Posted on: 05/02/05 07:49pm
By: Anonymous
Posted on: 05/02/05 08:14pm
By: vadertech
Posted on: 05/02/05 08:17pm
By: Anonymous
Posted on: 05/02/05 08:28pm
By: vadertech
Posted on: 05/02/05 08:47pm
By: Anonymous
Posted on: 05/02/05 09:28pm
By: vadertech
Posted on: 05/02/05 09:35pm
By: Anonymous
Posted on: 05/02/05 09:39pm
By: vadertech
Posted on: 05/02/05 09:53pm
By: Anonymous
<?php
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
// | Geeklog 1.3 |
// +---------------------------------------------------------------------------+
// | config.php |
// | |
// | Geeklog configuration file. |
// +---------------------------------------------------------------------------+
// | Copyright (C) 2001-2004 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony@tonybibbs.com |
// | Dirk Haun - dirk@haun-online.de |
// +---------------------------------------------------------------------------+
// | |
// | This program is free software; you can redistribute it and/or |
// | modify it under the terms of the GNU General Public License |
// | as published by the Free Software Foundation; either version 2 |
// | of the License, or (at your option) any later version. |
// | |
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +---------------------------------------------------------------------------+
// | See the docs/install.html and docs/config.html files for more information |
// | on configuration. |
// +---------------------------------------------------------------------------+
//
// $Id: config.php,v 1.148 2004/12/31 10:33:31 dhaun Exp $
// When setting up Geeklog for the first time, you need to make sure the
// settings in the following 3 sections are correct:
// (1) Database Settings
// (2) Paths
// (3) Site Settings
// You can adjust the other settings once your site is up and running.
// +---------------------------------------------------------------------------+
// | (1) Database Settings |
// +---------------------------------------------------------------------------+
$_DB_host = 'localhost'; // host name or IP address of your DB server
$_DB_name = 'shrimp_geeklog'; // name of your database,
// must exist before running the installer!
$_DB_user = 'geeklog'; // MySQL user name
$_DB_pass = 'im not saying'; // MySQL password
// The table prefix is prepended to each table used by Geeklog to avoid name
// collisions with other tables that may already exist in your database.
$_DB_table_prefix = 'gl_'; // e.g. 'gl_'
// +---------------------------------------------------------------------------+
// | (2) Paths |
// +---------------------------------------------------------------------------+
// Note for Windows users: It's safe to use the forward slash '/' instead of
// the backslash '\' in paths. Make sure each path starts with a drive letter!
// This should point to the directory where your config.php file resides.
$_CONF['path'] = '/geeklog-1.3.11/config.php/'; // should end in a slash
// You only need to change this if you moved or renamed the public_html
// directory. In that case, you should specify the complete path to the
// directory (i.e. without the $_CONF['path']) like this:
// $_CONF['path_html'] = '/path/to/your/public_html/';
$_CONF['path_html'] = $_CONF['path'] . 'public_html/';
// +---------------------------------------------------------------------------+
// | (3) Site Settings |
// +---------------------------------------------------------------------------+
// Make sure this is the correct URL to your site, i.e. to where Geeklog's
// index.php file resides (no trailing slash).
$_CONF['site_url'] = 'http://www.2halo2.com';
// Some hosting services have a preconfigured admin directory. In that case,
// you need to rename Geeklog's admin directory to something like "myadmin"
// and change the following URL as well. Leave as is until you experience any
// problems accessing Geeklog's admin menu.
$_CONF['site_admin_url'] = $_CONF['site_url'] . '/admin';
// This is the return address for all email sent by Geeklog:
$_CONF['site_mail'] = 'admin@2halo2.com';
// Name and slogan of your site
$_CONF['site_name'] = '2 Halo 2';
$_CONF['site_slogan'] = 'All Your Halo Needs';
// ****************************************************************************
// * If you set up Geeklog for the first time, you shouldn't need to change *
// * anything below this line. Come back here once the site is up and running.*
// ****************************************************************************
// Note: See the file docs/config.html for more information on the settings.
// +---------------------------------------------------------------------------+
// | OTHER PATH SETTINGS |
// | |
// | All paths must have a trailing slash ('/'). |
// +---------------------------------------------------------------------------+
// you shouldn't need to edit theses
$_CONF['path_system'] = $_CONF['path'] . 'system/';
$_CONF['path_log'] = $_CONF['path'] . 'logs/';
$_CONF['path_language'] = $_CONF['path'] . 'language/';
$_CONF['backup_path'] = $_CONF['path'] . 'backups/';
$_CONF['path_data'] = $_CONF['path'] . 'data/';
// If you set path_images to something other than the default, you will need to
// make sure that you add the following subdirectories to that directory:
// articles/, userphotos/
$_CONF['path_images'] = $_CONF['path_html'] . 'images/';
// +---------------------------------------------------------------------------+
// | PEAR Settings |
// | |
// | Geeklog uses PEAR to send emails (see "Email Settings" below). Here you |
// | can tell Geeklog whether to use the PEAR packages installed on your |
// | server or to use the included packages. |
// +---------------------------------------------------------------------------+
// If your server is running PHP 4.3.0 (or newer) then chances are that PEAR
// is already installed and you can change this to: $_CONF['have_pear'] = true;
$_CONF['have_pear'] = false;
// Geeklog comes with the necessary PEAR packages and will pick them up from
// the following directory if $_CONF['have_pear'] = false (above).
$_CONF['path_pear'] = $_CONF['path_system'] . 'pear/';
// +---------------------------------------------------------------------------+
// | Email Settings |
// | |
// | Configure how Geeklog sends email: Via PHP's mail() function, sendmail, |
// | or via an SMTP server. |
// +---------------------------------------------------------------------------+
// To send email from Geeklog, you will need to select one of the following
// email backends:
// - 'mail', i.e. use PHP's built-in mail() function
// - 'sendmail', i.e. use the sendmail utility
// - 'smtp', i.e. talk directly to your SMTP server
// The default is 'mail' and will work in most environments.
$_CONF['mail_settings'] = array (
'backend' => 'mail', // can be one of 'mail', 'sendmail', 'smtp'
// sendmail parameters (only needed for 'backend' => 'sendmail')
'sendmail_path' => '/usr/bin/sendmail',
'sendmail_args' => '',
// SMTP parameters (only needed for 'backend' => 'smtp')
'host' => 'smtp.example.com',
'port' => '25',
'auth' => false,
'username' => 'smtp-username',
'password' => 'smtp-password'
);
// +---------------------------------------------------------------------------+
// | OTHER DATABASE SETTINGS |
// | |
// | Database type and database backup settings. |
// +---------------------------------------------------------------------------+
$_DB_dbms = 'mysql'; // Do not change (currently, only MySQL is supported)
// optional settings for making database backups from within Geeklog
$_CONF['allow_mysqldump'] = 1; // 1 = on, 0 = off
// full path to mysqldump executable (Windows users: add ".exe"!)
$_DB_mysqldump_path = '/usr/bin/mysqldump';
// additional options for mysqldump
// If you're using InnoDB tables, include the '--single-transaction' or you
// may end up with inconsistent backups!
$_CONF['mysqldump_options'] = '-Q';
// +---------------------------------------------------------------------------+
// | SITE SETTINGS |
// | |
// | These settings help define your Geeklog site. |
// +---------------------------------------------------------------------------+
$_CONF['theme'] = 'professional'; // default theme
// List of entries that you want to see in the site's menu bar (if you're using
// a theme that uses the {menu_elements} variable in its header.thtml).
// Choose any combination of the following (order here = order in the menu).
$_CONF['menu_elements'] = array
(
// 'home', // link to homepage
'contribute', // contribute / "submit a story" link
'links', // link to the links section (aka web resources)
'polls', // link to past polls
'calendar', // link to the site calendar
'search', // link to advanced search
'stats', // link to site stats
// 'prefs', // link to user's preferences
'plugins' // links added by plugins, like {plg_menu_elements}
// 'custom' // for custom links (see lib-custom.php)
);
// you shouldn't need to edit the following
$_CONF['layout_url'] = $_CONF['site_url'] . '/layout/' . $_CONF['theme'];
$_CONF['path_themes'] = $_CONF['path_html'] . 'layout/';
$_CONF['path_layout'] = $_CONF['path_themes'] . $_CONF['theme'] . '/';
// optional settings (1 = on, 0 = off)
$_CONF['allow_user_themes'] = 1;
$_CONF['allow_user_language'] = 1;
$_CONF['allow_user_photo'] = 1; // allow users to upload self-photo
// Allow users to change their username (if set to 1).
$_CONF['allow_username_change'] = 0;
// Allow users to delete their account (if set to 1).
$_CONF['allow_account_delete'] = 0;
// hides the list of authors from the preferences
$_CONF['hide_author_exclusion'] = 0;
// Used by COM_displayName to return Members's Full Name else username (1 = yes, 0 = no)
$_CONF['show_fullname'] = 0;
// +---------------------------------------------------------------------------+
// | Support for custom user registration form and account details |
// | Requires custom functions to be written that can be placed in lib-custom |
// | Function hooks are in users.php, usersettings.php and admin/user.php |
// +---------------------------------------------------------------------------+
$_CONF['custom_registration'] = false; // Set to true if you have custom code
// +---------------------------------------------------------------------------+
// | Define action to be taken by SPAMX module if spam detected |
// | Current SPAMX module supports two actions which can be combined |
// | Additional classes can be added as well as other plugin extensions |
// | Actions: 128 = ignore comment and redirect to homepage |
// | 8 = mail admin message |
// | 136 (SUM) ignore and email adming |
// +---------------------------------------------------------------------------+
$_CONF['spamx'] = 128; // Default to ignore comment.
// +---------------------------------------------------------------------------+
// | Support for custom templaes to support advanced Rich Text Editor |
// | Checked in comment.php, submit.php, admin/story.php and |
// | staticpages/index.php. If set true and advanced template exists |
// +---------------------------------------------------------------------------+
$_CONF['advanced_editor'] = false;
// +---------------------------------------------------------------------------+
// | LOCALE SETTINGS |
// | |
// | see docs/config.html#locale for details |
// +---------------------------------------------------------------------------+
$_CONF['language'] = 'english';
$_CONF['locale'] = 'en-gb';
$_CONF['date'] = '%A, %B %d %Y @ %I:%M %p %Z';
$_CONF['daytime'] = '%m/%d %I:%M%p';
$_CONF['shortdate'] = '%x';
$_CONF['dateonly'] = '%d-%b';
$_CONF['timeonly'] = '%I:%M%p';
$_CONF['week_start'] = 'Sun'; // can be 'Sun' or 'Mon'
$_CONF['default_charset'] = 'iso-8859-1';
// "Timezone Hack"
// If your webserver is located in a different timezone than yourself but you
// prefer Geeklog to post stories in your local time, then set your local
// timezone here.
//
// Please note that this does not work when safe_mode is on!
