'Archive' )
- {
-
- // Add admin opener Javascript function
- $template->add_header('<!-- NewsBoy: admin panel nav function -->
- <script type="text/javascript">
- function newsboy_open_admin()
- {
- if ( auth_level < USER_LEVEL_ADMIN )
- {
- ajaxPromptAdminAuth(function(k) {
- ENANO_SID = k;
- auth_level = USER_LEVEL_ADMIN;
- var loc = String(window.location + \'\');
- window.location = append_sid(loc);
- var loc = makeUrlNS(\'Special\', \'Administration\', \'module=\' + namespace_list[\'Admin\'] + \'NewsboyItemManager\');
- if ( (ENANO_SID + \' \').length > 1 )
- window.location = loc;
- }, 9);
- return false;
- }
- var loc = makeUrlNS(\'Special\', \'Administration\', \'module=\' + namespace_list[\'Admin\'] + \'NewsboyItemManager\');
- window.location = loc;
- }
- </script>');
-
- $x = getConfig('nb_portal_title');
-
- $template->tpl_strings['PAGE_NAME'] = ( $paths->cpage['urlname_nons'] == 'Portal' ) ?
- ( ( empty($x) ) ?
- 'Welcome to ' . getConfig('site_name') :
- $x ) :
- 'News Archive';
-
- if ( !$session->get_permissions('read') )
- {
- die_friendly('Access denied', '<div class="error-box"><b>Access to this page is denied.</b><br />This may be because you are not logged in or you have not met certain criteria for viewing this page.</div>');
- }
-
- $paths->cpage['comments_on'] = 0;
-
- $template->header();
- ( $paths->cpage['urlname_nons'] == 'Portal' ) ? NewsBoy_portal() : NewsBoy_archive();
- $template->footer();
- }
-}
-
-function NewsBoy_set_page_string()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
- if ( $paths->namespace == 'NewsBoy' )
- {
- if ( $paths->cpage['urlname_nons'] == 'Portal' )
- {
- $template->namespace_string = 'portal';
-
- // block editing
- $perm_arr = Array('edit_page' => AUTH_DENY, 'view_source' => AUTH_DENY);
- $session->acl_merge_with_current($perm_arr, false, 2);
- }
- else
- {
- $template->namespace_string = 'news item';
- }
- }
-}
-
-function NewsBoy_format_title($title)
-{
- $title = strtolower($title);
- $title = preg_replace('/\W/', '-', $title);
- $title = preg_replace('/([-]+)/', '-', $title);
- $title = trim($title, '-');
- return $title;
-}
-
-function NewsBoy_feed_handler($mode)
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
-
- if ( $mode != 'news' )
- return;
-
- $limit = ( $x = $paths->getParam(1) ) ? $x : 20;
- $limit = intval($limit);
- if ( $limit > 50 )
- $limit = 50;
-
- $title = getConfig('site_name') . ': Site news';
-
- $x = getConfig('nb_portal_title');
- $desc = ( empty($x) ) ? 'Welcome to ' . getConfig('site_name') : $x;
-
- $link = makeUrlComplete('NewsBoy', 'Portal');
- $generator = 'Enano CMS ' . enano_version() . ' - NewsBoy plugin';
- $email = getConfig('contact_email');
-
- $rss = new RSS($title, $desc, $link, $generator, $email);
-
- $sql = 'SELECT p.*, l.time_id, l.author, u.user_level,COUNT(c.comment_id) AS num_comments,t.page_text FROM '.table_prefix.'pages AS p
- LEFT JOIN '.table_prefix.'comments AS c
- ON ( c.page_id=p.urlname AND c.namespace=p.namespace )
- LEFT JOIN '.table_prefix.'logs AS l
- ON ( l.page_id=p.urlname AND l.namespace=p.namespace )
- LEFT JOIN '.table_prefix.'users AS u
- ON ( u.username=l.author )
- LEFT JOIN '.table_prefix.'page_text AS t
- ON ( t.page_id=p.urlname AND t.namespace=p.namespace )
- WHERE p.namespace=\'NewsBoy\'
- AND l.action=\'create\'
- AND p.urlname REGEXP \'^([0-9]+)$\'
- AND p.visible=1
- GROUP BY p.urlname
- ORDER BY urlname DESC
- LIMIT '.$limit.';';
-
- $q = $db->sql_unbuffered_query($sql);
-
- if ( !$q )
- $db->_die();
-
- $formatter = new NewsBoyFormatter();
-
- if ( $row = $db->fetchrow() )
- {
- do {
-
- $title = $row['name'];
- $link = makeUrlComplete('NewsBoy', $row['urlname']);
- $desc = RenderMan::render($row['page_text']);
- $time = intval($row['urlname']);
-
- $rss->add_item($title, $link, $desc, $time);
-
- } while ( $row = $db->fetchrow() );
- }
- else
- {
- $rss->add_item('Error', $link, 'No news items yet.', time());
- }
-
- echo $rss->render();
-
-}
-
-function NewsBoy_portal()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
-
- $news_template = <<<TPLCODE
- <div class="tblholder news">
- <table border="0" cellspacing="1" cellpadding="4" style="width: 100%;">
- <tr>
- <th><a href="{LINK}" style="color: inherit;">{TITLE}</a></th>
- </tr>
- <tr>
- <td class="row3">
- {CONTENT}
- </td>
- </tr>
- <tr>
- <th class="subhead" style="font-weight: normal; font-size: 67%;">
- Posted by {USER_LINK} on {DATE}<br />
- [ {NUM_COMMENTS} comment{COMMENT_S} | {COMMENT_LINK} ]
- </th>
- </tr>
- </table>
- </div>
-TPLCODE;
-
- /*
- $p = RenderMan::strToPageID(getConfig('main_page'));
- if ( $p[1] != 'NewsBoy' )
- {
- echo RenderMan::getPage($p[0], $p[1]);
- }
- else
- { */
- /*
- $s = $paths->nslist['NewsBoy'] . 'Announce';
- if ( isPage($s) )
- {
- $p = RenderMan::getPage('Announce', 'NewsBoy');
- echo $p;
- }
- /* } */
-
- $s = $paths->nslist['NewsBoy'] . 'Announce';
- $announce_page = getConfig('nb_announce_page');
- if ( !empty($announce_page) && isPage($announce_page) )
- {
- $s = $announce_page;
- }
- else if ( !isPage($s) )
- {
- $s = false;
- }
- if ( $s )
- {
- $stuff = RenderMan::strToPageID($s);
- $p = RenderMan::getPage($stuff[0], $stuff[1]);
- echo $p;
- }
-
- echo '<h2>Latest news</h2>';
-
- $q = $db->sql_unbuffered_query('SELECT p.*, COUNT(c.comment_id) AS num_comments, t.page_text, l.time_id, l.author, u.user_level FROM '.table_prefix.'pages AS p
- LEFT JOIN '.table_prefix.'comments AS c
- ON ( c.page_id=p.urlname AND c.namespace=p.namespace )
- LEFT JOIN '.table_prefix.'page_text AS t
- ON ( t.page_id=p.urlname AND t.namespace=p.namespace )
- LEFT JOIN '.table_prefix.'logs AS l
- ON ( l.page_id=p.urlname AND l.namespace=p.namespace )
- LEFT JOIN '.table_prefix.'users AS u
- ON ( u.username=l.author OR u.user_id=1 )
- WHERE p.namespace=\'NewsBoy\'
- AND l.action=\'create\'
- AND p.urlname!=\'Announce\'
- AND p.visible=1
- GROUP BY p.urlname
- ORDER BY urlname DESC;');
- if ( !$q )
- $db->_die();
-
- if ( $row = $db->fetchrow() )
- {
- $i = 0;
- $parser = $template->makeParserText($news_template);
- do
- {
- if ( $i < 5 )
- {
- $title = htmlspecialchars($row['name']);
- $content = RenderMan::render($row['page_text']);
- if ( strlen($content) > 400 )
- {
- $content = nb_trim_paragraph($content, 400, $trimmed);
- }
- if ( $trimmed )
- {
- $content .= ' <a href="' . makeUrlNS('NewsBoy', $row['urlname'], false, true) . '">Read more...</a>';
- }
- $user_link = nb_make_username_link($row['author'], $row['user_level']);
- $date = date('F d, Y h:i:s a', $row['urlname']);
- $num_comments = $row['num_comments'];
- $comment_s = ( $num_comments == 1 ) ? '' : 's';
- $comment_link = '<a href="' . makeUrlNS('NewsBoy', $row['urlname'], false, true) . '#do:comments" style="color: inherit;">add a comment</a>';
- $parser->assign_vars(array(
- 'TITLE' => $title,
- 'LINK' => makeUrlNS('NewsBoy', $row['urlname']),
- 'CONTENT' => $content,
- 'USER_LINK' => $user_link,
- 'DATE' => $date,
- 'NUM_COMMENTS' => $num_comments,
- 'COMMENT_S' => $comment_s,
- 'COMMENT_LINK' => $comment_link
- ));
- echo $parser->run();
- }
- else
- {
- echo '<p><a href="'.makeUrlNS('NewsBoy', 'Archive').'">Older news...</a></p>';
- break;
- }
- $i++;
- } while ( $row = $db->fetchrow() );
- }
- else
- {
- echo '<p>No news items yet.</p>';
- }
- if ( $session->user_level >= USER_LEVEL_ADMIN )
- {
- echo '<div class="tblholder" style="margin: 10px auto 0 auto; display: table;">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th>Administrative tools:</th>
- <td class="row3" style="text-align: center;"><a style="color: inherit;" href="' . makeUrlNS('NewsBoy', 'Announce', '', true) . '#do:edit">Edit announcement »</a></td>
- <td class="row3" style="text-align: center;"><a style="color: inherit;" href="' . makeUrlNS('Special', 'Administration', 'module='.$paths->nslist['Admin'].'NewsboyItemManager', true) . '" onclick="newsboy_open_admin(); return false;">Portal Administration</a></td>
- </tr>
- </table>
- </div><br />';
- }
-}
-
-/**
- * Formats row data in the archive.
