DATEIVERGLEICH
Erstellt: 22.05.2005 02:04:09
   
Modus: Alle Zeilen  
   
Linke Datei: D:\Localhost_2\nuke5.5\html\mainfile.php     Rechte Datei: D:\Localhost_2\vkpMX\mainfile.php  
1 <?php <> 1 <?php // $Id: mainfile.php,v 1.10 2003/11/05 16:27:33 EllselAn Exp $
2   =    
3 ob_start("ob_gzhandler"); +-    
4   =    
5 /************************************************************************/ <> 2 /**********************************************************************/
6 /* PHP-NUKE: Advanced Content Management System                         */   3 /* vkpMx 2.0  Content Management System Platform                      */
7 /* ============================================                        */   4 /* ================================================================== */
8 /*                                                              */   5 /* Copyright (C) 2003 by the vkpMx & pragmaMx Developer Team          */
9 /* Copyright (c) 2002 by Francisco Burzi (fbc@mandrakesoft.com)         */   6 /* email:         team@pragmamx.org                                   */
10 /* http://phpnuke.org                                                   */   7 /* homepage:      http://www.maax-design.de                           */
11 /*                                                                  */   8 /* further sites: http://www.pragmaMx.org, http://www.guggemahier.de, */
12 /* This program is free software. You can redistribute it and/or modify */   9 /*            http://www.marx-city.de, http://www.genutec-studios.de, */
13 /* it under the terms of the GNU General Public License as published by */   10 /*            http://www.shiba-design.de, http://www.power-maax.de    */
14 /* the Free Software Foundation; either version 2 of the License.       */   11 /* ================================================================== */
15 /************************************************************************/   12 /*   The vkpMx is distributed free of charge by maax-design.de.       */
16     13 /*   The use of this system is allowed until copyright information    */
17 foreach ($HTTP_GET_VARS as $secvalue) {   14 /*   is shown perspicuous visible and correcty on all system pages.   */
18     if (eregi("<[^>]*script*\"?[^>]*>", $secvalue)) {   15 /*   Sales, rent out and the use of single code parts from this       */
19         die ("I don't like you...");   16 /*   system must be allowed by maax-design.de.                        */
20     }   17 /**********************************************************************/
21 }      
22   = 18  
23 if (eregi("mainfile.php",$PHP_SELF)) { <> 19 // Sets PHP Error-Reporting to a lower level
24     Header("Location: index.php");      
25     die();   20 #error_reporting(E_ERROR);
26 }      
27   = 21  
28 require_once("config.php"); <> 22 // diese beiden Zeilen vor der Release entfernen! ////////////////
29 require_once("includes/sql_layer.php");   23 if (@file_exists("ixed/noixed/develop.php")) include("ixed/noixed/develop.php");
30 $dbi = sql_connect($dbhost, $dbuname, $dbpass, $dbname);   24 //////////////////////////////////////////////////////////////////
31 $mainfile = 1;      
32   = 25  
33 if (isset($newlang)) { <> 26 /// Benchmarkanzeige initialisieren
34     if (file_exists("language/lang-$newlang.php")) {      
35         setcookie("lang",$newlang,time()+31536000);      
36         include("language/lang-$newlang.php");      
37         $currentlang = $newlang;      
38     } else {      
39         setcookie("lang",$language,time()+31536000);      
40         include("language/lang-$language.php");      
41         $currentlang = $language;      
42     }      
43 } elseif (isset($lang)) {      
44     include("language/lang-$lang.php");      
45     $currentlang = $lang;      
46 } else {   27 if(!defined("MX_TIME")) {
47     setcookie("lang",$language,time()+31536000);   28         $vstarttime = explode(" ",microtime());
48     include("language/lang-$language.php");   29         define("MX_TIME",(float)$vstarttime[1] + (float)$vstarttime[0]);
49     $currentlang = $language;      
50 }      
51     30         unset($vstarttime);
52 function get_lang($module) {      
53     global $currentlang;      
54     if ($module == admin) {      
55         if (file_exists("admin/language/lang-$currentlang.php")) {      
56             include_once("admin/language/lang-$currentlang.php");      
57         } = 31         }
58     } else { +-    
59         if (file_exists("modules/$module/language/lang-$currentlang.php")) {         
60             include_once("modules/$module/language/lang-$currentlang.php");      
61         }      
62     }      
63 }      
64   = 32  
65 function is_admin($admin) { <> 33 ################################################################
66     global $prefix, $dbi;   34 // verschiedene Grundeinstellungen
67     if(!is_array($admin)) {      
68         $admin = base64_decode($admin);      
69         $admin = explode(":", $admin);   35 define("mxMainFileLoaded","1");
70         $aid = "$admin[0]";   36 if (!@include_once("config.php")) die("Error: the config-file is missing or corrupted!");
71         $pwd = "$admin[1]";   37 $GLOBALS["mainfile"] = 1; // nur für phpNuke-Kompatibilität
72     } else {      
73         $aid = "$admin[0]";      
74         $pwd = "$admin[1]";      
75     }   38  
76     $result = sql_query("select pwd from ".$prefix."_authors where aid='$aid'", $dbi);   39 // Systemkonstanten definieren, diese Datei kann in gewissem Masse angepasst werden
77    list($pass) = sql_fetch_row($result, $dbi);   40 require_once("includes/mx_baseconfig.php");
78     if($pass == $pwd && $pass != "") {      
79         return 1;      
80     }   41  
81    return 0;   42 // zu alte php-Version
82 }   43 if (MX_PHP_VERSION < 410) die("<br>Sorry, PHP-Version > 4.1.0 is required.");
83   = 44  
84 function is_user($user) { <> 45 // crypting extension laden
85     global $prefix, $dbi, $user_prefix;      
86     if(!is_array($user)) {      
87         $user = base64_decode($user);      
88         $user = explode(":", $user);      
89         $uid = "$user[0]";      
90         $pwd = "$user[2]";      
91     } else {   46 mxLoadIxed();
92         $uid = "$user[0]";   47 #print MX_CRYPTEDDIR;
93         $pwd = "$user[2]";      
94     }   48  
95     $result = sql_query("select pass from ".$user_prefix."_users where uid='$uid'", $dbi);   49 // System-Funktionen und unveränderbare Grundeinstellungen laden
96    list($pass) = sql_fetch_row($result, $dbi);   50 require_once(MX_CRYPTEDDIR."/mx_system.php");
97     if($pass == $pwd && $pass != "") {      
98         return 1;      
99     }   51  
100     return 0;   52 // mainfile direkt aufgerufen? Erst hier, wegen php-Version!
