| 1 | <?php | = | 1 | <?php |
| 2 | 2 | |||
| <> | 3 | ################################################################## | ||
| 4 | # Copyright by Siegfried Schlosser, Regine Diepold, Roman Mahr ( www.phpnuke-community.de ) | |||
| 5 | # know as: sigi, Regs, Dogman | |||
| 6 | # Email: admin@phpnuke-community.de | |||
| 7 | # Modified for CP v2.0 at www.phpnuke-community.de | |||
| 8 | # This file is not free! | |||
| 9 | # Do not Remove the Copyright! | |||
| 10 | # mainfile.php CAN NOT be renamed. | |||
| 11 | # mainfile.php CAN NOT be ported. | |||
| 12 | # This package CAN NOT be mirrored. | |||
| 13 | # Support: http://phpnuke-community.de | |||
| 14 | # Only http://phpnuke-style.de is allowed to sell mainfile.php! | |||
| 15 | ################################################################### | |||
| 16 | ## QuickFix 3.7 Begin | |||
| 3 | ob_start("ob_gzhandler"); | 17 | @ini_set("display_errors","0"); | |
| 18 | ## QuickFix 3.7 End | |||
| 19 | ## Admin Secure Begin | |||
| 20 | //function nuke_getRootPath() { | |||
| 21 | //$ret = "./"; | |||
| 22 | //if (eregi('\/modules\/[^\/]+\/[^\/]+\/[^\/]+.php$', $_SERVER['PHP_SELF'])) { $ret = "../../../"; } | |||
| 23 | //else if (eregi('\/modules\/[^\/]+\/[^\/]+.php$', $_SERVER['PHP_SELF'])) { $ret = "../../"; } | |||
| 24 | //else if (eregi('\/modules\/[^\/]+.php$', $_SERVER['PHP_SELF'])) { $ret = "../"; } | |||
| 25 | //return $ret; | |||
| 26 | //} | |||
| 27 | //require_once(nuke_getRootPath().'includes/asfunc.php'); | |||
| 28 | ## Admin Secure End | |||
| 4 | = | 29 | ||
| 5 | /************************************************************************/ | <> | 30 | require_once("config.php"); |
| 6 | /* PHP-NUKE: Advanced Content Management System */ | 31 | require_once("includes/cpfunctions.php"); | |
| 7 | /* ============================================ */ | 32 | require_once("includes/sql_layer.php"); | |
| 8 | /* */ | 33 | ||
| 9 | /* Copyright (c) 2002 by Francisco Burzi (fbc@mandrakesoft.com) */ | 34 | $dbi = sql_connect($dbhost, $dbuname, $dbpass, $dbname); | |
| 10 | /* http://phpnuke.org */ | 35 | $mainfile = 1; | |
| 11 | /* */ | 36 | ||
| 12 | /* This program is free software. You can redistribute it and/or modify */ | 37 | ## QuickFix 2.5 Begin | |
| 13 | /* it under the terms of the GNU General Public License as published by */ | 38 | if (isset($p_msg)){ | |
| 14 | /* the Free Software Foundation; either version 2 of the License. */ | 39 | unset($p_msg); | |
| 15 | /************************************************************************/ | 40 | } | |
| 16 | = | 41 | ||
| 17 | foreach ($HTTP_GET_VARS as $secvalue) { | <> | 42 | if (isset($admin)){ |
| 18 | if (eregi("<[^>]*script*\"?[^>]*>", $secvalue)) { | 43 | $admin = base64_decode($admin); | |
| 44 | $admin = addslashes($admin); | |||
| 45 | $admin = base64_encode($admin); | |||
| 46 | } | |||
| = | 47 | |||
| -+ | 48 | if (isset($user)){ | ||
| 49 | $user = base64_decode($user); | |||
| 50 | $user = addslashes($user); | |||
| 51 | $user = base64_encode($user); | |||
| 52 | } | |||
| 53 | ## QuickFix 2.5 End | |||
| = | 54 | |||
| <> | 55 | ## Adminfuncs | ||
| 56 | ## SpeedUp by DJMaze Begin | |||
| 57 | function is_admin($admin) { | |||
| 58 | global $prefix, $dbi; | |||
| 59 | static $adminSave; | |||
| 60 | if (isset($adminSave)) return ($adminSave); | |||
| 61 | if(!is_array($admin)) { | |||
| 62 | $admin = base64_decode($admin); | |||
| 63 | $admin = explode(":", $admin); | |||
| 64 | } | |||
| 65 | $aid = $admin[0]; | |||
| 66 | $pwd = $admin[1]; | |||
| 67 | if ($aid != "" AND $pwd != "") { | |||
| 68 | $aid = trim($aid); | |||
| 69 | $sql = "SELECT pwd FROM ".$prefix."_authors WHERE aid='$aid'"; | |||
| 70 | $result = sql_query($sql, $dbi); | |||
| 71 | $row = sql_fetch_array($result, $dbi); | |||
| 72 | $pass = $row['pwd']; | |||
| 73 | if ($pass == $pwd && $pass != "") { | |||
| 74 | return $adminSave = 1; | |||
| 75 | } | |||
| 76 | } | |||
| 77 | return $adminSave = 0; | |||
| 78 | } | |||
| 79 | ## SpeedUp by DJMaze End | |||
| 19 | die ("I don't like you..."); | 80 | function adminblock() { | |
| 81 | global $admin, $prefix, $dbi; | |||
| 82 | if (is_admin($admin)) { | |||
| 83 | $result = sql_query("select title, content from ".$prefix."_blocks where bkey='admin'", $dbi); | |||
| 84 | while(list($title, $content) = sql_fetch_array($result, $dbi)) { | |||
| 85 | $content = "<font class=\"content\">$content</font>"; | |||
| 86 | themesidebox($title, $content); | |||
| 87 | } | |||
| 88 | $title = ""._WAITINGCONT.""; | |||
| 89 | $result = sql_query("select * from ".$prefix."_queue", $dbi); | |||
| 90 | $num = sql_num_rows($result, $dbi); | |||
| 91 | $content = "<font class=\"content\">"; | |||
| 92 | $content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=submissions\">"._SUBMISSIONS."</a>: $num<br>"; | |||
| 93 | $result = sql_query("select * from ".$prefix."_reviews_add", $dbi); | |||
| 94 | $num = sql_num_rows($result, $dbi); | |||
| 95 | $content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=reviews\">"._WREVIEWS."</a>: $num<br>"; | |||
| 96 | $result = sql_query("select * from ".$prefix."_links_newlink", $dbi); | |||
| 97 | $num = sql_num_rows($result, $dbi); | |||
| 98 | $content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=Links\">"._WLINKS."</a>: $num<br>"; | |||
| 99 | $result = sql_query("select * from ".$prefix."_downloads_newdownload", $dbi); | |||
| 100 | $num = sql_num_rows($result, $dbi); | |||
| 101 | $content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=downloads\">"._UDOWNLOADS."</a>: $num<br></font>"; | |||
| 102 | if (eregi("admin.php",$_SERVER["SCRIPT_FILENAME"])){ | |||
| 103 | themesideboxadmin($title, $content); | |||
| 104 | } else { | |||
| 105 | themesidebox($title, $content); | |||
| 106 | } | |||
| 20 | } | = | 107 | } |
| 21 | } | 108 | } | |
| -+ | 109 | ## End Adminfunc | ||
| 110 | ## Begin Startfuncs | |||
| 111 | ## NukeHackerTrap Begin | |||
| 112 | require_once("includes/class_sql_inject.php"); | |||
| 113 | ## Dies einsetzten, wenn die php-Version älter als 4.1.x ist | |||
| 114 | //if ($HTTP_SERVER_VARS["QUERY_STRING"] != ""){ | |||
| 115 | ## | |||
| 116 | if ($_SERVER["QUERY_STRING"] != ""){ | |||
| 117 | $sql = new sql_inject("sqlinject.txt",FALSE,"index.php"); | |||
| 118 | $sql->test($_SERVER["QUERY_STRING"]); | |||
| 119 | ## Dies einsetzten, wenn die php-Version älter als 4.1.x ist | |||
| 120 | //$sql->test($HTTP_SERVER_VARS["QUERY_STRING"]); | |||
| 121 | ## | |||
| 122 | } | |||
| 123 | ## NukeHackerTrap End | |||
| 22 | = | 124 | ||
| -+ | 125 | $phpver = phpversion(); | ||
| 126 | if ($phpver >= '4.0.4pl1' && strstr($HTTP_USER_AGENT,'compatible')) { | |||
| 127 | if (extension_loaded('zlib')) { | |||
| 128 | ob_end_clean(); | |||
| 129 | ob_start('ob_gzhandler'); | |||
| 130 | } | |||
| 131 | } else if ($phpver > '4.0') { | |||
| 132 | if (strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip')) { | |||
| 133 | if (extension_loaded('zlib')) { | |||
| 134 | $do_gzip_compress = TRUE; | |||
| 135 | ob_start(); | |||
| 136 | ob_implicit_flush(0); | |||
| 137 | } | |||
| 138 | } | |||
| 139 | } | |||
| = | 140 | |||
| -+ | 141 | $phpver = explode(".", $phpver); | ||
| 142 | $phpver = "$phpver[0]$phpver[1]"; | |||
| 143 | if ($phpver >= 41) { | |||
| 144 | $PHP_SELF = $_SERVER['PHP_SELF']; | |||
| 145 | } | |||
| = | 146 | |||
| 23 | if (eregi("mainfile.php",$PHP_SELF)) { | <> | 147 | if (eregi("mainfile.php", $_SERVER['SCRIPT_NAME'])) { |
| 24 | Header("Location: index.php"); | = | 148 | Header("Location: index.php"); |
| 25 | die(); | 149 | die(); | |
| 26 | } | 150 | } | |
| 27 | 151 | |||
| 28 | require_once("config.php"); | <> | 152 | if (!ini_get("register_globals")) { |
| 29 | require_once("includes/sql_layer.php"); | 153 | import_request_variables('GPC'); | |
| 30 | $dbi = sql_connect($dbhost, $dbuname, $dbpass, $dbname); | |||
| 31 | $mainfile = 1; | 154 | } | |
| 32 | = | 155 | ||
| -+ | 156 | ## SiteCloseDownHack by Mighty_Y Begin | ||
| 33 | if (isset($newlang)) { | = | 157 | if (isset($newlang)) { |
| 34 | if (file_exists("language/lang-$newlang.php")) { | 158 | if (file_exists("language/lang-$newlang.php")) { | |
| 35 | setcookie("lang",$newlang,time()+31536000); | <> | 159 | setcookie("lang",$newlang,time()+31536000); |
| 36 | include("language/lang-$newlang.php"); | 160 | include("language/lang-$newlang.php"); | |
| 37 | $currentlang = $newlang; | 161 | $currentlang = $newlang; | |
| 38 | } else { | = | 162 | } else { |
| 39 | setcookie("lang",$language,time()+31536000); | <> | 163 | setcookie("lang",$language,time()+31536000); |
| 40 | include("language/lang-$language.php"); | 164 | include("language/lang-$language.php"); | |
| 41 | $currentlang = $language; | 165 | $currentlang = $language; | |
| 42 | } | = | 166 | } |
| 43 | } elseif (isset($lang)) { | 167 | } elseif (isset($lang)) { | |
| 44 | include("language/lang-$lang.php"); | 168 | include("language/lang-$lang.php"); | |
| 45 | $currentlang = $lang; | 169 | $currentlang = $lang; | |
| 46 | } else { | 170 | } else { | |
| 47 | setcookie("lang",$language,time()+31536000); | 171 | setcookie("lang",$language,time()+31536000); | |
| 48 | include("language/lang-$language.php"); | 172 | include("language/lang-$language.php"); | |
| 49 | $currentlang = $language; | 173 | $currentlang = $language; | |
| 50 | } | 174 | } | |
| 51 | 175 | |||
| -+ | 176 | $result = sql_query("SELECT disable_site, disable_message, disable_title FROM ".$prefix."_config", $dbi); | ||
| 177 | list($disable, $disablemessage, $disabletitle) = sql_fetch_row($result, $dbi); | |||
| 178 | if ($disablemessage != "" && !is_admin($admin)){ | |||
| 179 | $reason = "<br><br><font color =\"#ff0000\"><b>"._DISABLE_REASON2."</b></font><br><font class=\"boxtitle\">$disablemessage</font>"; | |||
| 180 | } elseif ($disablemessage != "" && is_admin($admin)){ | |||
| 181 | $reason = "<br>$disablemessage"; | |||
| 182 | } | |||
| 183 | if($disabletitle != "" ){ | |||
| 184 | $titleclosed = $disabletitle; | |||
| 185 | }else{ | |||
| 186 | $titleclosed = ""._DIS_TITLE.""; | |||
| 187 | } | |||
| 188 | if (!eregi("admin.php", $_SERVER['SCRIPT_NAME']) && !is_admin($admin) && $disable){ | |||
| 189 | include("header.php"); | |||
| 190 | $index = 1; | |||
| 191 | title($titleclosed); | |||
| 192 | OpenTable(); | |||
| 193 | echo "<center><font class=\"boxtitle\">"._DISABLE_REASON1."</font>$reason</center>"; | |||
| 194 | CloseTable(); | |||
| 195 | include("footer.php"); | |||
| 196 | die(); | |||
| 197 | } elseif (!eregi("admin.php", $_SERVER['SCRIPT_NAME']) && is_admin($admin) && $disable && $name!= "Your_Account"){ | |||