- * @package Enano
- * @subpackage Newsboy
- * @license GNU General Public License
- */
-
-class NewsBoyFormatter
-{
- function article_link($name, $row)
- {
- $article_link = '<a href="' . makeUrlNS('NewsBoy', $row['urlname']) . '">' . $row['name'] . '</a>';
- return $article_link;
- }
- function format_date($date, $row)
- {
- $date = date('Y-m-j g:m', intval ( $date ));
- return $date;
- }
- function format_username($x, $row)
- {
- $ul = intval($row['user_level']);
- $author = nb_make_username_link($row['author'], $ul);
- return $author;
- }
- function format_commentlink($x, $row)
- {
- $comments = '<a href="' . makeUrlNS('NewsBoy', $row['urlname']) . '#do:comments">' . $row['num_comments'] . '</a>';
- return $comments;
- }
-}
-
-function NewsBoy_archive()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
-
- $lower_limit = ( isset($_GET['start']) ) ? intval($_GET['start']) : ( ( $xx = $paths->getParam(0) ) ? intval($xx) : 0 );
- $entries_per_page = 50;
-
- $row_count = $entries_per_page + 1;
-
- // Determine number of total news entries
- $q = $db->sql_query('SELECT urlname FROM '.table_prefix.'pages WHERE namespace=\'NewsBoy\' AND urlname REGEXP \'^([0-9]+)$\' AND visible=1;');
- if ( !$q )
- $db->_die();
- $r = $db->fetchrow();
- $num_total = intval($db->numrows());
- $db->free_result();
-
- if ( $lower_limit >= $num_total )
- $lower_limit = 0;
-
- $sql = 'SELECT p.*, l.time_id, l.author, u.user_level,COUNT(c.comment_id) AS num_comments FROM '.table_prefix.'pages AS p
- LEFT JOIN '.table_prefix.'comments AS c
- ON ( c.page_id=p.urlname AND c.namespace=p.namespace )
- LEFT JOIN '.table_prefix.'logs AS l
- ON ( l.page_id=p.urlname AND l.namespace=p.namespace )
- LEFT JOIN '.table_prefix.'users AS u
- ON ( u.username=l.author )
- WHERE p.namespace=\'NewsBoy\'
- AND l.action=\'create\'
- AND p.urlname REGEXP \'^([0-9]+)$\'
- AND p.visible=1
- GROUP BY p.urlname
- ORDER BY urlname DESC;';
-
- $q = $db->sql_unbuffered_query($sql);
-
- if ( !$q )
- $db->_die();
-
- $formatter = new NewsBoyFormatter();
-
- $callers = Array(
- 'name' => Array($formatter, 'article_link'),
- 'urlname' => Array($formatter, 'format_date'),
- 'author' => Array($formatter, 'format_username'),
- 'num_comments' => Array($formatter, 'format_commentlink')
- );
-
- $head = '<div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th>Article</th><th>Date</th><th>Author</th><th>Comments</th>
- </tr>';
- $foot = "</table></div>";
-
- $content = paginate($q, "\n".'<tr><td class="{_css_class}">{name}</td><td class="{_css_class}">{urlname}</td><td class="{_css_class}">{author}</td><td class="{_css_class}">{num_comments}</td></tr>',
- $num_total, makeUrlNS('NewsBoy', 'Archive/%s'), $lower_limit, 20, $callers, $head, $foot);
- echo $content;
-
- $code = $plugins->setHook('send_page_footers');
- foreach ( $code as $cmd )
- {
- eval($cmd);
- }
-
-}
-
-function nb_make_username_link($username, $user_level)
-{
- $color = '#0000AA';
- $user_level = intval($user_level);
- if ( $user_level < USER_LEVEL_MEMBER ) return $username;
- if ( $user_level >= USER_LEVEL_MOD ) $color = '#00AA00';
- if ( $user_level >= USER_LEVEL_ADMIN ) $color = '#AA0000';
- $link = '<a style="color: ' . $color . '" href="' . makeUrlNS('User', str_replace(' ', '_', $username) ) . '">' . $username . '</a>';
- return $link;
-}
-
-function NewsBoy_PortalLink()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
- if ( $paths->namespace == 'NewsBoy' )
- echo '<div class="tblholder"><table border="0" style="width: 100%;" cellspacing="1" cellpadding="4"><tr><th><a style="color: inherit;" href="' . makeUrlNS('NewsBoy', 'Portal') . '">« Return to News Portal</a></th></tr></table></div><br />';
-}
-
-// Administration panel
-function page_Admin_NewsboyItemManager()
-{
- global $db, $session, $paths, $template, $plugins; if($session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN) { redirect(makeUrlNS('Special', 'Administration', 'noheaders', true), '', '', 0); die('Hacking attempt'); }
-
- $done = false;
-
- if ( isset( $_GET['act'] ) )
- {
- switch ( $_GET['act'] )
- {
- case 'edit':
-
- // Error list
- $errors = Array();
-
- if ( isset ( $_POST['submitting'] ) )
- {
- // Generate timestamp
- $year = intval($_POST['pub_year']);
- $month = intval($_POST['pub_month']);
- $day = intval($_POST['pub_day']);
- $hour = intval($_POST['pub_hour']);
- $minute = intval($_POST['pub_minute']);
- $second = intval($_POST['pub_second']);
-
- // Validation
- if ( $year < 1500 || $year > 10000 )
- $errors[] = 'Invalid year.';
-
- if ( $month < 1 || $month > 12 )
- $errors[] = 'Invalid month.';
-
- if ( $day < 1 || $day > 31 )
- $errors[] = 'Invalid day.';
-
- if ( $hour < 0 || $hour > 23 )
- $errors[] = 'Invalid hour.';
-
- if ( $minute < 0 || $minute > 60 )
- $errors[] = 'Invalid minute.';
-
- if ( $second < 0 || $second > 60 )
- $errors[] = 'Invalid second.';
-
- $name = $_POST['article_name'];
- $name = $db->escape($name);
-
- $author = $_POST['author'];
- $author = $db->escape($author);
-
- if ( count($errors) < 1 )
- {
- $time = mktime($hour, $minute, $second, $month, $day, $year);
- }
-
- if ( isset($paths->pages[ $paths->nslist['NewsBoy'] . $time ]) && $paths->pages[ $paths->nslist['NewsBoy'] . $time ] != $paths->pages[ $paths->nslist['NewsBoy'] . $_POST['page_id'] ] )
- $errors[] = 'You cannot have two news articles with the same publish time.';
-
- if ( count($errors) < 1 )
- {
- $publ = ( isset($_POST['published']) ) ? '1' : '0';
- $sql = 'UPDATE '.table_prefix.'pages SET name=\'' . $name . '\',visible='.$publ.',urlname=\''.$time.'\' WHERE urlname=\'' . $db->escape($_POST['page_id']) . '\' AND namespace=\'NewsBoy\';';
- $q = $db->sql_query($sql);
-
- if ( !$q )
- $db->_die();
-
- // Update author
- $q = $db->sql_query('UPDATE '.table_prefix.'logs SET author=\'' . $author . '\' WHERE page_id=\'' . $db->escape($_POST['page_id']) . '\' AND namespace=\'NewsBoy\' AND action=\'create\';');
-
- if ( !$q )
- $db->_die();
-
- // Update other tables with urlname info
- $q = $db->sql_query('UPDATE '.table_prefix.'logs SET page_id=\'' . $time . '\' WHERE page_id=\'' . $db->escape($_POST['page_id']) . '\' AND namespace=\'NewsBoy\';');
- if ( !$q )
- $db->_die();
-
- $q = $db->sql_query('UPDATE '.table_prefix.'comments SET page_id=\'' . $time . '\' WHERE page_id=\'' . $db->escape($_POST['page_id']) . '\' AND namespace=\'NewsBoy\';');
- if ( !$q )
- $db->_die();
-
- $q = $db->sql_query('UPDATE '.table_prefix.'page_text SET page_id=\'' . $time . '\' WHERE page_id=\'' . $db->escape($_POST['page_id']) . '\' AND namespace=\'NewsBoy\';');
- if ( !$q )
- $db->_die();
-
- $q = $db->sql_query('UPDATE '.table_prefix.'categories SET page_id=\'' . $time . '\' WHERE page_id=\'' . $db->escape($_POST['page_id']) . '\' AND namespace=\'NewsBoy\';');
- if ( !$q )
- $db->_die();
-
- echo '<div class="info-box">Your changes have been saved.</div>';
-
- break;
- }
- }
-
- if ( count($errors) > 0 )
- echo '<div class="warning-box">Errors encountered while saving data:<ul><li>' . implode('</li><li>', $errors) . '</li></ul></div>';
-
- // Obtain page information
- if ( !isset($paths->pages[ $paths->nslist['NewsBoy'] . $_GET['id'] ]) )
- {
- echo 'Invalid ID';
- return false;
- }
- $page_info =& $paths->pages[ $paths->nslist['NewsBoy'] . $_GET['id'] ];
- $time = intval($page_info['urlname_nons']);
-
- // Get author
- $q = $db->sql_query('SELECT author FROM '.table_prefix.'logs WHERE page_id=\'' . $db->escape($page_info['urlname_nons']) . '\' AND namespace=\'NewsBoy\' AND action=\'create\' ORDER BY time_id DESC LIMIT 1;');
-
- if ( !$q )
- $db->_die();
-
- $row = $db->fetchrow();
- $author = ( isset($row['author']) ) ? $row['author'] : '';
- if ( empty($author) )
- $author = 'Anonymous';
-
- // Set date & time
- $month = date('n', $time);
- $year = date('Y', $time);
- $day = date('j', $time);
- $hour = date('G', $time);
- $minute = date('m', $time);
- $second = date('s', $time);
-
- echo '<form id="nb_edit_form" action="'.makeUrlNS('Special', 'Administration', (( isset($_GET['sqldbg'])) ? 'sqldbg&' : '') .'module='.$paths->cpage['module'] . '&act=edit').'" method="post" onsubmit="if ( !submitAuthorized ) return false;">';
- echo '<div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th colspan="2">Editing news article</th>
- </tr>
- <tr>
- <td class="row1">Article name:</td><td class="row2"><input name="article_name" value="' . htmlspecialchars($page_info['name']) . '" /></td>
- </tr>
- <tr>
- <td class="row1">Published date:</td>
- <td class="row2">
- <input name="pub_year" type="text" size="5" value="'.$year.'" />-<select name="pub_month">';
- for ( $i = 1; $i <= 12; $i++ )
- {
- $m = "[$i] ";
- switch ( $i )
- {
- case 1: $m .= 'January'; break;
- case 2: $m .= 'February'; break;
- case 3: $m .= 'March'; break;
- case 4: $m .= 'April'; break;
- case 5: $m .= 'May'; break;
- case 6: $m .= 'June'; break;
- case 7: $m .= 'July'; break;
- case 8: $m .= 'August'; break;
- case 9: $m .= 'September'; break;
- case 10: $m .= 'October'; break;
- case 11: $m .= 'November'; break;
- case 12: $m .= 'December'; break;
- default: $m .= 'Fuhrober'; break;
- }
- if ( $month == $i )
- echo ' <option selected="selected" value="' . $i . '">'.$m.'</option>';
- else
- echo ' <option value="' . $i . '">'.$m.'</option>';
- }
- echo ' </select>
- <input name="pub_day" type="text" size="3" value="' . $day . '" />, time:
- <input name="pub_hour" type="text" size="3" value="' . $hour . '" /> : <input name="pub_minute" type="text" size="3" value="' . $minute . '" /> : <input name="pub_second" type="text" size="3" value="' . $second . '" /><br />
- <small>Note: Hours are in 24-hour format.</small>
- </td>
- </tr>
- <!-- Inline developer blog, episode 1:
- Right about the time I got here, I started sneezing like crazy. Must have caught it Friday night. Great... now
- my life is officially stuck on pause for the next 3 days. I\'d swear here but (a) Mommy taught me better, and
- (b) I wouldn\'t want to offend you hackers. (j/k)
-
- Oh crap. And no, I don\'t give towels with my showers.
