DATEIVERGLEICH
Erstellt: 22.05.2005 00:31:58

Modus: Alle Zeilen

Linke Datei: D:\Localhost_2\nuke5.5\html\mainfile.php Rechte Datei: D:\Localhost\pragmaMx\stable\mainfile.php

1	<?php	<>	1	<?php // $Id: mainfile.php,v 1.7 2005/04/16 13:12:22 tora60 Exp $
2			2	/************************************
3	ob_start("ob_gzhandler");		3	pragmaMx Content Management System
4			4	Copyright (c) 2005 pragmaMx Dev Team - http://pragmaMx.org
5	/************************************************************************/		5	***********************************
6	/* PHP-NUKE: Advanced Content Management System */
7	/* ============================================ */
8	/* */
9	/* Copyright (c) 2002 by Francisco Burzi (fbc@mandrakesoft.com) */
10	/* http://phpnuke.org */
11	/* */
12	/* This program is free software. You can redistribute it and/or modify */		6	This program is free software; you can redistribute it and/or modify
13	/* it under the terms of the GNU General Public License as published by */		7	it under the terms of the GNU General Public License as published by
14	/* the Free Software Foundation; either version 2 of the License. */		8	the Free Software Foundation; either version 2 of the License, or
15	/************************************************************************/		9	(at your option) any later version.
16			10	***********************************
17	foreach ($HTTP_GET_VARS as $secvalue) {		11	$Source: /cvsroot/pragmamx/stable/mainfile.php,v $
18	if (eregi("<[^>]script\"?[^>]*>", $secvalue)) {
19	die ("I don't like you...");
20	}		12	$Revision: 1.7 $
21	}		13	$Author: tora60 $
			14	$Date: 2005/04/16 13:12:22 $
			15	************************************/
			16	/// Benchmarkanzeige initialisieren
22			17	if(!defined("MX_TIME")) {
23	if (eregi("mainfile.php",$PHP_SELF)) {		18	$vstarttime = explode(" ",microtime());
24	Header("Location: index.php");		19	define("MX_TIME",(float)$vstarttime[1] + (float)$vstarttime[0]);
25	die();		20	unset($vstarttime);
26	}		21	}
27		=	22
28	require_once("config.php");	<>	23	// Ausgabepuffer auf jeden Fall starten, wird am Ende dieser Datei
29	require_once("includes/sql_layer.php");		24	// wieder geloescht und evtl. der ob_gzhandler gestartet
30	$dbi = sql_connect($dbhost, $dbuname, $dbpass, $dbname);
31	$mainfile = 1;		25	ob_start();
32		=	26
33	if (isset($newlang)) {	<>	27	################################################################
34	if (file_exists("language/lang-$newlang.php")) {		28	// verschiedene Grundeinstellungen
35	setcookie("lang",$newlang,time()+31536000);		29	define("mxMainFileLoaded","1");
36	include("language/lang-$newlang.php");		30	define('MX_DOC_ROOT',dirname(__file__));
37	$currentlang = $newlang;
38	} else {		31
39	setcookie("lang",$language,time()+31536000);		32	// Nur Parsefehler melden
40	include("language/lang-$language.php");		33	error_reporting(E_PARSE);
41	$currentlang = $language;
42	}		34
43	} elseif (isset($lang)) {		35	// paresfehler in config.php abfangen
44	include("language/lang-$lang.php");
45	$currentlang = $lang;
46	} else {		36	if (!include('config.php')) {
47	setcookie("lang",$language,time()+31536000);		37	$msg = "<br><br>Error:<br>the config-file is missing or corrupted!";
48	include("language/lang-$language.php");		38	if (is_dir('install') && !is_file('config.php')) {
49	$currentlang = $language;		39	$msg = "<br><br><img src=\"images/logo.gif\" alt=\"pragmaMx\" /><br><br>pragmaMx seems not to be installed correctly, or you're running pragmaMx for the first time. <br />Click <a href=\"install/\"><b>here</b></a> to run the installer.";
50	}		40	}
51			41	die($msg);
52	function get_lang($module) {
53	global $currentlang;
54	if ($module == admin) {
55	if (file_exists("admin/language/lang-$currentlang.php")) {
56	include_once("admin/language/lang-$currentlang.php");
57	}	=	42	}
58	} else {	<>	43
59	if (file_exists("modules/$module/language/lang-$currentlang.php")) {		44	// nur für phpNuke-Kompatibilität
60	include_once("modules/$module/language/lang-$currentlang.php");		45	$GLOBALS["mainfile"] = 1;
		=	46
		-+	47	if (!isset($GLOBALS["mxDemoMode"])) {
			48	$GLOBALS["mxDemoMode"] = false;
61	}	=	49	}
62	}	+-
63	}
64		=	50
65	function is_admin($admin) {	<>	51	// Systemkonstanten definieren, diese Datei kann in gewissem Masse angepasst werden
66	global $prefix, $dbi;		52	require_once("includes/mx_baseconfig.php");
67	if(!is_array($admin)) {
68	$admin = base64_decode($admin);
69	$admin = explode(":", $admin);
70	$aid = "$admin[0]";
71	$pwd = "$admin[1]";
72	} else {
73	$aid = "$admin[0]";
74	$pwd = "$admin[1]";
75	}		53
76	$result = sql_query("select pwd from ".$prefix."_authors where aid='$aid'", $dbi);
77	list($pass) = sql_fetch_row($result, $dbi);
78	if($pass == $pwd && $pass != "") {
79	return 1;
80	}
81	return 0;		54	// zu alte php-Version
82	}		55	if (MX_PHP_VERSION < 410) die("<br>Sorry, PHP-Version > 4.1.0 is required.");
83		=	56
84	function is_user($user) {	<>	57	// mainfile direkt aufgerufen? Erst hier, wegen php-Version!