| 198 | echo "<center><b><font color =\"#000000\">"._DISABLE."</font><font color =\"#ff0000\">$reason</font></b></center>"; | |||
| 199 | } | |||
| 200 | ## SiteCloseDownHack by Mighty_Y End | |||
| = | 201 | |||
| <> | 202 | ## SpeedUp by DJMaze Begin | ||
| 52 | function get_lang($module) { | 203 | function is_active($module) { | |
| 204 | global $prefix, $dbi; | |||
| 205 | static $save; | |||
| 206 | if (is_array($save)) { | |||
| 207 | if (isset($save[$module])) return ($save[$module]); | |||
| 208 | return 0; | |||
| 209 | } | |||
| 210 | $sql = "SELECT title FROM ".$prefix."_modules WHERE active=1"; | |||
| 211 | $result = sql_query($sql, $dbi); | |||
| 212 | while ($row = sql_fetch_row($result, $dbi)) { | |||
| 213 | $save[$row[0]] = 1; | |||
| 214 | } | |||
| 215 | if (isset($save[$module])) return ($save[$module]); | |||
| 53 | global $currentlang; | 216 | return 0; | |
| 217 | } | |||
| 218 | ## SpeedUp by DJMaze End | |||
| 219 | ## End Startfuncs | |||
| 220 | ## Begin Blockfuncs | |||
| 221 | function blockfileinc($title, $blockfile, $side=0) { | |||
| 222 | $blockfiletitle = $title; | |||
| 223 | $file = @file("blocks/$blockfile"); | |||
| = | 224 | |||
| 54 | if ($module == admin) { | <> | 225 | if (!$file) { |
| 55 | if (file_exists("admin/language/lang-$currentlang.php")) { | 226 | $content = _BLOCKPROBLEM; | |
| 56 | include_once("admin/language/lang-$currentlang.php"); | 227 | } else { | |
| 228 | ## QuickFix 3.3 Begin | |||
| 229 | $content = ""; | |||
| 230 | ## QuickFix 3.3 End | |||
| 231 | include("blocks/$blockfile"); | |||
| 57 | } | 232 | } | |
| 233 | if ($content == "") { | |||
| 234 | $content = _BLOCKPROBLEM2; | |||
| 235 | } | |||
| 236 | if ($side == 1) { | |||
| 237 | themecenterbox($blockfiletitle, $content); | |||
| 238 | } elseif ($side == 2) { | |||
| 239 | themecenterbox($blockfiletitle, $content); | |||
| 58 | } else { | = | 240 | } else { |
| 59 | if (file_exists("modules/$module/language/lang-$currentlang.php")) { | <> | 241 | if (eregi("admin.php",$_SERVER["SCRIPT_FILENAME"])){ |
| 60 | include_once("modules/$module/language/lang-$currentlang.php"); | 242 | themesideboxadmin($blockfiletitle, $content); | |
| 243 | } else { | |||
| 244 | themesidebox($title, $content); | |||
| 61 | } | 245 | } | |
| 62 | } | = | 246 | } |
| 63 | } | 247 | } | |
| 64 | 248 | |||
| 65 | function is_admin($admin) { | <> | 249 | function blocks($side) { |
| 250 | global $storynum, $prefix, $multilingual, $currentlang, $dbi, $admin, $name, $user; | |||
| = | 251 | |||
| <> | 252 | if ($multilingual == 1) { | ||
| 253 | $querylang = "AND (blanguage='$currentlang' OR blanguage='')"; | |||
| 66 | global $prefix, $dbi; | 254 | } else { | |
| 255 | $querylang = ""; | |||
| 67 | if(!is_array($admin)) { | 256 | } | |
| 68 | $admin = base64_decode($admin); | 257 | if (strtolower($side[0]) == "l") { | |
| 69 | $admin = explode(":", $admin); | 258 | $pos = "l"; | |
| 259 | } elseif (strtolower($side[0]) == "r") { | |||
| 260 | $pos = "r"; | |||
| 261 | } elseif (strtolower($side[0]) == "c") { | |||
| 262 | $pos = "c"; | |||
| 263 | } elseif (strtolower($side[0]) == "d") { | |||
| 70 | $aid = "$admin[0]"; | 264 | $pos = "d"; | |
| 265 | } | |||
| 71 | $pwd = "$admin[1]"; | 266 | $side = $pos; | |
| 267 | if (isset($name)) { | |||
| 268 | $result = sql_query("SELECT b.bid, b.bkey, b.title, b.content, b.url, b.blockfile, b.view, b.custom_title_german, b.custom_title_english FROM ".$prefix."_blocks b, ".$prefix."_blocks_manager m WHERE b.bid=m.bid AND m.title='$name' AND b.position='$pos' AND b.active='1' $querylang ORDER BY b.weight ASC", $dbi); | |||
| 72 | } else { | = | 269 | } else { |
| 73 | $aid = "$admin[0]"; | <> | 270 | $result = sql_query("SELECT b.bid, b.bkey, b.title, b.content, b.url, b.blockfile, b.view , b.custom_title_german, b.custom_title_english FROM ".$prefix."_blocks b WHERE b.position='$pos' AND b.active='1' $querylang ORDER BY b.weight ASC", $dbi); |
| 74 | $pwd = "$admin[1]"; | |||
| 75 | } | = | 271 | } |
| 76 | $result = sql_query("select pwd from ".$prefix."_authors where aid='$aid'", $dbi); | <> | 272 | while(list($bid, $bkey, $title, $content, $url, $blockfile, $view, $ctg, $cte) = sql_fetch_row($result, $dbi)) { |
| 273 | ## QuickFix 3.2 Begin | |||
| 274 | $bid = intval($bid); | |||
| 275 | $title = stripslashes(check_html($title, "nohtml")); | |||
| 276 | $content = stripslashes($content); | |||
| 77 | list($pass) = sql_fetch_row($result, $dbi); | 277 | $url = stripslashes($url); | |
| 278 | $view = intval($view); | |||
| 279 | $ctg = stripslashes(check_html($ctg, "nohtml")); | |||
| 280 | $cte = stripslashes(check_html($cte, "nohtml")); | |||
| 281 | ## QuickFix 3.2 Begin | |||
| = | 282 | |||
| -+ | 283 | $otitle=$title; | ||
| 284 | switch ($currentlang) | |||
| 285 | { | |||
| 286 | case "english": | |||
| 287 | $title=$cte; | |||
| 288 | break; | |||
| 289 | default: | |||
| 290 | $title=$ctg; | |||
| 291 | break; | |||
| = | 292 | |||
| -+ | 293 | } | ||
| 294 | if ($title=="") $title=$otitle; | |||
| = | 295 | |||
| <> | 296 | if ($bkey == admin) { | ||
| 297 | adminblock(); | |||
| 298 | } elseif ($bkey == userbox) { | |||
| 299 | userblock(); | |||
| 300 | } elseif ($bkey == "") { | |||
| 78 | if($pass == $pwd && $pass != "") { | 301 | if ($view == 0) { | |
| 302 | render_blocks($side, $blockfile, $title, $content, $bid, $url); | |||
| 303 | } elseif ($view == 1 AND is_user($user)) {// || is_admin($admin) | |||
| 304 | render_blocks($side, $blockfile, $title, $content, $bid, $url); | |||
| 305 | } elseif ($view == 2 AND is_admin($admin)) { | |||
| 79 | return 1; | 306 | ||
| 307 | render_blocks($side, $blockfile, $title, $content, $bid, $url); | |||
| 308 | } elseif ($view == 3 AND !is_user($user)) {// || is_admin($admin) | |||
| 309 | render_blocks($side, $blockfile, $title, $content, $bid, $url); | |||
| 310 | } elseif ($view > 3 AND is_user($user)) {// || is_admin($admin) | |||
| 311 | $userInfo = getusrinfo($user); | |||
| 312 | $newView = $view - 3; | |||
| 313 | list($groupName) = sql_fetch_row(sql_query("select groupName from ".$prefix."_usergroups where groupID=$newView", $dbi), $dbi); | |||
| 314 | list($confUID) = sql_fetch_row(sql_query("select uid from ".$prefix."_usergroup_users where groupID=$newView AND uid=$userInfo[uid]", $dbi), $dbi); | |||
| 315 | if ($confUID == $userInfo[uid] || is_admin($admin)) { | |||
| 316 | render_blocks($side, $blockfile, $title, $content, $bid, $url); | |||
| 317 | } | |||
| 318 | } | |||
| 319 | } | |||
| 80 | } | = | 320 | } |
| 81 | return 0; | +- | ||
| 82 | } | = | 321 | } |
| 83 | 322 | |||
| 84 | function is_user($user) { | <> | 323 | function render_blocks($side, $blockfile, $title, $content, $bid, $url) { |
| 85 | global $prefix, $dbi, $user_prefix; | 324 | ||
| 86 | if(!is_array($user)) { | 325 | if ($url == "") { | |
| 87 | $user = base64_decode($user); | 326 | if ($blockfile == "") { | |
| 88 | $user = explode(":", $user); | 327 | if ($side == "c") { | |
| 328 | themecenterbox($title, $content); | |||
| 329 | } elseif ($side == "d") { | |||
| 330 | themecenterbox($title, $content); | |||
| 331 | } else { | |||
| = | 332 | |||
| -+ | 333 | themesidebox($title, $content); | ||
| = | 334 | |||
| <> | 335 | } | ||
| 89 | $uid = "$user[0]"; | 336 | } else { | |
| 337 | if ($side == "c") { | |||
| 338 | blockfileinc($title, $blockfile, 1); | |||
| 339 | } elseif ($side == "d") { | |||
| 340 | blockfileinc($title, $blockfile, 1); | |||
| 341 | } else { | |||
| 90 | $pwd = "$user[2]"; | 342 | ||
| 343 | blockfileinc($title, $blockfile); | |||
| 344 | } | |||
| 345 | } | |||
| 91 | } else { | = | 346 | } else { |
| <> | 347 | if ($side == "c" OR $side == "d") { | ||
| 348 | headlines($bid,1); | |||
| 92 | $uid = "$user[0]"; | 349 | } else { | |
| 350 | headlines($bid); | |||
| 93 | $pwd = "$user[2]"; | 351 | } | |
| 94 | } | = | 352 | } |
| 353 | ||||
| -+ | 354 | } | ||
| = | 355 | |||
| -+ | 356 | function themecenterbox($title, $content) { | ||
| 357 | OpenTable(); | |||
| 358 | echo "<center><font class=\"option\"><b>$title</b></font></center><br>" | |||
| 359 | ."$content"; | |||
| 360 | CloseTable(); | |||
| 361 | echo "<br>"; | |||
| 362 | } | |||
| = | 363 | |||
| <> | 364 | function userblock() { | ||
| 365 | global $user, $cookie, $prefix, $dbi, $user_prefix; | |||
| 366 | if((is_user($user)) AND ($cookie[8])) { | |||
| 95 | $result = sql_query("select pass from ".$user_prefix."_users where uid='$uid'", $dbi); | 367 | $getblock = sql_query("select ublock from ".$user_prefix."_users where uid='$cookie[0]'", $dbi); | |
| 368 | $title = ""._MENUFOR." $cookie[1]"; | |||
| 96 | list($pass) = sql_fetch_row($result, $dbi); | 369 | list($ublock) = sql_fetch_row($getblock, $dbi); | |
| 97 | if($pass == $pwd && $pass != "") { | 370 | if (eregi("admin.php",$_SERVER["SCRIPT_FILENAME"])){ | |
| 371 | themesideboxadmin($title, $ublock); | |||
| 372 | } else { | |||
| 373 | themesidebox($title, $ublock); | |||
| 374 | } | |||
| 375 | } | |||
| 376 | } | |||
| 98 | return 1; | 377 | ||
| 378 | function searchblock() { | |||
| 379 | OpenTable(); | |||
| 380 | echo "<form action=\"modules.php?name=Forum&file=search\" method=\"post\">"; | |||
| 381 | echo "<input type=\"hidden\" name=\"addterm\" value=\"any\">"; | |||
| 382 | echo "<input type=\"hidden\" name=\"sortby\" value=\"p.post_time\">"; | |||
| 383 | echo " <b>"._SEARCH."</b> <input type=\"text\" name=\"term\" size=\"15\">"; | |||
| 384 | echo "<input type=\"hidden\" name=\"submit\" value=\"submit\"></form>"; | |||
| 385 | echo "<div align=\"left\"><font class=\"content\"> [ <a href=\"modules.php?name=Forum&file=search&addterm=any&sortby=p.post_time&adv=1\">Advanced Search</a> ]</font></div>"; | |||
| 386 | CloseTable(); | |||
| 387 | } | |||
| 388 | ## End Blockfuncs | |||
| 389 | ## Begin Textfuncs | |||
| 390 | function FixQuotes ($what = "") { | |||
| 391 | $what = ereg_replace("'","''",$what); | |||
| 392 | while (eregi("\\\\'", $what)) { | |||
| 393 | $what = ereg_replace("\\\\'","'",$what); | |||
| 394 | } | |||
| 395 | return $what; | |||
| 396 | } | |||
| = | 397 | |||
| -+ | 398 | /*********************************************************/ | ||
| 399 | /* text filter */ | |||
| 400 | /*********************************************************/ | |||
| = | 401 | |||
| -+ | 402 | function check_words($Message) { | ||
| 403 | global $EditedMessage; | |||
| 404 | include("config.php"); | |||
| 405 | $EditedMessage = $Message; | |||
| 406 | if ($CensorMode != 0) { | |||
| = | 407 | |||