101 }   53 if (eregi("mainfile.php",$_SERVER['PHP_SELF'])) die ("You can't access this file directly...");
102   = 54  
103 function title($text) { <>    
104     OpenTable();   55 // Ausgabe komprimieren
105     echo "<center><font class=\"title\"><b>$text</b></font></center>";   56 if (extension_loaded("zlib") && !get_cfg_var("zlib.output_compression")) {
106     CloseTable();   57         ob_start("ob_gzhandler");
107     echo "<br>";      
108 }   58         }
109   = 59  
110 function is_active($module) { <>    
111     global $prefix, $dbi;      
112     $result = sql_query("select active from ".$prefix."_modules where title='$module'", $dbi);      
113     list ($act) = sql_fetch_row($result, $dbi);      
114     if (!$result OR $act == 0) {      
115         return 0;      
116     } else {   60 // API's einbinden
117         return 1;   61 require_once(MX_CRYPTEDDIR."/mx_api.php");
118     }   62 require_once("includes/mx_api_2.php");
119 }      
120   = 63  
121 function render_blocks($side, $blockfile, $title, $content, $bid, $url) { <> 64 //Upload Libary/Klasse einbinden
122     if ($url == "") {   65 require_once("includes/upload.class.php");
123         if ($blockfile == "") {      
124             if ($side == "c") {      
125                 themecenterbox($title, $content);      
126             } else {      
127                 themesidebox($title, $content);      
128             }   66  
129         } else {   67 // phpNuke Api einbinden (alte mainfile)
130             if ($side == "c") {   68 if (@file_exists("includes/nukefunctions.php")) {
131                 blockfileinc($title, $blockfile, 1);   69         include_once("includes/nukefunctions.php");
132             } else {      
133                 blockfileinc($title, $blockfile);      
134             }      
135         } = 70         }
136     } else { <> 71  
137         if ($side == "c") {   72 #####################################################
138             headlines($bid,1);   73 // Datenbankverbindung herstellen und Session starten
      74 require_once("includes/sql_layer.php");
      75 require_once(MX_CRYPTEDDIR."/mx_session.php");
139         } else {   76 if (!mxSessionStart()) {
140             headlines($bid);   77         die('<strong>Session: initialisation failed</strong><br><br>');
141         } = 78         }
142     } +-    
143 }      
144   =    
145 function blocks($side) { <>    
146     global $storynum, $prefix, $multilingual, $currentlang, $dbi, $admin, $user;      
147     if ($multilingual == 1) {      
148         $querylang = "AND (blanguage='$currentlang' OR blanguage='')";      
149     } else {      
150         $querylang = "";      
151     }      
152     if (strtolower($side[0]) == "l") {      
153         $pos = "l";      
154     } elseif (strtolower($side[0]) == "r") {      
155         $pos = "r";      
156     }  elseif (strtolower($side[0]) == "c") {      
157         $pos = "c";      
158     }      
159     $side = $pos;      
160     $result = sql_query("select bid, bkey, title, content, url, blockfile, view from ".$prefix."_blocks where position='$pos' AND active='1' $querylang ORDER BY weight ASC", $dbi);      
161     while(list($bid, $bkey, $title, $content, $url, $blockfile, $view) = sql_fetch_row($result, $dbi)) {      
162         if ($bkey == admin) {   79 if(empty($dbi)){
163             adminblock();   80         die("<br><br>Selection from database failed!<br><br>Kein Zugriff auf die Datenbank möglich, bitte überprüfen Sie die Einstellungen.");
164         } elseif ($bkey == userbox) {      
165             userblock();      
166         } elseif ($bkey == "") {      
167             if ($view == 0) {      
168                 render_blocks($side, $blockfile, $title, $content, $bid, $url);      
169             } elseif ($view == 1 AND is_user($user) || is_admin($admin)) {      
170                 render_blocks($side, $blockfile, $title, $content, $bid, $url);      
171             } elseif ($view == 2 AND is_admin($admin)) {      
172                 render_blocks($side, $blockfile, $title, $content, $bid, $url);      
173             } elseif ($view == 3 AND !is_user($user) || is_admin($admin)) {      
174                 render_blocks($side, $blockfile, $title, $content, $bid, $url);      
175             }      
176         } = 81         }
177     } +-    
178 }      
179   = 82  
180 function message_box() { <> 83 // phpNuke6.5 Datenbanklayer einbinden
181     global $bgcolor1, $bgcolor2, $user, $admin, $cookie, $textcolor2, $prefix, $multilingual, $currentlang, $dbi;   84 if (@file_exists("includes/db/db.php")) {
182     if ($multilingual == 1) {   85         include_once('includes/db/db.php');
183         $querylang = "AND (mlanguage='$currentlang' OR mlanguage='')";      
184     } else {      
185         $querylang = "";      
186     }      
187     $result = sql_query("select mid, title, content, date, expire, view from ".$prefix."_message where active='1' $querylang", $dbi);      
188     if (sql_num_rows($result, $dbi) == 0) {      
189         return;      
190     } else {      
191         while (list($mid, $title, $content, $mdate, $expire, $view) = sql_fetch_row($result, $dbi)) {      
192         if ($title != "" && $content != "") {      
193             if ($expire == 0) {      
194                 $remain = _UNLIMITED;      
195             } else {      
196                 $etime = (($mdate+$expire)-time())/3600;      
197                 $etime = (int)$etime;      
198                 if ($etime < 1) {      
199                     $remain = _EXPIRELESSHOUR;      