85	global $prefix, $dbi, $user_prefix;		58	if (eregi("mainfile.php",$_SERVER['PHP_SELF'])) die ("You can't access this file directly...");
86	if(!is_array($user)) {
87	$user = base64_decode($user);
88	$user = explode(":", $user);
89	$uid = "$user[0]";
90	$pwd = "$user[2]";
91	} else {
92	$uid = "$user[0]";
93	$pwd = "$user[2]";
94	}
95	$result = sql_query("select pass from ".$user_prefix."_users where uid='$uid'", $dbi);
96	list($pass) = sql_fetch_row($result, $dbi);
97	if($pass == $pwd && $pass != "") {
98	return 1;
99	}
100	return 0;
101	}		59
102		=	60
103	function title($text) {	<>	61	// System-Funktionen und unveränderbare Grundeinstellungen laden
104	OpenTable();		62	require_once("includes/mx_system.php");
105	echo "<center><font class=\"title\"><b>$text</b></font></center>";
106	CloseTable();
107	echo "<br>";
108	}
109		=	63
110	function is_active($module) {	<>
111	global $prefix, $dbi;
112	$result = sql_query("select active from ".$prefix."_modules where title='$module'", $dbi);
113	list ($act) = sql_fetch_row($result, $dbi);
114	if (!$result OR $act == 0) {
115	return 0;
116	} else {		64	// API's einbinden
117	return 1;		65	require_once("includes/mx_api.php");
118	}		66	require_once("includes/mx_api_2.php"); // in dieser Datei befinden sich Anzeige-Funktionen, die editiert werden können
119	}
120		=	67
121	function render_blocks($side, $blockfile, $title, $content, $bid, $url) {	<>	68	#####################################################
122	if ($url == "") {		69	// Datenbankverbindung herstellen und Session starten
123	if ($blockfile == "") {		70	require_once("includes/sql_layer.php");
124	if ($side == "c") {		71	require_once("includes/mx_session.php");
125	themecenterbox($title, $content);
126	} else {
127	themesidebox($title, $content);
128	}
129	} else {		72	if (!mxSessionStart()) {
130	if ($side == "c") {		73	die('<strong>Session: initialisation failed</strong><br><br>');
131	blockfileinc($title, $blockfile, 1);
132	} else {
133	blockfileinc($title, $blockfile);
134	}
135	}	=	74	}
136	} else {	<>
137	if ($side == "c") {		75	if(empty($dbi)){
138	headlines($bid,1);		76	die("<br><br>Selection from database failed!<br><br>Kein Zugriff auf die Datenbank möglich, bitte überprüfen Sie die Einstellungen.");
139	} else {
140	headlines($bid);
141	}	=	77	}
142	}	+-
143	}
144		=	78
145	function blocks($side) {	<>	79	// sql_inject Überprüfung starten
146	global $storynum, $prefix, $multilingual, $currentlang, $dbi, $admin, $user;		80	if ($GLOBALS['vkpSafeSqlinject'] && @is_file('includes/mx_detect.php')) {
147	if ($multilingual == 1) {		81	include_once('includes/detection/config.php');
148	$querylang = "AND (blanguage='$currentlang' OR blanguage='')";		82	include_once('includes/mx_detect.php');
149	} else {
150	$querylang = "";
151	}
152	if (strtolower($side[0]) == "l") {
153	$pos = "l";
154	} elseif (strtolower($side[0]) == "r") {
155	$pos = "r";
156	} elseif (strtolower($side[0]) == "c") {
157	$pos = "c";
158	}
159	$side = $pos;
160	$result = sql_query("select bid, bkey, title, content, url, blockfile, view from ".$prefix."_blocks where position='$pos' AND active='1' $querylang ORDER BY weight ASC", $dbi);
161	while(list($bid, $bkey, $title, $content, $url, $blockfile, $view) = sql_fetch_row($result, $dbi)) {
162	if ($bkey == admin) {
163	adminblock();		83	mxDetectCheckBanning();
164	} elseif ($bkey == userbox) {
165	userblock();		84	mxDetectStart();
166	} elseif ($bkey == "") {
167	if ($view == 0) {
168	render_blocks($side, $blockfile, $title, $content, $bid, $url);
169	} elseif ($view == 1 AND is_user($user) \|\| is_admin($admin)) {
170	render_blocks($side, $blockfile, $title, $content, $bid, $url);
171	} elseif ($view == 2 AND is_admin($admin)) {
172	render_blocks($side, $blockfile, $title, $content, $bid, $url);
173	} elseif ($view == 3 AND !is_user($user) \|\| is_admin($admin)) {
174	render_blocks($side, $blockfile, $title, $content, $bid, $url);
175	}
176	}	=	85	}
177	}	+-
178	}
179		=	86
180	function message_box() {	<>	87	define('MX_IS_ADMIN',mxIsAdmin()); // Adminberechtigung initialisieren
181	global $bgcolor1, $bgcolor2, $user, $admin, $cookie, $textcolor2, $prefix, $multilingual, $currentlang, $dbi;		88	define('MX_IS_USER' ,mxIsUser()); // Userberechtigung initialisieren
182	if ($multilingual == 1) {
183	$querylang = "AND (mlanguage='$currentlang' OR mlanguage='')";
184	} else {
185	$querylang = "";
186	}
