DATEIVERGLEICH
Erstellt: 22.05.2005 02:04:09

Modus: Alle Zeilen

Linke Datei: D:\Localhost_2\nuke5.5\html\mainfile.php Rechte Datei: D:\Localhost_2\vkpMX\mainfile.php

1	<?php	<>	1	<?php // $Id: mainfile.php,v 1.10 2003/11/05 16:27:33 EllselAn Exp $
2		=
3	ob_start("ob_gzhandler");	+-
4		=
5	/************************************************************************/	<>	2	/**********************************************************************/
6	/* PHP-NUKE: Advanced Content Management System */		3	/* vkpMx 2.0 Content Management System Platform */
7	/* ============================================ */		4	/* ================================================================== */
8	/* */		5	/* Copyright (C) 2003 by the vkpMx & pragmaMx Developer Team */
9	/* Copyright (c) 2002 by Francisco Burzi (fbc@mandrakesoft.com) */		6	/* email: team@pragmamx.org */
10	/* http://phpnuke.org */		7	/* homepage: http://www.maax-design.de */
11	/* */		8	/* further sites: http://www.pragmaMx.org, http://www.guggemahier.de, */
12	/* This program is free software. You can redistribute it and/or modify */		9	/* http://www.marx-city.de, http://www.genutec-studios.de, */
13	/* it under the terms of the GNU General Public License as published by */		10	/* http://www.shiba-design.de, http://www.power-maax.de */
14	/* the Free Software Foundation; either version 2 of the License. */		11	/* ================================================================== */
15	/************************************************************************/		12	/* The vkpMx is distributed free of charge by maax-design.de. */
16			13	/* The use of this system is allowed until copyright information */
17	foreach ($HTTP_GET_VARS as $secvalue) {		14	/* is shown perspicuous visible and correcty on all system pages. */
18	if (eregi("<[^>]script\"?[^>]*>", $secvalue)) {		15	/* Sales, rent out and the use of single code parts from this */
19	die ("I don't like you...");		16	/* system must be allowed by maax-design.de. */
20	}		17	/**********************************************************************/
21	}
22		=	18
23	if (eregi("mainfile.php",$PHP_SELF)) {	<>	19	// Sets PHP Error-Reporting to a lower level
24	Header("Location: index.php");
25	die();		20	#error_reporting(E_ERROR);
26	}
27		=	21
28	require_once("config.php");	<>	22	// diese beiden Zeilen vor der Release entfernen! ////////////////
29	require_once("includes/sql_layer.php");		23	if (@file_exists("ixed/noixed/develop.php")) include("ixed/noixed/develop.php");
30	$dbi = sql_connect($dbhost, $dbuname, $dbpass, $dbname);		24	//////////////////////////////////////////////////////////////////
31	$mainfile = 1;
32		=	25
33	if (isset($newlang)) {	<>	26	/// Benchmarkanzeige initialisieren
34	if (file_exists("language/lang-$newlang.php")) {
35	setcookie("lang",$newlang,time()+31536000);
36	include("language/lang-$newlang.php");
37	$currentlang = $newlang;
38	} else {
39	setcookie("lang",$language,time()+31536000);
40	include("language/lang-$language.php");
41	$currentlang = $language;
42	}
43	} elseif (isset($lang)) {
44	include("language/lang-$lang.php");
45	$currentlang = $lang;
46	} else {		27	if(!defined("MX_TIME")) {
47	setcookie("lang",$language,time()+31536000);		28	$vstarttime = explode(" ",microtime());
48	include("language/lang-$language.php");		29	define("MX_TIME",(float)$vstarttime[1] + (float)$vstarttime[0]);
49	$currentlang = $language;
50	}
51			30	unset($vstarttime);
52	function get_lang($module) {
53	global $currentlang;
54	if ($module == admin) {
55	if (file_exists("admin/language/lang-$currentlang.php")) {
56	include_once("admin/language/lang-$currentlang.php");
57	}	=	31	}
58	} else {	+-
59	if (file_exists("modules/$module/language/lang-$currentlang.php")) {
60	include_once("modules/$module/language/lang-$currentlang.php");
61	}
62	}
63	}
64		=	32
65	function is_admin($admin) {	<>	33	################################################################
66	global $prefix, $dbi;		34	// verschiedene Grundeinstellungen
67	if(!is_array($admin)) {
68	$admin = base64_decode($admin);
69	$admin = explode(":", $admin);		35	define("mxMainFileLoaded","1");
70	$aid = "$admin[0]";		36	if (!@include_once("config.php")) die("Error: the config-file is missing or corrupted!");
71	$pwd = "$admin[1]";		37	$GLOBALS["mainfile"] = 1; // nur für phpNuke-Kompatibilität
72	} else {
73	$aid = "$admin[0]";
74	$pwd = "$admin[1]";
75	}		38
76	$result = sql_query("select pwd from ".$prefix."_authors where aid='$aid'", $dbi);		39	// Systemkonstanten definieren, diese Datei kann in gewissem Masse angepasst werden
77	list($pass) = sql_fetch_row($result, $dbi);		40	require_once("includes/mx_baseconfig.php");
78	if($pass == $pwd && $pass != "") {
79	return 1;
80	}		41
81	return 0;		42	// zu alte php-Version
82	}		43	if (MX_PHP_VERSION < 410) die("<br>Sorry, PHP-Version > 4.1.0 is required.");
83		=	44
84	function is_user($user) {	<>	45	// crypting extension laden
85	global $prefix, $dbi, $user_prefix;
86	if(!is_array($user)) {
87	$user = base64_decode($user);
88	$user = explode(":", $user);
89	$uid = "$user[0]";
90	$pwd = "$user[2]";
91	} else {		46	mxLoadIxed();
92	$uid = "$user[0]";		47	#print MX_CRYPTEDDIR;
93	$pwd = "$user[2]";
94	}		48
95	$result = sql_query("select pass from ".$user_prefix."_users where uid='$uid'", $dbi);		49	// System-Funktionen und unveränderbare Grundeinstellungen laden
96	list($pass) = sql_fetch_row($result, $dbi);		50	require_once(MX_CRYPTEDDIR."/mx_system.php");
97	if($pass == $pwd && $pass != "") {
98	return 1;
99	}		51
100	return 0;		52	// mainfile direkt aufgerufen? Erst hier, wegen php-Version!