| -+ | 408 | if (is_array($CensorList)) { | ||
| 409 | $Replace = $CensorReplace; | |||
| 410 | if ($CensorMode == 1) { | |||
| 411 | for ($i = 0; $i < count($CensorList); $i++) { | |||
| 412 | $EditedMessage = eregi_replace("$CensorList[$i]([^a-zA-Z0-9])","$Replace\\1",$EditedMessage); | |||
| 413 | } | |||
| 414 | } elseif ($CensorMode == 2) { | |||
| 415 | for ($i = 0; $i < count($CensorList); $i++) { | |||
| 416 | $EditedMessage = eregi_replace("(^|[^[:alnum:]])$CensorList[$i]","\\1$Replace",$EditedMessage); | |||
| 417 | } | |||
| 418 | } elseif ($CensorMode == 3) { | |||
| 419 | for ($i = 0; $i < count($CensorList); $i++) { | |||
| 420 | $EditedMessage = eregi_replace("$CensorList[$i]","$Replace",$EditedMessage); | |||
| 421 | } | |||
| 422 | } | |||
| 423 | } | |||
| 99 | } | = | 424 | } |
| -+ | 425 | return ($EditedMessage); | ||
| 426 | } | |||
| = | 427 | |||
| <> | 428 | function delQuotes($string){ | ||
| 429 | /* no recursive function to add quote to an HTML tag if needed */ | |||
| 430 | /* and delete duplicate spaces between attribs. */ | |||
| 431 | $tmp=""; # string buffer | |||
| 432 | $result=""; # result string | |||
| 433 | $i=0; | |||
| 434 | $attrib=-1; # Are us in an HTML attrib ? -1: no attrib 0: name of the attrib 1: value of the atrib | |||
| 435 | $quote=0; # Is a string quote delimited opened ? 0=no, 1=yes | |||
| 436 | $len = strlen($string); | |||
| 437 | while ($i<$len) { | |||
| 438 | switch($string[$i]) { # What car is it in the buffer ? | |||
| 439 | case "\"": #" # a quote. | |||
| 440 | if ($quote==0) { | |||
| 441 | $quote=1; | |||
| 442 | } else { | |||
| 443 | $quote=0; | |||
| 444 | if (($attrib>0) && ($tmp != "")) { $result .= "=\"$tmp\""; } | |||
| 445 | $tmp=""; | |||
| 446 | $attrib=-1; | |||
| 447 | } | |||
| 448 | break; | |||
| 449 | case "=": # an equal - attrib delimiter | |||
| 450 | if ($quote==0) { # Is it found in a string ? | |||
| 451 | $attrib=1; | |||
| 452 | if ($tmp!="") $result.=" $tmp"; | |||
| 453 | $tmp=""; | |||
| 454 | } else $tmp .= '='; | |||
| 455 | break; | |||
| 456 | case " ": # a blank ? | |||
| 457 | if ($attrib>0) { # add it to the string, if one opened. | |||
| 458 | $tmp .= $string[$i]; | |||
| 459 | } | |||
| 460 | break; | |||
| 461 | default: # Other | |||
| 462 | if ($attrib<0) # If we weren't in an attrib, set attrib to 0 | |||
| 463 | $attrib=0; | |||
| 464 | $tmp .= $string[$i]; | |||
| 465 | break; | |||
| 466 | } | |||
| 467 | $i++; | |||
| 468 | } | |||
| 469 | if (($quote!=0) && ($tmp != "")) { | |||
| 470 | if ($attrib==1) $result .= "="; | |||
| 471 | /* If it is the value of an atrib, add the '=' */ | |||
| 472 | $result .= "\"$tmp\""; /* Add quote if needed (the reason of the function ;-) */ | |||
| 473 | } | |||
| 100 | return 0; | 474 | return $result; | |
| 475 | } | |||
| = | 476 | |||
| -+ | 477 | function check_html ($str, $strip="") { | ||
| 478 | /* The core of this code has been lifted from phpslash */ | |||
| 479 | /* which is licenced under the GPL. */ | |||
| 480 | include("config.php"); | |||
| 481 | if ($strip == "nohtml") | |||
| 482 | $AllowableHTML=array(''); | |||
| 483 | $str = stripslashes($str); | |||
| 484 | $str = eregi_replace("<[[:space:]]*([^>]*)[[:space:]]*>",'<\\1>', $str); | |||
| 485 | // Delete all spaces from html tags . | |||
| 486 | $str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?[[:space:]]*([^\" >]*)[[:space:]]*\"?[^>]*>",'<a href="\\1">', $str); | |||
| 487 | // Delete all attribs from Anchor, except an href, double quoted. | |||
| 488 | $str = eregi_replace("<[[:space:]]* img[[:space:]]*([^>]*)[[:space:]]*>", '', $str); | |||
| 489 | // Delete all img tags | |||
| 490 | $str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?javascript[[:punct:]]*\"?[^>]*>", '', $str); | |||
| 491 | // Delete javascript code from a href tags -- Zhen-Xjell @ http://nukecops.com | |||
| 492 | $tmp = ""; | |||
| 493 | while (ereg("<(/?[[:alpha:]]*)[[:space:]]*([^>]*)>",$str,$reg)) { | |||
| 494 | $i = strpos($str,$reg[0]); | |||
| 495 | $l = strlen($reg[0]); | |||
| 496 | if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1)); | |||
| 497 | else $tag = strtolower($reg[1]); | |||
| 498 | if ($a = $AllowableHTML[$tag]) | |||
| 499 | if ($reg[1][0] == "/") $tag = "</$tag>"; | |||
| 500 | elseif (($a == 1) || ($reg[2] == "")) $tag = "<$tag>"; | |||
| 501 | else { | |||
| 502 | # Place here the double quote fix function. | |||
| 503 | $attrb_list=delQuotes($reg[2]); | |||
| 504 | // A VER | |||
| 505 | $attrb_list = ereg_replace("&","&",$attrb_list); | |||
| 506 | $tag = "<$tag" . $attrb_list . ">"; | |||
| 507 | } # Attribs in tag allowed | |||
| 508 | else $tag = ""; | |||
| 509 | $tmp .= substr($str,0,$i) . $tag; | |||
| 510 | $str = substr($str,$i+$l); | |||
| 511 | } | |||
| 512 | $str = $tmp . $str; | |||
| 513 | return $str; | |||
| 514 | exit; | |||
| 515 | /* Squash PHP tags unconditionally */ | |||
| 516 | $str = ereg_replace("<\?","",$str); | |||
| 517 | return $str; | |||
| 518 | } | |||
| = | 519 | |||
| -+ | 520 | function filter_text($Message, $strip="") { | ||
| 521 | global $EditedMessage; | |||
| 522 | check_words($Message); | |||
| 523 | $EditedMessage=check_html($EditedMessage, $strip); | |||
| 524 | return ($EditedMessage); | |||
| 101 | } | = | 525 | } |
| 102 | 526 | |||
| 103 | function title($text) { | 527 | function title($text) { | |
| 104 | OpenTable(); | 528 | OpenTable(); | |
| 105 | echo "<center><font class=\"title\"><b>$text</b></font></center>"; | 529 | echo "<center><font class=\"title\"><b>$text</b></font></center>"; | |
| 106 | CloseTable(); | 530 | CloseTable(); | |
| 107 | echo "<br>"; | 531 | echo "<br>"; | |
| 108 | } | 532 | } | |
| 109 | 533 | |||
| 110 | function is_active($module) { | <> | 534 | function message_box() { |
| 111 | global $prefix, $dbi; | 535 | global $bgcolor1, $bgcolor2, $user, $admin, $cookie, $textcolor2, $prefix, $multilingual, $currentlang, $dbi; | |
| 112 | $result = sql_query("select active from ".$prefix."_modules where title='$module'", $dbi); | |||
| 113 | list ($act) = sql_fetch_row($result, $dbi); | |||
| 114 | if (!$result OR $act == 0) { | 536 | if ($multilingual == 1) { | |
| 115 | return 0; | 537 | $querylang = "AND (mlanguage='$currentlang' OR mlanguage='')"; | |
| 116 | } else { | = | 538 | } else { |
| 117 | return 1; | <> | 539 | $querylang = ""; |
| 118 | } | = | 540 | } |
| <> | 541 | $result = sql_query("select mid, title, content, date, expire, view from ".$prefix."_message where active='1' $querylang", $dbi); | ||
| 542 | if (sql_num_rows($result, $dbi) == 0) { | |||
| 119 | } | 543 | return; | |
| 120 | 544 | } else { | ||
| 121 | function render_blocks($side, $blockfile, $title, $content, $bid, $url) { | 545 | while (list($mid, $title, $content, $mdate, $expire, $view) = sql_fetch_row($result, $dbi)) { | |
| 546 | if ($title != "" && $content != "") { | |||
| 122 | if ($url == "") { | 547 | if ($expire == 0) { | |
| 123 | if ($blockfile == "") { | 548 | $remain = _UNLIMITED; | |
| 124 | if ($side == "c") { | 549 | } else { | |
| 125 | themecenterbox($title, $content); | 550 | $etime = (($mdate+$expire)-time())/3600; | |
| 551 | $etime = (int)$etime; | |||
| 552 | if ($etime < 1) { | |||
| 553 | $remain = _EXPIRELESSHOUR; | |||
| 126 | } else { | 554 | } else { | |
| 127 | themesidebox($title, $content); | 555 | $remain = ""._EXPIREIN." $etime "._HOURS.""; | |
| 128 | } | 556 | } | |
| 129 | } else { | 557 | } | |
| 558 | if ($view == 4 AND is_admin($admin)) { | |||
| 559 | OpenTable2(); | |||
| 560 | echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n" | |||
| 561 | ."<font class=\"content\">$content</font>" | |||
| 562 | ."<br><br><center><font class=\"content\">[ "._MVIEWADMIN." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>"; | |||
| 563 | CloseTable2(); | |||
| 564 | echo "<br>"; | |||
| 565 | } elseif ($view == 3 AND is_user($user) || is_admin($admin)) { | |||
| 566 | OpenTable2(); | |||
| 567 | echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n" | |||
| 568 | ."<font class=\"content\">$content</font>"; | |||
| 569 | if (is_admin($admin)) { | |||
| 570 | echo "<br><br><center><font class=\"content\">[ "._MVIEWUSERS." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>"; | |||
| 130 | if ($side == "c") { | 571 | } | |
| 131 | blockfileinc($title, $blockfile, 1); | 572 | CloseTable2(); | |
| 573 | echo "<br>"; | |||
| 574 | } elseif ($view == 2 AND !is_user($user) || is_admin($admin)) { | |||
| 575 | OpenTable2(); | |||
| 576 | echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n" | |||
| 577 | ."<font class=\"content\">$content</font>"; | |||
| 578 | if (is_admin($admin)) { | |||
| 579 | echo "<br><br><center><font class=\"content\">[ "._MVIEWANON." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>"; | |||
| 132 | } else { | 580 | } | |
| 133 | blockfileinc($title, $blockfile); | 581 | CloseTable2(); | |
| 582 | echo "<br>"; | |||
| 583 | } elseif ($view == 1) { | |||
| 584 | OpenTable2(); | |||
| 585 | echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n" | |||
| 586 | ."<font class=\"content\">$content</font>"; | |||
| 587 | if (is_admin($admin)) { | |||
| 588 | echo "<br><br><center><font class=\"content\">[ "._MVIEWALL." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>"; | |||
| 134 | } | 589 | } | |
| 590 | CloseTable2(); | |||
| 591 | echo "<br>"; | |||
| 592 | } elseif ($view > 4 AND is_user($user)) {// || is_admin($admin) | |||
| 593 | $userInfo = getusrinfo($user); | |||
| 594 | $newView = $view - 4; | |||
| 595 | list($groupName) = sql_fetch_row(sql_query("select groupName from ".$prefix."_usergroups where groupID=$newView", $dbi), $dbi); | |||
| 596 | list($confUID) = sql_fetch_row(sql_query("select uid from ".$prefix."_usergroup_users where groupID=$newView AND uid=$userInfo[uid]", $dbi), $dbi); | |||
| 597 | if ($confUID == $userInfo[uid] || is_admin($admin)) { | |||
| 598 | OpenTable2(); | |||
| 599 | echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n" | |||
| 600 | ."<font class=\"content\">$content</font>"; | |||
| 601 | if (is_admin($admin)) { | |||
| 602 | echo "<br><br><center><font class=\"content\">[ $groupName - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>"; | |||
| 603 | } | |||
| 604 | CloseTable2(); | |||
| 605 | echo "<br>"; | |||
| 135 | } | 606 | } | |
| 136 | } else { | 607 | } | |
| 137 | if ($side == "c") { | 608 | if ($expire != 0) { | |
| 138 | headlines($bid,1); | 609 | $past = time()-$expire; | |
| 610 | if ($mdate < $past) { | |||
| 611 | $result = sql_query("update ".$prefix."_message set active='0' where mid='$mid'", $dbi); | |||