187	$result = sql_query("select mid, title, content, date, expire, view from ".$prefix."_message where active='1' $querylang", $dbi);
188	if (sql_num_rows($result, $dbi) == 0) {
189	return;
190	} else {
191	while (list($mid, $title, $content, $mdate, $expire, $view) = sql_fetch_row($result, $dbi)) {
192	if ($title != "" && $content != "") {
193	if ($expire == 0) {
194	$remain = _UNLIMITED;
195	} else {
196	$etime = (($mdate+$expire)-time())/3600;
197	$etime = (int)$etime;
198	if ($etime < 1) {
199	$remain = _EXPIRELESSHOUR;
200	} else {
201	$remain = ""._EXPIREIN." $etime "._HOURS."";
202	}		89
203	}		90	// phpNuke6.5 Datenbanklayer einbinden, falls vorhanden
204	if ($view == 4 AND is_admin($admin)) {		91	if (@is_file("includes/db/db.php")) {
205	OpenTable();		92	include_once('includes/db/db.php');
206	echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"
207	."<font class=\"content\">$content</font>"
208	."<br><br><center><font class=\"content\">[ "._MVIEWADMIN." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";
209	CloseTable();
210	echo "<br>";
211	} elseif ($view == 3 AND is_user($user) \|\| is_admin($admin)) {
212	OpenTable();
213	echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"
214	."<font class=\"content\">$content</font>";
215	if (is_admin($admin)) {
216	echo "<br><br><center><font class=\"content\">[ "._MVIEWUSERS." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";
217	}
218	CloseTable();
219	echo "<br>";
220	} elseif ($view == 2 AND !is_user($user) \|\| is_admin($admin)) {
221	OpenTable();
222	echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"
223	."<font class=\"content\">$content</font>";
224	if (is_admin($admin)) {
225	echo "<br><br><center><font class=\"content\">[ "._MVIEWANON." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";
226	}
227	CloseTable();
228	echo "<br>";
229	} elseif ($view == 1) {
230	OpenTable();
231	echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"
232	."<font class=\"content\">$content</font>";
233	if (is_admin($admin)) {
234	echo "<br><br><center><font class=\"content\">[ "._MVIEWALL." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";
235	}
236	CloseTable();
237	echo "<br>";
238	}
239	if ($expire != 0) {
240	$past = time()-$expire;
241	if ($mdate < $past) {
242	$result = sql_query("update ".$prefix."_message set active='0' where mid='$mid'", $dbi);
243	}
244	}
245	}
246	}	=	93	}
247	}	+-
248	}
249		=	94
250	function online() {	<>	95	// phpNuke Api einbinden (alte mainfile)
251	global $user, $cookie, $prefix, $dbi;		96	if (@is_file("includes/nukefunctions.php")) {
252	cookiedecode($user);
253	$ip = getenv("REMOTE_ADDR");
254	$username = $cookie[1];
255	if (!isset($username)) {
256	$username = "$ip";
257	$guest = 1;
258	}
259	$past = time()-1800;
260	sql_query("DELETE FROM ".$prefix."_session WHERE time < $past", $dbi);
261	$result = sql_query("SELECT time FROM ".$prefix."_session WHERE username='$username'", $dbi);
262	$ctime = time();
263	if ($row = sql_fetch_array($result, $dbi)) {
264	sql_query("UPDATE ".$prefix."_session SET username='$username', time='$ctime', host_addr='$ip', guest='$guest' WHERE username='$username'", $dbi);
265	} else {
266	sql_query("INSERT INTO ".$prefix."_session (username, time, host_addr, guest) VALUES ('$username', '$ctime', '$ip', '$guest')", $dbi);
267	}
268	}
269		=
270	function blockfileinc($title, $blockfile, $side=0) {	<>
271	$blockfiletitle = $title;
272	$file = @file("blocks/$blockfile");
273	if (!$file) {
274	$content = _BLOCKPROBLEM;
275	} else {
276	include("blocks/$blockfile");		97	include_once("includes/nukefunctions.php");
277	}
278	if ($content == "") {
279	$content = _BLOCKPROBLEM2;
280	}
281	if ($side == 1) {
282	themecenterbox($blockfiletitle, $content);
283	} else {
284	themesidebox($blockfiletitle, $content);
285	}
286	}
287		=
288	function selectlanguage() {	+-
289	global $useflags, $currentlang;
290	if ($useflags == 1) {
291	$title = _SELECTLANGUAGE;
292	$content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br>";
293	$langdir = dir("language");
294	while($func=$langdir->read()) {
295	if(substr($func, 0, 5) == "lang-") {
296	$menulist .= "$func ";
297	}	=	98	}
298	}	<>	99
299	closedir($langdir->handle);
300	$menulist = explode(" ", $menulist);
301	sort($menulist);		100	// Debug-Mode
302	for ($i=0; $i < sizeof($menulist); $i++) {		101	if (!empty($GLOBALS['mxDebugService']) && MX_IS_ADMIN) {
303	if($menulist[$i]!="") {		102	@ini_set("display_errors",TRUE);
304	$tl = ereg_replace("lang-","",$menulist[$i]);		103	error_reporting(E_ALL);