//
// For more information, see this discussion on geeklog.net:
// http://www.geeklog.net/forum/viewtopic.php?showtopic=21232
// $_CONF['timezone'] = 'Etc/GMT-6'; // e.g. 6 hours behind GMT
// +---------------------------------------------------------------------------+
// | SITE STATUS |
// | |
// | To disable your Geeklog site quickly, simply set this flag to false |
// +---------------------------------------------------------------------------+
$_CONF['site_enabled'] = true; // true or false
// Message shown when site is down
// When this starts with 'http:' visitors are redirected to that URL
$_CONF['site_disabled_msg'] = 'Geeklog Site is down. Please come back soon.';
// +---------------------------------------------------------------------------+
// | SESSION SETTINGS |
// | |
// | cookie_ip will store md5(remoteip + randomnum) as the session ID in the |
// | cookie. This is more secure but will more than likely require dialed up |
// | users to login each and every time. If ipbasedsessid is turned off |
// | (which it is by default) it will just store a random number as the |
// | session ID in the cookie. |
// | |
// | default_perm_cookie_timeout is how long you want the permanent cookie |
// | to persist for (in seconds). This can be overridden by the user in |
// | their user prefs if they want. If you set the default to 0, users will |
// | have to log in again once their session expired. |
// | |
// | session_cookie_time is how long you want the session cookie to persist |
// | for. Only really useful in scenarios where you don't want to allow |
// | permanent cookies |
// +---------------------------------------------------------------------------+
$_CONF['cookie_session'] = 'gl_session';
$_CONF['cookie_name'] = 'geeklog';
$_CONF['cookie_password'] = 'password';
$_CONF['cookie_theme'] = 'theme';
$_CONF['cookie_language'] = 'language';
$_CONF['cookie_lastvisit'] = 'LastVisit';
$_CONF['cookie_lastvisittemp'] = 'LastVisitTemp';
$_CONF['cookie_ip'] = 0;
$_CONF['default_perm_cookie_timeout'] = 28800;
$_CONF['session_cookie_timeout'] = 7200;
$_CONF['cookie_path'] = '/';
$_CONF['cookiedomain'] = ''; // e.g. '.example.com'
$_CONF['cookiesecure'] = 0;
// Geeklog keeps track of when a user last logged in. Set this to false
// if you don't want that.
$_CONF['lastlogin'] = true;
// +---------------------------------------------------------------------------+
// | This is really redundant but I am including this as a reminder that those |
// | people writing Geeklog Plug-ins that are OS dependent should check either |
// | the $_CONF variable below or PHP_OS directly. If you are writing an |
// | addon that is OS specific your addon should check the system is using the |
// | right OS. If not, be sure to show a friendly message that says their GL |
// | distro isn't running the right OS. Do not modify this value |
// +---------------------------------------------------------------------------+
$_CONF['ostype'] = PHP_OS;
// Note: PDF conversion didn't make it into this release. Leave as is.
$_CONF['pdf_enabled'] = 0;
// +---------------------------------------------------------------------------+
// | SEARCH SETTINGS |
// | |
// | These aren't really used at the moment - leave as is ... |
// +---------------------------------------------------------------------------+
// Indicates if we should expand search results or not.
// true = show title with summary
// false = title date author hits on one line
$_CONF['expanded_search_results'] = true;
// 0: use users max stories per page
// 1: Show all
// any other number is the # of results per page
$_CONF['max_search_results'] = 1;
// maximum length for the summary text for search results should be
$_CONF['summary_length'] = 250;
// +---------------------------------------------------------------------------+
// | MISCELLANEOUS SETTINGS |
// | |
// | These are other various Geeklog settings. The defaults should work OK |
// | for most situations. |
// +---------------------------------------------------------------------------+
// this lets you select which functions are available for registered users only
$_CONF['loginrequired'] = 0; // all of them, if set to 1 will override all else
$_CONF['submitloginrequired'] = 0;
$_CONF['commentsloginrequired'] = 0;
$_CONF['linksloginrequired'] = 0;
$_CONF['pollsloginrequired'] = 0;
$_CONF['calendarloginrequired'] = 0;
$_CONF['statsloginrequired'] = 0;
$_CONF['searchloginrequired'] = 0;
$_CONF['profileloginrequired'] = 0;
$_CONF['emailuserloginrequired'] = 0;
$_CONF['emailstoryloginrequired'] = 0;
// Submission Settings
// enable (set to 1) or disable (set to 0) submission queues:
$_CONF['storysubmission'] = 1;
$_CONF['linksubmission'] = 1;
$_CONF['eventsubmission'] = 1;
$_CONF['usersubmission'] = 0; // 1 = new users must be approved
// When set to 1, this will display an additional block on the submissions page
// that lists all stories that have the 'draft' flag set.
$_CONF['listdraftstories'] = 0;
// Send an email notification when a new submission has been made. The contents
// of the array can be any combination of 'story', 'comment', 'link', 'event',
// and 'user'.
// Example: $_CONF['notification'] = array ('story', 'link', 'event');
// The email will be sent to $_CONF['site_mail'] (see above).
$_CONF['notification'] = array ();
$_CONF['postmode'] = 'plaintext'; // can be 'plaintext' or 'html'
$_CONF['speedlimit'] = 45; // in seconds
$_CONF['skip_preview'] = 0; // If = 1, allow user to submit comments and stories without previewing
// Topic Settings
// Topics can be assigned a sort number so that you can control what order they
// appear in the 'Topics' block on the homepage. If you prefer you can also
// have this sort alphabetically by changing the value to 'alpha' (default is
// by 'sortnum'
$_CONF['sortmethod'] = 'sortnum'; // or 'alpha'
// Show the number of stories in a topic in Topics Block
$_CONF['showstorycount'] = 1;
// Show the number of story submissions for a topic in Topics Block
$_CONF['showsubmissioncount'] = 1;
// Hide 'Home' link from Topics block (if set to 1)
$_CONF['hide_home_link'] = 0;
// Show blocks for empty search results
$_CONF['showemptysearchresults'] = 0;
// Who's Online block settings
// How long an anonymous (guest) user session is good for
$_CONF['whosonline_threshold'] = 300; // in seconds
// Show full names (= 1) or usernames (= 0) in Who's Online block
$_CONF['whosonline_fullname'] = 0; // 1 = show full names, 0 = usernames
// If set to 1, don't show names of registered users to anonymous users
$_CONF['whosonline_anonymous'] = 0; // 1 = don't show names to anon. users
// "Daily Digest" settings
// Let users get stories emailed to them
// Requires cron and the use of php as a shell script
$_CONF['emailstories'] = 0;
// Specify length of stories in those emails:
// 0 = send only title + link, 1 = send entire introtext,
// any other number = max. number of characters per story
$_CONF['emailstorieslength'] = 1;
// New users get stories emailed to them per default (= 1) or not (= 0)
$_CONF['emailstoriesperdefault'] = 0;
// When user submission is activated, allow users from these domains to
// register without having to go through the submission queue.
$_CONF['allow_domains'] = ''; // e.g. 'mycompany.com,myothercompany.com'
// Following times are in seconds
$_CONF['newstoriesinterval'] = 86400; // = 24 hours
$_CONF['newcommentsinterval'] = 172800; // = 48 hours
$_CONF['newlinksinterval'] = 1209600; // = 14 days
// Set to 1 to hide a section from the What's New block:
$_CONF['hidenewstories'] = 0;
$_CONF['hidenewcomments'] = 0;
$_CONF['hidenewlinks'] = 0;
$_CONF['hidenewplugins'] = 0;
// Link to the documentation from the Admin block (0 = hide link, 1 = show)
$_CONF['link_documentation'] = 1;
// Calendar Settings
$_CONF['personalcalendars'] = 1;
$_CONF['showupcomingevents'] = 1;
$_CONF['upcomingeventsrange'] = 14; // days
$_CONF['event_types'] = 'Anniversary,Appointment,Birthday,Business,Education,Holiday,Meeting,Miscellaneous,Personal,Phone Call,Special Occasion,Travel,Vacation';
// Story Settings
$_CONF['maximagesperarticle'] = 5;
$_CONF['limitnews'] = 10;
$_CONF['minnews'] = 1; // minimum number of stories per page
$_CONF['contributedbyline'] = 1; // If 1, show contributed by line
$_CONF['article_image_align'] = 'right'; // Topic icon on left or right.
$_CONF['hideemailicon'] = 0; // If 1, hide "email story" option
$_CONF['hideprintericon'] = 0; // If 1, hide "printer friendly" option
// Advanced theme settings
// It is recommended to leave these unchanged and overwrite them in the theme's
// functions.php instead.
// When set to 1, this will render the first story on any page using the
// templates for featured stories - even if that story is not featured.
$_CONF['showfirstasfeatured'] = 0;
// When set to 1, this will make the {left_blocks} variable available in
// footer.thtml (and disable it in header.thtml). This is really only useful
// for two-column layouts where you want the left column contain the stories
// and the right column contain the standard blocks.
$_CONF['left_blocks_in_footer'] = 0;
// +---------------------------------------------------------------------------+
// | RSS feed settings |
// | |
// | Settings for RSS feeds (aka RDF feeds). Please note that most of these |
// | are merely default settings for the feeds created from the "Content |
// | Syndication" entry in the Admin's menu. |
// +---------------------------------------------------------------------------+
$_CONF['backend'] = 1; // 1 = activate feeds, 0 = off
// path to your site's default RSS feed
$_CONF['rdf_file'] = $_CONF['path_html'] . 'backend/geeklog.rdf';
// This allows a person to limit the rss feed to a certain number of stories
// (e.g. 10 or 12) or else limit the rss feed to all stories within a certain
// period of time in hours (e.g. 24h or 168h).
$_CONF['rdf_limit'] = 10; // number of stories (10) or hours (24h)
// Include the story's entire intro text in the feed (= 1) or limit the number
// of characters from the intro text (any number > 1) or don't include the text
// at all (= 0).
$_CONF['rdf_storytext'] = 0;
// Default language for the feed - may have to be different than the locale
$_CONF['rdf_language'] = 'en-gb';
// Uncomment the following line to set the copyright year in the site's footer
// to a specific year. Otherwise, the current year will be used.
// $_CONF['copyrightyear'] = '2004';
// Optional Image Settings
// If you set $_CONF['image_lib'] below, you must supply a path for the library
// you will use. Setting this also assumes that if a photo is uploaded that is
// too big either by the image sizes below or by overriding them using the
// upload object then the library you choose will attempt to resize the image.
// Leaving this value empty disables this feature
$_CONF['image_lib'] = ''; // can be one of 'netpbm', 'imagemagick', 'gdlib'
// If you set image_lib to 'imagemagick' give the complete path to mogrify
// here (i.e. including the name of the executable), otherwise comment it out
// NOTE: requires ImageMagick version 5.4.9 (or newer)
//$_CONF['path_to_mogrify'] = '/path/to/mogrify';
// If you set image_lib to 'netpbm' give the path to the netpbm directory, you
// need the trailing slash here.
// NOTE: if you use NETPBM, use the latest package from the Gallery package for
// your operating system found at http://sourceforge.net/projects/gallery in
// the download section. You need to take the netpbm tarball from them and
// uncompress the file which will create a netpbm directory. If you plan to
// only use netpbm with Geeklog, put that entire folder in /path/to/geeklog and
// adjust the path below. The only programs you need from netpbm are giftopnm,
// jpegtopnm, pngtopnm, ppmtogif, pnmtojpeg, pnmtopng and pnmscale
//$_CONF['path_to_netpbm'] = '/path/to/netpbm/';
// Uncomment the following line if you experience problems with the image
// upload. Debug messages will be added to the error.log file.
// $_CONF['debug_image_upload'] = true;
// When set to 1, Geeklog will keep the original, unscaled images and make
// the smaller image link to the unscaled image.