| 139 | } else { | 612 | } | |
| 613 | } | |||
| 140 | headlines($bid); | 614 | } | |
| 141 | } | 615 | } | |
| 142 | } | = | 616 | } |
| 143 | } | 617 | } | |
| 144 | 618 | |||
| 145 | function blocks($side) { | <> | 619 | function ultramode() { |
| 146 | global $storynum, $prefix, $multilingual, $currentlang, $dbi, $admin, $user; | |||
| 147 | if ($multilingual == 1) { | 620 | global $prefix, $dbi; | |
| 148 | $querylang = "AND (blanguage='$currentlang' OR blanguage='')"; | |||
| 149 | } else { | 621 | $ultra = "ultramode.txt"; | |
| 150 | $querylang = ""; | 622 | $file = fopen("$ultra", "w"); | |
| 151 | } | 623 | fwrite($file, "General purpose self-explanatory file with news headlines\n"); | |
| 152 | if (strtolower($side[0]) == "l") { | 624 | $rfile=sql_query("select sid, aid, title, time, comments, topic from ".$prefix."_stories order by time DESC limit 0,10", $dbi); | |
| 153 | $pos = "l"; | 625 | while(list($sid, $aid, $title, $time, $comments, $topic) = sql_fetch_row($rfile, $dbi)) { | |
| 154 | } elseif (strtolower($side[0]) == "r") { | 626 | $rfile2=sql_query("select topictext, topicimage from ".$prefix."_topics where topicid=$topic", $dbi); | |
| 155 | $pos = "r"; | 627 | list($topictext, $topicimage) = sql_fetch_row($rfile2, $dbi); | |
| 156 | } elseif (strtolower($side[0]) == "c") { | 628 | $content = "%%\n$title\n/modules.php?name=News&file=article&sid=$sid\n$time\n$aid\n$topictext\n$comments\n$topicimage\n"; | |
| 157 | $pos = "c"; | 629 | fwrite($file, $content); | |
| 158 | } | = | 630 | } |
| 159 | $side = $pos; | <> | 631 | fclose($file); |
| 160 | $result = sql_query("select bid, bkey, title, content, url, blockfile, view from ".$prefix."_blocks where position='$pos' AND active='1' $querylang ORDER BY weight ASC", $dbi); | 632 | } | |
| 161 | while(list($bid, $bkey, $title, $content, $url, $blockfile, $view) = sql_fetch_row($result, $dbi)) { | 633 | ||
| 162 | if ($bkey == admin) { | 634 | ## End Textfuncs | |
| 163 | adminblock(); | 635 | ## Begin Userfuncs | |
| 164 | } elseif ($bkey == userbox) { | 636 | function loginbox() { | |
| 165 | userblock(); | 637 | global $user; | |
| 166 | } elseif ($bkey == "") { | 638 | if (!is_user($user)) { | |
| 167 | if ($view == 0) { | 639 | $title = _LOGIN; | |
| 168 | render_blocks($side, $blockfile, $title, $content, $bid, $url); | 640 | $boxstuff = "<form action=\"modules.php?name=Your_Account\" method=\"post\">"; | |
| 169 | } elseif ($view == 1 AND is_user($user) || is_admin($admin)) { | 641 | $boxstuff .= "<center><font class=\"content\">"._NICKNAME."<br>"; | |
| 170 | render_blocks($side, $blockfile, $title, $content, $bid, $url); | 642 | $boxstuff .= "<input type=\"text\" name=\"uname\" size=\"8\" maxlength=\"25\"><br>"; | |
| 171 | } elseif ($view == 2 AND is_admin($admin)) { | 643 | $boxstuff .= ""._PASSWORD."<br>"; | |
| 172 | render_blocks($side, $blockfile, $title, $content, $bid, $url); | 644 | $boxstuff .= "<input type=\"password\" name=\"pass\" size=\"8\" maxlength=\"20\"><br>"; | |
| 173 | } elseif ($view == 3 AND !is_user($user) || is_admin($admin)) { | 645 | $boxstuff .= "<input type=\"hidden\" name=\"op\" value=\"login\">"; | |
| 174 | render_blocks($side, $blockfile, $title, $content, $bid, $url); | 646 | $boxstuff .= "<input type=\"submit\" value=\""._LOGIN."\"></font></center></form>"; | |
| 647 | $boxstuff .= "<center><font class=\"content\">"._ASREGISTERED."</font></center>"; | |||
| 648 | if (eregi("admin.php", $_SERVER["SCRIPT_FILENAME"])){ | |||
| 649 | themesideboxadmin($title, $boxstuff); | |||
| 175 | } | 650 | } else { | |
| 651 | themesidebox($title, $boxstuff); | |||
| 176 | } | 652 | } | |
| 177 | } | = | 653 | } |
| 178 | } | 654 | } | |
| 179 | 655 | |||
| <> | 656 | ## SpeedUp by DJMaze Begin | ||
| 180 | function message_box() { | 657 | function cookiedecode($user) { | |
| 181 | global $bgcolor1, $bgcolor2, $user, $admin, $cookie, $textcolor2, $prefix, $multilingual, $currentlang, $dbi; | 658 | global $cookie, $dbi, $user_prefix; | |
| 659 | static $pass; | |||
| 182 | if ($multilingual == 1) { | 660 | if(!is_array($user)) { | |
| 183 | $querylang = "AND (mlanguage='$currentlang' OR mlanguage='')"; | 661 | $user = base64_decode($user); | |
| 662 | ## QuickFix 3.2 Begin | |||
| 663 | $user = addslashes($user); | |||
| 664 | ## QuickFix 3.2 Begin | |||
| 665 | $cookie = explode(":", $user); | |||
| 184 | } else { | = | 666 | } else { |
| 185 | $querylang = ""; | <> | 667 | $cookie = $user; |
| 186 | } | = | 668 | } |
| 187 | $result = sql_query("select mid, title, content, date, expire, view from ".$prefix."_message where active='1' $querylang", $dbi); | <> | 669 | if (!isset($pass)) { |
| 670 | $sql = "SELECT pass FROM ".$user_prefix."_users WHERE uname='$cookie[1]'"; | |||
| 188 | if (sql_num_rows($result, $dbi) == 0) { | 671 | $result = sql_query($sql, $dbi); | |
| 189 | return; | 672 | list($pass) = sql_fetch_row($result, $dbi); | |
| 190 | } else { | 673 | } | |
| 191 | while (list($mid, $title, $content, $mdate, $expire, $view) = sql_fetch_row($result, $dbi)) { | 674 | if ($cookie[2] == $pass && $pass != "") { return $cookie; } | |
| 192 | if ($title != "" && $content != "") { | 675 | ## QuickFix 2.4 Begin | |
| 676 | unset($GLOBALS['user']); | |||
| 677 | unset($GLOBALS['cookie']); | |||
| 193 | if ($expire == 0) { | 678 | ## QuickFix 2.4 End | |
| 194 | $remain = _UNLIMITED; | 679 | } | |
| 195 | } else { | 680 | ||
| 196 | $etime = (($mdate+$expire)-time())/3600; | 681 | function getusrinfo($user) { | |
| 682 | global $user_prefix, $dbi, $userinfo; | |||
| 197 | $etime = (int)$etime; | 683 | static $userrow; | |
| 684 | if (!$user || $user == '') { return NULL; } | |||
| 198 | if ($etime < 1) { | 685 | if(!is_array($user)) { | |
| 199 | $remain = _EXPIRELESSHOUR; | 686 | $user = base64_decode($user); | |
| 200 | } else { | 687 | ## QuickFix 3.2 Begin | |
| 201 | $remain = ""._EXPIREIN." $etime "._HOURS.""; | 688 | $user = addslashes($user); | |
| 202 | } | 689 | ## QuickFix 3.2 Begin | |
| 690 | $user = explode(":", $user); | |||
| 203 | } | 691 | } | |
| 204 | if ($view == 4 AND is_admin($admin)) { | 692 | if (is_array($userrow)) { | |
| 205 | OpenTable(); | 693 | if ($userrow['uname'] == $user[1] && $userrow['pass'] = $user[2]) { | |
| 206 | echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n" | 694 | return $userrow; | |
| 207 | ."<font class=\"content\">$content</font>" | |||
| 208 | ."<br><br><center><font class=\"content\">[ "._MVIEWADMIN." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>"; | |||
| 209 | CloseTable(); | 695 | } | |
| 210 | echo "<br>"; | 696 | } | |
| 211 | } elseif ($view == 3 AND is_user($user) || is_admin($admin)) { | 697 | $sql = "SELECT * FROM ".$user_prefix."_users WHERE uname='$user[1]' AND pass='$user[2]'"; | |
| 212 | OpenTable(); | 698 | $result = sql_query($sql, $dbi); | |
| 213 | echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n" | 699 | if (sql_num_rows($result, $dbi) == 1) { | |
| 214 | ."<font class=\"content\">$content</font>"; | 700 | $userrow = sql_fetch_array($result, $dbi); | |
| 215 | if (is_admin($admin)) { | 701 | return $userinfo = $userrow; | |
| 216 | echo "<br><br><center><font class=\"content\">[ "._MVIEWUSERS." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>"; | |||
| 217 | } | 702 | } | |
| 218 | CloseTable(); | 703 | unset($userinfo); | |
| 704 | } | |||
| 219 | echo "<br>"; | 705 | ||
| 220 | } elseif ($view == 2 AND !is_user($user) || is_admin($admin)) { | 706 | function is_user($user) { | |
| 221 | OpenTable(); | 707 | global $dbi, $user_prefix; | |
| 222 | echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n" | 708 | static $userSave; | |
| 223 | ."<font class=\"content\">$content</font>"; | 709 | if (isset($userSave)) return ($userSave); | |
| 224 | if (is_admin($admin)) { | 710 | if (!is_array($user)) { | |
| 225 | echo "<br><br><center><font class=\"content\">[ "._MVIEWANON." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>"; | 711 | $user = base64_decode($user); | |
| 712 | ## QuickFix 3.2 Begin | |||
| 713 | $user = addslashes($user); | |||
| 714 | ## QuickFix 3.2 Begin | |||
| 715 | $user = explode(":", $user); | |||
| 226 | } | 716 | } | |
| 227 | CloseTable(); | 717 | $uid = $user[0]; | |
| 228 | echo "<br>"; | 718 | $pwd = $user[2]; | |
| 229 | } elseif ($view == 1) { | 719 | $uid = intval($uid); | |
| 230 | OpenTable(); | 720 | if ($uid != "" AND $pwd != "") { | |
| 231 | echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n" | 721 | $sql = "SELECT pass FROM ".$user_prefix."_users WHERE uid='$uid'"; | |
| 232 | ."<font class=\"content\">$content</font>"; | 722 | $result = sql_query($sql, $dbi); | |
| 233 | if (is_admin($admin)) { | 723 | $row = sql_fetch_array($result, $dbi); | |
| 234 | echo "<br><br><center><font class=\"content\">[ "._MVIEWALL." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>"; | 724 | $pass = $row['pass']; | |
| 725 | if ($pass == $pwd && $pass != "") { | |||
| 726 | return $userSave = 1; | |||
| 235 | } | 727 | } | |
| 236 | CloseTable(); | 728 | } | |
| 729 | return $userSave = 0; | |||
| 237 | echo "<br>"; | 730 | } | |
| 731 | ## SpeedUp by DJMaze End | |||
| 238 | } | 732 | ||
| 239 | if ($expire != 0) { | 733 | function get_lang($module) { | |
| 240 | $past = time()-$expire; | 734 | global $currentlang; | |
| 241 | if ($mdate < $past) { | 735 | if ($module == admin) { | |
| 242 | $result = sql_query("update ".$prefix."_message set active='0' where mid='$mid'", $dbi); | 736 | if (file_exists("admin/language/lang-$currentlang.php")) { | |
| 243 | } | 737 | include_once("admin/language/lang-$currentlang.php"); | |
| 244 | } | 738 | } | |
| 245 | } | 739 | } else { | |
| 740 | if (file_exists("modules/$module/language/lang-$currentlang.php")) { | |||
| 741 | include_once("modules/$module/language/lang-$currentlang.php"); | |||
| 246 | } | 742 | } | |
| 247 | } | = | 743 | } |
| 248 | } | 744 | } | |
| 249 | 745 | |||
| 250 | function online() { | 746 | function online() { | |
| 251 | global $user, $cookie, $prefix, $dbi; | 747 | global $user, $cookie, $prefix, $dbi; | |
| 252 | cookiedecode($user); | 748 | cookiedecode($user); | |
| 253 | $ip = getenv("REMOTE_ADDR"); | 749 | $ip = getenv("REMOTE_ADDR"); | |
| 254 | $username = $cookie[1]; | 750 | $username = $cookie[1]; | |
| 255 | if (!isset($username)) { | 751 | if (!isset($username)) { | |
| 256 | $username = "$ip"; | 752 | $username = "$ip"; | |
| 257 | $guest = 1; | 753 | $guest = 1; | |
| 258 | } | 754 | } | |
| 259 | $past = time()-1800; | 755 | $past = time()-1800; | |