-
- -Dan
- -->
- <tr>
- <td class="row1">Publish article:</td><td class="row2"><label><input name="published" type="checkbox" ' . ( $page_info['visible'] == 1 ? 'checked="checked"' : '' ) . ' /> Article is published (shown to the public)</label></td>
- </tr>
- <tr>
- <td class="row1">Article author:</td><td class="row2">' . $template->username_field('author', $author) . '</td></tr>
- </tr>
- <tr>
- <td class="row3" style="text-align: center;" colspan="2">
- <a href="#" onclick="var frm = document.getElementById(\'nb_edit_form\'); frm.submit(); return false;">Save changes</a> <a href="#" onclick="ajaxPage(\'' . $paths->cpage['module'] . '\');">Return to main menu</a>
- </td>
- </tr>
- </table>
- </div>
- <input type="hidden" name="submitting" value="yes" />
- <input type="hidden" name="page_id" value="' . $_GET['id'] . '" />';
- echo '</form>';
- $done = true;
- break;
- case 'del':
- if ( isset( $_POST['confirmed'] ) )
- {
- $page_id = $_POST['page_id'];
- $namespace = 'NewsBoy';
-
- $e = $db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,page_id,namespace,author) VALUES('.time().', \''.date('d M Y h:i a').'\', \'page\', \'delete\', \''.$page_id.'\', \''.$namespace.'\', \''.$session->username.'\')');
- if(!$e) $db->_die('The page log entry could not be inserted.');
- $e = $db->sql_query('DELETE FROM '.table_prefix.'categories WHERE page_id=\''.$page_id.'\' AND namespace=\''.$namespace.'\'');
- if(!$e) $db->_die('The page categorization entries could not be deleted.');
- $e = $db->sql_query('DELETE FROM '.table_prefix.'comments WHERE page_id=\''.$page_id.'\' AND namespace=\''.$namespace.'\'');
- if(!$e) $db->_die('The page comments could not be deleted.');
- $e = $db->sql_query('DELETE FROM '.table_prefix.'page_text WHERE page_id=\''.$page_id.'\' AND namespace=\''.$namespace.'\'');
- if(!$e) $db->_die('The page text entry could not be deleted.');
- $e = $db->sql_query('DELETE FROM '.table_prefix.'pages WHERE urlname=\''.$page_id.'\' AND namespace=\''.$namespace.'\'');
- if(!$e) $db->_die('The page entry could not be deleted.');
- $e = $db->sql_query('DELETE FROM '.table_prefix.'files WHERE page_id=\''.$page_id.'\'');
- if(!$e) $db->_die('The file entry could not be deleted.');
-
- $result = 'This page has been deleted. Note that there is still a log of edits and actions in the database, and anyone with admin rights can raise this page from the dead unless the log is cleared. If the deleted file is an image, there may still be cached thumbnails of it in the cache/ directory, which is inaccessible to users.';
-
- echo $result . '<br />
- <br />
- <a href="#" onclick="ajaxPage(\'' . $paths->cpage['module'] . '\');">Return to Newsboy</a>';
- }
- else
- {
- echo '<form id="nb_delete_form" action="'.makeUrlNS('Special', 'Administration', (( isset($_GET['sqldbg'])) ? 'sqldbg&' : '') .'module='.$paths->cpage['module'] . '&act=del').'" method="post">';
- echo '<div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th>Confirm deletion</th>
- </tr>
- <tr>
- <td class="row1" style="text-align: center;">
- <p>Are you sure you want to delete this news article?</p>
- </td>
- </tr>
- <tr>
- <td class="row3" style="text-align: center;">
- <a href="#" onclick="var frm = document.getElementById(\'nb_delete_form\'); frm.submit(); return false;">Delete</a> <a href="#" onclick="ajaxPage(\'' . $paths->cpage['module'] . '\');">Cancel</a>
- </td>
- </tr>
- </table>
- </div>
- <input type="hidden" name="confirmed" value="yes" />
- <input type="hidden" name="page_id" value="' . intval ( $_GET['id'] ) . '" />';
- echo '</form>';
- }
- $done = true;
- break;
- case 'create':
-
- // Error list
- $errors = Array();
-
- if ( isset ( $_POST['submitting'] ) )
- {
- // Generate timestamp
- $year = intval($_POST['pub_year']);
- $month = intval($_POST['pub_month']);
- $day = intval($_POST['pub_day']);
- $hour = intval($_POST['pub_hour']);
- $minute = intval($_POST['pub_minute']);
- $second = intval($_POST['pub_second']);
-
- // Validation
- if ( $year < 1500 || $year > 10000 )
- $errors[] = 'Invalid year.';
-
- if ( $month < 1 || $month > 12 )
- $errors[] = 'Invalid month.';
-
- if ( $day < 1 || $day > 31 )
- $errors[] = 'Invalid day.';
-
- if ( $hour < 0 || $hour > 23 )
- $errors[] = 'Invalid hour.';
-
- if ( $minute < 0 || $minute > 60 )
- $errors[] = 'Invalid minute.';
-
- if ( $second < 0 || $second > 60 )
- $errors[] = 'Invalid second.';
-
- $name = $_POST['article_name'];
- $name = $db->escape($name);
-
- $author = $_POST['author'];
- $author = $db->escape($author);
-
- if ( count($errors) < 1 )
- {
- $time = mktime($hour, $minute, $second, $month, $day, $year);
- }
-
- if ( isset($paths->pages[ $paths->nslist['NewsBoy'] . $time ]) && $paths->pages[ $paths->nslist['NewsBoy'] . $time ] != $paths->pages[ $paths->nslist['NewsBoy'] . $_POST['page_id'] ] )
- $errors[] = 'You cannot have two news articles with the same publish time.';
-
- if ( count($errors) < 1 )
- {
- $publ = ( isset($_POST['published']) ) ? 1 : 0;
- $result = PageUtils::createpage( (string)$time, 'NewsBoy', $name, $publ );
-
- // Set content
- $content = RenderMan::preprocess_text($_POST['content'], true); // this also SQL-escapes it
-
- $q = $db->sql_query('UPDATE '.table_prefix.'page_text SET page_text=\'' . $content . '\' WHERE page_id=\'' . $time . '\' AND namespace=\'NewsBoy\';');
- if ( !$q )
- $db->_die();
-
- if ( $result )
- echo '<div class="info-box">Your changes have been saved.</div>';
- else
- $errors[] = 'PageUtils::createpage returned an error.';
-
- break;
- }
- }
-
- if ( count($errors) > 0 )
- echo '<div class="warning-box">Errors encountered while preparing data:<ul><li>' . implode('</li><li>', $errors) . '</li></ul></div>';
-
- $time = time();;
-
- // Get author
- $author = $session->username;
-
- if ( empty($author) )
- $author = 'Anonymous';
-
- // Set date & time
- $month = date('n', $time);
- $year = date('Y', $time);
- $day = date('j', $time);
- $hour = date('G', $time);
- $minute = date('m', $time);
- $second = date('s', $time);
-
- echo '<form id="nb_create_form" action="'.makeUrlNS('Special', 'Administration', (( isset($_GET['sqldbg'])) ? 'sqldbg&' : '') .'module='.$paths->cpage['module'] . '&act=create').'" method="post" onsubmit="if ( !submitAuthorized ) return false;">';
- echo '<div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th colspan="2">Creating news article</th>
- </tr>
- <tr>
- <td class="row1">Article name:</td><td class="row2"><input name="article_name" value="" /></td>
- </tr>
- <tr>
- <td class="row1">Published datestamp:</td>
- <td class="row2">
- <input name="pub_year" type="text" size="5" value="'.$year.'" />-<select name="pub_month">';
- for ( $i = 1; $i <= 12; $i++ )
- {
- $m = "[$i] ";
- switch ( $i )
- {
- case 1: $m .= 'January'; break;
- case 2: $m .= 'February'; break;
- case 3: $m .= 'March'; break;
- case 4: $m .= 'April'; break;
- case 5: $m .= 'May'; break;
- case 6: $m .= 'June'; break;
- case 7: $m .= 'July'; break;
- case 8: $m .= 'August'; break;
- case 9: $m .= 'September'; break;
- case 10: $m .= 'October'; break;
- case 11: $m .= 'November'; break;
- case 12: $m .= 'December'; break;
- default: $m .= 'Fuhrober'; break;
- }
- if ( $month == $i )
- echo ' <option selected="selected" value="' . $i . '">'.$m.'</option>';
- else
- echo ' <option value="' . $i . '">'.$m.'</option>';
- }
- echo ' </select>
- <input name="pub_day" type="text" size="3" value="' . $day . '" />, time:
- <input name="pub_hour" type="text" size="3" value="' . $hour . '" /> : <input name="pub_minute" type="text" size="3" value="' . $minute . '" /> : <input name="pub_second" type="text" size="3" value="' . $second . '" /><br />
- <small>Note: Hours are in 24-hour format.</small>
- </td>
- </tr>
- <tr>
- <td class="row1">Publish article:</td><td class="row2"><label><input name="published" type="checkbox" /> Article is published (shown to the public)</label></td>
- </tr>
- <tr>
- <td class="row1">Article author:</td><td class="row2">' . $template->username_field('author', $author) . '</td></tr>
- </tr>
- <tr>
- <td class="row1">Initial content:<br /><small>You can always edit this later.</small></td><td class="row2"><textarea name="content" rows="15" cols="60" style="width: 100%;"></textarea></td>
- </tr>
- <tr>
- <td class="row3" style="text-align: center;" colspan="2">
- <a href="#" onclick="var frm = document.getElementById(\'nb_create_form\'); frm.submit(); return false;">Create article</a> <a href="#" onclick="ajaxPage(\'' . $paths->cpage['module'] . '\');">Return to main menu</a>
- </td>
- </tr>
- </table>
- </div>
- <input type="hidden" name="submitting" value="yes" />';
- echo '</form>';
-
- $done = true;
- break;
- }
- }
-
- if ( !$done )
- {
-
- // Start output
- echo '<div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th>Name</th>
- <th>Date published</th>
- <th colspan="3">Actions</th>
- </tr>';
-
- $row_class = 'row2';
-
- // List existing news entries
- $q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace="NewsBoy" AND urlname!="Announce" ORDER BY name ASC;');
-
- if ( !$q )
- $db->_die();
-
- if ( $row = $db->fetchrow($q) )
- {
- do {
- $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
- $ts = intval($row['urlname']);
- $date = date('F d, Y h:i a', $ts);
- $edit_url = makeUrlNS('Special', 'Administration', "module={$paths->cpage['module']}&act=edit&id={$row['urlname']}", true);
- $dele_url = makeUrlNS('Special', 'Administration', "module={$paths->cpage['module']}&act=del&id={$row['urlname']}", true);
- $page_url = makeUrlNS('NewsBoy', $row['urlname']);
- echo "<tr>
- <td class='$row_class' style='width: 50%;'>
- {$row['name']}
- </td>
- <td class='$row_class' style='width: 40%;'>
- $date
- </td>
- <td class='$row_class'>
- <a href='$edit_url'>Settings</a>
- </td>
- <td class='$row_class'>
- <a href='$page_url' onclick='window.open(this.href); return false;'>Page</a>
- </td>
- <td class='$row_class'>
- <a href='$dele_url'>Delete</a>
- </td>
- </tr>";
- } while ( $row = $db->fetchrow($q) );
- }
- else
- {
- echo '<tr><td class="row3" colspan="5" style="text-align: center;">No news items yet.</td></tr>';
- }
- echo '<tr><th class="subhead" colspan="5"><a href="' . makeUrlNS('Special', 'Administration', "module={$paths->cpage['module']}&act=create", true) . '" style="color: inherit;">Create new entry</a></th></tr>
- </table></div>';
- $db->free_result();
-
- }
-
-}
-
-function page_Admin_NewsboyConfiguration()
-{
- global $db, $session, $paths, $template, $plugins; if($session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN) { redirect(makeUrlNS('Special', 'Administration', 'noheaders', true), '', '', 0); die('Hacking attempt'); }
- if ( isset($_POST['submit']) )
- {
- setConfig('nb_portal_title', $_POST['portal_name']);
- if ( isPage($_POST['announce_page']) )
- setConfig('nb_announce_page', $_POST['announce_page']);
- else
- setConfig('nb_announce_page', '');
- // Submit
- echo '<div class="info-box">Your changes have been saved.</div>';
- }
- echo '<form name="main" action="'.htmlspecialchars(makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module'])).'" method="post">';
- echo '<div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th colspan="2">
- Newsboy portal: General configuration
- </th>
- </tr>
- <tr>
- <td class="row2">
- Portal title:<br />
- <small>This is the text that will be shown as the page title on the<br />
- portal. If you don\'t enter anything here, a default will be used.</small>
- </td>
- <td class="row1"><input type="text" size="30" name="portal_name" value="' . htmlspecialchars(getConfig('nb_portal_title')) . '"></td>
- </tr>
- <tr>
- <td class="row2">
- Page to embed as announcement:<br />
- <small>The page you enter here will always be shown at the top of the<br />
- portal. The default is "' . $paths->nslist['NewsBoy'] . 'Announce".</small>
- </td>
- <td class="row1">
- ' . $template->pagename_field('announce_page', htmlspecialchars(getConfig('nb_announce_page'))) . '
- </td>
- </tr>
- <tr>
- <th class="subhead" colspan="2">
- <input type="submit" name="submit" value="Save changes" />
- </th>
- </tr>
- </table>
- </div>';
- echo '</form>';
-}
-
-/**
- * Trims a wad of text to the specified length.
- * @todo make HTML friendly (don't break tags)
- * @param string The text to trim
- * @param int The maximum length to trim the text to.
- * @param bool Reference. Set to true if the text was trimmed, otherwise set to false.
- */
-
-function nb_trim_paragraph($text, $len = 500, &$trimmed = false)
-{
- $trimmed = false;
- if ( strlen($text) <= $len )
- return $text;
- $trimmed = true;
- $text = substr($text, 0, $len);
- for ( $i = $len; $i > 0; $i-- )
- {
- $chr = $text{$i-1};
- if ( preg_match('/[\s]/', $chr) )
- {
- $text = substr($text, 0, $i - 1);
- $text .= '...';
- return $text;
- }
- $text = substr($text, 0, $i);
- }
- return $text;
-}
-
-?>
--- a/plugins/WhosOnline.php Wed Jun 13 16:59:00 2007 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,145 +0,0 @@
-<?php
-/*
-Plugin Name: Who's Online
-Plugin URI: javascript: // No URL yet, stay tuned!
-Description: This plugin tracks who is currently online. 3 queries per page request. This plugin works ONLY with MySQL and will likely be difficult to port because it uses unique indices and the REPLACE command.
-Author: Dan Fuhry
-Version: 0.1
-Author URI: http://www.enanocms.org/
-*/
-
-/*
- * Who's Online plugin for Enano
- * Version 0.1
- * Copyright (C) 2007 Dan Fuhry
- *
- * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
- * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
- */
-
-global $whos_online;
-$whos_online = Array('not_yet_initialized');
-
-// First things first - create the table if needed
-$ver = getConfig('whos_online_version');
-if($ver != '0.1')
-{
- if(!