200                 } else {      
201                     $remain = ""._EXPIREIN." $etime "._HOURS."";      
202                 }      
203             }      
204             if ($view == 4 AND is_admin($admin)) {      
205                 OpenTable();      
206                 echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"      
207                     ."<font class=\"content\">$content</font>"      
208                     ."<br><br><center><font class=\"content\">[ "._MVIEWADMIN." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";      
209                 CloseTable();      
210                 echo "<br>";      
211             } elseif ($view == 3 AND is_user($user) || is_admin($admin)) {      
212                 OpenTable();      
213                 echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"      
214                     ."<font class=\"content\">$content</font>";      
215                 if (is_admin($admin)) {      
216                     echo "<br><br><center><font class=\"content\">[ "._MVIEWUSERS." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";      
217                 }      
218                 CloseTable();      
219                 echo "<br>";      
220             } elseif ($view == 2 AND !is_user($user) || is_admin($admin)) {      
221                 OpenTable();      
222                 echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"      
223                     ."<font class=\"content\">$content</font>";      
224                 if (is_admin($admin)) {      
225                     echo "<br><br><center><font class=\"content\">[ "._MVIEWANON." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";      
226                 }      
227                 CloseTable();      
228                 echo "<br>";      
229             } elseif ($view == 1) {      
230                 OpenTable();      
231                 echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"      
232                     ."<font class=\"content\">$content</font>";      
233                 if (is_admin($admin)) {      
234                     echo "<br><br><center><font class=\"content\">[ "._MVIEWALL." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";      
235                 }      
236                 CloseTable();      
237                 echo "<br>";      
238             }      
239             if ($expire != 0) {      
240                 $past = time()-$expire;      
241                 if ($mdate < $past) {      
242                     $result = sql_query("update ".$prefix."_message set active='0' where mid='$mid'", $dbi);      
243                 }      
244                 }      
245             }      
246         } = 86         }
247     } +-    
248 }      
249   = 87  
250 function online() { <>    
251     global $user, $cookie, $prefix, $dbi;      
252     cookiedecode($user);      
253     $ip = getenv("REMOTE_ADDR");      
254     $username = $cookie[1];      
255     if (!isset($username)) {      
256         $username = "$ip";      
257         $guest = 1;      
258     }      
259     $past = time()-1800;      
260     sql_query("DELETE FROM ".$prefix."_session WHERE time < $past", $dbi);      
261     $result = sql_query("SELECT time FROM ".$prefix."_session WHERE username='$username'", $dbi);      
262     $ctime = time();      
263     if ($row = sql_fetch_array($result, $dbi)) {      
264         sql_query("UPDATE ".$prefix."_session SET username='$username', time='$ctime', host_addr='$ip', guest='$guest' WHERE username='$username'", $dbi);      
265     } else {      
266         sql_query("INSERT INTO ".$prefix."_session (username, time, host_addr, guest) VALUES ('$username', '$ctime', '$ip', '$guest')", $dbi);      
267     }      
268 }      
269     88 // Debug-Mode
270 function blockfileinc($title, $blockfile, $side=0) {   89 if (!empty($GLOBALS['mxDebugService']) && mxIsAdmin()) {
271     $blockfiletitle = $title;   90         @ini_set("display_errors",TRUE);
272     $file = @file("blocks/$blockfile");      
273     if (!$file) {      
274         $content = _BLOCKPROBLEM;      
275     } else {      
276         include("blocks/$blockfile");      
277     }      
278     if ($content == "") {      
279         $content = _BLOCKPROBLEM2;      
280     }      
281     if ($side == 1) {      
282         themecenterbox($blockfiletitle, $content);      
283     } else {      
284         themesidebox($blockfiletitle, $content);      
285     }      
286 }      
287     91         error_reporting(E_ALL);
288 function selectlanguage() {      
289     global $useflags, $currentlang;      
290     if ($useflags == 1) {      
291     $title = _SELECTLANGUAGE;      
292     $content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br>";      
293     $langdir = dir("language");      
294     while($func=$langdir->read()) {      
295         if(substr($func, 0, 5) == "lang-") {      
296             $menulist .= "$func ";      
297         } = 92         }
298     } <> 93  
299     closedir($langdir->handle);   94 // Demomode bei berechtigten Admins wieder abschalten
300     $menulist = explode(" ", $menulist);   95 if ($GLOBALS["mxDemoMode"] && $GLOBALS['dbi']) {
301     sort($menulist);   96         $aaa = mxGetAdminSession();
302     for ($i=0; $i < sizeof($menulist); $i++) {   97         if(in_array($aaa['aid'], $GLOBALS["mxDemoAdmins"])) $GLOBALS["mxDemoMode"] = 0;
303         if($menulist[$i]!="") {      
304             $tl = ereg_replace("lang-","",$menulist[$i]);      
305             $tl = ereg_replace(".php","",$tl);      
306             $altlang = ucfirst($tl);   98         unset($aaa);