305	$tl = ereg_replace(".php","",$tl);
306	$altlang = ucfirst($tl);
307	$content .= "<a href=\"index.php?newlang=$tl\"><img src=\"images/language/flag-$tl.png\" border=\"0\" alt=\"$altlang\" hspace=\"3\" vspace=\"3\"></a> ";
308	}	=	104	}
309	}	<>	105
310	$content .= "</font></center>";		106	// Demomode bei berechtigten Admins wieder abschalten
311	themesidebox($title, $content);		107	$GLOBALS["mxDemoMode"] = mxDemoMode();
312	} else {		108
313	$title = _SELECTLANGUAGE;		109	// zur Kompatiblitaet mit Nuke-Modulen
314	$content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br></font>";		110	///// den Admin-Cookie simulieren
315	$content .= "<form action=\"index.php\" method=\"get\"><select name=\"newlanguage\" onChange=\"top.location.href=this.options[this.selectedIndex].value\">";		111	$_COOKIE["admin"] = mxSessionGetVar("admin");
316	$handle=opendir('language');		112	$GLOBALS["admin"] = (empty($_COOKIE["admin"])) ? "" : $_COOKIE["admin"] ;
317	while ($file = readdir($handle)) {		113	///// den User-Cookie simulieren
318	if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {		114	$_COOKIE["user"] = mxSessionGetVar("user");
319	$langFound = $matches[1];		115	$GLOBALS["user"] = (empty($_COOKIE["user"])) ? "" : $_COOKIE["user"];
320	$languageslist .= "$langFound ";
321	}
322	}		116
323	closedir($handle);		117	///////////////////////////////////////////////////
324	$languageslist = explode(" ", $languageslist);		118	///// - simuliert magic_quotes_gpc=1
325	sort($languageslist);		119	///// - ersetzt bestimmte Sonderzeichen durch ihren HTML-Code
326	for ($i=0; $i < sizeof($languageslist); $i++) {		120	///// - simuliert register_globals = On
327	if($languageslist[$i]!="") {		121	if (count($_GET)) {
328	$content .= "<option value=\"index.php?newlang=$languageslist[$i]\" ";		122	foreach ($_GET as $key => $value) {
329	if($languageslist[$i]==$currentlang) $content .= " selected";		123	$_GET[$key] = mxSecureValue($value);
330	$content .= ">".ucfirst($languageslist[$i])."</option>\n";
331	}	=	124	}
332	}	+-
333	$content .= "</select></form></center>";
334	themesidebox($title, $content);
335	}	=	125	}
336	}	+-
337		=
338	function ultramode() {	<>	126	if (count($_POST)) {
339	global $prefix, $dbi;
340	$ultra = "ultramode.txt";
341	$file = fopen("$ultra", "w");
342	fwrite($file, "General purpose self-explanatory file with news headlines\n");
343	$rfile=sql_query("select sid, aid, title, time, comments, topic from ".$prefix."_stories order by time DESC limit 0,10", $dbi);
344	while(list($sid, $aid, $title, $time, $comments, $topic) = sql_fetch_row($rfile, $dbi)) {
345	$rfile2=sql_query("select topictext, topicimage from ".$prefix."_topics where topicid=$topic", $dbi);
346	list($topictext, $topicimage) = sql_fetch_row($rfile2, $dbi);
347	$content = "%%\n$title\n/modules.php?name=News&file=article&sid=$sid\n$time\n$aid\n$topictext\n$comments\n$topicimage\n";
348	fwrite($file, $content);
349	}
350	fclose($file);		127	foreach ($_POST as $key => $value) {
351	}		128	$_POST[$key] = mxSecureValue($value);
352		=
353	function cookiedecode($user) {	<>
354	global $cookie, $prefix, $dbi, $user_prefix;
355	$user = base64_decode($user);
356	$cookie = explode(":", $user);
357	$result = sql_query("select pass from ".$user_prefix."_users where uname='$cookie[1]'", $dbi);
358	list($pass) = sql_fetch_row($result, $dbi);
359	if ($cookie[2] == $pass && $pass != "") {
360	return $cookie;
361	} else {
362	unset($user);
363	unset($cookie);
364	}
365	}		129	}
366		=
367	function getusrinfo($user) {	+-
368	global $userinfo, $user_prefix, $dbi;
369	$user2 = base64_decode($user);
370	$user3 = explode(":", $user2);
371	$result = sql_query("select uid, name, uname, email, femail, url, user_avatar, user_icq, user_occ, user_from, user_intrest, user_sig, user_viewemail, user_theme, user_aim, user_yim, user_msnm, pass, storynum, umode, uorder, thold, noscore, bio, ublockon, ublock, theme, commentmax, newsletter from ".$user_prefix."_users where uname='$user3[1]' and pass='$user3[2]'", $dbi);
372	if (sql_num_rows($result, $dbi) == 1) {
373	$userinfo = sql_fetch_array($result, $dbi);
374	}
375	return $userinfo;
376	}
377		=
378	function searchblock() {	+-
379	OpenTable();
380	echo "<form action=\"modules.php?name=Forum&file=search\" method=\"post\">";
381	echo "<input type=\"hidden\" name=\"addterm\" value=\"any\">";
382	echo "<input type=\"hidden\" name=\"sortby\" value=\"p.post_time\">";