- $db->sql_query('DROP TABLE IF EXISTS '.table_prefix.'online;')
- ) $db->_die('Could not clean out old who\'s-online table');
- // The key on username allows the REPLACE command later, to save queries
- if(!$db->sql_query('CREATE TABLE '.table_prefix.'online(
- entry_id int(12) UNSIGNED NOT NULL auto_increment,
- user_id int(12) NOT NULL,
- username varchar(63) NOT NULL,
- last_load int(12) NOT NULL,
- PRIMARY KEY ( entry_id ),
- KEY ( username )
- );')
- ) $db->_die('Could not create new who\'s-online table');
- if(!$db->sql_query('CREATE UNIQUE INDEX '.table_prefix.'onluser ON '.table_prefix.'online(username);'))
- $db->_die('Could not create index on username column.');
- setConfig('whos_online_version', '0.1');
-}
-
-$plugins->attachHook('session_started', '__WhosOnline_UserCount();');
-$plugins->attachHook('login_success', '__WhosOnline_logonhandler();');
-$plugins->attachHook('logout_success', '__WhosOnline_logoffhandler($ou, $oid, $level);');
-
-function __WhosOnline_UserCount()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
- global $whos_online;
- $whos_online = Array();
- $whos_online['users'] = Array();
- $whos_online['guests'] = Array();
- $q = $db->sql_query('REPLACE INTO '.table_prefix.'online SET user_id='.$session->user_id.',username=\''.$db->escape($session->username).'\',last_load='.time().';'); if(!$q) $db->_die('');
- $q = $db->sql_query('DELETE FROM '.table_prefix.'online WHERE last_load<'.( time() - 60*60*24 ).';'); if(!$q) $db->_die('');
- $q = $db->sql_query('SELECT o.username,o.user_id,u.user_level FROM '.table_prefix.'online AS o
- LEFT JOIN '.table_prefix.'users AS u
- ON u.user_id=o.user_id
- WHERE last_load>'.( time() - 60*5 - 1 ).' ORDER BY username ASC'); if(!$q) $db->_die('');
- $num_guests = 0;
- $num_users = 0;
- $users = Array();
- while ( $row = $db->fetchrow() )
- {
- ( $row['user_id'] == 1 ) ? $num_guests++ : $num_users++;
- if($row['user_id'] > 1)
- {
- switch($row['user_level'])
- {
- case USER_LEVEL_MEMBER:
- default:
- $color = '303030';
- $weight = 'normal';
- break;
- case USER_LEVEL_MOD:
- $color = '00AA00';
- $weight = 'bold';
- break;
- case USER_LEVEL_ADMIN:
- $color = 'AA0000';
- $weight = 'bold';
- break;
- }
- $users[] = "<a href='".makeUrlNS('User', str_replace(' ', '_', $row['username']))."' style='color: #$color; font-weight: $weight'>{$row['username']}</a>";
- $whos_online['users'][] = $row['username'];
- }
- else
- {
- $whos_online['guests'][] = $row['username'];
- }
- }
- $total = $num_guests + $num_users;
- $ms = ( $num_users == 1 ) ? '' : 's';
- $gs = ( $num_guests == 1 ) ? '' : 's';
- $ts = ( $total == 1 ) ? '' : 's';
- $is_are = ( $total == 1 ) ? 'is' : 'are';
- $users = implode(', ', $users);
- $online_main = ( $num_users > 0 ) ? "<br />
- Users online right now:
- <div style='max-height: 100px; clip: rect(0px,auto,auto,0px); overflow: auto;'>
- $users
- </div>
- Legend:<br /><span style='color: #00AA00; font-weight: bold;'>Moderators</span> :: <span style='color: #AA0000; font-weight: bold;'>Administrators</span>"
- : '';
- $html = "<div style='padding: 5px;'>
- <small>
- There $is_are <b>$total</b> user$ts online :: <b>$num_guests</b> guest$gs and <b>$num_users</b> member$ms
- $online_main
- </small>
- </div>";
- $template->sidebar_widget('Who\'s Online', $html);
-}
-
-function __WhosOnline_logonhandler()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
- $q = $db->sql_query('DELETE FROM '.table_prefix.'online WHERE user_id=1 AND username=\''.$db->escape($_SERVER['REMOTE_ADDR']).'\';');
- if(!$q)
- echo $db->get_error();
- if(!$session->theme)
- $session->register_guest_session();
- $template->load_theme($session->theme, $session->style);
- __WhosOnline_UserCount();
-}
-
-function __WhosOnline_logoffhandler($username, $user_id, $level)
-{
- if($level <= USER_LEVEL_MEMBER)
- {
- global $db, $session, $paths, $template, $plugins; // Common objects
- $q = $db->sql_query('DELETE FROM '.table_prefix.'online WHERE user_id=\''.intval($user_id).'\' AND username=\''.$db->escape($username).'\';');
- if(!$q)
- echo $db->get_error();
- $q = $db->sql_query('REPLACE INTO '.table_prefix.'online SET user_id=1,username=\''.$db->escape($_SERVER['REMOTE_ADDR']).'\',last_load='.time().';'); if(!$q) $db->_die('');
- if(!$q)
- echo $db->get_error();
- }
-}
-
-?>
--- a/plugins/ajim.php Wed Jun 13 16:59:00 2007 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,107 +0,0 @@
-<?php
-/*
-Plugin Name: AjIM Enano Module
-Plugin URI: http://enanocms.org/AjIM
-Description: AjIM is an AJAX-based chatroom system which was designed to be integrated with other web apps like Enano and phpBB. It's very simple to write bindings for AjIM and it doesn't use that much code which makes it pretty fast.
-Author: Dan Fuhry
-Version: 1.0
-Author URI: http://enanocms.org/
-*/
-
-if(!defined('_AJIM_INCLUDED'))
-{
- define('_AJIM_INCLUDED', '');
-
- // Change this line to wherever your AjIM installation is
-
- if(defined('scriptPath'))
- define('ajimClientPath', scriptPath.'/ajim');
-
- if(!defined('ENANO_ROOT'))
- define('ENANO_ROOT', dirname(dirname(__FILE__)));
- define('ajimServerPath', ENANO_ROOT.'/ajim');
- global $db, $session, $paths, $template, $plugins; // Common objects
- $__ajim_config = Array(
- 'sb_color_background'=>'#FFF',
- 'sb_color_foreground'=>'#000',
- );
- if(defined('ENANO_INSTALLED') || defined('MIDGET_INSTALLED'))
- {
- if(!isset($_GET['admin']))
- {
- $plugins->attachHook('compile_template', 'AjIM_SideBar();');
- $plugins->attachHook('acl_rule_init', 'global $session; $session->register_acl_type(\'ajim_post\', AUTH_ALLOW, \'Submit AjIM posts\');');
- include(ajimServerPath . '/ajim.php');
-
- function AjIM_SideBar()
- {
- global $db, $session, $paths, $template, $plugins; // Common objects
- global $__ajim_config;
- $paths->addAdminNode('Plugin configuration', 'AjIM configuration', 'AjIM_Config');
- $dir = getcwd();
- chdir(ENANO_ROOT);
- include('config.php');
- chdir($dir);
- unset($dir);
- if($session->user_level >= USER_LEVEL_ADMIN)
- {
- $r = $db->sql_query('SELECT password FROM '.table_prefix.'users WHERE username=\''.$session->username.'\'');
- $p = $db->fetchrow_num($r);
- $admin = $p[0];
- }
- else
- {
- $admin = false;
- }
- $__ajim_config['db_connection_handle'] = $db->_conn;
- if(!$session->user_logged_in)
- {
- $__ajim_config['cant_post_notice'] = 'The administrator requires that you <a href="'.makeUrlNS('Special', 'Login/'.$paths->page, null, true).'">log in</a> to post messages.';
- }
- else
- {
- $__ajim_config['cant_post_notice'] = 'The administrator has disallowed message posting for your user account.';
- }
- $canpost = ( $session->get_permissions('ajim_post') ) ? true : false;
- $ajim = new ajim($__ajim_config, table_prefix, scriptPath.'/plugins/ajim.php', $admin, false, $canpost, array('RenderMan', 'render'));
- $template->sidebar_widget('Shoutbox', $ajim->html(ajimClientPath));
- $template->additional_headers .= '<link rel="stylesheet" type="text/css" href="'.ajimClientPath.'/ajim.php?css&id='.$ajim->id.'&pfx='.table_prefix.'&path='.scriptPath.'/plugins/ajim.php" />';
- }
- }
- } elseif(isset($_GET['ajimmode'])) {
- global $db, $session, $paths, $template, $plugins, $dbhost, $dbname, $dbuser, $dbpasswd;
- require_once('../includes/common.php');
- require_once(ajimServerPath . '/ajim.php');
- header('HTTP/1.1 200 OK');
- define('ajimClientPath', scriptPath.'/ajim');
- if($session->user_level >= 2) {
- $admin = $session->grab_password_hash();
- } else $admin = false;
- require('../config.php');
- $canpost = (getConfig('ajim_require_login') != '1' || $session->user_logged_in) ? true : false;
- $__ajim_config['db_connection_handle'] = $db->_conn;
- $__ajim_config['cant_post_notice'] = 'The administrator requires that you <a href="'.makeUrlNS('Special', 'Login/'.$paths->page, null, true).'">log in</a> to post messages.';
- $__ajim_config['allow_looping'] = true;
- $ajim = new ajim($__ajim_config, table_prefix, scriptPath.'/plugins/ajim.php', $admin, $_GET['id'], $canpost, array('RenderMan', 'render'));
- $db->close();
- exit;
- }
-
- function page_Admin_AjIM_Config()
- {
- global $db, $session, $paths, $template, $plugins; // Common objects
- if(isset($_POST['_save']))
- {
- setConfig('ajim_require_login', ( isset($_POST['ajim_require_login']) ) ? '1' : '0');
- }
- echo '<form name="main" action="'.makeUrl($paths->nslist['Special'].'Administration?module='.$paths->cpage['module']).'" method="post">';
- ?>
- <h3>Configure AjIM, the Asynchronous Javascript Instant Messenger</h3>
- <p>Only one option right now...</p>
- <p><label><input type="checkbox" name="ajim_require_login" <?php if(getConfig('ajim_require_login')=='1') echo 'checked="checked" '; ?>/>Only logged-in users can post</label></p>
- <p><input type="submit" name="_save" value="Save changes" />
- <?php
- echo '</form>';
- }
-}
-?>
--- a/plugins/ajim/ajim.php Wed Jun 13 16:59:00 2007 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,825 +0,0 @@
-<?php
-
-/**
- * AjIM - the Asynchronous Javascript Instant Messenger
- * A shoutbox/chatbox framework that uses PHP, AJAX, MySQL, and Javascript
- * Version: 1.0 RC 1
- * Copyright (C) 2006-2007 Dan Fuhry
- *
- * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
- * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
- */
-
-error_reporting(E_ALL);
-class ajim {
- var $table_prefix, $conn, $id, $admin, $iface, $prune, $formatfunc, $config, $bad_words;
- /**
- * Die and be friendly about it.
- * @param string $text - should be the text to show to the user, include mysql_error() value if applicable
- */
- function kill($text) {
- die('AjIM: Database error<br />'.$text);
- }
- /**
- * Make a SQL query. This function contains some error correction that performs automatic database upgrades if needed.
- * @param string $q - The query text to send to MySQL.
- * @return resource - or, kills the connection and bails out if the query failed
- */
- function sql($q) {
- $r = mysql_query($q, $this->conn);
- if(!$r)
- {
- if(strstr(mysql_error(), 'Unknown column \'time_id\''))
- {
- $this->sql('ALTER TABLE '.$this->table_prefix.'ajim ADD COLUMN time_id int(11) NOT NULL DEFAULT 0;');
- $r = mysql_query($q, $this->conn);
- }
- elseif(strstr(mysql_error(), 'Unknown column \'sid\''))
- {
- $this->sql('ALTER TABLE '.$this->table_prefix.'ajim ADD COLUMN sid varchar(40) NOT NULL DEFAULT \'\';');
- $r = mysql_query($q, $this->conn);
- }
- elseif(strstr(mysql_error(), 'Unknown column \'ip_addr\''))
- {
- $this->sql('ALTER TABLE '.$this->table_prefix.'ajim ADD COLUMN ip_addr varchar(15) NOT NULL DEFAULT \'\';');
- $r = mysql_query($q, $this->conn);
- }
- $this->kill('Error during query:<br /><pre>'.htmlspecialchars($q).'</pre><br />MySQL said: '.mysql_error().'<br /><br />Depending on the error, AjIM may be able to automatically repair it. Just hang tight for about ten seconds. Whatever you do, don\'t close this browser window!');
- }
- return $r;
- }
- /**
- * Get the user's SID (unique ID used for editing authorization) or generate a new one.