$_CONF['keep_unscaled_image'] = 0; // 1 = keep original images
// Story image settings
$_CONF['max_image_width'] = 160; // In pixels
$_CONF['max_image_height'] = 120; // In pixels
$_CONF['max_image_size'] = 1048576; // 1048576 = 1MB
// User photo settings
$_CONF['max_photo_width'] = 128; // In pixels
$_CONF['max_photo_height'] = 128; // In pixels
$_CONF['max_photo_size'] = 65536; // 65536 = 64KB
// Comment Settings
$_CONF['commentspeedlimit'] = 45;
$_CONF['comment_limit'] = 100; // Default Number of Comments under Story
$_CONF['comment_mode'] = 'threaded'; // Default Comment Mode; from 'threaded','nested','nocomments',and 'flat'
// Allow / disallow comments to stories by default (can be changed individually for every story)
$_CONF['comment_code'] = 0; // 0 = comments enabled, -1 = disabled
// Poll Settings
$_CONF['maxanswers'] = 10; // max. number of options in a poll
// 'submitorder' is the order in which answers are saved in admin/poll.php
// 'voteorder' will list answers ordered by number of votes (highest->lowest);
$_CONF['answerorder'] = 'submitorder';
$_CONF['pollcookietime'] = 86400;
$_CONF['polladdresstime'] = 604800;
// Password setting: minimum time between two requests for a new password
$_CONF['passwordspeedlimit'] = 300; // seconds = 5 minutes
// Links Settings
// You can set both of the following to 0 to get back the old (pre-1.3.6)
// style of the links section. Setting only linkcols to 0 will hide the
// categories but keep the paging. Setting only linksperpage to 0 will list
// all the links of the selected category on one page.
$_CONF['linkcols'] = 3; // categories per column
$_CONF['linksperpage'] = 10; // links per page
// Parameters for checking HTML tags
// *** Warning: Adding the following tags to the list of allowable HTML can
// *** make your site vulnerable to scripting attacks!
// *** Use with care: <img> <span> <marquee> <script> <embed> <object> <iframe>
/* This is a list of HTML tags that users are allowed to use in their posts.
* Each tag can have a list of allowed attributes (see 'a' for an example).
* Any attributes not listed will be filtered, i.e. removed.
*/
$_CONF['user_html'] = array (
'p' => array(),
'b' => array(),
'i' => array(),
'a' => array('href' => 1, 'title' => 1),
'em' => array(),
'br' => array(),
'tt' => array(),
'hr' => array(),
'li' => array(),
'ol' => array(),
'ul' => array(),
'code' => array(),
'pre' => array()
);
/* This is a list of HTML tags that Admins (site admin and story admins) can
* use in their posts. It will be merged with the above list of user-allowable
* tags ($_CONF['user_html']). You can also add tags that have already been
* listed for the user-allowed HTML, so as to allow admins to use more
* attributes (see 'p' for an example).
*/
$_CONF['admin_html'] = array (
'p' => array('class' => 1, 'id' => 1, 'align' => 1),
'div' => array('class' => 1, 'id' => 1),
'span' => array('class' => 1, 'id' => 1),
'table' => array('class' => 1, 'id' => 1, 'width' => 1, 'border' => 1,
'cellspacing' => 1, 'cellpadding' => 1),
'tr' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1),
'th' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
'colspan' => 1, 'rowspan' => 1),
'td' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
'colspan' => 1, 'rowspan' => 1)
);
// list of protocols that are allowed in links
$_CONF['allowed_protocols'] = array ('http:', 'https:', 'ftp:');
// disables autolinks if set to 1
$_CONF['disable_autolinks'] = 0; // 0 = autolinks enabled
// Parameters for checking for "bad" words
$_CONF['censormode'] = 1;
$_CONF['censorreplace'] = '*censored*';
$_CONF['censorlist'] = array('*censored*','*censored*','*censored*er','*censored*ing','*censored*','*censored*','*censored*','*censored*','*censored*','*censored*','*censored*','*censored*','*censored*ing','mother*censored*er');
// IP lookup support
//
// If $_CONF['ip_lookup'] contains the URL to a web-based service for IP
// address lookups, Geeklog will let you click on IP addresses so that you
// can find out where a visitor came from. This can either be a remote
// service or a plugin like Tom Willet's Nettools.
// The '*' in the URL will be replaced with the IP address to look up.
//
// uncomment this line if you have Tom Willet's Nettools installed
// $_CONF['ip_lookup'] = $_CONF['site_url'] . '/nettools/whois.php?domain=*';
// This feature, when activated, makes some of Geeklog's URLs more crawler
// friendly, i.e. more likely to be picked up by search engines.
// Only implemented for stories, static pages, and portal links right now.
//
// Note: Works with Apache (Linux and Windows successfully tested).
// Unresolvable issues with systems running IIS; known PHP CGI bug.
$_CONF['url_rewrite'] = false; // false = off, true = on
// Define a few useful things for GL
// Story Record Options for the STATUS Field
define('STORY_ARCHIVE_ON_EXPIRE', '10');
define('STORY_DELETE_ON_EXPIRE', '11');
if (!defined ('LB')) {
define('LB',"\n");
}
if (!defined ('VERSION')) {
define('VERSION', '1.3.11');
}
$_STATES = array(
'--'=>'',
'AL'=>'Alabama',
'AK'=>'Alaska',
'AZ'=>'Arizona',
'AR'=>'Arkansas',
'CA'=>'California',
'CO'=>'Colorado',
'CT'=>'Connecticut',
'DE'=>'Delaware',
'DC'=>'District of Columbia',
'FL'=>'Florida',
'GA'=>'Georgia',
'HI'=>'Hawaii',
'ID'=>'Idaho',
'IL'=>'Illinois',
'IN'=>'Indiana',
'IA'=>'Iowa',
'KS'=>'Kansas',
'KY'=>'Kentucky',
'LA'=>'Louisiana',
'ME'=>'Maine',
'MD'=>'Maryland',
'MA'=>'Massachusetts',
'MI'=>'Michigan',
'MN'=>'Minnesota',
'MS'=>'Mississippi',
'MO'=>'Missouri',
'MT'=>'Montana',
'NE'=>'Nebraska',
'NV'=>'Nevada',
'NH'=>'New Hampshire',
'NJ'=>'New Jersey',
'NM'=>'New Mexico',
'NY'=>'New York',
'NC'=>'North Carolina',
'ND'=>'North Dakota',
'OH'=>'Ohio',
'OK'=>'Oklahoma',
'OR'=>'Oregon',
'PA'=>'Pennsylvania',
'RI'=>'Rhode Island',
'SC'=>'South Carolina',
'SD'=>'South Dakota',
'TN'=>'Tennessee',
'TX'=>'Texas',
'UT'=>'Utah',
'VT'=>'Vermont',
'VA'=>'Virginia',
'WA'=>'Washington',
'WV'=>'West Virginia',
'WI'=>'Wisconsin',
'WY'=>'Wyoming'
);
?>
Posted on: 05/02/05 09:59pm
By: Anonymous
<?php
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
// | Geeklog 1.3 |
// +---------------------------------------------------------------------------+
// | lib-common.php |
// | |
// | Geeklog common library. |
// +---------------------------------------------------------------------------+
// | Copyright (C) 2000-2004 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony@tonybibbs.com |
// | Mark Limburg - mlimburg@users.sourceforge.net |
// | Jason Whittenburg - jwhitten@securitygeeks.com |
// | Dirk Haun - dirk@haun-online.de |
// | Vincent Furia - vinny01@users.sourceforge.net |
// +---------------------------------------------------------------------------+
// | |
// | This program is free software; you can redistribute it and/or |
// | modify it under the terms of the GNU General Public License |
// | as published by the Free Software Foundation; either version 2 |
// | of the License, or (at your option) any later version. |
// | |
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +---------------------------------------------------------------------------+
//
// $Id: lib-common.php,v 1.408 2004/12/29 08:43:37 dhaun Exp $
// Prevent PHP from reporting uninitialized variables
error_reporting( E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR );
/**
* This is the common library for Geeklog. Through our code, you will see
* functions with the COM_ prefix (e.g. COM_siteHeader()). Any such functions
* can be found in this file. This file provides all configuration variables
* needed by Geeklog with a series of includes (see futher down).
*
* --- You only need to modify one line in this file! ---
*
* WARNING: put any custom hacks in lib-custom.php and not in here. This file is
* modified frequently by the Geeklog development team. If you put your hacks in
* lib-custom.php you will find upgrading much easier.
*
*/
/**
* Turn this on to get various debug messages from the code in this library
* @global Boolean $_COM_VERBOSE
*/
$_COM_VERBOSE = false;
/**
* Configuration Include: You should ONLY have to modify this line.
* Leave the rest of this file intact!
*
* Make sure to include the name of the config file,
* i.e. the path should end in .../config.php
*/
require_once( '/geeklog-1.3.11/config.php' );
// Before we do anything else, check to ensure site is enabled
if( isset( $_CONF['site_enabled'] ) && !$_CONF['site_enabled'] )
{
if( empty( $_CONF['site_disabled_msg'] ))
{
echo $_CONF['site_name'] . ' is temporarily down. Please check back soon';
}
else
{
// if the msg starts with http: assume it's a URL we should redirect to
if( preg_match( "/^(https?):/", $_CONF['site_disabled_msg'] ) === 1 )
{
echo COM_refresh( $_CONF['site_disabled_msg'] );
}
else
{
echo $_CONF['site_disabled_msg'];
}
}
exit;
}
// this file can't be used on its own - redirect to index.php
if( eregi( 'lib-common.php', $HTTP_SERVER_VARS['PHP_SELF'] ))
{
echo COM_refresh( $_CONF['site_url'] . '/index.php' );
exit;
}
// timezone hack - set the webserver's timezone
if( !empty( $_CONF['timezone'] ) && !ini_get( 'safe_mode' ) &&
function_exists( 'putenv' )) {
putenv( 'TZ=' . $_CONF['timezone'] );
}
// +---------------------------------------------------------------------------+
// | Library Includes: You shouldn't have to touch anything below here |
// +---------------------------------------------------------------------------+
/**
* If needed, add our PEAR path to the list of include paths
*
*/
if( !$_CONF['have_pear'] )
{
$curPHPIncludePath = ini_get( 'include_path' );
if( defined( 'PATH_SEPARATOR' ))
{
$separator = PATH_SEPARATOR;
}
else
{
// prior to PHP 4.3.0, we have to guess the correct separator ...
$separator = ';';
if( strpos( $curPHPIncludePath, $separator ) === false )
{
$separator = ':';
}
}
if( ini_set( 'include_path', $_CONF['path_pear'] . $separator
. $curPHPIncludePath ) === false )
{
COM_errorLog( 'ini_set failed - there may be problems using the PEAR classes.', 1);
}
}
/**
* This is necessary to ensure compatibility with PHP 4.1.x
*
*/
if( !function_exists( 'is_a' ))
{
require_once( 'PHP/Compat.php' );
PHP_Compat::loadFunction( 'is_a' );
}
/**
* Include page time -- used to time how fast each page was created
*
*/
require_once( $_CONF['path_system'] . 'classes/timer.class.php' );
$_PAGE_TIMER = new timerobject();
$_PAGE_TIMER->startTimer();
/**
* Include URL class
*
* This provides optional URL rewriting functionality.