101	}		53	if (eregi("mainfile.php",$_SERVER['PHP_SELF'])) die ("You can't access this file directly...");
102		=	54
103	function title($text) {	<>
104	OpenTable();		55	// Ausgabe komprimieren
105	echo "<center><font class=\"title\"><b>$text</b></font></center>";		56	if (extension_loaded("zlib") && !get_cfg_var("zlib.output_compression")) {
106	CloseTable();		57	ob_start("ob_gzhandler");
107	echo "<br>";
108	}		58	}
109		=	59
110	function is_active($module) {	<>
111	global $prefix, $dbi;
112	$result = sql_query("select active from ".$prefix."_modules where title='$module'", $dbi);
113	list ($act) = sql_fetch_row($result, $dbi);
114	if (!$result OR $act == 0) {
115	return 0;
116	} else {		60	// API's einbinden
117	return 1;		61	require_once(MX_CRYPTEDDIR."/mx_api.php");
118	}		62	require_once("includes/mx_api_2.php");
119	}
120		=	63
121	function render_blocks($side, $blockfile, $title, $content, $bid, $url) {	<>	64	//Upload Libary/Klasse einbinden
122	if ($url == "") {		65	require_once("includes/upload.class.php");
123	if ($blockfile == "") {
124	if ($side == "c") {
125	themecenterbox($title, $content);
126	} else {
127	themesidebox($title, $content);
128	}		66
129	} else {		67	// phpNuke Api einbinden (alte mainfile)
130	if ($side == "c") {		68	if (@file_exists("includes/nukefunctions.php")) {
131	blockfileinc($title, $blockfile, 1);		69	include_once("includes/nukefunctions.php");
132	} else {
133	blockfileinc($title, $blockfile);
134	}
135	}	=	70	}
136	} else {	<>	71
137	if ($side == "c") {		72	#####################################################
138	headlines($bid,1);		73	// Datenbankverbindung herstellen und Session starten
			74	require_once("includes/sql_layer.php");
			75	require_once(MX_CRYPTEDDIR."/mx_session.php");
139	} else {		76	if (!mxSessionStart()) {
140	headlines($bid);		77	die('<strong>Session: initialisation failed</strong><br><br>');
141	}	=	78	}
142	}	+-
143	}
144		=
145	function blocks($side) {	<>
146	global $storynum, $prefix, $multilingual, $currentlang, $dbi, $admin, $user;
147	if ($multilingual == 1) {
148	$querylang = "AND (blanguage='$currentlang' OR blanguage='')";
149	} else {
150	$querylang = "";
151	}
152	if (strtolower($side[0]) == "l") {
153	$pos = "l";
154	} elseif (strtolower($side[0]) == "r") {
155	$pos = "r";
156	} elseif (strtolower($side[0]) == "c") {
157	$pos = "c";
158	}
159	$side = $pos;
160	$result = sql_query("select bid, bkey, title, content, url, blockfile, view from ".$prefix."_blocks where position='$pos' AND active='1' $querylang ORDER BY weight ASC", $dbi);
161	while(list($bid, $bkey, $title, $content, $url, $blockfile, $view) = sql_fetch_row($result, $dbi)) {
162	if ($bkey == admin) {		79	if(empty($dbi)){
163	adminblock();		80	die("<br><br>Selection from database failed!<br><br>Kein Zugriff auf die Datenbank möglich, bitte überprüfen Sie die Einstellungen.");
164	} elseif ($bkey == userbox) {
165	userblock();
166	} elseif ($bkey == "") {
167	if ($view == 0) {
168	render_blocks($side, $blockfile, $title, $content, $bid, $url);
169	} elseif ($view == 1 AND is_user($user) \|\| is_admin($admin)) {
170	render_blocks($side, $blockfile, $title, $content, $bid, $url);
171	} elseif ($view == 2 AND is_admin($admin)) {
172	render_blocks($side, $blockfile, $title, $content, $bid, $url);
173	} elseif ($view == 3 AND !is_user($user) \|\| is_admin($admin)) {
174	render_blocks($side, $blockfile, $title, $content, $bid, $url);
175	}
176	}	=	81	}
177	}	+-
178	}
179		=	82
180	function message_box() {	<>	83	// phpNuke6.5 Datenbanklayer einbinden
181	global $bgcolor1, $bgcolor2, $user, $admin, $cookie, $textcolor2, $prefix, $multilingual, $currentlang, $dbi;		84	if (@file_exists("includes/db/db.php")) {
182	if ($multilingual == 1) {		85	include_once('includes/db/db.php');
183	$querylang = "AND (mlanguage='$currentlang' OR mlanguage='')";
184	} else {
185	$querylang = "";
186	}
187	$result = sql_query("select mid, title, content, date, expire, view from ".$prefix."_message where active='1' $querylang", $dbi);
188	if (sql_num_rows($result, $dbi) == 0) {
189	return;
190	} else {
191	while (list($mid, $title, $content, $mdate, $expire, $view) = sql_fetch_row($result, $dbi)) {
192	if ($title != "" && $content != "") {
193	if ($expire == 0) {