| 260 | sql_query("DELETE FROM ".$prefix."_session WHERE time < $past", $dbi); | 756 | sql_query("DELETE FROM ".$prefix."_session WHERE time < $past", $dbi); | |
| 261 | $result = sql_query("SELECT time FROM ".$prefix."_session WHERE username='$username'", $dbi); | 757 | $result = sql_query("SELECT time FROM ".$prefix."_session WHERE username='$username'", $dbi); | |
| 262 | $ctime = time(); | 758 | $ctime = time(); | |
| 263 | if ($row = sql_fetch_array($result, $dbi)) { | 759 | if ($row = sql_fetch_array($result, $dbi)) { | |
| 264 | sql_query("UPDATE ".$prefix."_session SET username='$username', time='$ctime', host_addr='$ip', guest='$guest' WHERE username='$username'", $dbi); | <> | 760 | sql_query("UPDATE ".$prefix."_session SET username='$username', time='$ctime', host_addr='$ip', guest='$guest' WHERE username='$username'", $dbi); |
| 265 | } else { | = | 761 | } else { |
| 266 | sql_query("INSERT INTO ".$prefix."_session (username, time, host_addr, guest) VALUES ('$username', '$ctime', '$ip', '$guest')", $dbi); | <> | 762 | sql_query("INSERT INTO ".$prefix."_session (username, time, host_addr, guest) VALUES ('$username', '$ctime', '$ip', '$guest')", $dbi); |
| 267 | } | = | 763 | } |
| 268 | } | 764 | } | |
| 269 | ||||
| 270 | function blockfileinc($title, $blockfile, $side=0) { | +- | ||
| 271 | $blockfiletitle = $title; | |||
| 272 | $file = @file("blocks/$blockfile"); | |||
| 273 | if (!$file) { | |||
| 274 | $content = _BLOCKPROBLEM; | |||
| 275 | } else { | |||
| 276 | include("blocks/$blockfile"); | |||
| 277 | } | |||
| 278 | if ($content == "") { | |||
| 279 | $content = _BLOCKPROBLEM2; | |||
| 280 | } | |||
| 281 | if ($side == 1) { | |||
| 282 | themecenterbox($blockfiletitle, $content); | |||
| 283 | } else { | |||
| 284 | themesidebox($blockfiletitle, $content); | |||
| 285 | } | |||
| 286 | } | |||
| 287 | = | |||
| 288 | function selectlanguage() { | 765 | function selectlanguage() { | |
| 289 | global $useflags, $currentlang; | 766 | global $useflags, $currentlang; | |
| 290 | if ($useflags == 1) { | 767 | if ($useflags == 1) { | |
| 291 | $title = _SELECTLANGUAGE; | 768 | $title = _SELECTLANGUAGE; | |
| 292 | $content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br>"; | 769 | $content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br>"; | |
| 293 | $langdir = dir("language"); | 770 | $langdir = dir("language"); | |
| 294 | while($func=$langdir->read()) { | 771 | while($func=$langdir->read()) { | |
| 295 | if(substr($func, 0, 5) == "lang-") { | <> | 772 | if(substr($func, 0, 5) == "lang-") { |
| 296 | $menulist .= "$func "; | 773 | $menulist .= "$func "; | |
| 297 | } | 774 | } | |
| 298 | } | = | 775 | } |
| 299 | closedir($langdir->handle); | 776 | closedir($langdir->handle); | |
| 300 | $menulist = explode(" ", $menulist); | 777 | $menulist = explode(" ", $menulist); | |
| 301 | sort($menulist); | 778 | sort($menulist); | |
| 302 | for ($i=0; $i < sizeof($menulist); $i++) { | 779 | for ($i=0; $i < sizeof($menulist); $i++) { | |
| 303 | if($menulist[$i]!="") { | 780 | if($menulist[$i]!="") { | |
| 304 | $tl = ereg_replace("lang-","",$menulist[$i]); | <> | 781 | $tl = ereg_replace("lang-","",$menulist[$i]); |
| 305 | $tl = ereg_replace(".php","",$tl); | 782 | $tl = ereg_replace(".php","",$tl); | |
| 306 | $altlang = ucfirst($tl); | 783 | $altlang = ucfirst($tl); | |
| 307 | $content .= "<a href=\"index.php?newlang=$tl\"><img src=\"images/language/flag-$tl.png\" border=\"0\" alt=\"$altlang\" hspace=\"3\" vspace=\"3\"></a> "; | 784 | $content .= "<a href=\"index.php?newlang=$tl\"><img src=\"images/language/flag-$tl.png\" border=\"0\" alt=\"$altlang\" hspace=\"3\" vspace=\"3\"></a> "; | |
| 308 | } | 785 | } | |
| 309 | } | = | 786 | } |
| 310 | $content .= "</font></center>"; | 787 | $content .= "</font></center>"; | |
| 311 | themesidebox($title, $content); | 788 | themesidebox($title, $content); | |
| 312 | } else { | <> | 789 | } else { |
| 313 | $title = _SELECTLANGUAGE; | = | 790 | $title = _SELECTLANGUAGE; |
| 314 | $content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br></font>"; | <> | 791 | $content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br></font>"; |
| 315 | $content .= "<form action=\"index.php\" method=\"get\"><select name=\"newlanguage\" onChange=\"top.location.href=this.options[this.selectedIndex].value\">"; | = | 792 | $content .= "<form action=\"index.php\" method=\"get\"><select name=\"newlanguage\" onChange=\"top.location.href=this.options[this.selectedIndex].value\">"; |
| 316 | $handle=opendir('language'); | <> | 793 | $handle=opendir('language'); |
| 317 | while ($file = readdir($handle)) { | 794 | while ($file = readdir($handle)) { | |
| 318 | if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) { | 795 | if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) { | |
| 319 | $langFound = $matches[1]; | 796 | $langFound = $matches[1]; | |
| 320 | $languageslist .= "$langFound "; | 797 | $languageslist .= "$langFound "; | |
| 321 | } | 798 | } | |
| 322 | } | 799 | } | |
| 323 | closedir($handle); | 800 | closedir($handle); | |
| 324 | $languageslist = explode(" ", $languageslist); | 801 | $languageslist = explode(" ", $languageslist); | |
| 325 | sort($languageslist); | 802 | sort($languageslist); | |
| 326 | for ($i=0; $i < sizeof($languageslist); $i++) { | 803 | for ($i=0; $i < sizeof($languageslist); $i++) { | |
| 327 | if($languageslist[$i]!="") { | 804 | if($languageslist[$i]!="") { | |
| 328 | $content .= "<option value=\"index.php?newlang=$languageslist[$i]\" "; | 805 | $content .= "<option value=\"index.php?newlang=$languageslist[$i]\" "; | |
| 329 | if($languageslist[$i]==$currentlang) $content .= " selected"; | 806 | if($languageslist[$i]==$currentlang) $content .= " selected"; | |
| 330 | $content .= ">".ucfirst($languageslist[$i])."</option>\n"; | 807 | $content .= ">".ucfirst($languageslist[$i])."</option>\n"; | |
| 331 | } | 808 | } | |
| 332 | } | = | 809 | } |
| 333 | $content .= "</select></form></center>"; | 810 | $content .= "</select></form></center>"; | |
| 334 | themesidebox($title, $content); | 811 | themesidebox($title, $content); | |
| 335 | } | +- | ||
| 336 | } | |||
| 337 | = | |||
| 338 | function ultramode() { | <> | ||
| 339 | global $prefix, $dbi; | |||
| 340 | $ultra = "ultramode.txt"; | |||
| 341 | $file = fopen("$ultra", "w"); | |||
| 342 | fwrite($file, "General purpose self-explanatory file with news headlines\n"); | |||
| 343 | $rfile=sql_query("select sid, aid, title, time, comments, topic from ".$prefix."_stories order by time DESC limit 0,10", $dbi); | |||
| 344 | while(list($sid, $aid, $title, $time, $comments, $topic) = sql_fetch_row($rfile, $dbi)) { | |||
| 345 | $rfile2=sql_query("select topictext, topicimage from ".$prefix."_topics where topicid=$topic", $dbi); | |||
| 346 | list($topictext, $topicimage) = sql_fetch_row($rfile2, $dbi); | |||
| 347 | $content = "%%\n$title\n/modules.php?name=News&file=article&sid=$sid\n$time\n$aid\n$topictext\n$comments\n$topicimage\n"; | |||
| 348 | fwrite($file, $content); | |||
| 349 | } | 812 | } | |
| 350 | fclose($file); | |||
| 351 | } | = | 813 | } |
| 352 | 814 | |||
| 353 | function cookiedecode($user) { | <> | ||
| 354 | global $cookie, $prefix, $dbi, $user_prefix; | |||
| 355 | $user = base64_decode($user); | |||
| 356 | $cookie = explode(":", $user); | |||
| 357 | $result = sql_query("select pass from ".$user_prefix."_users where uname='$cookie[1]'", $dbi); | |||
| 358 | list($pass) = sql_fetch_row($result, $dbi); | |||
| 359 | if ($cookie[2] == $pass && $pass != "") { | |||
| 360 | return $cookie; | |||
| 361 | } else { | |||
| 362 | unset($user); | |||
| 363 | unset($cookie); | |||
| 364 | } | |||
| 365 | } | |||
| 366 | 815 | ## End Userfuncs | ||
| 367 | function getusrinfo($user) { | |||
| 368 | global $userinfo, $user_prefix, $dbi; | |||
| 369 | $user2 = base64_decode($user); | |||
| 370 | $user3 = explode(":", $user2); | |||
| 371 | $result = sql_query("select uid, name, uname, email, femail, url, user_avatar, user_icq, user_occ, user_from, user_intrest, user_sig, user_viewemail, user_theme, user_aim, user_yim, user_msnm, pass, storynum, umode, uorder, thold, noscore, bio, ublockon, ublock, theme, commentmax, newsletter from ".$user_prefix."_users where uname='$user3[1]' and pass='$user3[2]'", $dbi); | |||
| 372 | if (sql_num_rows($result, $dbi) == 1) { | |||
| 373 | $userinfo = sql_fetch_array($result, $dbi); | |||
| 374 | } | |||
| 375 | return $userinfo; | |||
| 376 | } | |||
| 377 | 816 | ## Begin Newsfuncs | ||
| 378 | function searchblock() { | |||
| 379 | OpenTable(); | |||
| 380 | echo "<form action=\"modules.php?name=Forum&file=search\" method=\"post\">"; | |||
| 381 | echo "<input type=\"hidden\" name=\"addterm\" value=\"any\">"; | |||
| 382 | echo "<input type=\"hidden\" name=\"sortby\" value=\"p.post_time\">"; | |||
| 383 | echo " <b>"._SEARCH."</b> <input type=\"text\" name=\"term\" size=\"15\">"; | |||
| 384 | echo "<input type=\"hidden\" name=\"submit\" value=\"submit\"></form>"; | |||
| 385 | echo "<div align=\"left\"><font class=\"content\"> [ <a href=\"modules.php?name=Forum&file=search&addterm=any&sortby=p.post_time&adv=1\">Advanced Search</a> ]</font></div>"; | |||
| 386 | CloseTable(); | |||
| 387 | } | |||
| 388 | = | |||
| 389 | function FixQuotes ($what = "") { | +- | ||
| 390 | $what = ereg_replace("'","''",$what); | |||
| 391 | while (eregi("\\\\'", $what)) { | |||
| 392 | $what = ereg_replace("\\\\'","'",$what); | |||
| 393 | } | |||
| 394 | return $what; | |||
| 395 | } | |||
| 396 | = | |||
| 397 | /*********************************************************/ | +- | ||
| 398 | /* text filter */ | |||
| 399 | /*********************************************************/ | |||
| 400 | = | |||
| 401 | function check_words($Message) { | +- | ||
| 402 | global $EditedMessage; | |||
| 403 | include("config.php"); | |||
| 404 | $EditedMessage = $Message; | |||
| 405 | if ($CensorMode != 0) { | |||
| 406 | = | |||
| 407 | if (is_array($CensorList)) { | +- | ||
| 408 | $Replace = $CensorReplace; | |||
| 409 | if ($CensorMode == 1) { | |||
| 410 | for ($i = 0; $i < count($CensorList); $i++) { | |||
| 411 | $EditedMessage = eregi_replace("$CensorList[$i]([^a-zA-Z0-9])","$Replace\\1",$EditedMessage); | |||
| 412 | } | |||
| 413 | } elseif ($CensorMode == 2) { | |||
| 414 | for ($i = 0; $i < count($CensorList); $i++) { | |||
| 415 | $EditedMessage = eregi_replace("(^|[^[:alnum:]])$CensorList[$i]","\\1$Replace",$EditedMessage); | |||
| 416 | } | |||
| 417 | } elseif ($CensorMode == 3) { | |||
| 418 | for ($i = 0; $i < count($CensorList); $i++) { | |||