* Please note this code is still experimental and is only currently used by the
* staticpages plugin.
*/
require_once( $_CONF['path_system'] . 'classes/url.class.php' );
$_URL = new url( $_CONF['url_rewrite'] );
/**
* This is our HTML template class. It is the same one found in PHPLib and is
* licensed under the LGPL. See that file for details
*
*/
require_once( $_CONF['path_system'] . 'classes/template.class.php' );
/**
* This is the database library.
*
* Including this gives you a working connection to the database
*
*/
require_once( $_CONF['path_system'] . 'lib-database.php' );
/**
* This is the security library used for application security
*
*/
require_once( $_CONF['path_system'] . 'lib-security.php' );
/**
* This is the syndication library used to offer (RSS) feeds.
*
*/
require_once( $_CONF['path_system'] . 'lib-syndication.php' );
/**
* This is the custom library.
*
* It is the sandbox for every Geeklog Admin to play in.
* We will never modify this file. This should hold all custom
* hacks to make upgrading easier.
*
*/
require_once( $_CONF['path_system'] . 'lib-custom.php' );
/**
* Include plugin class.
* This is a poorly implemented class that was not very well thought out.
* Still very necessary
*
*/
require_once( $_CONF['path_system'] . 'lib-plugins.php' );
/**
* Session management library
*
*/
require_once( $_CONF['path_system'] . 'lib-sessions.php' );
/**
* Ulf Harnhammar's kses class
*
*/
require_once( $_CONF['path_system'] . 'classes/kses.class.php' );
// Set theme
// Need to modify this code to check if theme was cached in user cookie. That
// way if user logged in and set theme and then logged out we would still know
// which theme to show them.
if( !empty( $HTTP_POST_VARS['usetheme'] ) && is_dir( $_CONF['path_themes']
. $HTTP_POST_VARS['usetheme'] ))
{
$_CONF['theme'] = $HTTP_POST_VARS['usetheme'];
$_CONF['path_layout'] = $_CONF['path_themes'] . $_CONF['theme'] . '/';
$_CONF['layout_url'] = $_CONF['site_url'] . '/layout/' . $_CONF['theme'];
}
else if( $_CONF['allow_user_themes'] == 1 )
{
if( isset( $HTTP_COOKIE_VARS[$_CONF['cookie_theme']]) && empty($_USER['theme'] ))
{
if( is_dir( $_CONF['path_themes'] . $HTTP_COOKIE_VARS[$_CONF['cookie_theme']] ))
{
$_USER['theme'] = $HTTP_COOKIE_VARS[$_CONF['cookie_theme']];
}
}
if( !empty( $_USER['theme'] ))
{
if( is_dir( $_CONF['path_themes'] . $_USER['theme'] ))
{
$_CONF['theme'] = $_USER['theme'];
$_CONF['path_layout'] = $_CONF['path_themes'] . $_CONF['theme'] . '/';
$_CONF['layout_url'] = $_CONF['site_url'] . '/layout/' . $_CONF['theme'];
}
else
{
$_USER['theme'] = $_CONF['theme'];
}
}
}
/**
* Include theme functions file
*/
// Include theme functions file which may/may not do anything
if( file_exists( $_CONF['path_layout'] . 'functions.php' ))
{
require_once( $_CONF['path_layout'] . 'functions.php' );
}
// Similarly set language
if( isset( $HTTP_COOKIE_VARS[$_CONF['cookie_language']]) && empty( $_USER['language'] ))
{
if( is_file( $_CONF['path_language'] . $HTTP_COOKIE_VARS[$_CONF['cookie_language']] . '.php' ))
{
$_USER['language'] = $HTTP_COOKIE_VARS[$_CONF['cookie_language']];
$_CONF['language'] = $HTTP_COOKIE_VARS[$_CONF['cookie_language']];
}
}
else if( !empty( $_USER['language'] ))
{
if( is_file( $_CONF['path_language'] . $_USER['language'] . '.php' ))
{
$_CONF['language'] = $_USER['language'];
}
}
// Handle Who's Online block
if( empty( $_USER['uid'] ) OR $_USER['uid'] == 1 )
{
// The following code handles anonymous users so they show up properly
DB_query( "DELETE FROM {$_TABLES['sessions']} WHERE remote_ip = '{$HTTP_SERVER_VARS['REMOTE_ADDR']}' AND uid = 1" );
$tries = 0;
do
{
// Build a useless sess_id (needed for insert to work properly)
mt_srand(( double )microtime() * 1000000 );
$sess_id = mt_rand();
$curtime = time();
// Insert anonymous user session
$result = DB_query( "INSERT INTO {$_TABLES['sessions']} (sess_id, start_time, remote_ip, uid) VALUES ($sess_id, $curtime, '{$HTTP_SERVER_VARS['REMOTE_ADDR']}', 1)", 1 );
$tries++;
}
while(( $result === false) && ( $tries < 5 ));
}
// Clear out any expired sessions
DB_query( "DELETE FROM {$_TABLES['sessions']} WHERE uid = 1 AND start_time < " . ( time() - $_CONF['whosonline_threshold'] ));
/**
*
* Language include
*
*/
require_once( $_CONF['path_language'] . $_CONF['language'] . '.php' );
if( setlocale( LC_ALL, $_CONF['locale'] ) === false )
{
setlocale( LC_TIME, $_CONF['locale'] );
}
/**
* Global array of groups current user belongs to
*
* @global array $_GROUPS
*
*/
$_GROUPS = SEC_getUserGroups( $_USER['uid'] );
/**
* Global array of current user permissions [read,edit]
*
* @global array $_RIGHTS
*
*/
$_RIGHTS = explode( ',', SEC_getUserPermissions() );
if( isset( $HTTP_GET_VARS['topic'] ))
{
$topic = COM_applyFilter( $HTTP_GET_VARS['topic'] );
}
else if( isset( $HTTP_POST_VARS['topic'] ))
{
$topic = COM_applyFilter( $HTTP_POST_VARS['topic'] );
}
else
{
$topic = '';
}
// +---------------------------------------------------------------------------+
// | HTML WIDGETS |
// +---------------------------------------------------------------------------+
/**
* Return the file to use for a block template.
*
* This returns the template needed to build the HTML for a block. This function
* allows designers to give a block it's own custom look and feel. If no
* templates for the block are specified, the default blockheader.html and
* blockfooter.html will be used.
*
* @param string $blockname corresponds to name field in block table
* @param string $which can be either 'header' or 'footer' for corresponding template
* @see function COM_startBlock
* @see function COM_endBlock
* @see function COM_showBlocks
* @see function COM_showBlock
* @return string template name
*/
function COM_getBlockTemplate( $blockname, $which )
{
global $_BLOCK_TEMPLATE, $_COM_VERBOSE;
if( $_COM_VERBOSE )
{
COM_errorLog( "_BLOCK_TEMPLATE[$blockname] = " . $_BLOCK_TEMPLATE[$blockname], 1 );
}
if( !empty( $_BLOCK_TEMPLATE[$blockname] ))
{
$templates = explode( ',', $_BLOCK_TEMPLATE[$blockname] );
if( $which == 'header' )
{
if( !empty( $templates[0] ))
{
$template = $templates[0];
}
else
{
$template = 'blockheader.thtml';
}
}
else
{
if( !empty( $templates[1] ))
{
$template = $templates[1];
}
else
{
$template = 'blockfooter.thtml';
}
}
}
else
{
if( $which == 'header' )
{
$template = 'blockheader.thtml';
}
else
{
$template = 'blockfooter.thtml';
}
}
if( $_COM_VERBOSE )
{
COM_errorLog( "Block template for the $which of $blockname is: $template", 1 );
}
return $template;
}
/**
* Gets all installed themes
*
* Gets all directory names in /path/to/geeklog/themes/ and returns all the
* directories
*
* @return array All installed themes
*/
function COM_getThemes( $all = false )
{
global $_CONF;
$index = 1;
$themes = array();
$fd = opendir( $_CONF['path_themes'] );
// If users aren't allowed to change their theme then only return the default theme
if(( $_CONF['allow_user_themes'] == 0 ) && !$all )
{
$themes[$index] = $_CONF['theme'];
}
else
{
while(( $dir = @readdir( $fd )) == TRUE )
{
if( is_dir( $_CONF['path_themes'] . $dir) && $dir <> '.' && $dir <> '..' && $dir <> 'CVS' && substr( $dir, 0 , 1 ) <> '.' )
{
clearstatcache();
$themes[$index] = $dir;
$index++;
}
}
}
return $themes;
}
/**
* Create the menu, i.e. replace {menu_elements} in the site header with the
* actual menu entries.