194	$remain = _UNLIMITED;
195	} else {
196	$etime = (($mdate+$expire)-time())/3600;
197	$etime = (int)$etime;
198	if ($etime < 1) {
199	$remain = _EXPIRELESSHOUR;
200	} else {
201	$remain = ""._EXPIREIN." $etime "._HOURS."";
202	}
203	}
204	if ($view == 4 AND is_admin($admin)) {
205	OpenTable();
206	echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"
207	."<font class=\"content\">$content</font>"
208	."<br><br><center><font class=\"content\">[ "._MVIEWADMIN." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";
209	CloseTable();
210	echo "<br>";
211	} elseif ($view == 3 AND is_user($user) \|\| is_admin($admin)) {
212	OpenTable();
213	echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"
214	."<font class=\"content\">$content</font>";
215	if (is_admin($admin)) {
216	echo "<br><br><center><font class=\"content\">[ "._MVIEWUSERS." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";
217	}
218	CloseTable();
219	echo "<br>";
220	} elseif ($view == 2 AND !is_user($user) \|\| is_admin($admin)) {
221	OpenTable();
222	echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"
223	."<font class=\"content\">$content</font>";
224	if (is_admin($admin)) {
225	echo "<br><br><center><font class=\"content\">[ "._MVIEWANON." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";
226	}
227	CloseTable();
228	echo "<br>";
229	} elseif ($view == 1) {
230	OpenTable();
231	echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"
232	."<font class=\"content\">$content</font>";
233	if (is_admin($admin)) {
234	echo "<br><br><center><font class=\"content\">[ "._MVIEWALL." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";
235	}
236	CloseTable();
237	echo "<br>";
238	}
239	if ($expire != 0) {
240	$past = time()-$expire;
241	if ($mdate < $past) {
242	$result = sql_query("update ".$prefix."_message set active='0' where mid='$mid'", $dbi);
243	}
244	}
245	}
246	}	=	86	}
247	}	+-
248	}
249		=	87
250	function online() {	<>
251	global $user, $cookie, $prefix, $dbi;
252	cookiedecode($user);
253	$ip = getenv("REMOTE_ADDR");
254	$username = $cookie[1];
255	if (!isset($username)) {
256	$username = "$ip";
257	$guest = 1;
258	}
259	$past = time()-1800;
260	sql_query("DELETE FROM ".$prefix."_session WHERE time < $past", $dbi);
261	$result = sql_query("SELECT time FROM ".$prefix."_session WHERE username='$username'", $dbi);
262	$ctime = time();
263	if ($row = sql_fetch_array($result, $dbi)) {
264	sql_query("UPDATE ".$prefix."_session SET username='$username', time='$ctime', host_addr='$ip', guest='$guest' WHERE username='$username'", $dbi);
265	} else {
266	sql_query("INSERT INTO ".$prefix."_session (username, time, host_addr, guest) VALUES ('$username', '$ctime', '$ip', '$guest')", $dbi);
267	}
268	}
269			88	// Debug-Mode
270	function blockfileinc($title, $blockfile, $side=0) {		89	if (!empty($GLOBALS['mxDebugService']) && mxIsAdmin()) {
271	$blockfiletitle = $title;		90	@ini_set("display_errors",TRUE);
272	$file = @file("blocks/$blockfile");
273	if (!$file) {
274	$content = _BLOCKPROBLEM;
275	} else {
276	include("blocks/$blockfile");
277	}
278	if ($content == "") {
279	$content = _BLOCKPROBLEM2;
280	}
281	if ($side == 1) {
282	themecenterbox($blockfiletitle, $content);
283	} else {
284	themesidebox($blockfiletitle, $content);
285	}
286	}
287			91	error_reporting(E_ALL);
288	function selectlanguage() {
289	global $useflags, $currentlang;
290	if ($useflags == 1) {
291	$title = _SELECTLANGUAGE;
292	$content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br>";
293	$langdir = dir("language");
294	while($func=$langdir->read()) {
295	if(substr($func, 0, 5) == "lang-") {
296	$menulist .= "$func ";
297	}	=	92	}
298	}	<>	93
299	closedir($langdir->handle);		94	// Demomode bei berechtigten Admins wieder abschalten
300	$menulist = explode(" ", $menulist);		95	if ($GLOBALS["mxDemoMode"] && $GLOBALS['dbi']) {
301	sort($menulist);		96	$aaa = mxGetAdminSession();
302	for ($i=0; $i < sizeof($menulist); $i++) {		97	if(in_array($aaa['aid'], $GLOBALS["mxDemoAdmins"])) $GLOBALS["mxDemoMode"] = 0;
303	if($menulist[$i]!="") {
304	$tl = ereg_replace("lang-","",$menulist[$i]);
305	$tl = ereg_replace(".php","",$tl);
306	$altlang = ucfirst($tl);		98	unset($aaa);