383	echo "  <b>"._SEARCH."</b> <input type=\"text\" name=\"term\" size=\"15\">";
384	echo "<input type=\"hidden\" name=\"submit\" value=\"submit\"></form>";
385	echo "<div align=\"left\"><font class=\"content\">  [ <a href=\"modules.php?name=Forum&file=search&addterm=any&sortby=p.post_time&adv=1\">Advanced Search</a> ]</font></div>";
386	CloseTable();
387	}
388		=
389	function FixQuotes ($what = "") {	+-
390	$what = ereg_replace("'","''",$what);
391	while (eregi("\\\\'", $what)) {
392	$what = ereg_replace("\\\\'","'",$what);
393	}	=	130	}
394	return $what;	+-
395	}
396		=
397	/*********************************************************/	+-
398	/* text filter */
399	/*********************************************************/
400		=
401	function check_words($Message) {	+-
402	global $EditedMessage;
403	include("config.php");
404	$EditedMessage = $Message;
405	if ($CensorMode != 0) {
406		=
407	if (is_array($CensorList)) {	<>	131	if (count($_COOKIE)) {
408	$Replace = $CensorReplace;		132	foreach ($_COOKIE as $key => $value) {
409	if ($CensorMode == 1) {		133	$_COOKIE[$key] = mxSecureValue($value);
410	for ($i = 0; $i < count($CensorList); $i++) {
411	$EditedMessage = eregi_replace("$CensorList[$i]([^a-zA-Z0-9])","$Replace\\1",$EditedMessage);
412	}	=	134	}
413	} elseif ($CensorMode == 2) {	+-
414	for ($i = 0; $i < count($CensorList); $i++) {
415	$EditedMessage = eregi_replace("(^\|[^[:alnum:]])$CensorList[$i]","\\1$Replace",$EditedMessage);
416	}
417	} elseif ($CensorMode == 3) {
418	for ($i = 0; $i < count($CensorList); $i++) {
419	$EditedMessage = eregi_replace("$CensorList[$i]","$Replace",$EditedMessage);
420	}
421	}
422	}	=	135	}
423	}	<>
424	return ($EditedMessage);		136	unset($key); unset($value);
425	}
426		=	137
427	function delQuotes($string){	<>	138	$HTTP_GET_VARS = &$_GET;
428	/* no recursive function to add quote to an HTML tag if needed */
429	/* and delete duplicate spaces between attribs. */
430	$tmp=""; # string buffer
431	$result=""; # result string
432	$i=0;		139	$HTTP_POST_VARS = &$_POST;
433	$attrib=-1; # Are us in an HTML attrib ? -1: no attrib 0: name of the attrib 1: value of the atrib		140	$HTTP_COOKIE_VARS = &$_COOKIE;
434	$quote=0; # Is a string quote delimited opened ? 0=no, 1=yes		141	$HTTP_SERVER_VARS = &$_SERVER;
435	$len = strlen($string);		142	$_REQUEST = array_merge($_GET,$_POST,$_COOKIE);
436	while ($i<$len) {		143	extract($_REQUEST, EXTR_OVERWRITE);
437	switch($string[$i]) { # What car is it in the buffer ?		144	if (!mxIniGet("register_globals")) {
438	case "\"": #" # a quote.		145	extract($_SERVER, EXTR_OVERWRITE);
439	if ($quote==0) {		146	if (count($_FILES)) {
440	$quote=1;		147	foreach ($_FILES as $upfile => $value) {
441	} else {		148	$$upfile = $value;
442	$quote=0;		149	foreach ($_FILES[$upfile] as $key => $value) {
443	if (($attrib>0) && ($tmp != "")) { $result .= "=\"$tmp\""; }		150	${$upfile.'_'.$key} = $value;
444	$tmp="";		151	#print $upfile."_".$key ." = ".${$upfile.'_'.$key}." <br>";
445	$attrib=-1;
446	}		152	}
447	break;		153	}
448	case "=": # an equal - attrib delimiter		154	unset($upfile); unset($value); unset($key);
449	if ($quote==0) { # Is it found in a string ?
450	$attrib=1;
451	if ($tmp!="") $result.=" $tmp";
452	$tmp="";
453	} else $tmp .= '=';
454	break;
455	case " ": # a blank ?
456	if ($attrib>0) { # add it to the string, if one opened.
457	$tmp .= $string[$i];
458	}	=	155	}
459	break;	+-
460	default: # Other
461	if ($attrib<0) # If we weren't in an attrib, set attrib to 0
462	$attrib=0;
463	$tmp .= $string[$i];
464	break;
465	}	=	156	}
466	$i++;	<>	157	//////////// ende ////////////////////////////////
467	}
468	if (($quote!=0) && ($tmp != "")) {
469	if ($attrib==1) $result .= "=";
470	/* If it is the value of an atrib, add the '=' */
471	$result .= "\"$tmp\""; /* Add quote if needed (the reason of the function ;-) */
472	}
473	return $result;
474	}
475		=	158
476	function check_html ($str, $strip="") {	<>
477	/* The core of this code has been lifted from phpslash */
478	/* which is licenced under the GPL. */
479	include("config.php");
480	if ($strip == "nohtml")
481	$AllowableHTML=array('');
482	$str = stripslashes($str);
483	$str = eregi_replace("<[[:space:]]([^>])[[:space:]]*>",
484	'<\\1>', $str);
485	// Delete all spaces from html tags .
486	$str = eregi_replace("<a[^>]href[[:space:]]=[[:space:]]\"?[[:space:]]([^\" >])[[:space:]]\"?[^>]*>",
487	'<a href="\\1">', $str); # "
488	// Delete all attribs from Anchor, except an href, double quoted.