307             $content .= "<a href=\"index.php?newlang=$tl\"><img src=\"images/language/flag-$tl.png\" border=\"0\" alt=\"$altlang\" hspace=\"3\" vspace=\"3\"></a> ";      
308         } = 99         }
309     } <> 100 unset($GLOBALS["mxDemoAdmins"]);
310     $content .= "</font></center>";      
311     themesidebox($title, $content);      
312         } else {   101  
313     $title = _SELECTLANGUAGE;   102 // zur Kompatiblitaet mit Nuke-Modulen
314         $content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br></font>";   103 ///// den Admin-Cookie simulieren
315     $content .= "<form action=\"index.php\" method=\"get\"><select name=\"newlanguage\" onChange=\"top.location.href=this.options[this.selectedIndex].value\">";   104 $_COOKIE["admin"] = mxSessionGetVar("admin"); 
316             $handle=opendir('language');   105 $GLOBALS["admin"] = (empty($_COOKIE["admin"])) ? "" : $_COOKIE["admin"] ;
317             while ($file = readdir($handle)) {   106 ///// den User-Cookie simulieren
318                 if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {   107 $_COOKIE["user"] = mxSessionGetVar("user"); 
319                     $langFound = $matches[1];   108 $GLOBALS["user"] = (empty($_COOKIE["user"])) ? "" : $_COOKIE["user"];
320                     $languageslist .= "$langFound ";      
321                 }      
322             }   109  
323             closedir($handle);   110 ///////////////////////////////////////////////////
324             $languageslist = explode(" ", $languageslist);   111 ///// - simuliert magic_quotes_gpc=1
325             sort($languageslist);   112 ///// - ersetzt bestimmte Sonderzeichen durch ihren HTML-Code
326             for ($i=0; $i < sizeof($languageslist); $i++) {   113 ///// - simuliert register_globals = On
327                 if($languageslist[$i]!="") {   114 if (count($_GET)) {
328         $content .= "<option value=\"index.php?newlang=$languageslist[$i]\" ";   115         foreach ($_GET as $key => $value) {
329                 if($languageslist[$i]==$currentlang) $content .= " selected";   116                 $_GET[$key] = mxSecureValue($value);
330         $content .= ">".ucfirst($languageslist[$i])."</option>\n";      
331                 } = 117                 }
332     } +-    
333     $content .= "</select></form></center>";      
334     themesidebox($title, $content);      
335         } = 118         }
336 } +-    
337   =    
338 function ultramode() { <> 119 if (count($_POST)) {
339     global $prefix, $dbi;      
340     $ultra = "ultramode.txt";      
341     $file = fopen("$ultra", "w");      
342     fwrite($file, "General purpose self-explanatory file with news headlines\n");      
343     $rfile=sql_query("select sid, aid, title, time, comments, topic from ".$prefix."_stories order by time DESC limit 0,10", $dbi);      
344     while(list($sid, $aid, $title, $time, $comments, $topic) = sql_fetch_row($rfile, $dbi)) {      
345         $rfile2=sql_query("select topictext, topicimage from ".$prefix."_topics where topicid=$topic", $dbi);      
346         list($topictext, $topicimage) = sql_fetch_row($rfile2, $dbi);      
347         $content = "%%\n$title\n/modules.php?name=News&file=article&sid=$sid\n$time\n$aid\n$topictext\n$comments\n$topicimage\n";      
348         fwrite($file, $content);      
349     }      
350     fclose($file);   120         foreach ($_POST as $key => $value) {
351 }   121                 $_POST[$key] = mxSecureValue($value);
352   =    
353 function cookiedecode($user) { <>    
354     global $cookie, $prefix, $dbi, $user_prefix;      
355     $user = base64_decode($user);      
356     $cookie = explode(":", $user);      
357     $result = sql_query("select pass from ".$user_prefix."_users where uname='$cookie[1]'", $dbi);      
358     list($pass) = sql_fetch_row($result, $dbi);      
359     if ($cookie[2] == $pass && $pass != "") {      
360         return $cookie;      
361     } else {      
362         unset($user);      
363         unset($cookie);      
364     }      
365 }   122                 }
366   =    
367 function getusrinfo($user) { +-    
368     global $userinfo, $user_prefix, $dbi;      
369     $user2 = base64_decode($user);      
370     $user3 = explode(":", $user2);      
371     $result = sql_query("select uid, name, uname, email, femail, url, user_avatar, user_icq, user_occ, user_from, user_intrest, user_sig, user_viewemail, user_theme, user_aim, user_yim, user_msnm, pass, storynum, umode, uorder, thold, noscore, bio, ublockon, ublock, theme, commentmax, newsletter from ".$user_prefix."_users where uname='$user3[1]' and pass='$user3[2]'", $dbi);      
372     if (sql_num_rows($result, $dbi) == 1) {      
373         $userinfo = sql_fetch_array($result, $dbi);      
374     }      
375     return $userinfo;      
376 }      
377   =    
378 function searchblock() { +-    
379     OpenTable();      
380     echo "<form action=\"modules.php?name=Forum&file=search\" method=\"post\">";      
381     echo "<input type=\"hidden\" name=\"addterm\" value=\"any\">";      
382     echo "<input type=\"hidden\" name=\"sortby\" value=\"p.post_time\">";      
383     echo "&nbsp;&nbsp;<b>"._SEARCH."</b>&nbsp;<input type=\"text\" name=\"term\" size=\"15\">";      
384     echo "<input type=\"hidden\" name=\"submit\" value=\"submit\"></form>";      
385     echo "<div align=\"left\"><font class=\"content\">&nbsp;&nbsp;[ <a href=\"modules.php?name=Forum&file=search&addterm=any&amp;sortby=p.post_time&amp;adv=1\">Advanced Search</a> ]</font></div>";      
386     CloseTable();      
387 }      
388   =    