- * @return string
- */
- function get_sid()
- {
- // Tag the user with a unique ID that can be used to edit posts
- // This is used to essentially track users, but only for the purpose of letting them edit posts
- if(!isset($_COOKIE['ajim_sid']))
- {
- $hash = sha1(microtime());
- setcookie('ajim_sid', $hash, time()+60*60*24*365); // Cookies last for one year
- }
- else
- $hash = $_COOKIE['ajim_sid'];
-
- return $hash;
- }
- /**
- * Set the default value for a configuration field.
- * @param string $key - name of the configuration key
- * @param string $value - the default value
- * @param array $confarray - needs to be the array passed as the first param on the constructor
- */
- function config_default($key, $value, &$confarray)
- {
- if(!isset($confarray[$key]))
- $confarray[$key] = $value;
- }
- /**
- * Set up some basic vars and a database connection
- * @param array $config - a configuration array, with either the key db_connection_handle (a valid MySQL connection resource) or the keys dbhost, dbname, dbuser, and dbpass
- * @param string $table_prefix - the text prepended to the "ajim" table, should match ^([A-z0-9_]+)$
- * @param string $handler - URL to the backend script, for example in Enano this would be the plugin file plugins/ajim.php
- * @param string $admin - string containing the MD5 hash of the user's password, IF AND ONLY IF the user should be allowed to use the moderation function. In all other cases this should be false.
- * @param string $id - used to carry over the randomly generated instance ID between requests. Should be false if the class is being initialized for displaying the inital HTML, in all other cases should be the value of the class variable AjIM::$id
- * @param bool $can_post - true if the user is allowed to post, false otherwise. Defaults to true.
- * @param mixed $formatfunc - a string containing the name of a function that can be called to format text before posts are sent to the user. If you need to call a class method, this should be an array with key 0 being the class name and key 1 being the method name.
- */
- function __construct($config, $table_prefix, $handler, $admin = false, $id = false, $can_post = true, $formatfunc = false) {
- // CONFIGURATION
- // $this->prune: a limit on the number of posts in the chat box. Usually this should be set to 40 or 50. Default is 40.
- // Set to -1 to disable pruning.
- $this->prune = -1;
-
- $this->get_sid();
-
- if(!is_array($config))
- $this->kill('$config passed to the AjIM constructor should be an associative array with either the keys dbhost, dbname, dbuser, and dbpass, or the key db_connection_handle.');
- if(isset($config['db_connection_handle']))
- {
- if(!is_resource($config['db_connection_handle'])) $this->kill('$config[\'db_connection_handle\'] is not a valid resource');
- $this->conn = $config['db_connection_handle'];
- if(!$this->conn) $this->kill('Error verifying database connection: '.mysql_error());
- } elseif(isset($config['dbhost']) && isset($config['dbname']) && isset($config['dbuser']) && isset($config['dbpass'])) {
- $this->conn = mysql_connect($config['dbhost'], $config['dbuser'], $config['dbpass']);
- if(!$this->conn) $this->kill('Error connecting to the database: '.mysql_error());
- $this->sql('USE '.$config['dbname']);
- }
-
- $this->bad_words = Array('viagra', 'phentermine', 'pharma', 'rolex', 'genital', 'penis', 'ranitidine', 'prozac', 'acetaminophen', 'acyclovir', 'ionamin', 'denavir', 'nizoral', 'zoloft', 'estradiol', 'didrex', 'aciphex', 'seasonale', 'allegra', 'lexapro', 'famvir', 'propecia', 'nasacort');
- if(isset($config['bad_words']) && is_array($config['bad_words']))
- {
- $this->bad_words = array_values(array_merge($this->bad_words, $config['bad_words']));
- }
-
- // Don't change these values here - change them by passing values to the config array in this constructor's params!
- $this->config_default('sb_color_background', '#FFFFFF', $config);
- $this->config_default('sb_color_foreground', '#000000', $config);
- $this->config_default('sb_color_editlink', '#00C000', $config);
- $this->config_default('sb_color_deletelink', '#FF0000', $config);
- $this->config_default('sb_color_userlink', '#0000FF', $config);
-
- $this->config = $config;
-
- if($id) $this->id = $id;
- else $this->id = 'ajim_'.time();
- $this->admin = $admin;
- $this->formatfunc = $formatfunc;
- $this->can_post = $can_post;
- $this->table_prefix = $table_prefix;
- $this->sql('CREATE TABLE IF NOT EXISTS '.$this->table_prefix.'ajim(
- post_id mediumint(8) NOT NULL auto_increment,
- name text,
- website text,
- post text,
- time_id int(11) NOT NULL DEFAULT 0,
- PRIMARY KEY ( post_id )
- );');
- $this->iface = $handler;
- if(isset($_GET['ajimmode'])) $this->handler();
- }
- /**
- * A dummy function used for PHP4 compatibility.
- * @see AjIM::__construct()
- */
- function ajim($config, $table_prefix, $handler, $admin = false, $id = false, $can_post = true, $formatfunc = false) {
- $this->__construct($config, $table_prefix, $handler, $admin, $id, $can_post, $formatfunc);
- }
- /**
- * Generates the initial HTML UI to be sent to the user, used internally.
- * @access private
- * @param string $ajimPath - path to the AjIM connector (not this file), relative to document root, with initial slash.
- */
- function html($ajimPath) {
-
- $enstr = $this->can_post ? '' : ' disabled="disabled"';
- $html = '';
- $html .= '<script type="text/javascript" src="'.$ajimPath.'/ajim.php?js&id='.$this->id.'&path='.urlencode($this->iface).'&pfx='.$this->table_prefix.'"></script>';
- if($this->admin) {
- $html.= '<script type="text/javascript" src="'.$ajimPath.'/ajim.php?jsadmin&id='.$this->id.'&path='.urlencode($this->iface).'&pfx='.$this->table_prefix.'"></script>';
- }
- $html .= '<div id="'.$this->id.'_master" style="padding: 5%; width: 90%;">
- <div id="'.$this->id.'_c" style="text-align: center; color: '.$this->config['sb_color_foreground'].';
- font-family: arial, sans-serif; font-size: 7pt; background-color: '.$this->config['sb_color_background'].';
- text-align: left; border: 1px solid #000000; border-bottom: none; margin-bottom: 0; padding: 5%; width: 90%;
- height: 200px; clip: rect(0px,auto,200px,0px); overflow: auto;"><noscript><p>You need to have JavaScript support to use this shoutbox.</p></noscript></div>';
- // This is the post form div
- if($this->can_post)
- {
- $html .= '<div style="font-family: arial; font-size: 7pt; margin-top: 0; border: 1px solid #000000; border-top-width: 0; width: 100%;">
- <form action="#" onsubmit="'.$this->id.'_form(); return false;" method="get">
- <table border="0" style="margin: 0; padding: 0; width: 90%;">
- <tr><td><span style="font-family: arial; font-size: 7pt; ">Name:</span></td> <td><input style="font-family: arial; font-size: 7pt; border: 1px solid #000; height: 15px; width: 65px; padding: 1px;" id="'.$this->id.'_name" name="name"'.$enstr.' /></td></tr>
- <tr><td><span style="font-family: arial; font-size: 7pt; ">Website:</span></td><td><input style="font-family: arial; font-size: 7pt; border: 1px solid #000; height: 15px; width: 65px; padding: 1px;" id="'.$this->id.'_website" name="website"'.$enstr.' /></td></tr>
- <tr><td colspan="2"><span style="font-family: arial; font-size: 7pt; ">Message:</span></td></tr>
- <tr><td colspan="2"><textarea'.$enstr.' rows="2" cols="16" style="width: auto; margin: 0 auto;" id="'.$this->id.'_post" name="post" onkeyup="'.$this->id.'_keyhandler();"></textarea></td></tr>
- <tr><td colspan="2" align="center"><input'.$enstr.' type="submit" value="Submit post" /><br />
- <span style="font-family: arial; font-size: 6pt; color: #000000;">AjIM powered</span></td></tr>
- ';
- $html .= '</table>
- </form>';
- if($this->admin) {
- $html .= '<table border="0" style="margin: 0; padding: 0; width: 90%;" align="center"><tr><td colspan="2" align="center"><span id="'.$this->id.'_admin"><a href="#" onclick="'.$this->id.'_prompt(); return false;">Administration</a></span></td></tr></table>';
- }
- $html.='</div></div>';
- } else {
- $html .= '<div style="font-family: arial; font-size: 7pt; margin: 5px; margin-top: 0; border: 1px solid #000000; border-top: none;">';
- if(isset($this->config['cant_post_notice'])) {
- $html .= '<div style="margin: 0; padding: 5px;">'.$this->config['cant_post_notice'].'</div>';
- }
- $html .= '</div></div>';
- }
- $html.='<script type="text/javascript">
- document.getElementById(\''.$this->id.'_c\').innerHTML = unescape(\'%3Cdiv align="center" style="width:95%;"%3EInitializing...%3C\/div%3E\');';
- if($this->can_post) $html .= 'if('.$this->id.'readCookie("ajim_password") && ( typeof "'.$this->id.'_login_bin" == "string" || typeof "'.$this->id.'_login_bin" == "function" )) {
- '.$this->id.'_login_bin('.$this->id.'readCookie("ajim_password"));
- }
- if('.$this->id.'readCookie("ajim_name")) document.getElementById("'.$this->id.'_name").value = '.$this->id.'readCookie("ajim_name");
- if('.$this->id.'readCookie("ajim_website")) document.getElementById("'.$this->id.'_website").value = '.$this->id.'readCookie("ajim_website");';
- $html .= ''.$this->id.'_refresh();
- </script>';
-
- return $html;
- }
- /**
- * Kills the database connection
- */
- function destroy() {
- mysql_close($this->conn);
- }
- /**
- * Strips all traces of HTML, XML, and PHP from text, and prepares it for being inserted into a MySQL database.
- * @access private
- * @param string $text - the text to sanitize
- * @return string
- */
- function sanitize($text) {
- $text = rawurldecode($text);
- $text = preg_replace('#<(.*?)>#is', '<\\1>', $text);
- $text = str_replace("\n", '<br />', $text);
- $text = mysql_real_escape_string($text);
- return $text;
- }
- /**
- * Scrutinizes a string $text for any traces of the word $word, returns true if the text is clean.
- * For example, if $word is "viagra" and the text contains "\/|@6r/\" this returns false, else you would get true.
- * @access private
- * @param string $text - the text to check
- * @param string $word - word to look for.
- * @return bool
- */
- function spamcheck($text, $word)
- {
- // build an array, with each key containing one letter (equiv. to str_split() in PHP 5)
- $chars = Array();
- for($i=0;$i<strlen($word);$i++)
- {
- $chars[] = substr($word, $i, 1);
- }
- // This is our rule list - all the known substitutions for a given letter (e.g. "\/" in place of "V", etc.), needs to be escaped for regex use
- $subs = Array(
- 'a'=>'a|\/\\\\|@',
- 'b'=>'b|\|o',
- 'c'=>'c|\(|',
- 'd'=>'d|o\|',
- 'e'=>'e|3',
- 'f'=>'f',
- 'g'=>'g|6|9',
- 'h'=>'h|\|n',
- 'i'=>'i|\!|1|\|',
- 'j'=>'j|\!|1|\|',
- 'k'=>'k|\|<|\|<',
- 'l'=>'l|\!|1|\|',
- 'm'=>'m|nn|rn',
- 'n'=>'n|h|u\\|\\\\\|',
- 'o'=>'o|\(\)|0|@',
- 'p'=>'p',
- 'q'=>'q',
- 'r'=>'r|\|\^',
- 's'=>'s',
- 't'=>'t|\+',
- 'u'=>'u|n',
- 'v'=>'v|\\\\\/', // "\/"
- 'w'=>'w|vv|\\\\\/\\\\\/', // allows for "\/\/"
- 'x'=>'x|><|><|><|><',
- 'y'=>'y',
- 'z'=>'z|\|\\\\\|' // |\|
- );
- $regex = '#([\s]){0,1}';
- foreach($chars as $c)
- {
- $lc = strtolower($c);
- if(isset($subs[$lc]))
- {
- $regex .= '('.$subs[$lc].')';
- } else {
- die('0 $subs['.$lc.'] is not set');
- $regex .= preg_quote($c);
- }
- $regex .= '(.|)';
- }
- $regex .= '([\s]){0,1}#is';
- //echo($word.': '.$regex.'<br />');
- if(preg_match($regex, $text)) return false;
- return true;
- }
- /**
- * Processes AJAX requests. Usually called if $_GET['ajimmode'] is set.