489	$str = eregi_replace("<img?",
490	'', $str); # "
491	$tmp = "";
492	while (ereg("<(/?[[:alpha:]])[[:space:]]([^>]*)>",$str,$reg)) {
493	$i = strpos($str,$reg[0]);
494	$l = strlen($reg[0]);
495	if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1));
496	else $tag = strtolower($reg[1]);
497	if ($a = $AllowableHTML[$tag])
498	if ($reg[1][0] == "/") $tag = "</$tag>";
499	elseif (($a == 1) \|\| ($reg[2] == "")) $tag = "<$tag>";
500	else {		159	// Sprache einstellen
501	# Place here the double quote fix function.		160	$GLOBALS["language"] = (empty($GLOBALS["language"])) ? "german" : $GLOBALS["language"];
502	$attrb_list=delQuotes($reg[2]);		161	$GLOBALS["lang"] = (mxSessionGetVar("lang")) ? mxSessionGetVar("lang") : $GLOBALS["language"];
503	// A VER		162	if (isset($_REQUEST['newlang'])) {
504	$attrb_list = ereg_replace("&","&",$attrb_list);		163	$GLOBALS["currentlang"] = (@file_exists("language/lang-".$_REQUEST['newlang'].".php")) ? $_REQUEST['newlang'] : $GLOBALS["language"];
505	$tag = "<$tag" . $attrb_list . ">";
506	} # Attribs in tag allowed
507	else $tag = "";
508	$tmp .= substr($str,0,$i) . $tag;
509	$str = substr($str,$i+$l);
510	}	=	164	}
511	$str = $tmp . $str;	<>	165	else if (@file_exists("language/lang-".$GLOBALS["lang"].".php")) {
512	return $str;		166	$GLOBALS["currentlang"] = $GLOBALS["lang"];
513	exit;		167	}
514	/* Squash PHP tags unconditionally */
515	$str = ereg_replace("<\?","",$str);
516	return $str;		168	else {
517	}		169	$GLOBALS["currentlang"] = $GLOBALS["language"];
518			170	}
519	function filter_text($Message, $strip="") {		171	mxSessionSetVar("lang",$GLOBALS["currentlang"]);
520	global $EditedMessage;		172	mxSetNukeCookie("lang", $GLOBALS["currentlang"], 1);
521	check_words($Message);		173	$GLOBALS["lang"] = $GLOBALS["currentlang"];
522	$EditedMessage=check_html($EditedMessage, $strip);		174	$_COOKIE["lang"] = $GLOBALS["currentlang"];
523	return ($EditedMessage);		175	$HTTP_COOKIE_VARS["lang"] = $GLOBALS["currentlang"];
524	}		176	include_once("language/lang-".$GLOBALS["currentlang"].".php");
525		=	177
526	/*********************************************************/	<>	178	##################################################################################
527	/* formatting stories */
528	/*********************************************************/
529			179	// output-handling
530	function formatTimestamp($time) {		180	// falls bereits ausgaben erfolgt, diese zwischenspeichern und Puffer beenden
531	global $datetime, $locale;
532	setlocale ("LC_TIME", "$locale");
533	ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime);
534	$datetime = strftime(""._DATESTRING."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1]));
535	$datetime = ucfirst($datetime);
536	return($datetime);		181	$obtemp = trim(@ob_get_contents());
537	}		182	ob_end_clean();
538		=	183
539	function formatAidHeader($aid) {	<>	184	// Pufferhandler ermitteln
540	global $prefix, $dbi;		185	$mxoutputhandler = mxGetOutputHandler();
541	$holder = sql_query("SELECT url, email FROM ".$prefix."_authors where aid='$aid'", $dbi);		186	// Ausgabepuffer starten und evtl. Ausgabe komprimieren
542	if (!$holder) {
543	echo _ERROR;
544	exit();		187	ob_implicit_flush(0);
545	}
546	list($url, $email) = sql_fetch_row($holder, $dbi);
547	if (isset($url)) {
548	$aid = "<a href=\"$url\">$aid</a>";
549	} elseif (isset($email)) {
550	$aid = "<a href=\"mailto:$email\">$aid</a>";
551	} else {
552	$aid = $aid;
553	}
554	echo "$aid";
555	}
556		=
557	function get_author($aid) {	<>	188	if ($mxoutputhandler) {
558	global $prefix, $dbi;
559	$holder = sql_query("SELECT url, email FROM ".$prefix."_authors where aid='$aid'", $dbi);
560	if (!$holder) {
561	echo _ERROR;
562	exit();		189	ob_start($mxoutputhandler);
563	}		190	}
564	list($url, $email) = sql_fetch_row($holder, $dbi);
565	if (isset($url)) {
566	$aid = "<a href=\"$url\">$aid</a>";
567	} elseif (isset($email)) {
568	$aid = "<a href=\"mailto:$email\">$aid</a>";
569	} else {
570	$aid = $aid;
571	}
572	return($aid);		191	unset($mxoutputhandler);
573	}
574		=	192
575	function themepreview($title, $hometext, $bodytext="", $notes="") {	<>	193	// Ausgabepuffer auf jeden Fall ein 2tes mal starten, dass bei Fehlern, die Ausgabe,
576	echo "<b>$title</b><br><br>$hometext";		194	// auch erst am Ende des scripts in den komprimierten Handler geschrieben werden
577	if ($bodytext != "") {		195	// dies verhindert fruehzeitiges senden von HTTP-Headern (session)
578	echo "<br><br>$bodytext";
579	}
580	if ($notes != "") {
581	echo "<br><br><b>"._NOTE."</b> <i>$notes</i>";
582	}
583	}		196	ob_start();
584		=	197
585	function adminblock() {	<>	198	// evtl. bereits vorhandene zwischengespeicherte Ausgaben jetzt erst ausgeben
586	global $admin, $prefix, $dbi;
587	if (is_admin($admin)) {		199	if (!empty($obtemp)) {
588	$result = sql_query("select title, content from ".$prefix."_blocks where bkey='admin'", $dbi);
589	while(list($title, $content) = sql_fetch_array($result, $dbi)) {