389 function FixQuotes ($what = "") { +-    
390         $what = ereg_replace("'","''",$what);      
391         while (eregi("\\\\'", $what)) {      
392                 $what = ereg_replace("\\\\'","'",$what);      
393         } = 123         }
394         return $what; +-    
395 }      
396   =    
397 /*********************************************************/ +-    
398 /* text filter                                           */      
399 /*********************************************************/      
400   =    
401 function check_words($Message) { +-    
402     global $EditedMessage;      
403     include("config.php");      
404     $EditedMessage = $Message;      
405     if ($CensorMode != 0) {      
406   =    
407         if (is_array($CensorList)) { <> 124 if (count($_COOKIE)) {
408             $Replace = $CensorReplace;   125         foreach ($_COOKIE as $key => $value) {
409             if ($CensorMode == 1) {   126                 $_COOKIE[$key] = mxSecureValue($value);
410                 for ($i = 0; $i < count($CensorList); $i++) {      
411                     $EditedMessage = eregi_replace("$CensorList[$i]([^a-zA-Z0-9])","$Replace\\1",$EditedMessage);      
412                 } = 127                 }
413             } elseif ($CensorMode == 2) { +-    
414                 for ($i = 0; $i < count($CensorList); $i++) {      
415                     $EditedMessage = eregi_replace("(^|[^[:alnum:]])$CensorList[$i]","\\1$Replace",$EditedMessage);      
416                 }      
417             } elseif ($CensorMode == 3) {      
418                 for ($i = 0; $i < count($CensorList); $i++) {      
419                     $EditedMessage = eregi_replace("$CensorList[$i]","$Replace",$EditedMessage);      
420                 }      
421             }      
422         } = 128         }
423     } +-    
424     return ($EditedMessage);      
425 }      
426   = 129  
427 function delQuotes($string){ <> 130 unset($key); unset($value);
428     /* no recursive function to add quote to an HTML tag if needed */   131 $HTTP_GET_VARS = $_GET;
429     /* and delete duplicate spaces between attribs. */      
430     $tmp="";    # string buffer      
431     $result=""; # result string      
432     $i=0;   132 $HTTP_POST_VARS = $_POST;
433     $attrib=-1; # Are us in an HTML attrib ?  -1: no attrib  0: name of the attrib   1: value of the atrib   133 $HTTP_COOKIE_VARS = $_COOKIE;
434     $quote=0;   # Is a string quote delimited opened ? 0=no, 1=yes   134 $HTTP_SERVER_VARS = $_SERVER;
435     $len = strlen($string);   135 $_REQUEST = array_merge($_GET,$_POST,$_COOKIE);
436     while ($i<$len) {   136 extract($_REQUEST, EXTR_OVERWRITE);
437         switch($string[$i]) { # What car is it in the buffer ?   137 if (!get_cfg_var("register_globals")) {
438             case "\"": #"      # a quote.   138         extract($_SERVER, EXTR_OVERWRITE);
439                 if ($quote==0) {   139         if (count($_FILES)) {
440                     $quote=1;   140                 foreach ($_FILES as $upfile => $value) {
441                 } else {   141                         $$upfile = $value;
442                     $quote=0;   142                         foreach ($_FILES[$upfile] as $key => $value) {
443                     if (($attrib>0) && ($tmp != "")) { $result .= "=\"$tmp\""; }   143                                 ${$upfile.'_'.$key} = $value;
444                     $tmp="";   144                                 #print $upfile."_".$key ." = ".${$upfile.'_'.$key}." <br>";
445                     $attrib=-1;      
446                 }   145                                 }
447                 break;   146                         }
448             case "=":           # an equal - attrib delimiter   147                 unset($upfile); unset($value); unset($key);
449                 if ($quote==0) {  # Is it found in a string ?      
450                     $attrib=1;      
451                     if ($tmp!="") $result.=" $tmp";      
452                     $tmp="";      
453                 } else $tmp .= '=';      
454                 break;      
455             case " ":           # a blank ?      
456                 if ($attrib>0) {  # add it to the string, if one opened.      
457                     $tmp .= $string[$i];      
458                 } = 148                 }
459                 break; +-    
460             default:            # Other      
461                 if ($attrib<0)    # If we weren't in an attrib, set attrib to 0      
462                 $attrib=0;      
463                 $tmp .= $string[$i];      
464                 break;      
465         } = 149         }
466         $i++; <> 150 //////////// ende ////////////////////////////////
467     }      
468     if (($quote!=0) && ($tmp != "")) {      
469         if ($attrib==1) $result .= "=";      
470         /* If it is the value of an atrib, add the '=' */      
471         $result .= "\"$tmp\"";  /* Add quote if needed (the reason of the function ;-) */      
472     }      
473     return $result;      
474 }      
475   = 151  
476 function check_html ($str, $strip="") { <>    
477     /* The core of this code has been lifted from phpslash */      
478     /* which is licenced under the GPL. */      
479     include("config.php");      
480     if ($strip == "nohtml")      
481         $AllowableHTML=array('');      
482         $str = stripslashes($str);      
483         $str = eregi_replace("<[[:space:]]*([^>]*)[[:space:]]*>",      
484                          '<\\1>', $str);      
485                // Delete all spaces from html tags .      