- * @access private
- */
- function handler() {
- if(isset($_GET['ajimmode'])) {
- switch($_GET['ajimmode']) {
- default:
- die('');
- break;
- case 'getsource':
- case 'getpost':
- if(!preg_match('#^([0-9]+)$#', $_GET['p'])) die('SQL injection attempt');
- $q = $this->sql('SELECT post,sid,ip_addr FROM '.$this->table_prefix.'ajim WHERE post_id='.$_GET['p']);
- $r = mysql_fetch_assoc($q);
- if( ( ( isset($_GET['ajim_auth']) && (!$this->admin || ($this->admin != $_GET['ajim_auth']) ) ) || !isset($_GET['ajim_auth']) ) && ( $this->get_sid() != $r['sid'] || $_SERVER['REMOTE_ADDR'] != $r['ip_addr'] ) ) die('Hacking attempt');
- if($_GET['ajimmode']=='getpost')
- if($this->formatfunc)
- {
- $p = @call_user_func($this->formatfunc, $r['post']);
- if($p) $r['post'] = $p;
- unset($p); // Free some memory
- }
- echo $r['post'];
- break;
- case "savepost":
- if(!preg_match('#^([0-9]+)$#', $_POST['p'])) die('SQL injection attempt');
- $q = $this->sql('SELECT sid,ip_addr FROM '.$this->table_prefix.'ajim WHERE post_id='.$_POST['p']);
- $r = mysql_fetch_assoc($q);
- if( ( ( isset($_POST['ajim_auth']) && (!$this->admin || ($this->admin != $_POST['ajim_auth']) ) ) || !isset($_POST['ajim_auth']) ) && ( $this->get_sid() != $r['sid'] || $_SERVER['REMOTE_ADDR'] != $r['ip_addr'] ) ) die('Hacking attempt');
- $post = $this->sanitize($_POST['post']);
- $post = $this->make_clickable($post);
- $post = preg_replace('#_(.*?)_#is', '<i>\\1</i>', $post);
- $post = preg_replace('#\*(.*?)\*#is', '<b>\\1</b>', $post);
- $bad_words = Array('viagra', 'phentermine', 'pharma');
- foreach($bad_words as $w)
- {
- if(!$this->spamcheck($post, $w)) die('<span style="color: red">The word "'.$w.'" has been detected in your message and as a result your post has been blocked.</span> Don\'t argue, that will only get you banned.');
- }
- if(!$this->can_post) die('Access to posting messages has been denied because the administrator has set that you must be logged into this website in order to post.');
-
- $this->sql('UPDATE '.$this->table_prefix.'ajim SET post=\''.$post.'\' WHERE post_id='.$_POST['p'].';');
-
- if($this->formatfunc)
- {
- $p = @call_user_func($this->formatfunc, $post);
- if($p) $post = $p;
- unset($p); // Free some memory
- }
- die($post);
- break;
- case 'delete':
- if(!preg_match('#^([0-9]+)$#', $_POST['p'])) die('SQL injection attempt');
- $q = $this->sql('SELECT sid,ip_addr FROM '.$this->table_prefix.'ajim WHERE post_id='.$_POST['p']);
- $r = mysql_fetch_assoc($q);
- if( ( ( isset($_POST['ajim_auth']) && (!$this->admin || ($this->admin != $_POST['ajim_auth']) ) ) || !isset($_POST['ajim_auth']) ) && ( $this->get_sid() != $r['sid'] || $_SERVER['REMOTE_ADDR'] != $r['ip_addr'] ) ) die('Hacking attempt');
- $this->sql('DELETE FROM '.$this->table_prefix.'ajim WHERE post_id='.$_POST['p']);
- die('good');
- break;
- case 'post':
- if(!preg_match('#(^|[\n ])([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*)$#is', $_POST['website'])) $_POST['website']='';
- // Now for a clever anti-spam trick: blacklist the words "viagra" and "phentermine" using one wicked regex:
- // #([\s]){1}(v|\\\\\/)(.*){1}(i|\||l|1)(.*){1}(a|@|\/\\\\)(.*){1}(g|6)(.*){1}r(.*){1}(a|@|\/\\\\)(\s){1}#is
- $name = $this->sanitize($_POST['name']);
- $website = $this->sanitize($_POST['website']);
- $post = $this->sanitize($_POST['post']);
- foreach($this->bad_words as $w)
- {
- if(!$this->spamcheck($post, $w)) die('<span style="color: red">The word "'.$w.'" has been detected in your message and as a result your post has been blocked.</span> Don\'t argue, that will only get you banned.');
- }
- $post = $this->make_clickable($post);
- $post = preg_replace('#_(.*?)_#is', '<i>\\1</i>', $post);
- $post = preg_replace('#\*(.*?)\*#is', '<b>\\1</b>', $post);
- if(!$this->can_post) die('Access to posting messages has been denied because the administrator has set that you must be logged into this website in order to post.');
- $this->sql('INSERT INTO '.$this->table_prefix.'ajim ( name, website, post, time_id, sid, ip_addr ) VALUES(\''.$name.'\', \''.$website.'\', \''.$post.'\', '.time().', \''.mysql_real_escape_string($this->get_sid()).'\', \''.mysql_real_escape_string($_SERVER['REMOTE_ADDR']).'\');');
- case 'view':
- // if(isset($_GET['ajim_auth']))
- // die('Auth: '.$_GET['ajim_auth']); // .'<br />Pw: '.$this->admin);
- if(isset($_GET['latest']) && ( isset($this->config['allow_looping']) && $this->config['allow_looping'] == true ))
- {
- // Determine max execution time
- $max_exec = intval(@ini_get('max_execution_time'));
- if(!$max_exec) $max_exec = 30;
- $time_left = $max_exec - 1;
- }
- $q = $this->sql('SELECT name, website, post, post_id, time_id, sid, ip_addr FROM '.$this->table_prefix.'ajim ORDER BY post_id;');
- if(mysql_num_rows($q) < 1) echo '0 <span style="color: #666666">No posts.</span>';
- else {
- // Prune the table
- if($this->prune > 0) {
- $nr = mysql_num_rows($q);
- $nr = $nr - $this->prune;
- if($nr > 0) $this->sql('DELETE FROM '.$this->table_prefix.'ajim LIMIT '.$nr.';');
- }
- // Alright, what we want to do here is grab the entire table, load it into an array, and then display the posts in reverse order.
- for($i = 1; $i<=mysql_num_rows($q); $i++) {
- $t[$i] = mysql_fetch_object($q);
- }
-
- $s = sizeof($t);
-
- if(isset($_GET['latest']) && ( isset($this->config['allow_looping']) && $this->config['allow_looping'] == true ))
- {
- // When I was coding this, I immediately thought "use labels and goto!" Here's hoping, PHP6 :-)
- $latest_from_user = intval($_GET['latest']);
- $latest_from_db = intval($t[$s]->time_id);
- while(true)
- {
- if($latest_from_user == $latest_from_db && $time_left > 5)
- {
- $time_left = $time_left - 5;
- sleep(5);
- mysql_free_result($q);
- $q = $this->sql('SELECT name, website, post, post_id, time_id, sid, ip_addr FROM '.$this->table_prefix.'ajim ORDER BY post_id;');
- $t = Array();
- for($i = 1; $i<=mysql_num_rows($q); $i++) {
- $t[$i] = mysql_fetch_object($q);
- }
- $s = sizeof($t);
- $latest_from_user = intval($_GET['latest']);
- $latest_from_db = intval($t[$s]->time_id);
- //echo (string)$latest_from_db.'<br />';
- //flush();
- //exit;
- if($latest_from_user != $latest_from_db)
- break;
- continue;
- }
- elseif($latest_from_user == $latest_from_db && $time_left < 5)
- {
- die('[E] No new posts');
- }
- break;
- }
- }
-
- echo $t[$s]->time_id . ' ';
-
- // This is my favorite array trick - it baffles everyone who looks at it :-D
- // What it does is the same as for($i=0;$i<sizeof($t);$i++), but it processes the
- // array in reverse order.
-
- for($i = $s; $i > 0; $i--) {
- if($this->formatfunc)
- {
- $p = @call_user_func($this->formatfunc, $t[$i]->post);
- if($p) $t[$i]->post = $p;
- unset($p); // Free some memory
- $good_tags = Array('b', 'i', 'u', 'br');
- $gt = implode('|', $good_tags);
-
- // Override any modifications that may have been made to the HTML
- $t[$i]->post = preg_replace('#<('.$gt.')>([^.]+)</\\1>#is', '<\\1>\\2</\\1>', $t[$i]->post);
- $t[$i]->post = preg_replace('#<('.$gt.')([ ]*?)/>#is', '<\\1 />', $t[$i]->post);
- $t[$i]->post = preg_replace('#<('.$gt.')>#is', '<\\1 />', $t[$i]->post);
- }
- echo '<div style="border-bottom: 1px solid #BBB; width: 98%;"><table border="0" cellspacing="0" cellpadding="0" width="100%"><tr><td><span style="font-weight: bold">';
- if($t[$i]->website != '') echo '<a href="'.$t[$i]->website.'" style="color: #0000FF">'.$t[$i]->name.'</a>';
- else echo ''.$t[$i]->name.'';
- echo '</span> ';
- if( $this->can_post && ($t[$i]->sid == $this->get_sid() && $t[$i]->ip_addr == $_SERVER['REMOTE_ADDR'] ) || ( isset($_GET['ajim_auth']) && $_GET['ajim_auth']==$this->admin ) )
- echo '</td><td style="text-align: right"><a href="#" onclick="void('.$this->id.'_delete_post(\''.$t[$i]->post_id.'\')); return false;" style="color: '.$this->config['sb_color_deletelink'].'">Delete</a> <a href="javascript:void('.$this->id.'_edit_post(\''.$t[$i]->post_id.'\'));" id="'.$this->id.'_editbtn_'.$t[$i]->post_id.'" style="color: '.$this->config['sb_color_editlink'].'">Edit</a>';
- echo '</td></tr></table><span style="color: #CCC; font-style: italic;">Posted on '.date('n/j, g:ia', $t[$i]->time_id).'</span></div>';
- echo '<div style="border-bottom: 1px solid #CCC; width: 98%;" id="'.$this->id.'_post_'.$t[$i]->post_id.'">'.$t[$i]->post.'</div>';
- echo '<br />';
- }
- }
- break;
- case 'auth':
- if($_POST['ajim_auth']==$this->admin) echo 'good';
- else echo 'The password you entered is invalid.';
- break;
- }
- }
- }
-
- /**
- * Replace URLs within a block of text with anchors
- * Written by Nathan Codding, copyright (C) phpBB Group
- * @param string $text - the text to process
- * @return string
- */
- function make_clickable($text)
- {
- $text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text);
- $ret = ' ' . $text;
- $ret = preg_replace('#(^|[\n ])([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*)#is', '\\1<a href="\\2" target="_blank">\\2</a>', $ret);
- $ret = preg_replace("#(^|[\ n ])((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*)#is", '\\1<a href="http://\\2" target="_blank">\\2</a>', $ret);
- $ret = preg_replace("#(^|[\n ])([a-z0-9&\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", '\\1<a href="mailto:\\2@\\3">\\2@\\3</a>', $ret);
- $ret = substr($ret, 1);
- return($ret);
- }
-}
-
-// The client-side javascript and CSS code
-
-if(isset($_GET['js']) && isset($_GET['id']) && isset($_GET['path']) && isset($_GET['pfx'])) {
- header('Content-type: text/javascript');
- ?>
- // <script>
- var <?php echo $_GET['id']; ?>id='<?php echo $_GET['id']; ?>';
- var path='<?php echo $_GET['path']; ?>';
- var pfx='<?php echo $_GET['pfx']; ?>';
- var authed = false; // Don't even try to hack this var; it contains the MD5 of the password that *you* enter, setting it to true will just botch up all the requests
- // authed is always set to false unless your password has been verified by the server, and it is sent to the server with every request.