307	$content .= "<a href=\"index.php?newlang=$tl\"><img src=\"images/language/flag-$tl.png\" border=\"0\" alt=\"$altlang\" hspace=\"3\" vspace=\"3\"></a> ";
308	}	=	99	}
309	}	<>	100	unset($GLOBALS["mxDemoAdmins"]);
310	$content .= "</font></center>";
311	themesidebox($title, $content);
312	} else {		101
313	$title = _SELECTLANGUAGE;		102	// zur Kompatiblitaet mit Nuke-Modulen
314	$content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br></font>";		103	///// den Admin-Cookie simulieren
315	$content .= "<form action=\"index.php\" method=\"get\"><select name=\"newlanguage\" onChange=\"top.location.href=this.options[this.selectedIndex].value\">";		104	$_COOKIE["admin"] = mxSessionGetVar("admin");
316	$handle=opendir('language');		105	$GLOBALS["admin"] = (empty($_COOKIE["admin"])) ? "" : $_COOKIE["admin"] ;
317	while ($file = readdir($handle)) {		106	///// den User-Cookie simulieren
318	if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {		107	$_COOKIE["user"] = mxSessionGetVar("user");
319	$langFound = $matches[1];		108	$GLOBALS["user"] = (empty($_COOKIE["user"])) ? "" : $_COOKIE["user"];
320	$languageslist .= "$langFound ";
321	}
322	}		109
323	closedir($handle);		110	///////////////////////////////////////////////////
324	$languageslist = explode(" ", $languageslist);		111	///// - simuliert magic_quotes_gpc=1
325	sort($languageslist);		112	///// - ersetzt bestimmte Sonderzeichen durch ihren HTML-Code
326	for ($i=0; $i < sizeof($languageslist); $i++) {		113	///// - simuliert register_globals = On
327	if($languageslist[$i]!="") {		114	if (count($_GET)) {
328	$content .= "<option value=\"index.php?newlang=$languageslist[$i]\" ";		115	foreach ($_GET as $key => $value) {
329	if($languageslist[$i]==$currentlang) $content .= " selected";		116	$_GET[$key] = mxSecureValue($value);
330	$content .= ">".ucfirst($languageslist[$i])."</option>\n";
331	}	=	117	}
332	}	+-
333	$content .= "</select></form></center>";
334	themesidebox($title, $content);
335	}	=	118	}
336	}	+-
337		=
338	function ultramode() {	<>	119	if (count($_POST)) {
339	global $prefix, $dbi;
340	$ultra = "ultramode.txt";
341	$file = fopen("$ultra", "w");
342	fwrite($file, "General purpose self-explanatory file with news headlines\n");
343	$rfile=sql_query("select sid, aid, title, time, comments, topic from ".$prefix."_stories order by time DESC limit 0,10", $dbi);
344	while(list($sid, $aid, $title, $time, $comments, $topic) = sql_fetch_row($rfile, $dbi)) {
345	$rfile2=sql_query("select topictext, topicimage from ".$prefix."_topics where topicid=$topic", $dbi);
346	list($topictext, $topicimage) = sql_fetch_row($rfile2, $dbi);
347	$content = "%%\n$title\n/modules.php?name=News&file=article&sid=$sid\n$time\n$aid\n$topictext\n$comments\n$topicimage\n";
348	fwrite($file, $content);
349	}
350	fclose($file);		120	foreach ($_POST as $key => $value) {
351	}		121	$_POST[$key] = mxSecureValue($value);
352		=
353	function cookiedecode($user) {	<>
354	global $cookie, $prefix, $dbi, $user_prefix;
355	$user = base64_decode($user);
356	$cookie = explode(":", $user);
357	$result = sql_query("select pass from ".$user_prefix."_users where uname='$cookie[1]'", $dbi);
358	list($pass) = sql_fetch_row($result, $dbi);
359	if ($cookie[2] == $pass && $pass != "") {
360	return $cookie;
361	} else {
362	unset($user);
363	unset($cookie);
364	}
365	}		122	}
366		=
367	function getusrinfo($user) {	+-
368	global $userinfo, $user_prefix, $dbi;
369	$user2 = base64_decode($user);
370	$user3 = explode(":", $user2);
371	$result = sql_query("select uid, name, uname, email, femail, url, user_avatar, user_icq, user_occ, user_from, user_intrest, user_sig, user_viewemail, user_theme, user_aim, user_yim, user_msnm, pass, storynum, umode, uorder, thold, noscore, bio, ublockon, ublock, theme, commentmax, newsletter from ".$user_prefix."_users where uname='$user3[1]' and pass='$user3[2]'", $dbi);
372	if (sql_num_rows($result, $dbi) == 1) {
373	$userinfo = sql_fetch_array($result, $dbi);
374	}
375	return $userinfo;
376	}
377		=
378	function searchblock() {	+-
379	OpenTable();
380	echo "<form action=\"modules.php?name=Forum&file=search\" method=\"post\">";
381	echo "<input type=\"hidden\" name=\"addterm\" value=\"any\">";
382	echo "<input type=\"hidden\" name=\"sortby\" value=\"p.post_time\">";