486         $str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?[[:space:]]*([^\" >]*)[[:space:]]*\"?[^>]*>",      
487                          '<a href="\\1">', $str); # "      
488                // Delete all attribs from Anchor, except an href, double quoted.      
489         $str = eregi_replace("<img?",      
490                          '', $str); # "      
491         $tmp = "";      
492         while (ereg("<(/?[[:alpha:]]*)[[:space:]]*([^>]*)>",$str,$reg)) {      
493                 $i = strpos($str,$reg[0]);      
494                 $l = strlen($reg[0]);      
495                 if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1));      
496                 else $tag = strtolower($reg[1]);      
497                 if ($a = $AllowableHTML[$tag])      
498                         if ($reg[1][0] == "/") $tag = "</$tag>";      
499                         elseif (($a == 1) || ($reg[2] == "")) $tag = "<$tag>";      
500                         else {   152 // Sprache einstellen
501                           # Place here the double quote fix function.   153 $GLOBALS["language"] = (empty($GLOBALS["language"])) ? "german" : $GLOBALS["language"];
502                           $attrb_list=delQuotes($reg[2]);   154 $GLOBALS["lang"] = (mxSessionGetVar("lang")) ? mxSessionGetVar("lang") : $GLOBALS["language"];
503                           // A VER   155 if (isset($_REQUEST['newlang'])) {
504                           $attrb_list = ereg_replace("&","&amp;",$attrb_list);   156         $GLOBALS["currentlang"] = (@file_exists("language/lang-".$_REQUEST['newlang'].".php")) ? $_REQUEST['newlang'] : $GLOBALS["language"];
505                           $tag = "<$tag" . $attrb_list . ">";      
506                         } # Attribs in tag allowed      
507                 else $tag = "";      
508                 $tmp .= substr($str,0,$i) . $tag;      
509                 $str = substr($str,$i+$l);      
510         } = 157         }
511         $str = $tmp . $str; <> 158 else if (@file_exists("language/lang-".$GLOBALS["lang"].".php")) {
512         return $str;   159         $GLOBALS["currentlang"] = $GLOBALS["lang"];
513         exit;      
514         /* Squash PHP tags unconditionally */      
515         $str = ereg_replace("<\?","",$str);      
516         return $str;      
517 }   160         }
518     161 else {
519 function filter_text($Message, $strip="") {   162         $GLOBALS["currentlang"] = $GLOBALS["language"];
520     global $EditedMessage;      
521     check_words($Message);      
522     $EditedMessage=check_html($EditedMessage, $strip);      
523     return ($EditedMessage);      
524 }      
525   =    
526 /*********************************************************/ +-    
527 /* formatting stories                                    */      
528 /*********************************************************/      
529   =    
530 function formatTimestamp($time) { +-    
531     global $datetime, $locale;      
532     setlocale ("LC_TIME", "$locale");      
533     ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime);      
534     $datetime = strftime(""._DATESTRING."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1]));      
535     $datetime = ucfirst($datetime);      
536     return($datetime);      
537 }      
538   =    
539 function formatAidHeader($aid) { +-    
540     global $prefix, $dbi;      
541     $holder = sql_query("SELECT url, email FROM ".$prefix."_authors where aid='$aid'", $dbi);      
542     if (!$holder) {      
543         echo _ERROR;      
544         exit();      
545     }      
546     list($url, $email) = sql_fetch_row($holder, $dbi);      
547     if (isset($url)) {      
548         $aid = "<a href=\"$url\">$aid</a>";      
549     } elseif (isset($email)) {      
550         $aid = "<a href=\"mailto:$email\">$aid</a>";      
551     } else {      
552         $aid = $aid;      
553     }      
554     echo "$aid";      
555 }      
556   =    
557 function get_author($aid) { +-    
558     global $prefix, $dbi;      
559     $holder = sql_query("SELECT url, email FROM ".$prefix."_authors where aid='$aid'", $dbi);      
560     if (!$holder) {      
561         echo _ERROR;      
562         exit();      
563     }      
564     list($url, $email) = sql_fetch_row($holder, $dbi);      
565     if (isset($url)) {      
566         $aid = "<a href=\"$url\">$aid</a>";      
567     } elseif (isset($email)) {      
568         $aid = "<a href=\"mailto:$email\">$aid</a>";      
569     } else {      
570         $aid = $aid;      
571     }      
572     return($aid);      
573 }      
574   =    
575 function themepreview($title, $hometext, $bodytext="", $notes="") { +-    
576     echo "<b>$title</b><br><br>$hometext";      
577     if ($bodytext != "") {      
578         echo "<br><br>$bodytext";      
579     }      
580     if ($notes != "") {      
581         echo "<br><br><b>"._NOTE."</b> <i>$notes</i>";      
582     }      
583 }      
584   =    
585 function adminblock() { +-    
586     global $admin, $prefix, $dbi;      
587     if (is_admin($admin)) {      
588         $result = sql_query("select title, content from ".$prefix."_blocks where bkey='admin'", $dbi);      
589         while(list($title, $content) = sql_fetch_array($result, $dbi)) {      
590             $content = "<font class=\"content\">$content</font>";      