| 419 | $EditedMessage = eregi_replace("$CensorList[$i]","$Replace",$EditedMessage); | |||
| 420 | } | |||
| 421 | } | |||
| 422 | } | |||
| 423 | } | |||
| 424 | return ($EditedMessage); | |||
| 425 | } | |||
| 426 | = | |||
| 427 | function delQuotes($string){ | +- | ||
| 428 | /* no recursive function to add quote to an HTML tag if needed */ | |||
| 429 | /* and delete duplicate spaces between attribs. */ | |||
| 430 | $tmp=""; # string buffer | |||
| 431 | $result=""; # result string | |||
| 432 | $i=0; | |||
| 433 | $attrib=-1; # Are us in an HTML attrib ? -1: no attrib 0: name of the attrib 1: value of the atrib | |||
| 434 | $quote=0; # Is a string quote delimited opened ? 0=no, 1=yes | |||
| 435 | $len = strlen($string); | |||
| 436 | while ($i<$len) { | |||
| 437 | switch($string[$i]) { # What car is it in the buffer ? | |||
| 438 | case "\"": #" # a quote. | |||
| 439 | if ($quote==0) { | |||
| 440 | $quote=1; | |||
| 441 | } else { | |||
| 442 | $quote=0; | |||
| 443 | if (($attrib>0) && ($tmp != "")) { $result .= "=\"$tmp\""; } | |||
| 444 | $tmp=""; | |||
| 445 | $attrib=-1; | |||
| 446 | } | |||
| 447 | break; | |||
| 448 | case "=": # an equal - attrib delimiter | |||
| 449 | if ($quote==0) { # Is it found in a string ? | |||
| 450 | $attrib=1; | |||
| 451 | if ($tmp!="") $result.=" $tmp"; | |||
| 452 | $tmp=""; | |||
| 453 | } else $tmp .= '='; | |||
| 454 | break; | |||
| 455 | case " ": # a blank ? | |||
| 456 | if ($attrib>0) { # add it to the string, if one opened. | |||
| 457 | $tmp .= $string[$i]; | |||
| 458 | } | |||
| 459 | break; | |||
| 460 | default: # Other | |||
| 461 | if ($attrib<0) # If we weren't in an attrib, set attrib to 0 | |||
| 462 | $attrib=0; | |||
| 463 | $tmp .= $string[$i]; | |||
| 464 | break; | |||
| 465 | } | |||
| 466 | $i++; | |||
| 467 | } | |||
| 468 | if (($quote!=0) && ($tmp != "")) { | |||
| 469 | if ($attrib==1) $result .= "="; | |||
| 470 | /* If it is the value of an atrib, add the '=' */ | |||
| 471 | $result .= "\"$tmp\""; /* Add quote if needed (the reason of the function ;-) */ | |||
| 472 | } | |||
| 473 | return $result; | |||
| 474 | } | |||
| 475 | = | |||
| 476 | function check_html ($str, $strip="") { | +- | ||
| 477 | /* The core of this code has been lifted from phpslash */ | |||
| 478 | /* which is licenced under the GPL. */ | |||
| 479 | include("config.php"); | |||
| 480 | if ($strip == "nohtml") | |||
| 481 | $AllowableHTML=array(''); | |||
| 482 | $str = stripslashes($str); | |||
| 483 | $str = eregi_replace("<[[:space:]]*([^>]*)[[:space:]]*>", | |||
| 484 | '<\\1>', $str); | |||
| 485 | // Delete all spaces from html tags . | |||
| 486 | $str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?[[:space:]]*([^\" >]*)[[:space:]]*\"?[^>]*>", | |||
| 487 | '<a href="\\1">', $str); # " | |||
| 488 | // Delete all attribs from Anchor, except an href, double quoted. | |||
| 489 | $str = eregi_replace("<img?", | |||
| 490 | '', $str); # " | |||
| 491 | $tmp = ""; | |||
| 492 | while (ereg("<(/?[[:alpha:]]*)[[:space:]]*([^>]*)>",$str,$reg)) { | |||
| 493 | $i = strpos($str,$reg[0]); | |||
| 494 | $l = strlen($reg[0]); | |||
| 495 | if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1)); | |||
| 496 | else $tag = strtolower($reg[1]); | |||
| 497 | if ($a = $AllowableHTML[$tag]) | |||
| 498 | if ($reg[1][0] == "/") $tag = "</$tag>"; | |||
| 499 | elseif (($a == 1) || ($reg[2] == "")) $tag = "<$tag>"; | |||
| 500 | else { | |||
| 501 | # Place here the double quote fix function. | |||
| 502 | $attrb_list=delQuotes($reg[2]); | |||
| 503 | // A VER | |||
| 504 | $attrb_list = ereg_replace("&","&",$attrb_list); | |||
| 505 | $tag = "<$tag" . $attrb_list . ">"; | |||
| 506 | } # Attribs in tag allowed | |||
| 507 | else $tag = ""; | |||
| 508 | $tmp .= substr($str,0,$i) . $tag; | |||
| 509 | $str = substr($str,$i+$l); | |||
| 510 | } | |||
| 511 | $str = $tmp . $str; | |||
| 512 | return $str; | |||
| 513 | exit; | |||
| 514 | /* Squash PHP tags unconditionally */ | |||
| 515 | $str = ereg_replace("<\?","",$str); | |||
| 516 | return $str; | |||
| 517 | } | |||
| 518 | = | |||
| 519 | function filter_text($Message, $strip="") { | +- | ||
| 520 | global $EditedMessage; | |||
| 521 | check_words($Message); | |||
| 522 | $EditedMessage=check_html($EditedMessage, $strip); | |||
| 523 | return ($EditedMessage); | |||
| 524 | } | |||
| 525 | = | |||
| 526 | /*********************************************************/ | +- | ||
| 527 | /* formatting stories */ | |||
| 528 | /*********************************************************/ | |||
| 529 | = | |||
| 530 | function formatTimestamp($time) { | +- | ||
| 531 | global $datetime, $locale; | |||
| 532 | setlocale ("LC_TIME", "$locale"); | |||
| 533 | ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime); | |||
| 534 | $datetime = strftime(""._DATESTRING."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1])); | |||
| 535 | $datetime = ucfirst($datetime); | |||
| 536 | return($datetime); | |||
| 537 | } | |||
| 538 | = | |||
| 539 | function formatAidHeader($aid) { | +- | ||
| 540 | global $prefix, $dbi; | |||
| 541 | $holder = sql_query("SELECT url, email FROM ".$prefix."_authors where aid='$aid'", $dbi); | |||
| 542 | if (!$holder) { | |||
| 543 | echo _ERROR; | |||
| 544 | exit(); | |||
| 545 | } | |||
| 546 | list($url, $email) = sql_fetch_row($holder, $dbi); | |||
| 547 | if (isset($url)) { | |||
| 548 | $aid = "<a href=\"$url\">$aid</a>"; | |||
| 549 | } elseif (isset($email)) { | |||
| 550 | $aid = "<a href=\"mailto:$email\">$aid</a>"; | |||
| 551 | } else { | |||
| 552 | $aid = $aid; | |||
| 553 | } | |||
| 554 | echo "$aid"; | |||
| 555 | } | |||
| 556 | = | |||
| 557 | function get_author($aid) { | +- | ||
| 558 | global $prefix, $dbi; | |||
| 559 | $holder = sql_query("SELECT url, email FROM ".$prefix."_authors where aid='$aid'", $dbi); | |||
| 560 | if (!$holder) { | |||
| 561 | echo _ERROR; | |||
| 562 | exit(); | |||
| 563 | } | |||
| 564 | list($url, $email) = sql_fetch_row($holder, $dbi); | |||
| 565 | if (isset($url)) { | |||
| 566 | $aid = "<a href=\"$url\">$aid</a>"; | |||
| 567 | } elseif (isset($email)) { | |||
| 568 | $aid = "<a href=\"mailto:$email\">$aid</a>"; | |||
| 569 | } else { | |||
| 570 | $aid = $aid; | |||
| 571 | } | |||
| 572 | return($aid); | |||
| 573 | } | |||
| 574 | = | |||
| 575 | function themepreview($title, $hometext, $bodytext="", $notes="") { | +- | ||
| 576 | echo "<b>$title</b><br><br>$hometext"; | |||
| 577 | if ($bodytext != "") { | |||
| 578 | echo "<br><br>$bodytext"; | |||
| 579 | } | |||
| 580 | if ($notes != "") { | |||
| 581 | echo "<br><br><b>"._NOTE."</b> <i>$notes</i>"; | |||
| 582 | } | |||
| 583 | } | |||
| 584 | = | |||
| 585 | function adminblock() { | +- | ||
| 586 | global $admin, $prefix, $dbi; | |||
| 587 | if (is_admin($admin)) { | |||
| 588 | $result = sql_query("select title, content from ".$prefix."_blocks where bkey='admin'", $dbi); | |||
| 589 | while(list($title, $content) = sql_fetch_array($result, $dbi)) { | |||
| 590 | $content = "<font class=\"content\">$content</font>"; | |||
| 591 | themesidebox($title, $content); | |||
| 592 | } | |||
| 593 | $title = ""._WAITINGCONT.""; | |||
| 594 | $result = sql_query("select * from ".$prefix."_queue", $dbi); | |||
| 595 | $num = sql_num_rows($result, $dbi); | |||
| 596 | $content = "<font class=\"content\">"; | |||
| 597 | $content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=submissions\">"._SUBMISSIONS."</a>: $num<br>"; | |||
| 598 | $result = sql_query("select * from ".$prefix."_reviews_add", $dbi); | |||
| 599 | $num = sql_num_rows($result, $dbi); | |||
| 600 | $content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=reviews\">"._WREVIEWS."</a>: $num<br>"; | |||
| 601 | $result = sql_query("select * from ".$prefix."_links_newlink", $dbi); | |||
| 602 | $num = sql_num_rows($result, $dbi); | |||
| 603 | $content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=Links\">"._WLINKS."</a>: $num<br>"; | |||
| 604 | $result = sql_query("select * from ".$prefix."_downloads_newdownload", $dbi); | |||
| 605 | $num = sql_num_rows($result, $dbi); | |||
| 606 | $content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=downloads\">"._UDOWNLOADS."</a>: $num<br></font>"; | |||
| 607 | themesidebox($title, $content); | |||
| 608 | } | |||
| 609 | } | |||
| 610 | = | |||
| 611 | function loginbox() { | +- | ||
| 612 | global $user; | |||
| 613 | if (!is_user($user)) { | |||
| 614 | $title = _LOGIN; | |||
| 615 | $boxstuff = "<form action=\"modules.php?name=Your_Account\" method=\"post\">"; | |||
| 616 | $boxstuff .= "<center><font class=\"content\">"._NICKNAME."<br>"; | |||
| 617 | $boxstuff .= "<input type=\"text\" name=\"uname\" size=\"8\" maxlength=\"25\"><br>"; | |||
| 618 | $boxstuff .= ""._PASSWORD."<br>"; | |||
| 619 | $boxstuff .= "<input type=\"password\" name=\"pass\" size=\"8\" maxlength=\"20\"><br>"; | |||
| 620 | $boxstuff .= "<input type=\"hidden\" name=\"op\" value=\"login\">"; | |||
| 621 | $boxstuff .= "<input type=\"submit\" value=\""._LOGIN."\"></font></center></form>"; | |||
| 622 | $boxstuff .= "<center><font class=\"content\">"._ASREGISTERED."</font></center>"; | |||
| 623 | themesidebox($title, $boxstuff); | |||
| 624 | } | |||
| 625 | } | |||
| 626 | = | |||
| 627 | function userblock() { | +- | ||
| 628 | global $user, $cookie, $prefix, $dbi, $user_prefix; | |||
| 629 | if((is_user($user)) AND ($cookie[8])) { | |||
| 630 | $getblock = sql_query("select ublock from ".$user_prefix."_users where uid='$cookie[0]'", $dbi); | |||
| 631 | $title = ""._MENUFOR." $cookie[1]"; | |||
| 632 | list($ublock) = sql_fetch_row($getblock, $dbi); | |||
| 633 | themesidebox($title, $ublock); | |||
| 634 | } | |||
| 635 | } | |||
| 636 | = | |||
| 637 | function getTopics($s_sid) { | 817 | function getTopics($s_sid) { | |
| 638 | global $topicname, $topicimage, $topictext, $prefix, $dbi; | 818 | global $topicname, $topicimage, $topictext, $prefix, $dbi; | |
| 639 | $sid = $s_sid; | 819 | $sid = $s_sid; | |
| 640 | $result = sql_query("SELECT topic FROM ".$prefix."_stories where sid=$sid", $dbi); | 820 | $result = sql_query("SELECT topic FROM ".$prefix."_stories where sid=$sid", $dbi); | |
| 641 | list($topic) = sql_fetch_row($result, $dbi); | 821 | list($topic) = sql_fetch_row($result, $dbi); | |
| 642 | $result = sql_query("SELECT topicid, topicname, topicimage, topictext FROM ".$prefix."_topics where topicid=$topic", $dbi); | 822 | $result = sql_query("SELECT topicid, topicname, topicimage, topictext FROM ".$prefix."_topics where topicid=$topic", $dbi); | |