590	$content = "<font class=\"content\">$content</font>";
591	themesidebox($title, $content);		200	echo $obtemp;
592	}	=	201	}
593	$title = ""._WAITINGCONT."";	<>
594	$result = sql_query("select * from ".$prefix."_queue", $dbi);
595	$num = sql_num_rows($result, $dbi);
596	$content = "<font class=\"content\">";
597	$content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=submissions\">"._SUBMISSIONS."</a>: $num<br>";
598	$result = sql_query("select * from ".$prefix."_reviews_add", $dbi);
599	$num = sql_num_rows($result, $dbi);
600	$content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=reviews\">"._WREVIEWS."</a>: $num<br>";
601	$result = sql_query("select * from ".$prefix."_links_newlink", $dbi);
602	$num = sql_num_rows($result, $dbi);
603	$content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=Links\">"._WLINKS."</a>: $num<br>";
604	$result = sql_query("select * from ".$prefix."_downloads_newdownload", $dbi);
605	$num = sql_num_rows($result, $dbi);
606	$content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=downloads\">"._UDOWNLOADS."</a>: $num<br></font>";
607	themesidebox($title, $content);
608	}
609	}		202	unset($obtemp);
610		=	203
611	function loginbox() {	<>	204	/// hier kann die Systemkonfiguration überprüft werden
612	global $user;		205	/// einfach folgende Zeile einkommentieren
613	if (!is_user($user)) {
614	$title = _LOGIN;
615	$boxstuff = "<form action=\"modules.php?name=Your_Account\" method=\"post\">";
616	$boxstuff .= "<center><font class=\"content\">"._NICKNAME."<br>";
617	$boxstuff .= "<input type=\"text\" name=\"uname\" size=\"8\" maxlength=\"25\"><br>";
618	$boxstuff .= ""._PASSWORD."<br>";
619	$boxstuff .= "<input type=\"password\" name=\"pass\" size=\"8\" maxlength=\"20\"><br>";
620	$boxstuff .= "<input type=\"hidden\" name=\"op\" value=\"login\">";
621	$boxstuff .= "<input type=\"submit\" value=\""._LOGIN."\"></font></center></form>";
622	$boxstuff .= "<center><font class=\"content\">"._ASREGISTERED."</font></center>";
623	themesidebox($title, $boxstuff);
624	}		206
625	}		207	# mxSystemInfo();
626		=	208
627	function userblock() {	<>	209	#mxDebugFuncVars($GLOBALS);
628	global $user, $cookie, $prefix, $dbi, $user_prefix;
629	if((is_user($user)) AND ($cookie[8])) {
630	$getblock = sql_query("select ublock from ".$user_prefix."_users where uid='$cookie[0]'", $dbi);
631	$title = ""._MENUFOR." $cookie[1]";
632	list($ublock) = sql_fetch_row($getblock, $dbi);
633	themesidebox($title, $ublock);
634	}		210
635	}		211	/* CVS-Log:
636			212	$Log: mainfile.php,v $
637	function getTopics($s_sid) {		213	Revision 1.7 2005/04/16 13:12:22 tora60
638	global $topicname, $topicimage, $topictext, $prefix, $dbi;		214	dummy für demomode eingebaut
639	$sid = $s_sid;		215
640	$result = sql_query("SELECT topic FROM ".$prefix."_stories where sid=$sid", $dbi);		216	Revision 1.6 2005/04/11 18:55:40 tora60
641	list($topic) = sql_fetch_row($result, $dbi);		217	error_reporting auf E_PARSE gestellt
642	$result = sql_query("SELECT topicid, topicname, topicimage, topictext FROM ".$prefix."_topics where topicid=$topic", $dbi);
643	list($topicid, $topicname, $topicimage, $topictext) = sql_fetch_row($result, $dbi);
644	}		218
			219	Revision 1.5 2005/04/02 11:51:24 tora60
			220	mx-detection System eingebaut
645		=	221
646	function headlines($bid, $cenbox=0) {	<>	222	Revision 1.4 2005/04/02 11:49:00 tora60
647	global $prefix, $dbi;
648	$result = sql_query("select title, content, url, refresh, time from ".$prefix."_blocks where bid='$bid'", $dbi);
649	list($title, $content, $url, $refresh, $otime) = sql_fetch_row($result, $dbi);
650	$past = time()-$refresh;
651	if ($otime < $past) {
652	$btime = time();		223	mx-detection System eingebaut
653	$rdf = parse_url($url);
654	$fp = fsockopen($rdf['host'], 80, $errno, $errstr, 15);
655	if (!$fp) {		224
656	$content = "";		225	Revision 1.3 2005/03/26 16:14:12 tora60
657	//$content = "<font class=\"content\">"._RSSPROBLEM."</font>";		226	versch. alte Links geändert
658	$result = sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);
659	$cont = 0;		227
660	if ($cenbox == 0) {		228	Revision 1.2 2005/03/19 21:51:01 tora60
661	themesidebox($title, $content);		229	Pfad zum Setup geändert > install
662	} else {
663	themecenterbox($title, $content);
664	}		230
665	return;		231	Revision 1.1 2005/03/19 18:14:19 tora60
666	}		232	init
667	if ($fp) {		233
668	fputs($fp, "GET " . $rdf['path'] . "?" . $rdf['query'] . " HTTP/1.0\r\n");		234	Revision 1.10.2.12 2004/10/10 13:24:24 EllselAn
669	fputs($fp, "HOST: " . $rdf['host'] . "\r\n\r\n");		235	Credits und Datei-Header angepasst
670	$string = "";
671	while(!feof($fp)) {
672	$pagetext = fgets($fp,300);
673	$string .= chop($pagetext);
674	}		236
675	fputs($fp,"Connection: close\r\n\r\n");		237	Revision 1.10.2.11 2004/09/26 13:03:18 EllselAn
676	fclose($fp);		238	Konflikt aufgelöst
677	$items = explode("</item>",$string);
678	$content = "<font class=\"content\">";
679	for ($i=0;$i<10;$i++) {