383	echo "  <b>"._SEARCH."</b> <input type=\"text\" name=\"term\" size=\"15\">";
384	echo "<input type=\"hidden\" name=\"submit\" value=\"submit\"></form>";
385	echo "<div align=\"left\"><font class=\"content\">  [ <a href=\"modules.php?name=Forum&file=search&addterm=any&sortby=p.post_time&adv=1\">Advanced Search</a> ]</font></div>";
386	CloseTable();
387	}
388		=
389	function FixQuotes ($what = "") {	+-
390	$what = ereg_replace("'","''",$what);
391	while (eregi("\\\\'", $what)) {
392	$what = ereg_replace("\\\\'","'",$what);
393	}	=	123	}
394	return $what;	+-
395	}
396		=
397	/*********************************************************/	+-
398	/* text filter */
399	/*********************************************************/
400		=
401	function check_words($Message) {	+-
402	global $EditedMessage;
403	include("config.php");
404	$EditedMessage = $Message;
405	if ($CensorMode != 0) {
406		=
407	if (is_array($CensorList)) {	<>	124	if (count($_COOKIE)) {
408	$Replace = $CensorReplace;		125	foreach ($_COOKIE as $key => $value) {
409	if ($CensorMode == 1) {		126	$_COOKIE[$key] = mxSecureValue($value);
410	for ($i = 0; $i < count($CensorList); $i++) {
411	$EditedMessage = eregi_replace("$CensorList[$i]([^a-zA-Z0-9])","$Replace\\1",$EditedMessage);
412	}	=	127	}
413	} elseif ($CensorMode == 2) {	+-
414	for ($i = 0; $i < count($CensorList); $i++) {
415	$EditedMessage = eregi_replace("(^\|[^[:alnum:]])$CensorList[$i]","\\1$Replace",$EditedMessage);
416	}
417	} elseif ($CensorMode == 3) {
418	for ($i = 0; $i < count($CensorList); $i++) {
419	$EditedMessage = eregi_replace("$CensorList[$i]","$Replace",$EditedMessage);
420	}
421	}
422	}	=	128	}
423	}	+-
424	return ($EditedMessage);
425	}
426		=	129
427	function delQuotes($string){	<>	130	unset($key); unset($value);
428	/* no recursive function to add quote to an HTML tag if needed */		131	$HTTP_GET_VARS = $_GET;
429	/* and delete duplicate spaces between attribs. */
430	$tmp=""; # string buffer
431	$result=""; # result string
432	$i=0;		132	$HTTP_POST_VARS = $_POST;
433	$attrib=-1; # Are us in an HTML attrib ? -1: no attrib 0: name of the attrib 1: value of the atrib		133	$HTTP_COOKIE_VARS = $_COOKIE;
434	$quote=0; # Is a string quote delimited opened ? 0=no, 1=yes		134	$HTTP_SERVER_VARS = $_SERVER;
435	$len = strlen($string);		135	$_REQUEST = array_merge($_GET,$_POST,$_COOKIE);
436	while ($i<$len) {		136	extract($_REQUEST, EXTR_OVERWRITE);
437	switch($string[$i]) { # What car is it in the buffer ?		137	if (!get_cfg_var("register_globals")) {
438	case "\"": #" # a quote.		138	extract($_SERVER, EXTR_OVERWRITE);
439	if ($quote==0) {		139	if (count($_FILES)) {
440	$quote=1;		140	foreach ($_FILES as $upfile => $value) {
441	} else {		141	$$upfile = $value;
442	$quote=0;		142	foreach ($_FILES[$upfile] as $key => $value) {
443	if (($attrib>0) && ($tmp != "")) { $result .= "=\"$tmp\""; }		143	${$upfile.'_'.$key} = $value;
444	$tmp="";		144	#print $upfile."_".$key ." = ".${$upfile.'_'.$key}." <br>";
445	$attrib=-1;
446	}		145	}
447	break;		146	}
448	case "=": # an equal - attrib delimiter		147	unset($upfile); unset($value); unset($key);
449	if ($quote==0) { # Is it found in a string ?
450	$attrib=1;
451	if ($tmp!="") $result.=" $tmp";
452	$tmp="";
453	} else $tmp .= '=';
454	break;
455	case " ": # a blank ?
456	if ($attrib>0) { # add it to the string, if one opened.
457	$tmp .= $string[$i];
458	}	=	148	}
459	break;	+-
460	default: # Other
461	if ($attrib<0) # If we weren't in an attrib, set attrib to 0
462	$attrib=0;
463	$tmp .= $string[$i];
464	break;
465	}	=	149	}
466	$i++;	<>	150	//////////// ende ////////////////////////////////
467	}
468	if (($quote!=0) && ($tmp != "")) {
469	if ($attrib==1) $result .= "=";
470	/* If it is the value of an atrib, add the '=' */
471	$result .= "\"$tmp\""; /* Add quote if needed (the reason of the function ;-) */
472	}
473	return $result;
474	}
475		=	151
476	function check_html ($str, $strip="") {	<>
477	/* The core of this code has been lifted from phpslash */
478	/* which is licenced under the GPL. */
479	include("config.php");
480	if ($strip == "nohtml")
481	$AllowableHTML=array('');
482	$str = stripslashes($str);
483	$str = eregi_replace("<[[:space:]]([^>])[[:space:]]*>",
484	'<\\1>', $str);
485	// Delete all spaces from html tags .