*
* @param Template $header reference to the header template
* @param array $plugin_menu array of plugin menu entries, if any
*
*/
function COM_renderMenu( &$header, $plugin_menu )
{
global $_CONF, $_USER, $LANG01, $topic;
if( empty( $_CONF['menu_elements'] ))
{
$_CONF['menu_elements'] = array( // default set of links
'contribute', 'links', 'polls', 'calendar', 'search', 'stats',
'plugins' );
}
$anon = ( empty( $_USER['uid'] ) || ( $_USER['uid'] <= 1 )) ? true : false;
$allowedCounter = 0;
$counter = 0;
$num_plugins = sizeof( $plugin_menu );
if( ( $num_plugins == 0 ) && in_array( 'plugins', $_CONF['menu_elements'] ))
{
$key = array_search( 'plugins', $_CONF['menu_elements'] );
unset( $_CONF['menu_elements'][$key] );
}
if( in_array( 'custom', $_CONF['menu_elements'] ))
{
$custom_entries = array();
if( function_exists( 'CUSTOM_menuEntries' ))
{
$custom_entries = CUSTOM_menuEntries();
}
if( sizeof( $custom_entries ) == 0 )
{
$key = array_search( 'custom', $_CONF['menu_elements'] );
unset( $_CONF['menu_elements'][$key] );
}
}
$num_elements = sizeof( $_CONF['menu_elements'] );
foreach( $_CONF['menu_elements'] as $item )
{
$counter++;
$allowed = true;
$last_entry = ( $counter == $num_elements ) ? true : false;
switch( $item )
{
case 'calendar':
$url = $_CONF['site_url'] . '/calendar.php';
$label = $LANG01[74];
if( $anon && ( $_CONF['loginrequired'] ||
$_CONF['calendarloginrequired'] ))
{
$allowed = false;
}
break;
case 'contribute':
if( empty( $topic ))
{
$url = $_CONF['site_url'] . '/submit.php?type=story';
$header->set_var( 'current_topic', '' );
}
else
{
$url = $_CONF['site_url']
. '/submit.php?type=story&topic=' . $topic;
$header->set_var( 'current_topic', '&topic=' . $topic );
}
$label = $LANG01[71];
if( $anon && ( $_CONF['loginrequired'] ||
$_CONF['submitloginrequired'] ))
{
$allowed = false;
}
break;
case 'custom':
$custom_count = 0;
$custom_size = sizeof( $custom_entries );
foreach( $custom_entries as $entry )
{
$custom_count++;
if( empty( $entry['url'] ) || empty( $entry['label'] ))
{
continue;
}
$header->set_var( 'menuitem_url', $entry['url'] );
$header->set_var( 'menuitem_text', $entry['label'] );
if( $last_entry && ( $custom_count == $custom_size ))
{
$header->parse( 'menu_elements', 'menuitem_last',
true );
}
else
{
$header->parse( 'menu_elements', 'menuitem', true );
}
}
$url = '';
$label = '';
break;
case 'home':
$url = $_CONF['site_url'] . '/';
$label = $LANG01[90];
break;
case 'links':
$url = $_CONF['site_url'] . '/links.php';
$label = $LANG01[72];
if( $anon &&
( $_CONF['loginrequired'] || $_CONF['linksloginrequired'] ))
{
$allowed = false;
}
break;
case 'plugins':
for( $i = 1; $i <= $num_plugins; $i++ )
{
$header->set_var( 'menuitem_url', current( $plugin_menu ));
$header->set_var( 'menuitem_text', key( $plugin_menu ));
if( $last_entry && ( $i == $num_plugins ))
{
$header->parse( 'menu_elements', 'menuitem_last',
true );
}
else
{
$header->parse( 'menu_elements', 'menuitem', true );
}
next( $plugin_menu );
}
$url = '';
$label = '';
break;
case 'polls':
$url = $_CONF['site_url'] . '/pollbooth.php';
$label = $LANG01[73];
if( $anon &&
( $_CONF['loginrequired'] || $_CONF['pollsloginrequired'] ))
{
$allowed = false;
}
break;
case 'prefs':
$url = $_CONF['site_url'] . '/usersettings.php?mode=edit';
$label = $LANG01[48];
break;
case 'search':
$url = $_CONF['site_url'] . '/search.php';
$label = $LANG01[75];
if( $anon && ( $_CONF['loginrequired'] ||
$_CONF['searchloginrequired'] ))
{
$allowed = false;
}
break;
case 'stats':
$url = $_CONF['site_url'] . '/stats.php';
$label = $LANG01[76];
if( $anon &&
( $_CONF['loginrequired'] || $_CONF['statsloginrequired'] ))
{
$allowed = false;
}
break;
}
if( !empty( $url ) && !empty( $label ))
{
$header->set_var( 'menuitem_url', $url );
$header->set_var( 'menuitem_text', $label );
if( $last_entry )
{
$header->parse( 'menu_elements', 'menuitem_last', true );
}
else
{
$header->parse( 'menu_elements', 'menuitem', true );
}
if( $allowed )
{
if( $last_entry )
{
$header->parse( 'allowed_menu_elements', 'menuitem_last',
true );
}
else
{
$header->parse( 'allowed_menu_elements', 'menuitem', true );
}
$allowedCounter++;
}
}
}
if( $allowedCounter == 0 )
{
$header->parse( 'allowed_menu_elements', 'menuitem_none', true );
}
}
/**
* Returns the site header
*
* This loads the proper templates, does variable substitution and returns the
* HTML for the site header with or without blocks depending on the value of $what
*
* Programming Note:
*
* The two functions COM_siteHeader and COM_siteFooter provide the framework for page display
* in Geeklog. COM_siteHeader controls the display of the Header and left blocks and COM_siteFooter
* controls the dsiplay of the right blocks and the footer. You use them like a sandwich. Thus the
* following code will display a Geeklog page with both right and left blocks displayed.
*
* -------------------------------------------------------------------------------------
* <?php
* require_once('lib-common.php');
* $display .= COM_siteHeader(); //Change to COM_siteHeader('none') to not display left blocks
* $display .= "Here is your html for display";
* $display .= COM_siteFooter(true); // Change to COM_siteFooter() to not display right blocks
* echo $display;
* ? >
* ---------------------------------------------------------------------------------------
* Note that the default for the header is to display the left blocks and the default of the
* footer is to not display the right blocks.
*
* This sandwich produces code like this (greatly simplified)
*
* // COM_siteHeader
* <table><tr><td colspan="3">Header</td></tr>
* <tr><td>Left Blocks</td><td>
*
* // Your HTML goes here
* Here is your html for display
*
* // COM_siteFooter
* </td><td>Right Blocks</td></tr>
* <tr><td colspan="3">Footer</td></table>
*
* @param string $what If 'none' then no left blocks are returned, if 'menu' (default) then right blocks are returned
* @param string $pagetitle optional content for the page's <title>
* @return string Formatted HTML containing the site header
* @see function COM_siteFooter
*
*/
function COM_siteHeader( $what = 'menu', $pagetitle = '' )
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG_BUTTONS, $LANG_CHARSET,
$topic, $_COM_VERBOSE, $HTTP_POST_VARS, $HTTP_GET_VARS;
// If the theme implemented this for us then call their version instead.
$function = $_CONF['theme'] . '_siteHeader';
if( function_exists( $function ))
{
return $function( $what, $pagetitle );
}
// If we reach here then either we have the default theme OR
// the current theme only needs the default variable substitutions
$header = new Template( $_CONF['path_layout'] );
$header->set_file( array(
'header' => 'header.thtml',
'menuitem' => 'menuitem.thtml',
'menuitem_last' => 'menuitem_last.thtml',
'menuitem_none' => 'menuitem_none.thtml',
'leftblocks' => 'leftblocks.thtml'
));
// get topic if not on home page
if( !isset( $HTTP_GET_VARS['topic'] ))
{
if( isset( $HTTP_GET_VARS['story'] ))
{
$sid = COM_applyFilter( $HTTP_GET_VARS['story'] );
}
elseif( isset( $HTTP_GET_VARS['sid'] ))
{
$sid = COM_applyFilter( $HTTP_GET_VARS['sid'] );
}
elseif( isset( $HTTP_POST_VARS['story'] ))
{
$sid = COM_applyFilter( $HTTP_POST_VARS['story'] );
}
if( !empty( $sid ))
{
$topic = DB_getItem( $_TABLES['stories'], 'tid', "sid='$sid'" );
}
}
else
{
$topic = COM_applyFilter( $HTTP_GET_VARS['topic'] );
}
if( empty( $pagetitle ) && isset( $_CONF['pagetitle'] ))
{
$pagetitle = $_CONF['pagetitle'];
}
if( empty( $pagetitle ))
{
if( empty( $topic ))
{
$pagetitle = $_CONF['site_slogan'];
}
else
{
$pagetitle = DB_getItem( $_TABLES['topics'], 'topic',
"tid = '$topic'" );
}
}
if( !empty( $pagetitle ))
{
$pagetitle = ' - ' . $pagetitle;
}
$header->set_var( 'page_title', $_CONF['site_name'] . $pagetitle );
$header->set_var( 'background_image', $_CONF['layout_url'] . '/images/bg.gif' );
$header->set_var( 'site_url', $_CONF['site_url'] );
$header->set_var( 'layout_url', $_CONF['layout_url'] );
$header->set_var( 'site_mail', "mailto:{$_CONF['site_mail']}" );
$header->set_var( 'site_name', $_CONF['site_name'] );
$header->set_var( 'site_slogan', $_CONF['site_slogan'] );
$rdf = substr_replace( $_CONF['rdf_file'], $_CONF['site_url'], 0,
strlen( $_CONF['path_html'] ) - 1 );
$header->set_var( 'rdf_file', $rdf );
$header->set_var( 'rss_url', $rdf );
$msg = $LANG01[67] . ' ' . $_CONF['site_name'];
if( !empty( $_USER['username'] ))
{
$msg .= ', ' . $_USER['username'];
}
$curtime = COM_getUserDateTimeFormat();
$header->set_var( 'welcome_msg', $msg );
$header->set_var( 'datetime', $curtime[0] );
$header->set_var( 'site_logo', $_CONF['layout_url'] . '/images/logo.gif' );
$header->set_var( 'css_url', $_CONF['layout_url'] . '/style.css' );
$header->set_var( 'theme', $_CONF['theme'] );
if( empty( $LANG_CHARSET ))
{
$charset = $_CONF['default_charset'];
if( empty( $charset ))
{
$charset = 'iso-8859-1';
}
}
else
{
$charset = $LANG_CHARSET;
}
$header->set_var( 'charset', $charset );
// Now add variables for buttons like e.g. those used by the Yahoo theme
$header->set_var( 'button_home', $LANG_BUTTONS[1] );
$header->set_var( 'button_contact', $LANG_BUTTONS[2] );
$header->set_var( 'button_contribute', $LANG_BUTTONS[3] );
$header->set_var( 'button_links', $LANG_BUTTONS[4] );
$header->set_var( 'button_polls', $LANG_BUTTONS[5] );
$header->set_var( 'button_calendar', $LANG_BUTTONS[6] );
$header->set_var( 'button_sitestats', $LANG_BUTTONS[7] );
$header->set_var( 'button_personalize', $LANG_BUTTONS[8] );
$header->set_var( 'button_search', $LANG_BUTTONS[9] );
$header->set_var( 'button_advsearch', $LANG_BUTTONS[10] );
// Get plugin menu options
$plugin_menu = PLG_getMenuItems();
if( $_COM_VERBOSE )
{
COM_errorLog( 'num plugin menu items in header = ' . count( $plugin_menu ), 1 );
}
// Now add nested template for menu items
COM_renderMenu( $header, $plugin_menu );
if( count( $plugin_menu ) == 0 )
{
$header->parse( 'plg_menu_elements', 'menuitem_none', true );
}
else
{
for( $i = 1; $i <= count( $plugin_menu ); $i++ )
{
$header->set_var( 'menuitem_url', current( $plugin_menu ));
$header->set_var( 'menuitem_text', key( $plugin_menu ));
if( $i == count( $plugin_menu ))
{
$header->parse( 'plg_menu_elements', 'menuitem_last', true );
}
else
{
$header->parse( 'plg_menu_elements', 'menuitem', true );
}
next( $plugin_menu );
}
}
if( $_CONF['left_blocks_in_footer'] == 1 )
{
$header->set_var( 'geeklog_blocks', '' );
$header->set_var( 'left_blocks', '' );
}
else
{
$lblocks = '';
/* Check if an array has been passed that includes the name of a plugin
* function or custom function
* This can be used to take control over what blocks are then displayed
*/
if( is_array( $what ))
{
$function = $what[0];
if( function_exists( $function ))
{
$lblocks = $function( $what[1], 'left' );
}
}
else if( $what <> 'none' )
{
// Now show any blocks -- need to get the topic if not on home page
$lblocks = COM_showBlocks( 'left', $topic );
}
if( empty( $lblocks ))
{
$header->set_var( 'geeklog_blocks', '' );
$header->set_var( 'left_blocks', '' );
}
else
{
$header->set_var( 'geeklog_blocks', $lblocks );
$header->parse( 'left_blocks', 'leftblocks', true );
}
}
// Call any plugin that may want to include extra Meta tags
// or Javascript functions
$header->set_var( 'plg_headercode', PLG_getHeaderCode() );
// Call to plugins to set template variables in the header
PLG_templateSetVars( 'header', $header );
// The following lines allow users to embed PHP in their templates. This
// is almost a contradition to the reasons for using templates but this may
// prove useful at times ...
// Don't use PHP in templates if you can live without it!
$tmp = $header->parse( 'index_header', 'header' );
ob_start();
eval( '?>' . $tmp );
$retval = ob_get_contents();
ob_end_clean();
return $retval;
}
/**
* Returns the site footer
*
* This loads the proper templates, does variable substitution and returns the
* HTML for the site footer.