680	$link = ereg_replace(".*<link>","",$items[$i]);
681	$link = ereg_replace("</link>.*","",$link);
682	$title2 = ereg_replace(".*<title>","",$items[$i]);
683	$title2 = ereg_replace("</title>.*","",$title2);
684	if ($items[$i] == "") {
685	$content = "";
686	sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);
687	$cont = 0;		239
688	if ($cenbox == 0) {		240	Revision 1.10.2.9 2004/09/18 17:54:38 EllselAn
689	themesidebox($title, $content);		241	Behandlung $_Request geändert
690	} else {		242
691	themecenterbox($title, $content);		243	Revision 1.10.2.8 2004/09/13 12:11:36 EllselAn
692	}		244	check auf pro-Version, nur wenn in mx_baseconfig auch aktiviert
693	return;
694	} else {		245
695	if (strcmp($link,$title)) {		246	Revision 1.10.2.7 2004/09/06 21:08:01 EllselAn
696	$cont = 1;		247	weiterleitung zu setup, wenn config.php fehlt
697	$content .= "<strong><big>·</big></strong><a href=\"$link\" target=\"new\">$title2</a><br>\n";
698	}		248
699	}		249	Revision 1.10.2.6 2004/09/06 13:56:26 EllselAn
700	}		250	detection aktiviert, reihenfolge geändert
701		=	251
702	}	<>	252	Revision 1.10.2.5 2004/09/02 20:04:05 EllselAn
703	sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);		253	Klammeraffe vor ob_get_contents
704	}		254
705	$siteurl = ereg_replace("http://","",$url);		255	Revision 1.10.2.4 2004/08/31 22:57:10 EllselAn
706	$siteurl = explode("/",$siteurl);		256	Anpassung/Angleich an mX2.2
707	if (($cont == 1) OR ($content != "")) {
708	$content .= "<br><a href=\"http://$siteurl[0]\" target=\"blank\"><b>"._HREADMORE."</b></a></font>";
709	} elseif (($cont == 0) OR ($content == "")) {
710	$content = "<font class=\"content\">"._RSSPROBLEM."</font>";
711	}		257
712	if ($cenbox == 0) {		258	Revision 1.10.2.3 2004/08/31 00:36:59 EllselAn
713	themesidebox($title, $content);		259	vergessene statusausgabe
714	} else {		260
715	themecenterbox($title, $content);		261	Revision 1.10.2.2 2004/08/31 00:13:55 EllselAn
716	}		262	versch. Funktionen im Zusammenspiel mit der pro-Erkennung umgebaut
717	}		263
			264	Revision 1.10.2.1 2004/08/27 13:19:03 EllselAn
			265	versch. neue Grundeinstellungen, mx-Pro Funktionen angepasst
718		=	266
719	function automated_news() {	<>	267	Revision 1.10 2003/11/05 16:27:33 EllselAn
720	global $prefix, $multilingual, $currentlang, $dbi;		268	phpNuke6.5 Datenbanklayer einbinden
721	if ($multilingual == 1) {
722	$querylang = "WHERE (alanguage='$currentlang' OR alanguage='')"; /* the OR is needed to display stories who are posted to ALL languages */
723	} else {
724	$querylang = "";
725	}		269
726	$today = getdate();		270	Revision 1.9 2003/10/01 12:00:51 EllselAn
727	$day = $today[mday];		271	problem mit file_exists bei safe_mode=on
728	if ($day < 10) {
729	$day = "0$day";
730	}		272
731	$month = $today[mon];		273	Revision 1.8 2003/09/28 22:35:39 HeidriDa
732	if ($month < 10) {		274	Die Upload Klasse wird included!
733	$month = "0$month";
734	}		275
735	$year = $today[year];		276	Revision 1.7 2003/09/27 15:41:28 EllselAn
736	$hour = $today[hours];		277	microtime-ermittlung für Benchmark optimiert
737	$min = $today[minutes];
738	$sec = "00";		278
739	$result = sql_query("select anid, time from ".$prefix."_autonews $querylang", $dbi);		279	Revision 1.6 2003/09/16 22:14:32 EllselAn
740	while(list($anid, $time) = sql_fetch_row($result, $dbi)) {		280	ini_set/ini_get Befehle geändert
741	ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $date);		281	register_globals Fix für $_FILES
742	if (($date[1] <= $year) AND ($date[2] <= $month) AND ($date[3] <= $day)) {
743	if (($date[4] < $hour) AND ($date[5] >= $min) OR ($date[4] <= $hour) AND ($date[5] <= $min)) {
744	$result2 = sql_query("select catid, aid, title, time, hometext, bodytext, topic, informant, notes, ihome, alanguage, acomm from ".$prefix."_autonews where anid='$anid'", $dbi);
745	while(list($catid, $aid, $title, $a_time, $hometext, $bodytext, $topic, $author, $notes, $ihome, $alanguage, $acomm) = sql_fetch_row($result2, $dbi)) {
746	$title = stripslashes(FixQuotes($title));
747	$hometext = stripslashes(FixQuotes($hometext));
748	$bodytext = stripslashes(FixQuotes($bodytext));
749	$notes = stripslashes(FixQuotes($notes));
750	sql_query("insert into ".$prefix."_stories values (NULL, '$catid', '$aid', '$title', '$a_time', '$hometext', '$bodytext', '0', '0', '$topic', '$author', '$notes', '$ihome', '$alanguage', '$acomm', '0', '0', '0', '0')", $dbi);
751	sql_query("delete from ".$prefix."_autonews where anid='$anid'", $dbi);
752	}		282
753	}		283	Revision 1.5 2003/09/11 20:30:23 EllselAn
			284	einbinden der config.php geändert
754	}		285
755	}		286	Revision 1.4 2003/09/06 00:40:42 EllselAn
			287	einschalten von Errormeldungen im debugmode
756	}		288
757		=	289
758	function themecenterbox($title, $content) {	<>
759	OpenTable();
760	echo "<center><fon class=\"option\"><b>$title</b></font></center><br>"
761	."$content";
762	CloseTable();
763	echo "<br>";
764	}		290	*/
765		=	291
766	?>		292	?>