- var shift;
- var <?php echo $_GET['id']; ?>editlist = new Array();
- var <?php echo $_GET['id']; ?>_latestpost = 0;
- var <?php echo $_GET['id']; ?>_allowrequest = true;
-
- var <?php echo $_GET['id']; ?>_refcount = 0;
- var <?php echo $_GET['id']; ?>_refcount_current = 0;
-
- var <?php echo $_GET['id']; ?>interval = setInterval('<?php echo $_GET['id']; ?>_refresh();', 5000);
- var ajim_editlevels = 0;
-
- // Add the AjIM stylesheet to the HTML header
- var link = document.createElement('link');
- link.href = path+'?title=null&css&id='+<?php echo $_GET['id']; ?>id+'&path='+path+'&pfx='+pfx+'&ajimmode=';
- link.rel = 'stylesheet';
- link.type = 'text/css';
- var head = document.getElementsByTagName('head');
- head = head[0];
- head.appendChild(link);
-
- if(typeof window.onload == 'function')
- var __ajim_oltemp = window.onload;
- else
- var __ajim_oltemp = function(e) { };
- window.onload = function(e)
- {
- if(document.getElementById('<?php echo $_GET['id']; ?>_post'))
- {
- document.getElementById('<?php echo $_GET['id']; ?>_post').onkeyup = function(e) { <?php echo $_GET['id']; ?>_keyhandler(e); };
- }
- __ajim_oltemp(e);
- }
-
- function <?php echo $_GET['id']; ?>readCookie(name) {var nameEQ = name + "=";var ca = document.cookie.split(';');for(var i=0;i < ca.length;i++){var c = ca[i];while (c.charAt(0)==' ') c = c.substring(1,c.length);if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length);}return null;}
- function <?php echo $_GET['id']; ?>setCookie(name,value,days){if (days){var date = new Date();date.setTime(date.getTime()+(days*24*60*60*1000));var expires = "; expires="+date.toGMTString();}else var expires = "";document.cookie = name+"="+value+expires+"; path=/";}
- function <?php echo $_GET['id']; ?>eraseCookie(name) {createCookie(name,"",-1);}
-
- function strpos(haystack, needle)
- {
- if(typeof(haystack) != 'string') return false;
- if(typeof(needle) != 'string') return false;
- len = needle.length;
- for(i=0;i<haystack.length;i++)
- {
- if ( haystack.substr(i, len) == needle )
- return i;
- }
- return 0;
- }
-
- function <?php echo $_GET['id']; ?>_newReq(what2call) {
- if (window.XMLHttpRequest) {
- request = new XMLHttpRequest();
- } else {
- if (window.ActiveXObject) {
- request = new ActiveXObject("Microsoft.XMLHTTP");
- } else {
- alert('Your browser does not support AJAX. Get Firefox 2.0!');
- return false;
- }
- }
- request.onreadystatechange = what2call;
- return request;
- }
-
- function <?php echo $_GET['id']; ?>_refresh(force) {
- <?php echo $_GET['id']; ?>_refcount++;
- <?php echo $_GET['id']; ?>_refcount_current = <?php echo $_GET['id']; ?>_refcount;
- if(!<?php echo $_GET['id']; ?>_allowrequest && !force)
- return false;
- <?php echo $_GET['id']; ?>_allowrequest = false;
- var r = <?php echo $_GET['id']; ?>_newReq(function() {
- if(r.readyState == 4)
- {
- // Prevent an old request from taking over a more recent one
- if(<?php echo $_GET['id']; ?>_refcount > <?php echo $_GET['id']; ?>_refcount_current)
- return;
- if(r.responseText != '[E] No new posts')
- {
- time = r.responseText.substr(0, strpos(r.responseText, ' '));
- <?php echo $_GET['id']; ?>_latestpost = parseInt(time);
- text = r.responseText.substr(strpos(r.responseText, ' ')+1, r.responseText.length);
- document.getElementById('<?php echo $_GET['id']; ?>_c').innerHTML = text;
- }
- <?php echo $_GET['id']; ?>_allowrequest = true;
- }
- });
- if(force)
- latest = '';
- else
- latest = '&latest='+<?php echo $_GET['id']; ?>_latestpost;
- if(authed) r.open('GET', path+'?title=null&ajimmode=view&id='+<?php echo $_GET['id']; ?>id+'&pfx='+pfx+latest+'&ajim_auth='+authed, true);
- else r.open('GET', path+'?title=null&ajimmode=view&id='+<?php echo $_GET['id']; ?>id+'&pfx='+pfx+latest, true);
- r.send(null);
- }
-
- function <?php echo $_GET['id']; ?>_submit(name, website, post) {
- var r = <?php echo $_GET['id']; ?>_newReq(function() {
- if(r.readyState == 4)
- {
- if(r.responseText != '[E] No new posts')
- {
- if(parseInt(r.responseText.substr(0,1)) != 0)
- {
- time = r.responseText.substr(0, strpos(r.responseText, ' '));
- <?php echo $_GET['id']; ?>_latestpost = parseInt(time);
- text = r.responseText.substr(strpos(r.responseText, ' ')+1, r.responseText.length);
- }
- else
- {
- text = r.responseText;
- }
- document.getElementById('<?php echo $_GET['id']; ?>_c').innerHTML = text;
- }
- }
- })
- if(authed) var parms = 'name='+name+'&website='+website+'&post='+post+'&ajim_auth='+authed;
- else var parms = 'name='+name+'&website='+website+'&post='+post;
- r.open('POST', path+'?title=null&ajimmode=post&id='+<?php echo $_GET['id']; ?>id+'', true);
- r.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
- r.setRequestHeader("Content-length", parms.length);
- r.setRequestHeader("Connection", "close");
- r.send(parms);
- }
-
- function <?php echo $_GET['id']; ?>_form() {
- var name = document.getElementById(<?php echo $_GET['id']; ?>id+'_name').value;
- var website = document.getElementById(<?php echo $_GET['id']; ?>id+'_website').value;
- var post = document.getElementById(<?php echo $_GET['id']; ?>id+'_post').value;
- if(name.length < 1) { alert('Please enter your name.'); return; }
- if(post.length < 1) { alert('Please enter a post.'); return; }
- <?php echo $_GET['id']; ?>setCookie('ajim_name', name, 60*60*24*365*10);
- <?php echo $_GET['id']; ?>setCookie('ajim_website', website, 60*60*24*365*10);
- <?php echo $_GET['id']; ?>_submit(name, website, post);
- document.getElementById(<?php echo $_GET['id']; ?>id+'_post').value = '';
- }
-
-
- function <?php echo $_GET['id']; ?>_keyhandler(e)
- {
- if(!e) e = window.event;
- if(e.keyCode == 13)
- {
- val = document.getElementById(<?php echo $_GET['id']; ?>id+'_post').value;
- if(!shift)
- {
- document.getElementById(<?php echo $_GET['id']; ?>id+'_post').value = val.substr(0, val.length - 1);
- <?php echo $_GET['id']; ?>_form();
- }
- }
- }
-
- function <?php echo $_GET['id']; ?>keysensor(event)
- {
- if (event.shiftKey==1)
- {
- shift = true;
- }
- else
- {
- shift = false;
- }
- }
-
- if(window.onkeydown)
- {
- var kttemp = window.onkeydown;
- window.onkeydown = function(e) { kttemp(e); <?php echo $_GET['id']; ?>keysensor(e); }
- } else {
- window.onkeydown = function(e) { <?php echo $_GET['id']; ?>keysensor(e); }
- }
-
- if(window.onkeyup)
- {
- var kttemp = window.onkeyup;
- window.onkeyup = function(e) { kttemp(e); <?php echo $_GET['id']; ?>keysensor(e); }
- } else {
- window.onkeyup = function(e) { <?php echo $_GET['id']; ?>keysensor(e); }
- }
-
- function <?php echo $_GET['id']; ?>_edit_post(pid)
- {
- if(<?php echo $_GET['id']; ?>editlist[pid])
- {
- var r = <?php echo $_GET['id']; ?>_newReq(function() {
- if(r.readyState == 4) {
- document.getElementById('<?php echo $_GET['id']; ?>_post_'+pid).innerHTML = r.responseText;
- document.getElementById('<?php echo $_GET['id']; ?>_editbtn_'+pid).innerHTML = 'Edit';
- ajim_editlevels--;
- <?php echo $_GET['id']; ?>editlist[pid] = false;
- if(ajim_editlevels < 1)
- {
- <?php echo $_GET['id']; ?>interval = setInterval('<?php echo $_GET['id']; ?>_refresh();', 5000);
- }
- }
- });
- if(authed) r.open('GET', path+'?title=null&ajimmode=getpost&id='+<?php echo $_GET['id']; ?>id+'&pfx='+pfx+'&p='+pid+'&ajim_auth='+authed, true);
- else r.open('GET', path+'?title=null&ajimmode=getpost&id='+<?php echo $_GET['id']; ?>id+'&pfx='+pfx+'&p='+pid, true);
- r.send(null);
- } else {
- clearInterval(<?php echo $_GET['id']; ?>interval);
- var r = <?php echo $_GET['id']; ?>_newReq(function() {
- if(r.readyState == 4) {
- document.getElementById('<?php echo $_GET['id']; ?>_post_'+pid).innerHTML = '<textarea rows="4" cols="17" id="<?php echo $_GET['id']; ?>_editor_'+pid+'">'+r.responseText+'</textarea><br /><a href="#" onclick="<?php echo $_GET['id']; ?>_save_post(\''+pid+'\'); return false;" style="font-size: 7pt; color: #00C000;">save</a>';
- document.getElementById('<?php echo $_GET['id']; ?>_editbtn_'+pid).innerHTML = 'Cancel';
- ajim_editlevels++;
- <?php echo $_GET['id']; ?>editlist[pid] = true;
- }
- });
- if(authed) r.open('GET', path+'?title=null&ajimmode=getsource&id='+<?php echo $_GET['id']; ?>id+'&pfx='+pfx+'&p='+pid+'&ajim_auth='+authed, true);
- else r.open('GET', path+'?title=null&ajimmode=getsource&id='+<?php echo $_GET['id']; ?>id+'&pfx='+pfx+'&p='+pid, true);
- r.send(null);
- }
- }
-
- var ajim_global_pid;
- function <?php echo $_GET['id']; ?>_save_post(pid) {
- ajim_global_pid = pid;
- if(!document.getElementById('<?php echo $_GET['id']; ?>_editor_'+pid))
- {
- alert('AjIM internal error: bad post ID '+pid+': editor is not open');
- return false;
- }
- var r = <?php echo $_GET['id']; ?>_newReq(function() {
- if(r.readyState == 4)
- {
- ajim_editlevels--;
- <?php echo $_GET['id']; ?>editlist[pid] = false;
- document.getElementById('<?php echo $_GET['id']; ?>_editbtn_'+ajim_global_pid).innerHTML = 'Edit';
- document.getElementById('<?php echo $_GET['id']; ?>_post_'+ajim_global_pid).innerHTML = r.responseText;
- if(ajim_editlevels < 1)
- {
- <?php echo $_GET['id']; ?>_refresh(true);
- <?php echo $_GET['id']; ?>interval = setInterval('<?php echo $_GET['id']; ?>_refresh();', 5000);
- }
- }
- });
- var parms = 'post='+escape(document.getElementById('<?php echo $_GET['id']; ?>_editor_'+pid).value.replace('+', '%2B'))+'&ajim_auth='+authed+'&p='+pid;
- r.open('POST', path+'?title=null&ajimmode=savepost&id='+<?php echo $_GET['id']; ?>id+'', true);
- r.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
- r.setRequestHeader("Content-length", parms.length);
- r.setRequestHeader("Connection", "close");
- r.send(parms);
- return null;
- }
-
- function <?php echo $_GET['id']; ?>_delete_post(pid) {