486	$str = eregi_replace("<a[^>]href[[:space:]]=[[:space:]]\"?[[:space:]]([^\" >])[[:space:]]\"?[^>]*>",
487	'<a href="\\1">', $str); # "
488	// Delete all attribs from Anchor, except an href, double quoted.
489	$str = eregi_replace("<img?",
490	'', $str); # "
491	$tmp = "";
492	while (ereg("<(/?[[:alpha:]])[[:space:]]([^>]*)>",$str,$reg)) {
493	$i = strpos($str,$reg[0]);
494	$l = strlen($reg[0]);
495	if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1));
496	else $tag = strtolower($reg[1]);
497	if ($a = $AllowableHTML[$tag])
498	if ($reg[1][0] == "/") $tag = "</$tag>";
499	elseif (($a == 1) \|\| ($reg[2] == "")) $tag = "<$tag>";
500	else {		152	// Sprache einstellen
501	# Place here the double quote fix function.		153	$GLOBALS["language"] = (empty($GLOBALS["language"])) ? "german" : $GLOBALS["language"];
502	$attrb_list=delQuotes($reg[2]);		154	$GLOBALS["lang"] = (mxSessionGetVar("lang")) ? mxSessionGetVar("lang") : $GLOBALS["language"];
503	// A VER		155	if (isset($_REQUEST['newlang'])) {
504	$attrb_list = ereg_replace("&","&",$attrb_list);		156	$GLOBALS["currentlang"] = (@file_exists("language/lang-".$_REQUEST['newlang'].".php")) ? $_REQUEST['newlang'] : $GLOBALS["language"];
505	$tag = "<$tag" . $attrb_list . ">";
506	} # Attribs in tag allowed
507	else $tag = "";
508	$tmp .= substr($str,0,$i) . $tag;
509	$str = substr($str,$i+$l);
510	}	=	157	}
511	$str = $tmp . $str;	<>	158	else if (@file_exists("language/lang-".$GLOBALS["lang"].".php")) {
512	return $str;		159	$GLOBALS["currentlang"] = $GLOBALS["lang"];
513	exit;
514	/* Squash PHP tags unconditionally */
515	$str = ereg_replace("<\?","",$str);
516	return $str;
517	}		160	}
518			161	else {
519	function filter_text($Message, $strip="") {		162	$GLOBALS["currentlang"] = $GLOBALS["language"];
520	global $EditedMessage;
521	check_words($Message);
522	$EditedMessage=check_html($EditedMessage, $strip);
523	return ($EditedMessage);
524	}
525		=
526	/*********************************************************/	+-
527	/* formatting stories */
528	/*********************************************************/
529		=
530	function formatTimestamp($time) {	+-
531	global $datetime, $locale;
532	setlocale ("LC_TIME", "$locale");
533	ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime);
534	$datetime = strftime(""._DATESTRING."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1]));
535	$datetime = ucfirst($datetime);
536	return($datetime);
537	}
538		=
539	function formatAidHeader($aid) {	+-
540	global $prefix, $dbi;
541	$holder = sql_query("SELECT url, email FROM ".$prefix."_authors where aid='$aid'", $dbi);
542	if (!$holder) {
543	echo _ERROR;
544	exit();
545	}
546	list($url, $email) = sql_fetch_row($holder, $dbi);
547	if (isset($url)) {
548	$aid = "<a href=\"$url\">$aid</a>";
549	} elseif (isset($email)) {
550	$aid = "<a href=\"mailto:$email\">$aid</a>";
551	} else {
552	$aid = $aid;
553	}
554	echo "$aid";
555	}
556		=
557	function get_author($aid) {	+-
558	global $prefix, $dbi;
559	$holder = sql_query("SELECT url, email FROM ".$prefix."_authors where aid='$aid'", $dbi);
560	if (!$holder) {
561	echo _ERROR;
562	exit();
563	}
564	list($url, $email) = sql_fetch_row($holder, $dbi);
565	if (isset($url)) {
566	$aid = "<a href=\"$url\">$aid</a>";
567	} elseif (isset($email)) {
568	$aid = "<a href=\"mailto:$email\">$aid</a>";
569	} else {
570	$aid = $aid;
571	}
572	return($aid);
573	}
574		=
575	function themepreview($title, $hometext, $bodytext="", $notes="") {	+-
576	echo "<b>$title</b><br><br>$hometext";
577	if ($bodytext != "") {
578	echo "<br><br>$bodytext";
579	}
580	if ($notes != "") {
581	echo "<br><br><b>"._NOTE."</b> <i>$notes</i>";
582	}
583	}
584		=
585	function adminblock() {	+-
586	global $admin, $prefix, $dbi;
587	if (is_admin($admin)) {
588	$result = sql_query("select title, content from ".$prefix."_blocks where bkey='admin'", $dbi);
589	while(list($title, $content) = sql_fetch_array($result, $dbi)) {
590	$content = "<font class=\"content\">$content</font>";
591	themesidebox($title, $content);
592	}	=	163	}
593	$title = ""._WAITINGCONT."";	<>	164	mxSessionSetVar("lang",$GLOBALS["currentlang"]);