| 643 | list($topicid, $topicname, $topicimage, $topictext) = sql_fetch_row($result, $dbi); | 823 | list($topicid, $topicname, $topicimage, $topictext) = sql_fetch_row($result, $dbi); | |
| 644 | } | 824 | } | |
| 645 | 825 | |||
| 646 | function headlines($bid, $cenbox=0) { | 826 | function headlines($bid, $cenbox=0) { | |
| 647 | global $prefix, $dbi; | 827 | global $prefix, $dbi; | |
| 648 | $result = sql_query("select title, content, url, refresh, time from ".$prefix."_blocks where bid='$bid'", $dbi); | 828 | $result = sql_query("select title, content, url, refresh, time from ".$prefix."_blocks where bid='$bid'", $dbi); | |
| 649 | list($title, $content, $url, $refresh, $otime) = sql_fetch_row($result, $dbi); | 829 | list($title, $content, $url, $refresh, $otime) = sql_fetch_row($result, $dbi); | |
| 650 | $past = time()-$refresh; | 830 | $past = time()-$refresh; | |
| 651 | if ($otime < $past) { | 831 | if ($otime < $past) { | |
| 652 | $btime = time(); | <> | 832 | $btime = time(); |
| 653 | $rdf = parse_url($url); | 833 | $rdf = parse_url($url); | |
| 654 | $fp = fsockopen($rdf['host'], 80, $errno, $errstr, 15); | 834 | $fp = fsockopen($rdf['host'], 80, $errno, $errstr, 15); | |
| 655 | if (!$fp) { | 835 | if (!$fp) { | |
| 656 | $content = ""; | 836 | $content = ""; | |
| 657 | //$content = "<font class=\"content\">"._RSSPROBLEM."</font>"; | 837 | //$content = "<font class=\"content\">"._RSSPROBLEM."</font>"; | |
| 658 | $result = sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi); | 838 | $result = sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi); | |
| 659 | $cont = 0; | 839 | $cont = 0; | |
| 660 | if ($cenbox == 0) { | 840 | if ($cenbox == 0) { | |
| 661 | themesidebox($title, $content); | 841 | themesidebox($title, $content); | |
| 662 | } else { | 842 | } else { | |
| 663 | themecenterbox($title, $content); | 843 | themecenterbox($title, $content); | |
| 664 | } | 844 | } | |
| 665 | return; | 845 | return; | |
| 666 | } | 846 | } | |
| 667 | if ($fp) { | 847 | if ($fp) { | |
| 668 | fputs($fp, "GET " . $rdf['path'] . "?" . $rdf['query'] . " HTTP/1.0\r\n"); | 848 | fputs($fp, "GET " . $rdf['path'] . "?" . $rdf['query'] . " HTTP/1.0\r\n"); | |
| 669 | fputs($fp, "HOST: " . $rdf['host'] . "\r\n\r\n"); | 849 | fputs($fp, "HOST: " . $rdf['host'] . "\r\n\r\n"); | |
| 670 | $string = ""; | 850 | $string = ""; | |
| 671 | while(!feof($fp)) { | 851 | while(!feof($fp)) { | |
| 672 | $pagetext = fgets($fp,300); | 852 | $pagetext = fgets($fp,300); | |
| 673 | $string .= chop($pagetext); | 853 | $string .= chop($pagetext); | |
| 674 | } | 854 | } | |
| 675 | fputs($fp,"Connection: close\r\n\r\n"); | 855 | fputs($fp,"Connection: close\r\n\r\n"); | |
| 676 | fclose($fp); | 856 | fclose($fp); | |
| 677 | $items = explode("</item>",$string); | 857 | $items = explode("</item>",$string); | |
| 678 | $content = "<font class=\"content\">"; | 858 | $content = "<font class=\"content\">"; | |
| 679 | for ($i=0;$i<10;$i++) { | 859 | for ($i=0;$i<10;$i++) { | |
| 680 | $link = ereg_replace(".*<link>","",$items[$i]); | 860 | $link = ereg_replace(".*<link>","",$items[$i]); | |
| 681 | $link = ereg_replace("</link>.*","",$link); | 861 | $link = ereg_replace("</link>.*","",$link); | |
| 682 | $title2 = ereg_replace(".*<title>","",$items[$i]); | 862 | $title2 = ereg_replace(".*<title>","",$items[$i]); | |
| 683 | $title2 = ereg_replace("</title>.*","",$title2); | 863 | $title2 = ereg_replace("</title>.*","",$title2); | |
| 684 | if ($items[$i] == "") { | 864 | if ($items[$i] == "") { | |
| 685 | $content = ""; | 865 | $content = ""; | |
| 686 | sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi); | 866 | sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi); | |
| 687 | $cont = 0; | 867 | $cont = 0; | |
| 688 | if ($cenbox == 0) { | 868 | if ($cenbox == 0) { | |
| 689 | themesidebox($title, $content); | 869 | themesidebox($title, $content); | |
| 690 | } else { | 870 | } else { | |
| 691 | themecenterbox($title, $content); | 871 | themecenterbox($title, $content); | |
| 692 | } | 872 | } | |
| 693 | return; | 873 | return; | |
| 694 | } else { | 874 | } else { | |
| 695 | if (strcmp($link,$title)) { | 875 | if (strcmp($link,$title)) { | |
| 696 | $cont = 1; | 876 | $cont = 1; | |
| 697 | $content .= "<strong><big>·</big></strong><a href=\"$link\" target=\"new\">$title2</a><br>\n"; | 877 | $content .= "<strong><big>·</big></strong><a href=\"$link\" target=\"new\">$title2</a><br>\n"; | |
| 698 | } | 878 | } | |
| 699 | } | 879 | } | |
| 700 | } | 880 | } | |
| 701 | = | 881 | ||
| 702 | } | <> | 882 | } |
| 703 | sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi); | 883 | sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi); | |
| 704 | } | = | 884 | } |
| 705 | $siteurl = ereg_replace("http://","",$url); | 885 | $siteurl = ereg_replace("http://","",$url); | |
| 706 | $siteurl = explode("/",$siteurl); | 886 | $siteurl = explode("/",$siteurl); | |
| 707 | if (($cont == 1) OR ($content != "")) { | 887 | if (($cont == 1) OR ($content != "")) { | |
| 708 | $content .= "<br><a href=\"http://$siteurl[0]\" target=\"blank\"><b>"._HREADMORE."</b></a></font>"; | <> | 888 | $content .= "<br><a href=\"http://$siteurl[0]\" target=\"blank\"><b>"._HREADMORE."</b></a></font>"; |
| 709 | } elseif (($cont == 0) OR ($content == "")) { | = | 889 | } elseif (($cont == 0) OR ($content == "")) { |
| 710 | $content = "<font class=\"content\">"._RSSPROBLEM."</font>"; | <> | 890 | $content = "<font class=\"content\">"._RSSPROBLEM."</font>"; |
| 711 | } | = | 891 | } |
| 712 | if ($cenbox == 0) { | 892 | if ($cenbox == 0) { | |
| 713 | themesidebox($title, $content); | <> | 893 | themesidebox($title, $content); |
| 714 | } else { | = | 894 | } else { |
| 715 | themecenterbox($title, $content); | <> | 895 | themecenterbox($title, $content); |
| 716 | } | = | 896 | } |
| 717 | } | 897 | } | |
| 718 | 898 | |||
| 719 | function automated_news() { | 899 | function automated_news() { | |
| 720 | global $prefix, $multilingual, $currentlang, $dbi; | 900 | global $prefix, $multilingual, $currentlang, $dbi; | |
| 721 | if ($multilingual == 1) { | 901 | if ($multilingual == 1) { | |
| 722 | $querylang = "WHERE (alanguage='$currentlang' OR alanguage='')"; /* the OR is needed to display stories who are posted to ALL languages */ | <> | 902 | $querylang = "WHERE (alanguage='$currentlang' OR alanguage='')"; /* the OR is needed to display stories who are posted to ALL languages */ |
| 723 | } else { | = | 903 | } else { |
| 724 | $querylang = ""; | <> | 904 | $querylang = ""; |
| 725 | } | = | 905 | } |
| 726 | $today = getdate(); | 906 | $today = getdate(); | |
| 727 | $day = $today[mday]; | 907 | $day = $today[mday]; | |
| 728 | if ($day < 10) { | 908 | if ($day < 10) { | |
| 729 | $day = "0$day"; | <> | 909 | $day = "0$day"; |
| 730 | } | = | 910 | } |
| 731 | $month = $today[mon]; | 911 | $month = $today[mon]; | |
| 732 | if ($month < 10) { | 912 | if ($month < 10) { | |
| 733 | $month = "0$month"; | <> | 913 | $month = "0$month"; |
| 734 | } | = | 914 | } |
| 735 | $year = $today[year]; | 915 | $year = $today[year]; | |
| 736 | $hour = $today[hours]; | 916 | $hour = $today[hours]; | |
| 737 | $min = $today[minutes]; | 917 | $min = $today[minutes]; | |
| 738 | $sec = "00"; | 918 | $sec = "00"; | |
| 739 | $result = sql_query("select anid, time from ".$prefix."_autonews $querylang", $dbi); | 919 | $result = sql_query("select anid, time from ".$prefix."_autonews $querylang", $dbi); | |
| 740 | while(list($anid, $time) = sql_fetch_row($result, $dbi)) { | 920 | while(list($anid, $time) = sql_fetch_row($result, $dbi)) { | |
| 741 | ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $date); | <> | 921 | ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $date); |
| 742 | if (($date[1] <= $year) AND ($date[2] <= $month) AND ($date[3] <= $day)) { | 922 | if (($date[1] <= $year) AND ($date[2] <= $month) AND ($date[3] <= $day)) { | |
| 743 | if (($date[4] < $hour) AND ($date[5] >= $min) OR ($date[4] <= $hour) AND ($date[5] <= $min)) { | 923 | if (($date[4] < $hour) AND ($date[5] >= $min) OR ($date[4] <= $hour) AND ($date[5] <= $min)) { | |
| 744 | $result2 = sql_query("select catid, aid, title, time, hometext, bodytext, topic, informant, notes, ihome, alanguage, acomm from ".$prefix."_autonews where anid='$anid'", $dbi); | 924 | $result2 = sql_query("select catid, aid, title, time, hometext, bodytext, topic, informant, notes, ihome, alanguage, acomm from ".$prefix."_autonews where anid='$anid'", $dbi); | |
| 745 | while(list($catid, $aid, $title, $a_time, $hometext, $bodytext, $topic, $author, $notes, $ihome, $alanguage, $acomm) = sql_fetch_row($result2, $dbi)) { | 925 | while(list($catid, $aid, $title, $a_time, $hometext, $bodytext, $topic, $author, $notes, $ihome, $alanguage, $acomm) = sql_fetch_row($result2, $dbi)) { | |
| 746 | $title = stripslashes(FixQuotes($title)); | 926 | $title = stripslashes(FixQuotes($title)); | |
| 747 | $hometext = stripslashes(FixQuotes($hometext)); | 927 | $hometext = stripslashes(FixQuotes($hometext)); | |
| 748 | $bodytext = stripslashes(FixQuotes($bodytext)); | 928 | $bodytext = stripslashes(FixQuotes($bodytext)); | |
| 749 | $notes = stripslashes(FixQuotes($notes)); | 929 | $notes = stripslashes(FixQuotes($notes)); | |
| 750 | sql_query("insert into ".$prefix."_stories values (NULL, '$catid', '$aid', '$title', '$a_time', '$hometext', '$bodytext', '0', '0', '$topic', '$author', '$notes', '$ihome', '$alanguage', '$acomm', '0', '0', '0', '0')", $dbi); | 930 | sql_query("insert into ".$prefix."_stories values (NULL, '$catid', '$aid', '$title', '$a_time', '$hometext', '$bodytext', '0', '0', '$topic', '$author', '$notes', '$ihome', '$alanguage', '$acomm', '0', '0', '0', '0')", $dbi); | |
| 751 | sql_query("delete from ".$prefix."_autonews where anid='$anid'", $dbi); | 931 | sql_query("delete from ".$prefix."_autonews where anid='$anid'", $dbi); | |
| 932 | } | |||
| 933 | } | |||
| 934 | } | |||
| 935 | } | |||
| 752 | } | 936 | } | |
| = | 937 | |||
| -+ | 938 | /*********************************************************/ | ||
| 939 | /* formatting stories */ | |||
| 940 | /*********************************************************/ | |||
| = | 941 | |||
| -+ | 942 | function formatTimestamp($time) { | ||
| 943 | global $datetime, $locale; | |||
| 944 | setlocale (LC_TIME, "$locale"); | |||
| 945 | ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime); | |||
| 946 | $datetime = strftime(""._DATESTRING."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1])); | |||