591             themesidebox($title, $content);      
592         } = 163         }
593         $title = ""._WAITINGCONT.""; <> 164 mxSessionSetVar("lang",$GLOBALS["currentlang"]);
594         $result = sql_query("select * from ".$prefix."_queue", $dbi);   165 mxSetNukeCookie("lang", $GLOBALS["currentlang"], 1);
595         $num = sql_num_rows($result, $dbi);   166 $GLOBALS["lang"] = $GLOBALS["currentlang"]; 
596         $content = "<font class=\"content\">";   167 $_COOKIE["lang"] = $GLOBALS["currentlang"]; 
597         $content .= "<strong><big>&middot;</big></strong>&nbsp;<a href=\"admin.php?op=submissions\">"._SUBMISSIONS."</a>: $num<br>";   168 $HTTP_COOKIE_VARS["lang"] = $GLOBALS["currentlang"];
598         $result = sql_query("select * from ".$prefix."_reviews_add", $dbi);   169 include_once("language/lang-".$GLOBALS["currentlang"].".php");
599         $num = sql_num_rows($result, $dbi);      
600         $content .= "<strong><big>&middot;</big></strong>&nbsp;<a href=\"admin.php?op=reviews\">"._WREVIEWS."</a>: $num<br>";      
601         $result = sql_query("select * from ".$prefix."_links_newlink", $dbi);      
602         $num = sql_num_rows($result, $dbi);      
603         $content .= "<strong><big>&middot;</big></strong>&nbsp;<a href=\"admin.php?op=Links\">"._WLINKS."</a>: $num<br>";      
604         $result = sql_query("select * from ".$prefix."_downloads_newdownload", $dbi);      
605         $num = sql_num_rows($result, $dbi);      
606         $content .= "<strong><big>&middot;</big></strong>&nbsp;<a href=\"admin.php?op=downloads\">"._UDOWNLOADS."</a>: $num<br></font>";      
607         themesidebox($title, $content);      
608     }      
609 }      
610   = 170  
611 function loginbox() { <> 171 /// hier kann die Systemkonfiguration überprüft werden
612     global $user;   172 /// einfach folgende Zeile einkommentieren
613     if (!is_user($user)) {      
614         $title = _LOGIN;      
615         $boxstuff = "<form action=\"modules.php?name=Your_Account\" method=\"post\">";      
616         $boxstuff .= "<center><font class=\"content\">"._NICKNAME."<br>";      
617         $boxstuff .= "<input type=\"text\" name=\"uname\" size=\"8\" maxlength=\"25\"><br>";      
618         $boxstuff .= ""._PASSWORD."<br>";      
619         $boxstuff .= "<input type=\"password\" name=\"pass\" size=\"8\" maxlength=\"20\"><br>";      
620         $boxstuff .= "<input type=\"hidden\" name=\"op\" value=\"login\">";      
621         $boxstuff .= "<input type=\"submit\" value=\""._LOGIN."\"></font></center></form>";      
622         $boxstuff .= "<center><font class=\"content\">"._ASREGISTERED."</font></center>";      
623         themesidebox($title, $boxstuff);      
624     }      
625 }      
626   = 173  
627 function userblock() { <>    
628     global $user, $cookie, $prefix, $dbi, $user_prefix;      
629     if((is_user($user)) AND ($cookie[8])) {      
630         $getblock = sql_query("select ublock from ".$user_prefix."_users where uid='$cookie[0]'", $dbi);      
631         $title = ""._MENUFOR." $cookie[1]";      
632         list($ublock) = sql_fetch_row($getblock, $dbi);      
633         themesidebox($title, $ublock);      
634     }      
635 }   174 # mxSystemInfo();
636   = 175  
637 function getTopics($s_sid) { <> 176 #mxDebugFuncVars($GLOBALS);
638     global $topicname, $topicimage, $topictext, $prefix, $dbi;      
639     $sid = $s_sid;      
640     $result = sql_query("SELECT topic FROM ".$prefix."_stories where sid=$sid", $dbi);      
641     list($topic) = sql_fetch_row($result, $dbi);      
642     $result = sql_query("SELECT topicid, topicname, topicimage, topictext FROM ".$prefix."_topics where topicid=$topic", $dbi);      
643     list($topicid, $topicname, $topicimage, $topictext) = sql_fetch_row($result, $dbi);      
644 }   177  
645     178 /* CVS-Log:
646 function headlines($bid, $cenbox=0) {      
647    global $prefix, $dbi;   179 $Log: mainfile.php,v $
648     $result = sql_query("select title, content, url, refresh, time from ".$prefix."_blocks where bid='$bid'", $dbi);   180 Revision 1.10  2003/11/05 16:27:33  EllselAn
649     list($title, $content, $url, $refresh, $otime) = sql_fetch_row($result, $dbi);   181 phpNuke6.5 Datenbanklayer einbinden
650     $past = time()-$refresh;      
651     if ($otime < $past) {      
652         $btime = time();      
653         $rdf = parse_url($url);      
654         $fp = fsockopen($rdf['host'], 80, $errno, $errstr, 15);      
655         if (!$fp) {      
656             $content = "";      
657             //$content = "<font class=\"content\">"._RSSPROBLEM."</font>";      
658             $result = sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);      
659             $cont = 0;      
660             if ($cenbox == 0) {      
661                 themesidebox($title, $content);      
662             } else {      
663                 themecenterbox($title, $content);      
664             }      
665             return;      
666         }   182  
667         if ($fp) {   183 Revision 1.9  2003/10/01 12:00:51  EllselAn
668             fputs($fp, "GET " . $rdf['path'] . "?" . $rdf['query'] . " HTTP/1.0\r\n");   184 problem mit file_exists bei safe_mode=on
669             fputs($fp, "HOST: " . $rdf['host'] . "\r\n\r\n");      
670             $string     = "";      
671             while(!feof($fp)) {      
672                 $pagetext = fgets($fp,300);      