594	$result = sql_query("select * from ".$prefix."_queue", $dbi);		165	mxSetNukeCookie("lang", $GLOBALS["currentlang"], 1);
595	$num = sql_num_rows($result, $dbi);		166	$GLOBALS["lang"] = $GLOBALS["currentlang"];
596	$content = "<font class=\"content\">";		167	$_COOKIE["lang"] = $GLOBALS["currentlang"];
597	$content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=submissions\">"._SUBMISSIONS."</a>: $num<br>";		168	$HTTP_COOKIE_VARS["lang"] = $GLOBALS["currentlang"];
598	$result = sql_query("select * from ".$prefix."_reviews_add", $dbi);		169	include_once("language/lang-".$GLOBALS["currentlang"].".php");
599	$num = sql_num_rows($result, $dbi);
600	$content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=reviews\">"._WREVIEWS."</a>: $num<br>";
601	$result = sql_query("select * from ".$prefix."_links_newlink", $dbi);
602	$num = sql_num_rows($result, $dbi);
603	$content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=Links\">"._WLINKS."</a>: $num<br>";
604	$result = sql_query("select * from ".$prefix."_downloads_newdownload", $dbi);
605	$num = sql_num_rows($result, $dbi);
606	$content .= "<strong><big>·</big></strong> <a href=\"admin.php?op=downloads\">"._UDOWNLOADS."</a>: $num<br></font>";
607	themesidebox($title, $content);
608	}
609	}
610		=	170
611	function loginbox() {	<>	171	/// hier kann die Systemkonfiguration überprüft werden
612	global $user;		172	/// einfach folgende Zeile einkommentieren
613	if (!is_user($user)) {
614	$title = _LOGIN;
615	$boxstuff = "<form action=\"modules.php?name=Your_Account\" method=\"post\">";
616	$boxstuff .= "<center><font class=\"content\">"._NICKNAME."<br>";
617	$boxstuff .= "<input type=\"text\" name=\"uname\" size=\"8\" maxlength=\"25\"><br>";
618	$boxstuff .= ""._PASSWORD."<br>";
619	$boxstuff .= "<input type=\"password\" name=\"pass\" size=\"8\" maxlength=\"20\"><br>";
620	$boxstuff .= "<input type=\"hidden\" name=\"op\" value=\"login\">";
621	$boxstuff .= "<input type=\"submit\" value=\""._LOGIN."\"></font></center></form>";
622	$boxstuff .= "<center><font class=\"content\">"._ASREGISTERED."</font></center>";
623	themesidebox($title, $boxstuff);
624	}
625	}
626		=	173
627	function userblock() {	<>
628	global $user, $cookie, $prefix, $dbi, $user_prefix;
629	if((is_user($user)) AND ($cookie[8])) {
630	$getblock = sql_query("select ublock from ".$user_prefix."_users where uid='$cookie[0]'", $dbi);
631	$title = ""._MENUFOR." $cookie[1]";
632	list($ublock) = sql_fetch_row($getblock, $dbi);
633	themesidebox($title, $ublock);
634	}
635	}		174	# mxSystemInfo();
636		=	175
637	function getTopics($s_sid) {	<>	176	#mxDebugFuncVars($GLOBALS);
638	global $topicname, $topicimage, $topictext, $prefix, $dbi;
639	$sid = $s_sid;
640	$result = sql_query("SELECT topic FROM ".$prefix."_stories where sid=$sid", $dbi);
641	list($topic) = sql_fetch_row($result, $dbi);
642	$result = sql_query("SELECT topicid, topicname, topicimage, topictext FROM ".$prefix."_topics where topicid=$topic", $dbi);
643	list($topicid, $topicname, $topicimage, $topictext) = sql_fetch_row($result, $dbi);
644	}		177
645			178	/* CVS-Log:
646	function headlines($bid, $cenbox=0) {
647	global $prefix, $dbi;		179	$Log: mainfile.php,v $
648	$result = sql_query("select title, content, url, refresh, time from ".$prefix."_blocks where bid='$bid'", $dbi);		180	Revision 1.10 2003/11/05 16:27:33 EllselAn
649	list($title, $content, $url, $refresh, $otime) = sql_fetch_row($result, $dbi);		181	phpNuke6.5 Datenbanklayer einbinden
650	$past = time()-$refresh;
651	if ($otime < $past) {
652	$btime = time();
653	$rdf = parse_url($url);
654	$fp = fsockopen($rdf['host'], 80, $errno, $errstr, 15);
655	if (!$fp) {
656	$content = "";
657	//$content = "<font class=\"content\">"._RSSPROBLEM."</font>";
658	$result = sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);
659	$cont = 0;
660	if ($cenbox == 0) {
661	themesidebox($title, $content);
662	} else {
663	themecenterbox($title, $content);
664	}
665	return;
666	}		182
667	if ($fp) {		183	Revision 1.9 2003/10/01 12:00:51 EllselAn
668	fputs($fp, "GET " . $rdf['path'] . "?" . $rdf['query'] . " HTTP/1.0\r\n");		184	problem mit file_exists bei safe_mode=on