- //document.getElementById(<?php echo $_GET['id']; ?>id+'_admin').innerHTML = '<span style="font-family: arial; font-size: 7pt; ">Loading...</span>';
- var r = <?php echo $_GET['id']; ?>_newReq(function() {
- if(r.readyState == 4)
- if(r.responseText=="good") {
- <?php echo $_GET['id']; ?>_refresh(true);
- } else alert(r.responseText);
- });
- var parms = 'ajim_auth='+authed+'&p='+pid;
- r.open('POST', path+'?title=null&ajimmode=delete&id='+<?php echo $_GET['id']; ?>id+'', true);
- r.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
- r.setRequestHeader("Content-length", parms.length);
- r.setRequestHeader("Connection", "close");
- r.send(parms);
- return null;
- }
-
- <?php
-} elseif(isset($_GET['jsadmin']) && isset($_GET['id']) && isset($_GET['path'])) {
- header('Content-type: text/javascript');
- ?>
-
- var abuffer;
- function <?php echo $_GET['id']; ?>_prompt() {
- abuffer = document.getElementById(<?php echo $_GET['id']; ?>id+'_admin').innerHTML;
- document.getElementById(<?php echo $_GET['id']; ?>id+'_admin').innerHTML = '<form action="javascript:void(0)" onsubmit="'+<?php echo $_GET['id']; ?>id+'_login()" method="get"><span style="font-family: arial; font-size: 7pt; ">Password:</span> <input style="font-family: arial; font-size: 7pt; border: 1px solid #000; height: 15px; width: 65px" id="'+<?php echo $_GET['id']; ?>id+'_passfield" name="pass" type="password" /> <input style="font-family: arial; font-size: 7pt; border: 1px solid #000; height: 15px; width: 65px" type="submit" value="OK" /></form>';
- }
-
- function <?php echo $_GET['id']; ?>_login() {
- pass = document.getElementById(<?php echo $_GET['id']; ?>id+'_passfield').value;
- pass = hex_md5(pass);
- <?php echo $_GET['id']; ?>_login_bin(pass);
- }
- function <?php echo $_GET['id']; ?>_login_bin(pass) {
- document.getElementById(<?php echo $_GET['id']; ?>id+'_admin').innerHTML = '<span style="font-family: arial; font-size: 7pt; ">Loading...</span>';
- var r = <?php echo $_GET['id']; ?>_newReq(function() {
- if(r.readyState == 4)
- {
- if(r.responseText=="good") {
- authed = pass;
- <?php echo $_GET['id']; ?>setCookie('ajim_password', authed, 60*60*24*365*10);
- <?php echo $_GET['id']; ?>_latestpost = 0;
- <?php echo $_GET['id']; ?>_refresh(true);
- document.getElementById(<?php echo $_GET['id']; ?>id+'_admin').innerHTML = '';
- }
- else
- {
- alert(r.responseText);
- document.getElementById(<?php echo $_GET['id']; ?>id+'_admin').innerHTML = '<span style="font-family: arial; font-size: 7pt; color: #ff0000">Invalid password!</span><br />'+abuffer;
- }
- }
- })
- var parms = 'ajim_auth='+pass;
- r.open('POST', path+'?title=null&ajimmode=auth&id='+<?php echo $_GET['id']; ?>id+'', true);
- r.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
- r.setRequestHeader("Content-length", parms.length);
- r.setRequestHeader("Connection", "close");
- r.send(parms);
- }
-
- var hexcase = 0; var b64pad = ""; var chrsz = 8; function hex_md5(s){ return binl2hex(core_md5(str2binl(s), s.length * chrsz));}; function b64_md5(s){ return binl2b64(core_md5(str2binl(s), s.length * chrsz));}; function str_md5(s){ return binl2str(core_md5(str2binl(s), s.length * chrsz));}; function hex_hmac_md5(key, data) { return binl2hex(core_hmac_md5(key, data)); }; function b64_hmac_md5(key, data) { return binl2b64(core_hmac_md5(key, data)); }; function str_hmac_md5(key, data) { return binl2str(core_hmac_md5(key, data)); }; function md5_vm_test() { return hex_md5("abc") == "900150983cd24fb0d6963f7d28e17f72"; }; function core_md5(x, len) { x[len >> 5] |= 0x80 << ((len) % 32); x[(((len + 64) >>> 9) << 4) + 14] = len; var a = 1732584193; var b = -271733879; var c = -1732584194; var d = 271733878; for(var i = 0; i < x.length; i += 16) { var olda = a; var oldb = b; var oldc = c; var oldd = d; a = md5_ff(a, b, c, d, x[i+ 0], 7 , -680876936);d = md5_ff(d, a, b, c, x[i+ 1], 12, -389564586);c = md5_ff(c, d, a, b, x[i+ 2], 17, 606105819);b = md5_ff(b, c, d, a, x[i+ 3], 22, -1044525330);a = md5_ff(a, b, c, d, x[i+ 4], 7 , -176418897);d = md5_ff(d, a, b, c, x[i+ 5], 12, 1200080426);c = md5_ff(c, d, a, b, x[i+ 6], 17, -1473231341);b = md5_ff(b, c, d, a, x[i+ 7], 22, -45705983);a = md5_ff(a, b, c, d, x[i+ 8], 7 , 1770035416);d = md5_ff(d, a, b, c, x[i+ 9], 12, -1958414417);c = md5_ff(c, d, a, b, x[i+10], 17, -42063);b = md5_ff(b, c, d, a, x[i+11], 22, -1990404162);a = md5_ff(a, b, c, d, x[i+12], 7 , 1804603682);d = md5_ff(d, a, b, c, x[i+13], 12, -40341101);c = md5_ff(c, d, a, b, x[i+14], 17, -1502002290);b = md5_ff(b, c, d, a, x[i+15], 22, 1236535329);a = md5_gg(a, b, c, d, x[i+ 1], 5 , -165796510);d = md5_gg(d, a, b, c, x[i+ 6], 9 , -1069501632);c = md5_gg(c, d, a, b, x[i+11], 14, 643717713);b = md5_gg(b, c, d, a, x[i+ 0], 20, -373897302);a = md5_gg(a, b, c, d, x[i+ 5], 5 , -701558691);d = md5_gg(d, a, b, c, x[i+10], 9 , 38016083);c = md5_gg(c, d, a, b, x[i+15], 14, -660478335);b = md5_gg(b, c, d, a, x[i+ 4], 20, -405537848);a = md5_gg(a, b, c, d, x[i+ 9], 5 , 568446438);d = md5_gg(d, a, b, c, x[i+14], 9 , -1019803690);c = md5_gg(c, d, a, b, x[i+ 3], 14, -187363961);b = md5_gg(b, c, d, a, x[i+ 8], 20, 1163531501);a = md5_gg(a, b, c, d, x[i+13], 5 , -1444681467);d = md5_gg(d, a, b, c, x[i+ 2], 9 , -51403784);c = md5_gg(c, d, a, b, x[i+ 7], 14, 1735328473);b = md5_gg(b, c, d, a, x[i+12], 20, -1926607734);a = md5_hh(a, b, c, d, x[i+ 5], 4 , -378558);d = md5_hh(d, a, b, c, x[i+ 8], 11, -2022574463);c = md5_hh(c, d, a, b, x[i+11], 16, 1839030562);b = md5_hh(b, c, d, a, x[i+14], 23, -35309556);a = md5_hh(a, b, c, d, x[i+ 1], 4 , -1530992060);d = md5_hh(d, a, b, c, x[i+ 4], 11, 1272893353);c = md5_hh(c, d, a, b, x[i+ 7], 16, -155497632);b = md5_hh(b, c, d, a, x[i+10], 23, -1094730640);a = md5_hh(a, b, c, d, x[i+13], 4 , 681279174);d = md5_hh(d, a, b, c, x[i+ 0], 11, -358537222);c = md5_hh(c, d, a, b, x[i+ 3], 16, -722521979);b = md5_hh(b, c, d, a, x[i+ 6], 23, 76029189);a = md5_hh(a, b, c, d, x[i+ 9], 4 , -640364487);d = md5_hh(d, a, b, c, x[i+12], 11, -421815835);c = md5_hh(c, d, a, b, x[i+15], 16, 530742520);b = md5_hh(b, c, d, a, x[i+ 2], 23, -995338651);a = md5_ii(a, b, c, d, x[i+ 0], 6 , -198630844);d = md5_ii(d, a, b, c, x[i+ 7], 10, 1126891415);c = md5_ii(c, d, a, b, x[i+14], 15, -1416354905);b = md5_ii(b, c, d, a, x[i+ 5], 21, -57434055);a = md5_ii(a, b, c, d, x[i+12], 6 , 1700485571);d = md5_ii(d, a, b, c, x[i+ 3], 10, -1894986606);c = md5_ii(c, d, a, b, x[i+10], 15, -1051523);b = md5_ii(b, c, d, a, x[i+ 1], 21, -2054922799);a = md5_ii(a, b, c, d, x[i+ 8], 6 , 1873313359);d = md5_ii(d, a, b, c, x[i+15], 10, -30611744);c = md5_ii(c, d, a, b, x[i+ 6], 15, -1560198380);b = md5_ii(b, c, d, a, x[i+13], 21, 1309151649);a = md5_ii(a, b, c, d, x[i+ 4], 6 , -145523070);d = md5_ii(d, a, b, c, x[i+11], 10, -1120210379);c = md5_ii(c, d, a, b, x[i+ 2], 15, 718787259);b = md5_ii(b, c, d, a, x[i+ 9], 21, -343485551); a = safe_add(a, olda); b = safe_add(b, oldb); c = safe_add(c, oldc); d = safe_add(d, oldd); } return Array(a, b, c, d); }; function md5_cmn(q, a, b, x, s, t) { return safe_add(bit_rol(safe_add(safe_add(a, q), safe_add(x, t)), s),b); }; function md5_ff(a, b, c, d, x, s, t) { return md5_cmn((b & c) | ((~b) & d), a, b, x, s, t); }; function md5_gg(a, b, c, d, x, s, t) { return md5_cmn((b & d) | (c & (~d)), a, b, x, s, t); }; function md5_hh(a, b, c, d, x, s, t) { return md5_cmn(b ^ c ^ d, a, b, x, s, t); }; function md5_ii(a, b, c, d, x, s, t) { return md5_cmn(c ^ (b | (~d)), a, b, x, s, t); }; function core_hmac_md5(key, data) { var bkey = str2binl(key); if(bkey.length > 16) bkey = core_md5(bkey, key.length * chrsz); var ipad = Array(16), opad = Array(16); for(var i = 0; i < 16; i++) { ipad[i] = bkey[i] ^ 0x36363636; opad[i] = bkey[i] ^ 0x5C5C5C5C; } var hash = core_md5(ipad.concat(str2binl(data)), 512 + data.length * chrsz); return core_md5(opad.concat(hash), 512 + 128); }; function safe_add(x, y) {var lsw = (x & 0xFFFF) + (y & 0xFFFF);var msw = (x >> 16) + (y >> 16) + (lsw >> 16);return (msw << 16) | (lsw & 0xFFFF); }; function bit_rol(num, cnt) { return (num << cnt) | (num >>> (32 - cnt)); }; function str2binl(str) { var bin = Array(); var mask = (1 << chrsz) - 1; for(var i = 0; i < str.length * chrsz; i += chrsz) bin[i>>5] |= (str.charCodeAt(i / chrsz) & mask) << (i%32); return bin; }; function binl2str(bin) { var str = ""; var mask = (1 << chrsz) - 1; for(var i = 0; i < bin.length * 32; i += chrsz) str += String.fromCharCode((bin[i>>5] >>> (i % 32)) & mask); return str; }; function binl2hex(binarray) { var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef"; var str = ""; for(var i = 0; i < binarray.length * 4; i++) { str += hex_tab.charAt((binarray[i>>2] >> ((i%4)*8+4)) & 0xF) + hex_tab.charAt((binarray[i>>2] >> ((i%4)*8 )) & 0xF); } return str; }; function binl2b64(binarray) { var tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; var str = ""; for(var i = 0; i < binarray.length * 4; i += 3) { var triplet = (((binarray[i >> 2] >> 8 * ( i %4)) & 0xFF) << 16) | (((binarray[i+1 >> 2] >> 8 * ((i+1)%4)) & 0xFF) << 8 ) | ((binarray[i+2 >> 2] >> 8 * ((i+2)%4)) & 0xFF); for(var j = 0; j < 4; j++) { if(i * 8 + j * 6 > binarray.length * 32) str += b64pad; else str += tab.charAt((triplet >> 6*(3-j)) & 0x3F); } } return str; };
-
- <?php
-} elseif(isset($_GET['css']) && isset($_GET['id']) && isset($_GET['path'])) {
- header('Content-type: text/css');
- ?>
- div#<?php echo $_GET['id']; ?>_master {
- margin: 0;
- padding: 0;
- /* background-color: #DDD; */
- }
- div#<?php echo $_GET['id']; ?>_master a {
- display: inline;
- color: #0000FF;
- }
- div#<?php echo $_GET['id']; ?>_master textarea {
- font-family: arial;
- font-size: 7pt;
- border: 1px solid #000;
- padding: 0;
- }
- <?php
-}
-?>