673                 $string .= chop($pagetext);      
674             }      
675             fputs($fp,"Connection: close\r\n\r\n");      
676             fclose($fp);      
677             $items = explode("</item>",$string);      
678             $content = "<font class=\"content\">";      
679             for ($i=0;$i<10;$i++) {      
680                 $link = ereg_replace(".*<link>","",$items[$i]);      
681                 $link = ereg_replace("</link>.*","",$link);      
682                 $title2 = ereg_replace(".*<title>","",$items[$i]);      
683                 $title2 = ereg_replace("</title>.*","",$title2);      
684                 if ($items[$i] == "") {      
685                     $content = "";      
686                     sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);      
687                     $cont = 0;      
688                     if ($cenbox == 0) {      
689                         themesidebox($title, $content);      
690                     } else {      
691                         themecenterbox($title, $content);      
692                     }      
693                     return;      
694                 } else {      
695                     if (strcmp($link,$title)) {      
696                         $cont = 1;      
697                         $content .= "<strong><big>&middot;</big></strong><a href=\"$link\" target=\"new\">$title2</a><br>\n";      
698                     }      
699                 }      
700             }      
701   = 185  
702         } <> 186 Revision 1.8  2003/09/28 22:35:39  HeidriDa
703         sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);   187 Die Upload Klasse wird included!
704     }   188  
705    $siteurl = ereg_replace("http://","",$url);   189 Revision 1.7  2003/09/27 15:41:28  EllselAn
706     $siteurl = explode("/",$siteurl);   190 microtime-ermittlung für Benchmark optimiert
707     if (($cont == 1) OR ($content != "")) {      
708         $content .= "<br><a href=\"http://$siteurl[0]\" target=\"blank\"><b>"._HREADMORE."</b></a></font>";      
709     } elseif (($cont == 0) OR ($content == "")) {      
710         $content = "<font class=\"content\">"._RSSPROBLEM."</font>";      
711     }   191  
712     if ($cenbox == 0) {   192 Revision 1.6  2003/09/16 22:14:32  EllselAn
713         themesidebox($title, $content);   193 ini_set/ini_get Befehle geändert
714     } else {   194 register_globals Fix für $_FILES
715         themecenterbox($title, $content);      
716     }      
717 }      
718   = 195  
719 function automated_news() { <> 196 Revision 1.5  2003/09/11 20:30:23  EllselAn
720    global $prefix, $multilingual, $currentlang, $dbi;   197 einbinden der config.php geändert
721     if ($multilingual == 1) {      
722             $querylang = "WHERE (alanguage='$currentlang' OR alanguage='')"; /* the OR is needed to display stories who are posted to ALL languages */      
723     } else {      
724             $querylang = "";      
725     }      
726     $today = getdate();      
727     $day = $today[mday];      
728     if ($day < 10) {      
729         $day = "0$day";      
730     }      
731     $month = $today[mon];      
732     if ($month < 10) {      
733         $month = "0$month";      
734     }      
735     $year = $today[year];      
736     $hour = $today[hours];      
737     $min = $today[minutes];      
738     $sec = "00";      
739     $result = sql_query("select anid, time from ".$prefix."_autonews $querylang", $dbi);      
740     while(list($anid, $time) = sql_fetch_row($result, $dbi)) {      
741         ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $date);      
742         if (($date[1] <= $year) AND ($date[2] <= $month) AND ($date[3] <= $day)) {      
743             if (($date[4] < $hour) AND ($date[5] >= $min) OR ($date[4] <= $hour) AND ($date[5] <= $min)) {      
744                 $result2 = sql_query("select catid, aid, title, time, hometext, bodytext, topic, informant, notes, ihome, alanguage, acomm from ".$prefix."_autonews where anid='$anid'", $dbi);      
745                 while(list($catid, $aid, $title, $a_time, $hometext, $bodytext, $topic, $author, $notes, $ihome, $alanguage, $acomm) = sql_fetch_row($result2, $dbi)) {      
746                     $title = stripslashes(FixQuotes($title));      
747                     $hometext = stripslashes(FixQuotes($hometext));      
748                     $bodytext = stripslashes(FixQuotes($bodytext));      
749                     $notes = stripslashes(FixQuotes($notes));      
750                     sql_query("insert into ".$prefix."_stories values (NULL, '$catid', '$aid', '$title', '$a_time', '$hometext', '$bodytext', '0', '0', '$topic', '$author', '$notes', '$ihome', '$alanguage', '$acomm', '0', '0', '0', '0')", $dbi);      
751                     sql_query("delete from ".$prefix."_autonews where anid='$anid'", $dbi);      
752                 }   198  
753             }   199 Revision 1.4  2003/09/06 00:40:42  EllselAn
754         }   200 einschalten von Errormeldungen im debugmode
755     }      
756 }   201  
757   = 202  
758 function themecenterbox($title, $content) { <>    
759     OpenTable();      
760     echo "<center><fon class=\"option\"><b>$title</b></font></center><br>"      
761         ."$content";      
762     CloseTable();      
763     echo "<br>";      
764 }   203 */
765   = 204  
766 ?>   205 ?>