*
* @param boolean $rightblock Whether or not to show blocks on right hand side default is no
* @param array $custom An array defining custom function to be used to format Rightblocks
* @see function COM_siteHeader
* @return string Formated HTML containing site footer and optionally right blocks
*
*/
function COM_siteFooter( $rightblock = false, $custom = '' )
{
global $_CONF, $_TABLES, $LANG01, $_PAGE_TIMER, $topic;
// If the theme implemented this for us then call their version instead.
$function = $_CONF['theme'] . '_siteFooter';
if( function_exists( $function ))
{
return $function( $rightblock );
}
// Set template directory
$footer = new Template( $_CONF['path_layout'] );
// Set template file
$footer->set_file( array(
'footer' => 'footer.thtml',
'rightblocks' => 'rightblocks.thtml',
'leftblocks' => 'leftblocks.thtml'
));
// Do variable assignments
DB_change( $_TABLES['vars'], 'value', 'value + 1', 'name', 'totalhits', '', true );
$footer->set_var( 'site_url', $_CONF['site_url']);
$footer->set_var( 'layout_url',$_CONF['layout_url']);
$footer->set_var( 'site_mail', "mailto:{$_CONF['site_mail']}" );
$footer->set_var( 'site_name', $_CONF['site_name'] );
$footer->set_var( 'site_slogan', $_CONF['site_slogan'] );
$rdf = substr_replace( $_CONF['rdf_file'], $_CONF['site_url'], 0,
strlen( $_CONF['path_html'] ) - 1 );
$footer->set_var( 'rdf_file', $rdf );
$footer->set_var( 'rss_url', $rdf );
$year = date( 'Y' );
$copyrightyear = $year;
if( !empty( $_CONF['copyrightyear'] ))
{
$copyrightyear = $_CONF['copyrightyear'];
}
$footer->set_var( 'copyright_notice', ' ' . $LANG01[93] . ' © '
. $copyrightyear . ' ' . $_CONF['site_name'] . '<br> '
. $LANG01[94] );
$footer->set_var( 'copyright_msg', $LANG01[93] . ' © '
. $copyrightyear . ' ' . $_CONF['site_name'] );
$footer->set_var( 'current_year', $year );
$footer->set_var( 'lang_copyright', $LANG01[93] );
$footer->set_var( 'trademark_msg', $LANG01[94] );
$footer->set_var( 'powered_by', $LANG01[95] );
$footer->set_var( 'geeklog_url', 'http://www.geeklog.net/' );
$footer->set_var( 'geeklog_version', VERSION );
/* Check if an array has been passed that includes the name of a plugin
* function or custom function.
* This can be used to take control over what blocks are then displayed
*/
if( is_array( $custom ))
{
$function = $custom['0'];
if( function_exists( $function ))
{
$rblocks = $function( $custom['1'], 'right' );
}
}
elseif( $rightblock )
{
$rblocks = COM_showBlocks( 'right', $topic );
}
if( $rightblock && !empty( $rblocks ))
{
$footer->set_var( 'geeklog_blocks', $rblocks );
$footer->parse( 'right_blocks', 'rightblocks', true );
}
else
{
$footer->set_var( 'geeklog_blocks', '' );
$footer->set_var( 'right_blocks', '' );
}
if( $_CONF['left_blocks_in_footer'] == 1 )
{
$lblocks = '';
/* Check if an array has been passed that includes the name of a plugin
* function or custom function
* This can be used to take control over what blocks are then displayed
*/
if( is_array( $custom ))
{
$function = $custom[0];
if( function_exists( $function ))
{
$lblocks = $function( $custom[1], 'left' );
}
}
else
{
$lblocks = COM_showBlocks( 'left', $topic );
}
if( empty( $lblocks ))
{
$footer->set_var( 'geeklog_blocks', '' );
$footer->set_var( 'left_blocks', '' );
}
else
{
$footer->set_var( 'geeklog_blocks', $lblocks );
$footer->parse( 'left_blocks', 'leftblocks', true );
}
}
// Global centerspan variable set in index.php
if( isset( $GLOBALS['centerspan'] ))
{
$footer->set_var( 'centerblockfooter-span', '</td></tr></table>' );
}
$exectime = $_PAGE_TIMER->stopTimer();
$exectext = $LANG01[91] . ' ' . $exectime . ' ' . $LANG01[92];
$footer->set_var( 'execution_time', $exectime );
$footer->set_var( 'execution_textandtime', $exectext );
// Actually parse the template and make variable substitutions
$footer->parse( 'index_footer', 'footer' );
// Return resulting HTML
return $footer->finish( $footer->get_var( 'index_footer' ));
}
/**
* Prints out standard block header
*
* Prints out standard block header but pulling header HTML formatting from
* the database.
*
* Programming Note: The two functions COM_startBlock and COM_endBlock are used
* to sandwich your block content. These functions are not used only for blocks
* but anything that uses that format, e.g. Stats page. They are used like
* COM_siteHeader and COM_siteFooter but for internal page elements.
*
*
* @param string $title Value to set block title to
* @param string $helpfile Help file, if one exists
* @param string $template HTML template file to use to format the block
* @see COM_endBlock
* @see COM_siteHeader For similiar construct
* @return string Formatted HTML containing block header
*
*/
function COM_startBlock( $title='', $helpfile='', $template='blockheader.thtml' )
{
global $_CONF, $LANG01;
$block = new Template( $_CONF['path_layout'] );
$block->set_file( 'block', $template );
$block->set_var( 'site_url', $_CONF['site_url'] );
$block->set_var( 'layout_url', $_CONF['layout_url'] );
$block->set_var( 'block_title', stripslashes( $title ));
if( !empty( $helpfile ))
{
if( !stristr( $helpfile, 'http://' ))
{
$help = '<a class="blocktitle" href="' . $_CONF['site_url'] . '/help/' . $helpfile
. '" target="_blank"><img src="' . $_CONF['layout_url']
. '/images/button_help.gif" border="0" alt="?"></a>';
}
else
{
$help = '<a class="blocktitle" href="' . $helpfile
. '" target="_blank"><img src="' . $_CONF['layout_url']
. '/images/button_help.gif" border="0" alt="?"></a>';
}
$block->set_var( 'block_help', $help );
}
$block->parse( 'startHTML', 'block' );
return $block->finish( $block->get_var( 'startHTML' ));
}
/**
* Closes out COM_startBlock
*
* @param string $template HTML template file used to format block footer
* @return string Formatted HTML to close block
* @see function COM_startBlock
*
*/
function COM_endBlock( $template='blockfooter.thtml' )
{
global $_CONF;
$block = new Template( $_CONF['path_layout'] );
$block->set_file( 'block', $template );
$block->set_var( 'site_url', $_CONF['site_url'] );
$block->set_var( 'layout_url', $_CONF['layout_url'] );
$block->parse( 'endHTML', 'block' );
return $block->finish( $block->get_var( 'endHTML' ));
}
/**
* Creates a <option> list from a database list for use in forms
*
* Creates option list form field using given arguments
*
* @param string $table Database Table to get data from
* @param string $selection Comma delimited string of fields to pull The first field is the value of the option and the second is the label to be displayed. This is used in a SQL statement and can include DISTINCT to start.
* @param string/array $selected Value (from $selection) to set to SELECTED or default
* @param int $sortcol Which field to sort option list by 0 (value) or 1 (label)
* @param string $where Optional WHERE clause to use in the SQL Selection
* @see function COM_checkList
* @return string Formated HTML of option values
*
*/
function COM_optionList( $table, $selection, $selected='', $sortcol=1, $where='' )
{
$retval = '';
$tmp = str_replace( 'DISTINCT ', '', $selection );
$select_set = explode( ',', $tmp );
$sql = "SELECT $selection FROM $table";
if( $where != '' )
{
$sql .= " WHERE $where";
}
$sql .= " ORDER BY {$select_set[$sortcol]}";
$result = DB_query( $sql );
$nrows = DB_numRows( $result );
for( $i = 0; $i < $nrows; $i++ )
{
$A = DB_fetchArray( $result, true );
$retval .= '<option value="' . $A[0] . '"';
if( is_array( $selected ) AND count( $selected ) > 0 )
{
foreach( $selected as $selected_item )
{
if( $A[0] == $selected_item )
{
$retval .= ' selected="selected"';
}
}
}
elseif( !is_array( $selected ) AND $A[0] == $selected )
{
$retval .= ' selected="selected"';
}
$retval .= '>' . $A[1] . '</option>' . LB;
}
return $retval;
}
/**
* Create and return a list of available topics
*
* This is a variation of COM_optionList() from lib-common.php. It will add
* only those topics to the option list which are accessible by the current
* user.
*
* @param string $selection Comma delimited string of fields to pull The first field is the value of the option and the second is the label to be displayed. This is used in a SQL statement and can include DISTINCT to start.
* @param string $selected Value (from $selection) to set to SELECTED or default
* @param int $sortcol Which field to sort option list by 0 (value) or 1 (label)
* @see function COM_optionList
* @return string Formated HTML of option values
*
*/
function COM_topicList( $selection, $selected='', $sortcol=1 )
{
global $_TABLES;
$retval = '';
$tmp = str_replace( 'DISTINCT ', '', $selection );
$select_set = explode( ',', $tmp );
$result = DB_query( "SELECT * FROM {$_TABLES['topics']}" . COM_getPermSQL()
. " ORDER BY $select_set[$sortcol]" );
$nrows = DB_numRows( $result );
for( $i = 0; $i < $nrows; $i++ )
{
$A = DB_fetchArray( $result, true );
$retval .= '<option value="' . $A[0] . '"';
if( $A[0] == $selected )
{
$retval .= ' selected';
}
$retval .= '>' . stripslashes( $A[1] ) . '</option>' . LB;
}
return $retval;
}
/**
* Creates a <input> checklist from a database list for use in forms
*
* Creates a group of checkbox form fields with given arguments
*
* @param string $table DB Table to pull data from
* @param string $selection Comma delimited list of fields to pull from table
* @param string $where Where clause of SQL statement
* @param string $selected Value to set to CHECKED
* @see function COM_optionList
* @return string HTML with Checkbox code
*
*/
function COM_checkList( $table, $selection, $where='', $selected='' )
{
global $_TABLES, $_COM_VERBOSE;
$retval = '';
$sql = "SELECT $selection FROM $table";
if( !empty( $where ))
{
$sql .= " WHERE $where";
}
$result = DB_query( $sql );
$nrows = DB_numRows( $result );
if( !empty( $selected ))
{
if( $_COM_VERBOSE )
{
COM_errorLog( "exploding selected array: $selected in COM_checkList", 1 );
}
$S = explode( ' ', $selected );
}
else
{
if( $_COM_VERBOSE)
{
COM_errorLog( 'selected string was empty COM_checkList', 1 );
}
$S = array();
}
for( $i = 0; $i < $nrows; $i++ )
{
$access = true;
$A = DB_fetchArray( $result, true );
if( $table == $_TABLES['topics'] AND SEC_hasTopicAccess( $A['tid'] ) == 0 )
{
$access = false;
}
if( $access )
{
$retval .= '<input type="checkbox" name="' . $table . '[]" value="' . $A[0] . '"';
for( $x = 0; $x < sizeof( $S ); $x++ )
{
if( $A[0] == $S[$x] )
{
$retval .= ' checked="checked"';
}
}
if(( $table == $_TABLES['blocks'] ) && isset( $A[2] ) && ( $A[2] == 'gldefault' ))
{
$retval .= '><b>' . stripslashes( $A[1] ) . '</b><br>' . LB;
}
else
{
$retval .= '>' . stripslashes( $A[1] ) . '<br>' . LB;
}
}
}
return $retval;
}
/**
* Prints out an associative array for debugging
*
* The core of this code has been lifted from phpweblog which is licenced
* under the GPL. This is not used very much in the code but you can use it
* if you see fit
*
* @param array $A Array to loop through and print values for
* @return string Formated HTML List
*
*/
function COM_debug( $A )
{
if( !empty( $A ))
{
$retval .= LB . '<pre><p>---- DEBUG ----</p>';
for( reset( $A ); $k = key( $A ); next( $A ))
{
$retval .= sprintf( "<li>%13s [%s]</li>n", $k, $A[$k] );
}
$retval .= '<p>---------------</p></pre>' . LB;
}
return $retval;
}
/**
*
* Checks to see if RDF file needs updating and updates it if so.