| 947 | $datetime = ucfirst($datetime); | |||
| = | 948 | |||
| -+ | 949 | /* Änderung Wochentage Anfang*/ | ||
| = | 950 | |||
| -+ | 951 | $datetime = str_replace("MEST","",$datetime); | ||
| 952 | /* Hier kann wahlweise auch: $datetime = str_replace("CEST","",$datetime); stehen */ | |||
| 953 | if (stristr($datetime,'Monday')) | |||
| 954 | { | |||
| 955 | $datetime = str_replace("Monday", "Montag", $datetime); | |||
| 956 | } | |||
| 957 | if (stristr($datetime,'Tuesday')) | |||
| 958 | { | |||
| 959 | $datetime = str_replace("Tuesday", "Dienstag", $datetime); | |||
| 960 | } | |||
| 961 | if (stristr($datetime,'Wednesday')) | |||
| 962 | { | |||
| 963 | $datetime = str_replace("Wednesday", "Mittwoch", $datetime); | |||
| 964 | } | |||
| 965 | if (stristr($datetime,'Thursday')) | |||
| 966 | { | |||
| 967 | $datetime = str_replace("Thursday", "Donnerstag", $datetime); | |||
| 968 | } | |||
| 969 | if (stristr($datetime,'Friday')) | |||
| 970 | { | |||
| 971 | $datetime = str_replace("Friday", "Freitag", $datetime); | |||
| 972 | } | |||
| 973 | if (stristr($datetime,'Saturday')) | |||
| 974 | { | |||
| 975 | $datetime = str_replace("Saturday", "Samstag", $datetime); | |||
| 976 | } | |||
| 977 | if (stristr($datetime,'Sunday')) | |||
| 978 | { | |||
| 979 | $datetime = str_replace("Sunday", "Sonntag", $datetime); | |||
| 980 | } | |||
| 981 | /* Änderung Wochentage Ende*/ | |||
| = | 982 | |||
| -+ | 983 | /* Änderung Monatsnamen */ | ||
| 984 | if (stristr($datetime,'January')) | |||
| 985 | { | |||
| 986 | $datetime = str_replace("January", "Januar", $datetime); | |||
| 987 | } | |||
| 988 | if (stristr($datetime,'February')) | |||
| 989 | { | |||
| 990 | $datetime = str_replace("February", "Februar", $datetime); | |||
| 991 | } | |||
| 992 | if (stristr($datetime,'March')) | |||
| 993 | { | |||
| 994 | $datetime = str_replace("March", "März", $datetime); | |||
| 995 | } | |||
| 996 | if (stristr($datetime,'May')) | |||
| 997 | { | |||
| 998 | $datetime = str_replace("May", "Mai", $datetime); | |||
| 999 | } | |||
| 1000 | if (stristr($datetime,'June')) | |||
| 1001 | { | |||
| 1002 | $datetime = str_replace("June", "Juni", $datetime); | |||
| 1003 | } | |||
| 1004 | if (stristr($datetime,'July')) | |||
| 1005 | { | |||
| 1006 | $datetime = str_replace("July", "Juli", $datetime); | |||
| 1007 | } | |||
| 1008 | if (stristr($datetime,'October')) | |||
| 1009 | { | |||
| 1010 | $datetime = str_replace("October", "Oktober", $datetime); | |||
| 1011 | } | |||
| 1012 | if (stristr($datetime,'December')) | |||
| 1013 | { | |||
| 1014 | $datetime = str_replace("December", "Dezember", $datetime); | |||
| 1015 | } | |||
| = | 1016 | |||
| -+ | 1017 | /* Änderung Ende */ | ||
| = | 1018 | |||
| -+ | 1019 | return($datetime); | ||
| 1020 | } | |||
| = | 1021 | |||
| -+ | 1022 | ## SpeedUp by DJMaze Begin | ||
| 1023 | function formatAidHeader($aid) { | |||
| 1024 | echo get_author($aid); | |||
| 1025 | } | |||
| = | 1026 | |||
| <> | 1027 | function get_author($aid) { | ||
| 1028 | global $prefix, $dbi; | |||
| 1029 | static $users; | |||
| 1030 | if (is_array($users[$aid])) { | |||
| 1031 | $row = $users[$aid]; | |||
| 1032 | } else { | |||
| 1033 | $sql = "SELECT url, email FROM ".$prefix."_authors WHERE aid='$aid'"; | |||
| 1034 | $result = sql_query($sql, $dbi); | |||
| 1035 | $row = sql_fetch_row($result, $dbi); | |||
| 1036 | $users[$aid] = $row; | |||
| 753 | } | 1037 | } | |
| 1038 | if (isset($row['url'])) { | |||
| 1039 | $aid = "<a href=\"$row[url]\">$aid</a>"; | |||
| 1040 | } elseif (isset($row['email'])) { | |||
| 1041 | $aid = "<a href=\"mailto:$row[email]\">$aid</a>"; | |||
| 1042 | } else { | |||
| 1043 | $aid = $aid; | |||
| 1044 | } | |||
| 1045 | return $aid; | |||
| 754 | } | 1046 | } | |
| 1047 | ## SpeedUp by DJMaze End | |||
| = | 1048 | |||
| -+ | 1049 | function themepreview($title, $hometext, $bodytext="", $notes="") { | ||
| 1050 | echo "<b>$title</b><br><br>$hometext"; | |||
| 1051 | if ($bodytext != "") { | |||
| 1052 | echo "<br><br>$bodytext"; | |||
| 755 | } | = | 1053 | } |
| -+ | 1054 | if ($notes != "") { | ||
| 1055 | echo "<br><br><b>"._NOTE."</b> <i>$notes</i>"; | |||
| 1056 | } | |||
| 756 | } | = | 1057 | } |
| 757 | 1058 | |||
| 758 | function themecenterbox($title, $content) { | <> | 1059 | ## End Newsfuncs |
| 1060 | ## QuickFix 2.2 Begin | |||
| 1061 | foreach ($_REQUEST as $value) { | |||
| 1062 | if (is_string($value) && !is_int($value)) { | |||
| 1063 | $pattern = '#(\<(img|i?frame|object|i?layer|script|link|embed)[^\>]+([[:space:]]{0,})(src|rel)([[:space:]]{0,})?=([^\>]+)?admin\.php\?[^\>]+\>)|(\[img\](.+)?(admin\.php\?).+?\[/img\])#si'; | |||
| 1064 | if (preg_match($pattern, $value)) { | |||
| 1065 | Header("Location: index.php"); | |||
| 1066 | exit; | |||
| 1067 | } | |||
| 1068 | } | |||
| 1069 | } | |||
| 1070 | unset($pattern); | |||
| 759 | OpenTable(); | 1071 | unset($value); | |
| 760 | echo "<center><fon class=\"option\"><b>$title</b></font></center><br>" | 1072 | ## QuickFix 2.2 End | |
| 761 | ."$content"; | 1073 | ||
| 1074 | ## Admin Secure Begin | |||
| 1075 | //asec_performFilterNotify(); | |||
| 1076 | //asec_performRealTimeNotify(); | |||
| 1077 | //asec_performAutoCheckNotify(); | |||
| 1078 | ## Admin Secure End | |||
| 1079 | // GT-NExtGEn 0.5 by Bill Murrin (Audioslaved) http://gt.audioslaved.com (c) 2004 | |||
| 1080 | // Configuration settings for GoogleTap --- nextGenOb, nextGenDebug Variables | |||
| 1081 | $nextGenOb = 1; //<-- NExtGEn On or Off, 1=On, 0=Off | |||
| 1082 | $nextGenDebug = 0; //<-- Turn Debugging On or Off 1=On, 0=Off (Admin View Only) | |||
| 1083 | $nextGenMainPath = "GoogleTap"; //<-- Name of Directory to GoogleTap Files. Should be located | |||
| 1084 | // in root path with mainfile.php. | |||
| 1085 | $nextGenBlock = 0; //<-- Enable Auto-Convert on Blocks 1=On, 0=Off (!Warning! May slow down the tap) | |||
| 1086 | $nextGenAdmin = is_admin($admin); //<-- Do NOT Touch! | |||
| 1087 | // End of Configuration Options | |||
| = | 1088 | |||
| -+ | 1089 | function nextGenTap($nextGenHead, $nextGenFoot, $nextGenContents) { | ||
| 1090 | global $prefix, $dbi, $admin, $nextGenOb, $nextGenDebug, $nextGenMainPath, $nextGenBlock, $nextGenAdmin; | |||
| 1091 | // GT-NExtGEn 0.5 by Bill Murrin (Audioslaved) http://gt.audioslaved.com (c) 2004 | |||
| = | 1092 | |||
| -+ | 1093 | if($nextGenOb == 1) { | ||
| 1094 | if(isset($_REQUEST['name'])) { | |||
| 1095 | $nextGenName = $_REQUEST['name']; | |||
| 1096 | if ($nextGenAdmin && $nextGenDebug == 1 && ($nextGenHead == 1 || $nextGenFoot == 1)) { | |||
| 1097 | echo "[nextGenName] = $nextGenName<br>"; | |||
| 1098 | } | |||
| 1099 | } else { | |||
| 1100 | $sql = "SELECT main_module FROM ".$prefix."_main"; | |||
| 1101 | $result = sql_query($sql, $dbi); | |||
| 1102 | $row = sql_fetch_array($result, $dbi); | |||
| 1103 | $mainmod_name = $row['main_module']; | |||
| 1104 | $nextGenName = $mainmod_name; | |||
| 1105 | if ($nextGenAdmin && $nextGenDebug == 1 && $nextGenHead == 1) { | |||
| 1106 | echo "[nextGenName] = $nextGenName (Main Module)<br>"; | |||
| 1107 | } | |||
| 1108 | } | |||
| = | 1109 | |||
| -+ | 1110 | //GT-NExtGEn Files Path --- nextGenPath Variable | ||
| 1111 | $nextGenPath = $nextGenMainPath . "/GT-" . $nextGenName . ".php"; | |||
| 1112 | if (file_exists($nextGenPath) && ($nextGenHead == 1 || $nextGenFoot == 1)) { | |||
| 1113 | if ($nextGenAdmin && $nextGenDebug == 1 && $nextGenHead == 1) { | |||
| 1114 | echo "[nextGenPath] = Path Does Exist<br>"; | |||
| 1115 | } | |||
| 1116 | } elseif ($nextGenHead == 1 || $nextGenFoot == 1) { | |||
| 1117 | if ($nextGenAdmin && $nextGenDebug == 1 && $nextGenHead == 1) { | |||
| 1118 | echo "[nextGenPath] = Path Does Not Exist!<br>"; | |||
| 1119 | } | |||
| 1120 | return; | |||
| 1121 | } | |||
| = | 1122 | |||
| <> | 1123 | //GT-NExtGEn Header Code --- nextGenHead Variable | ||
| 1124 | if($nextGenHead == 1) { | |||
| 1125 | if ($nextGenAdmin && $nextGenDebug == 1 ) { | |||
| 1126 | echo "[nextGenPath] = Present In Header<br>"; | |||
| 1127 | } | |||
| 762 | CloseTable(); | 1128 | ob_start(); | |
| 1129 | return; | |||
| 1130 | } | |||
| = | 1131 | |||
| -+ | 1132 | //GT-NExtGEn Footer Code --- nextGenFoot Variable | ||
| 1133 | if ($nextGenFoot == 1) { | |||
| 1134 | if ($nextGenAdmin && $nextGenDebug == 1) { | |||
| 1135 | echo "[nextGenPath] = Present In Footer<br>"; | |||
| 1136 | } | |||
| 1137 | $getNextGen = ob_get_contents(); | |||
| 1138 | $getNextGen = preg_replace("(&(?!([a-zA-Z]{2,6}|[0-9\#]{1,6})[\;]))", "&", $getNextGen); | |||
| 1139 | $getNextGen = str_replace(array("&&", "&middot;", "&nbsp;"), array("&&", "·", " "), $getNextGen); | |||
| 1140 | ob_end_clean(); | |||
| 1141 | include($nextGenPath); | |||
| 1142 | $nextGenContent = preg_replace($urlin, $urlout, $getNextGen); | |||
| 1143 | echo $nextGenContent; | |||
| 1144 | return; | |||
| 1145 | } | |||
| = | 1146 | |||
| <> | 1147 | //GT-NExtGEn Block Code --- nextGenBlock Variable | ||
| 1148 | if ($nextGenBlock == 1 && $nextGenContents != "") { | |||
| 1149 | preg_match_all ("(\b[name]{4}=[a-zA-Z0-9_-]*)", $nextGenContents, $getGenMatches); | |||
| 1150 | $gotGenMatches = array(); | |||
| 1151 | foreach($getGenMatches[0] as $gotten) { | |||
| 1152 | $gotGenMatches[] = $gotten; | |||
| 1153 | } | |||
| 1154 | unset($getGenMatches); | |||
| 1155 | $gotGenMatches = array_unique($gotGenMatches); | |||
| 1156 | foreach($gotGenMatches as $newGenMatch) { | |||
| 1157 | $expGenMatch = explode("=", $newGenMatch); | |||
| 1158 | if(file_exists("" . $nextGenMainPath . "/GT-" . $expGenMatch[1] . ".php")) { | |||
| 1159 | $path_exists[] = 1; | |||
| 1160 | include_once("" . $nextGenMainPath . "/GT-" . $expGenMatch[1] . ".php"); | |||
| 1161 | $newGenContents = preg_replace($urlin, $urlout, $nextGenContents); | |||
| 1162 | } | |||
| 1163 | } | |||
| 1164 | if (count($path_exists) < 1) { | |||
| 1165 | return $nextGenContents; | |||
| 1166 | } else { | |||
| 1167 | unset($path_exists); | |||
| 1168 | $newGenContents = preg_replace("(&(?!([a-zA-Z]{2,6}|[0-9\#]{1,6})[\;]))", "&", $newGenContents); | |||
| 1169 | $newGenContents = str_replace(array("&&", "&middot;", "&nbsp;"), array("&&", "·", " "), $newGenContents); | |||
| 1170 | return $newGenContents; | |||
| 1171 | } | |||
| 1172 | } elseif ($nextGenContents != "") { | |||
| 1173 | return $nextGenContents; | |||
| 1174 | } | |||
| 1175 | } elseif ($nextGenContents != "") { | |||
| 1176 | return $nextGenContents; | |||
| 763 | echo "<br>"; | 1177 | } | |
| 764 | } | = | 1178 | } |
| 765 | 1179 | |||
| 766 | ?> | 1180 | ?> |