669	fputs($fp, "HOST: " . $rdf['host'] . "\r\n\r\n");
670	$string = "";
671	while(!feof($fp)) {
672	$pagetext = fgets($fp,300);
673	$string .= chop($pagetext);
674	}
675	fputs($fp,"Connection: close\r\n\r\n");
676	fclose($fp);
677	$items = explode("</item>",$string);
678	$content = "<font class=\"content\">";
679	for ($i=0;$i<10;$i++) {
680	$link = ereg_replace(".*<link>","",$items[$i]);
681	$link = ereg_replace("</link>.*","",$link);
682	$title2 = ereg_replace(".*<title>","",$items[$i]);
683	$title2 = ereg_replace("</title>.*","",$title2);
684	if ($items[$i] == "") {
685	$content = "";
686	sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);
687	$cont = 0;
688	if ($cenbox == 0) {
689	themesidebox($title, $content);
690	} else {
691	themecenterbox($title, $content);
692	}
693	return;
694	} else {
695	if (strcmp($link,$title)) {
696	$cont = 1;
697	$content .= "<strong><big>·</big></strong><a href=\"$link\" target=\"new\">$title2</a><br>\n";
698	}
699	}
700	}
701		=	185
702	}	<>	186	Revision 1.8 2003/09/28 22:35:39 HeidriDa
703	sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);		187	Die Upload Klasse wird included!
704	}		188
705	$siteurl = ereg_replace("http://","",$url);		189	Revision 1.7 2003/09/27 15:41:28 EllselAn
706	$siteurl = explode("/",$siteurl);		190	microtime-ermittlung für Benchmark optimiert
707	if (($cont == 1) OR ($content != "")) {
708	$content .= "<br><a href=\"http://$siteurl[0]\" target=\"blank\"><b>"._HREADMORE."</b></a></font>";
709	} elseif (($cont == 0) OR ($content == "")) {
710	$content = "<font class=\"content\">"._RSSPROBLEM."</font>";
711	}		191
712	if ($cenbox == 0) {		192	Revision 1.6 2003/09/16 22:14:32 EllselAn
713	themesidebox($title, $content);		193	ini_set/ini_get Befehle geändert
714	} else {		194	register_globals Fix für $_FILES
715	themecenterbox($title, $content);
716	}
717	}
718		=	195
719	function automated_news() {	<>	196	Revision 1.5 2003/09/11 20:30:23 EllselAn
720	global $prefix, $multilingual, $currentlang, $dbi;		197	einbinden der config.php geändert
721	if ($multilingual == 1) {
722	$querylang = "WHERE (alanguage='$currentlang' OR alanguage='')"; /* the OR is needed to display stories who are posted to ALL languages */
723	} else {
724	$querylang = "";
725	}
726	$today = getdate();
727	$day = $today[mday];
728	if ($day < 10) {
729	$day = "0$day";
730	}
731	$month = $today[mon];
732	if ($month < 10) {
733	$month = "0$month";
734	}
735	$year = $today[year];
736	$hour = $today[hours];
737	$min = $today[minutes];
738	$sec = "00";
739	$result = sql_query("select anid, time from ".$prefix."_autonews $querylang", $dbi);
740	while(list($anid, $time) = sql_fetch_row($result, $dbi)) {
741	ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $date);
742	if (($date[1] <= $year) AND ($date[2] <= $month) AND ($date[3] <= $day)) {
743	if (($date[4] < $hour) AND ($date[5] >= $min) OR ($date[4] <= $hour) AND ($date[5] <= $min)) {
744	$result2 = sql_query("select catid, aid, title, time, hometext, bodytext, topic, informant, notes, ihome, alanguage, acomm from ".$prefix."_autonews where anid='$anid'", $dbi);
745	while(list($catid, $aid, $title, $a_time, $hometext, $bodytext, $topic, $author, $notes, $ihome, $alanguage, $acomm) = sql_fetch_row($result2, $dbi)) {
746	$title = stripslashes(FixQuotes($title));
747	$hometext = stripslashes(FixQuotes($hometext));
748	$bodytext = stripslashes(FixQuotes($bodytext));
749	$notes = stripslashes(FixQuotes($notes));
750	sql_query("insert into ".$prefix."_stories values (NULL, '$catid', '$aid', '$title', '$a_time', '$hometext', '$bodytext', '0', '0', '$topic', '$author', '$notes', '$ihome', '$alanguage', '$acomm', '0', '0', '0', '0')", $dbi);
751	sql_query("delete from ".$prefix."_autonews where anid='$anid'", $dbi);
752	}		198
753	}		199	Revision 1.4 2003/09/06 00:40:42 EllselAn
754	}		200	einschalten von Errormeldungen im debugmode
755	}
756	}		201
757		=	202
758	function themecenterbox($title, $content) {	<>
759	OpenTable();
760	echo "<center><fon class=\"option\"><b>$title</b></font></center><br>"
761	."$content";
762	CloseTable();
763	echo "<br>";
764	}		203	*/
765		=	204
766	?>		205	?>