* Checks to see if we need to update the RDF as a result
* of an article with a future publish date reaching it's
* publish time and if so updates the RDF file.
*
* @see file lib-syndication.php
*
*/
function COM_rdfUpToDateCheck()
{
global $_CONF, $_TABLES;
if( $_CONF['backend'] > 0 )
{
$result = DB_query( "SELECT fid,type,topic,limits,update_info FROM {$_TABLES['syndication']} WHERE is_enabled = 1" );
$num = DB_numRows( $result );
for( $i = 0; $i < $num; $i++)
{
$A = DB_fetchArray( $result );
$is_current = true;
if( $A['type'] == 'geeklog' )
{
$is_current = SYND_feedUpdateCheck( $A['type'], $A['fid'],
$A['topic'], $A['update_info'], $A['limits'] );
}
else
{
$is_current = PLG_feedUpdateCheck( $A['type'], $A['fid'],
$A['topic'], $A['update_info'], $A['limits'] );
}
if( !$is_current )
{
SYND_updateFeed( $A['fid'] );
}
}
}
}
/**
* Checks and Updates the featured status of all articles.
*
* Checks to see if any articles that were published for the future have been
* published and, if so, will see if they are featured. If they are featured,
* this will set old featured article (if there is one) to normal
*
*/
function COM_featuredCheck()
{
global $_TABLES;
$curdate = date( "Y-m-d H:i:s", time() );
if( DB_getItem( $_TABLES['stories'], 'count(*)', "featured = 1 AND draft_flag = 0 AND date <= '$curdate'" ) > 1 )
{
// OK, we have two featured stories, fix that
$sid = DB_getItem( $_TABLES['stories'], 'sid', "featured = 1 AND draft_flag = 0 ORDER BY date LIMIT 1" );
DB_query( "UPDATE {$_TABLES['stories']} SET featured = 0 WHERE sid = '$sid'" );
}
}
/**
*
* Logs messages to error.log or the web page or both
*
* Prints a well formatted message to either the web page, error log
* or both.
*
* @param string $logentry Text to log to error log
* @param int $actionid 1 = write to log file, 2 = write to screen (default) both
* @see function COM_accessLog
* @return string If $actionid = 2 or '' then HTML formatted string (wrapped in block) else nothing
*
*/
function COM_errorLog( $logentry, $actionid = '' )
{
global $_CONF, $LANG01;
$retval = '';
if( !empty( $logentry ))
{
$timestamp = strftime( '%c' );
switch( $actionid )
{
case 1:
$logfile = $_CONF['path_log'] . 'error.log';
if( !$file = fopen( $logfile, 'a' ))
{
$retval .= $LANG01[33] . ' ' . $logfile . ' (' . $timestamp . ')<br>' . LB;
}
else
{
fputs( $file, "$timestamp - $logentry n" );
}
break;
case 2:
$retval .= COM_startBlock( $LANG01[55] . ' ' . $timestamp, '',
COM_getBlockTemplate( '_msg_block', 'header' ))
. nl2br( $logentry )
. COM_endBlock( COM_getBlockTemplate( '_msg_block',
'footer' ));
break;
default:
$logfile = $_CONF['path_log'] . 'error.log';
if( !$file = fopen( $logfile, 'a' ))
{
$retval .= $LANG01[33] . ' ' . $logfile . ' (' . $timestamp . ')<br>' . LB;
}
else
{
fputs( $file, "$timestamp - $logentry n" );
$retval .= COM_startBlock( $LANG01[34] . ' - ' . $timestamp,
'', COM_getBlockTemplate( '_msg_block',
'header' ))
. nl2br( $logentry )
. COM_endBlock( COM_getBlockTemplate( '_msg_block',
'footer' ));
}
break;
}
}
return $retval;
}
/**
* Logs message to access.log
*
* This will print a message to the Geeklog access log
*
* @param string $string Message to write to access log
* @see COM_errorLog
*
*/
function COM_accessLog( $logentry )
{
global $_CONF, $_USER, $LANG01, $HTTP_SERVER_VARS;
$retval = '';
$timestamp = strftime( '%c' );
$logfile = $_CONF['path_log'] . 'access.log';
if( !$file = fopen( $logfile, 'a' ))
{
return $LANG01[33] . $logfile . ' (' . $timestamp . ')<br>' . LB;
}
if( isset( $_USER['uid'] ))
{
$byuser = $_USER['uid'] . '@' . $HTTP_SERVER_VARS['REMOTE_ADDR'];
}
else
{
$byuser = 'anon@' . $HTTP_SERVER_VARS['REMOTE_ADDR'];
}
fputs( $file, "$timestamp ($byuser) - $logentryn" );
return $retval;
}
/**
* Shows a poll form
*
* Shows an HTML formatted poll for the given question ID
*
* @param string $qid ID for poll question
* @see function COM_pollResults
* @see function COM_showPoll
* @return string HTML Formatted Poll
*
*/
function COM_pollVote( $qid )
{
global $_CONF, $_TABLES, $LANG01, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS;
$retval = '';
$question = DB_query( "SELECT question,voters,commentcode,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['pollquestions']} WHERE qid='$qid'" );
$Q = DB_fetchArray( $question );
if( SEC_hasAccess( $Q['owner_id'], $Q['group_id'], $Q['perm_owner'], $Q['perm_group'], $Q['perm_members'], $Q['perm_anon'] ) == 0 )
{
return $retval;
}
$nquestion = DB_numRows( $question );
$fields = array( 'ipaddress', 'qid' );
$values = array( $HTTP_SERVER_VARS['REMOTE_ADDR'], $qid );
$id = DB_count( $_TABLES['pollvoters'], $fields, $values );
if( empty( $HTTP_COOKIE_VARS[$qid] ) && $id == 0 )
{
if( $nquestion == 1 )
{
$answers = DB_query( "SELECT answer,aid FROM {$_TABLES['pollanswers']} WHERE qid='$qid' ORDER BY aid" );
$nanswers = DB_numRows( $answers );
if( $nanswers > 0 )
{
$poll = new Template( $_CONF['path_layout'] . 'pollbooth' );
$poll->set_file( array( 'panswer' => 'pollanswer.thtml',
'block' => 'pollblock.thtml',
'comments' => 'pollcomments.thtml' ));
$poll->set_var( 'site_url', $_CONF['site_url'] );
$poll->set_var( 'layout_url', $_CONF['layout_url'] );
$poll->set_var( 'poll_question', $Q['question'] );
$poll->set_var( 'poll_id', $qid );
$poll->set_var( 'num_votes', $Q['voters'] );
$poll->set_var( 'poll_vote_url', $_CONF['site_url']
. '/pollbooth.php');
$poll->set_var( 'poll_results_url', $_CONF['site_url']
. '/pollbooth.php?qid=' . $qid . '&aid=-1');
$poll->set_var( 'lang_vote', $LANG01[56] );
$poll->set_var( 'lang_votes', $LANG01[8] );
$poll->set_var( 'lang_results', $LANG01[6] );
for( $i = 1; $i <= $nanswers; $i++ )
{
$A = DB_fetchArray( $answers );
$poll->set_var( 'answer_id', $A['aid'] );
$poll->set_var( 'answer_text', $A['answer'] );
$poll->parse( 'poll_answers', 'panswer', true );
}
if( $Q['commentcode'] >= 0 )
{
$poll->set_var( 'num_comments',
DB_count( $_TABLES['comments'], 'sid', $qid ));
$poll->set_var( 'lang_comments', $LANG01[3] );
$poll->set_var( 'poll_comments_url', $_CONF['site_url'] .
'/pollbooth.php?qid=' . $qid . '&aid=-1#comments');
$poll->parse( 'poll_comments', 'comments', true );
}
else
{
$poll->set_var( 'poll_comments', '' );
$poll->set_var( 'poll_comments_url', '' );
}
$title = DB_getItem( $_TABLES['blocks'], 'title',
"name='poll_block'" );
$retval = COM_startBlock( $title, '',
COM_getBlockTemplate( 'poll_block', 'header' ))
. $poll->finish( $poll->parse( 'output', 'block' ))
. COM_endBlock( COM_getBlockTemplate( 'poll_block', 'footer' )) . LB;
}
}
}
else
{
$retval .= COM_pollResults( $qid );
}
return $retval;
}
/**
* This shows a poll
*
* This will determine if a user needs to see the poll form OR the poll
* result.
*
* @param int $sise Size in pixels of poll results
* @param string $qid Question ID to show (optional)
* @see function COM_pollVote
* @see function COM_pollResults
* @return String HTML Formated string of Poll
*
*/
function COM_showPoll( $size, $qid='' )
{
global $_CONF, $_TABLES, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS;
$retval = '';
DB_query( "DELETE FROM {$_TABLES['pollvoters']} WHERE date < unix_timestamp() - {$_CONF['polladdresstime']}" );
if( !empty( $qid ))
{
$pcount = DB_count( $_TABLES['pollvoters'], array( 'ipaddress', 'qid' ),
array( $HTTP_SERVER_VARS['REMOTE_ADDR'], $qid ));
if( empty( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 )
{
$retval .= COM_pollVote( $qid );
}
else
{
$retval .= COM_pollResults( $qid, $size );
}
}
else
{
$result = DB_query( "SELECT qid from {$_TABLES['pollquestions']} WHERE display = 1 ORDER BY date DESC" );
$nrows = DB_numRows( $result );
if( $nrows > 0 )
{
for( $i = 1; $i <= $nrows; $i++ )
{
$Q = DB_fetchArray( $result );
$qid = $Q['qid'];
$id = array( 'ipaddress', 'qid' );
$value = array( $HTTP_SERVER_VARS['REMOTE_ADDR'], $qid );
$pcount = DB_count( $_TABLES['pollvoters'], $id, $value );
if( !isset( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 )
{
$retval .= COM_pollVote( $qid );
}
else
{
$retval .= COM_pollResults( $qid, $size );
}
}
}
}
return $retval;
}
/**
* Shows the results of a poll
*
* Shows the poll results for a give poll question
*
* @param string $qid ID for poll question to show
* @param int $scale Size in pixels to scale formatted results to
* @param string $order 'ASC' or 'DESC' for Comment ordering (SQL statment ordering)
* @param string $mode Comment Mode possible values 'nocomment', 'flat', 'nested', 'threaded'
* @see COM_pollVote
* @see COM_showPoll
* @return string HTML Formated Poll Results
*
*/
function COM_pollResults( $qid, $scale=400, $order='', $mode='' )
{
global $_TABLES, $LANG01, $LANG07, $_CONF, $_COM_VERBOSE;
$retval = '';
$question = DB_query( "SELECT question,voters,commentcode,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['pollquestions']} WHERE qid='$qid'" );
$Q = DB_fetchArray( $question );
if( SEC_hasAccess( $Q['owner_id'], $Q['group_id'], $Q['perm_owner'], $Q['perm_group'], $Q['perm_members'], $Q['perm_anon']) == 0 )
{
return $retval;
}
$nquestion = DB_numRows( $question );
if( $nquestion == 1 )
{
if( $_CONF['answerorder'] == 'voteorder' )
{
$answers = DB_query( "SELECT votes,answer FROM {$_TABLES['pollanswers']} WHERE qid='$qid' ORDER BY votes DESC" );
}
else
{
$answers = DB_query( "SELECT votes,answer FROM {$_TABLES['pollanswers']} WHERE qid='$qid' ORDER BY aid" );
}
$nanswers = DB_numRows( $answers );
if( $_COM_VERBOSE )
{
COM_errorLog( "got $answers answers in COM_pollResults", 1 );
}
if( $nanswers > 0 )
{
$title = DB_getItem( $_TABLES['blocks'], 'title', "name='poll_block'" );
if( $scale < 120 ) // assume we're in the poll block
{
$retval .= COM_startBlock( $title, '',
COM_getBlockTemplate( 'poll_block', 'header' ));
}
else // assume we're in pollbooth.php
{
$retval .= COM_startBlock( $title );
}
$poll = new Template( $_CONF['path_layout'] . 'pollbooth' );
$poll->set_file( array( 'result' => 'pollresult.thtml',
'comments' => 'pollcomments.thtml',
'votes_bar' => 'pollvotes_bar.thtml',
'votes_num' => 'pollvotes_num.thtml' ));
$poll->set_var( 'site_url', $_CONF['site_url'] );
$poll->set_var( 'layout_url', $_CONF['layout_url'] );
$poll->set_var( 'poll_question', $Q['question'] );
$poll->set_var( 'poll_id', $qid );
$poll->set_var( 'num_votes', $Q['voters'] );
$poll->set_var( 'lang_votes', $LANG01[8] );
for( $i = 1; $i <= $nanswers; $i++ )
{
$A = DB_fetchArray( $answers );
if( $Q['voters'] == 0 )
{
$percent = 0;
}
else
{
$percent = $A['votes'] / $Q['voters'];
}
$poll->set_var( 'answer_text', $A['answer'] );
$poll->set_var( 'answer_counter', $i );
$poll->set_var( 'answer_odd', (( $i - 1 ) % 2 ));
$poll->set_var( 'answer_num', $A['votes'] );
$poll->set_var( 'answer_percent',
sprintf( '%.2f', $percent * 100 ));
if( $scale < 120 )
{
$poll->parse( 'poll_votes', 'votes_num', true );
}
else
{
$width = $percent * $scale;
$poll->set_var( 'bar_width', $width );
$poll->parse( 'poll_votes', 'votes_bar', true );
}
}
if( $Q['commentcode'] >= 0 )
{
$poll->set_var( 'num_comments',
DB_count( $_TABLES['comments'], 'sid', $qid ));
$poll->set_var( 'lang_comments', $LANG01[3] );
$poll->set_var( 'poll_comments_url', $_CONF['site_url'] .
'/pollbooth.php?qid=' . $qid . '&aid=-1#comments');
$poll->parse( 'poll_comments', 'comments', true );
}
else
{
$poll->set_var( 'poll_comments_url', '' );
$poll->set_var( 'poll_comments', '' );
}
$poll->set_var( 'lang_pollquestions', $LANG07[6] );
$retval .= $poll->finish( $poll->parse( 'output', 'result' ));
if( $scale < 120)
{
$retval .= COM_endBlock( COM_getBlockTemplate( 'poll_block',
'footer' ));
}
else
{
$retval .= COM_endBlock();
}
if( $scale > 399 && $Q['commentcode'] >= 0 )
{
$delete_option = ( SEC_hasRights( 'poll.edit' ) &&
SEC_hasAccess( $Q['owner_id'], $Q['group_id'],
$Q['perm_owner'], $Q['perm_group'], $Q['perm_members'],
$Q['perm_anon'] ) == 3 ? true : false );
$retval .= COM_userComments( $qid, $Q['question'], 'poll',
$order, $mode, 0, 1, false, $delete_option );
}
}
}
return $retval;
}
/**
* Shows all available topics
*
* Show the topics in the system the user has access to and prints them in HTML.
* This function is used to show the topics in the sections block.
*
* @param string $topic TopicID of currently selected
* @return string HTML formatted topic list
*
*/
function COM_showTopics( $topic='' )
{
global $_CONF, $_TABLES, $_USER, $LANG01, $HTTP_SERVER_VARS,
$_THEME_URL, $_BLOCK_TEMPLATE, $page, $newstories;
$sql = "SELECT tid,topic,imageurl FROM {$_TABLES['topics']}";
if( $_USER['uid'] > 1 )
{
$tids = DB_getItem( $_TABLES['userindex'], 'tids',
"uid = '{$_USER['uid']}'" );
if( !empty( $tids ))
{
$sql .= " WHERE (tid NOT IN ('" . str_replace( ' ', "','", $tids )
. "'))" . COM_getPermSQL( 'AND' );
}
else
{
$sql .= COM_getPermSQL();
}
}
else
{
$sql .= COM_getPermSQL();
}
if( $_CONF['sortmethod'] == 'alpha' )
{
$sql .= ' ORDER BY topic ASC';
}
else
{
$sql .= ' ORDER BY sortnum';
}
$result = DB_query( $sql );
$retval = '';
$sections = new Template( $_CONF['path_layout'] );
if( isset( $_BLOCK_TEMPLATE['topicoption'] ))
{
$templates = explode( ',', $_BLOCK_TEMPLATE['topicoption'] );
$sections->set_file( array( 'option' => $templates[0],
'current' => $templates[1] ));
}
else
{
$sections->set_file( array( 'option' => 'topicoption.thtml',
'inactive' => 'topicoption_off.thtml' ));
}
$sections->set_var( 'site_url', $_CONF['site_url'] );
$sections->set_var( 'layout_url', $_CONF['layout_url'] );
$sections->set_var( 'block_name', str_replace( '_', '-', 'section_block' ));
if( $_CONF['hide_home_link'] == 0 )
{
// Give a link to the homepage here since a lot of people use this for
// navigating the site
if( COM_isFrontpage() )
{
$sections->set_var( 'option_url',
$_CONF['site_url'] . '/index.php' );
$sections->set_var( 'option_label', $LANG01[90] );
$sections->set_var( 'option_count', '' );
$sections->set_var( 'topic_image', '' );
$retval .= $sections->parse( 'item', 'option' );
}
else
{
$sections->set_var( 'option_url', '' );
$sections->set_var( 'option_label', $LANG01[90] );
$sections->set_var( 'option_count', '' );
$sections->set_var( 'topic_image', '' );
$retval .= $sections->parse( 'item', 'inactive' );
}
}
if( $_CONF['showstorycount'] )
{
$sql = "SELECT tid, count(*) AS count FROM {$_TABLES['stories']} "
. 'WHERE (draft_flag = 0) AND (date <= NOW()) '
. COM_getPermSQL( 'AND' )
. ' GROUP BY tid';
$rcount = DB_query( $sql );
while( $C = DB_fetchArray( $rcount ))
{
$storycount[$C['tid']] = $C['count'];
}
}
if( $_CONF['showsubmissioncount'] )
{
$sql = "SELECT tid, count(*) AS count FROM {$_TABLES['storysubmission']} "
. ' GROUP BY tid';
$rcount = DB_query( $sql );
while( $C = DB_fetchArray( $rcount ))
{
$submissioncount[$C['tid']] = $C['count'];
}
}
while( $A = DB_fetchArray( $result ) )
{
$topicname = stripslashes( $A['topic'] );
$sections->set_var( 'option_url', $_CONF['site_url']
. '/index.php?topic=' . $A['tid'] );
$sections->set_var( 'option_label', $topicname );
$countstring = '';
if( $_CONF['showstorycount'] || $_CONF['showsubmissioncount'] )
{
$countstring .= '(';
if( $_CONF['showstorycount'] )
{
if( empty( $storycount[$A['tid']] ))
{
$countstring .= 0;
}
else
{
$countstring .= $storycount[$A['tid']];
}
}
if( $_CONF['showsubmissioncount'] )
{
if( $_CONF['showstorycount'] )
{
$countstring .= '/';
}
if( empty( $submissioncount[$A['tid']] ) ) {
$countstring .= 0;
} else {
$countstring .= $submissioncount[$A['tid']];
}
}
$countstring .= ')';
}
$sections->set_var( 'option_count', $countstring );
$topicimage = '';
if( !empty( $A['imageurl'] ))
{
if( isset( $_THEME_URL ))
{
$imagebase = $_THEME_URL;
}
else
{
$imagebase = $_CONF['site_url'];
}
$topicimage = '<img src="' . $imagebase . $A['imageurl'] . '" alt="'
. $topicname . '" title="' . $topicname . '">';
}
$sections->set_var( 'topic_image', $topicimage );
if(( $A['tid'] == $topic ) && ( $page == 1 ))
{
$retval .= $sections->parse( 'item', 'inactive' );
}
else
{
$retval .= $sections->parse( 'item', 'option' );
}
}
return $retval;
}
/**
* Shows the user their menu options
*
* This shows the average joe use their menu options. This is the user block on right side
*
* @param string $help Help file to show
* @param string $title Title of Menu
* @see function COM_adminMenu
*
*/
function COM_userMenu( $help='', $title='' )
{
global $_TABLES, $_USER, $_CONF, $LANG01, $_BLOCK_TEMPLATE, $HTTP_SERVER_VARS;
$retval = '';
if( $_USER['uid'] > 1 )
{
$usermenu = new Template( $_CONF['path_layout'] );
if( isset( $_BLOCK_TEMPLATE['useroption'] ))
{
$templates = explode( ',', $_BLOCK_TEMPLATE['useroption'] );
$usermenu->set_file( array( 'option' => $templates[0],
'current' => $templates[1] ));
}
else
{
$usermenu->set_file( array( 'option' => 'useroption.thtml',
'current' => 'useroption_off.thtml' ));
}
$usermenu->set_var( 'site_url', $_CONF['site_url'] );
$usermenu->set_var( 'layout_url', $_CONF['layout_url'] );
$usermenu->set_var( 'block_name', str_replace( '_', '-', 'user_block' ));
if( empty( $title ))
{
$title = DB_getItem( $_TABLES['blocks'], 'title', "name='user_block'" );
}
// what's our current URL?
$thisUrl = COM_getCurrentURL();
$retval .= COM_startBlock( $title, $help,
COM_getBlockTemplate( 'user_block', 'header' ));
if( $_CONF['personalcalendars'] == 1 )
{
$url = $_CONF['site_url'] . '/calendar.php?mode=personal';
$usermenu->set_var( 'option_label', $LANG01[66] );
$usermenu->set_var( 'option_count', '' );
$usermenu->set_var( 'option_url', $url );
if( $thisUrl == $url )
{
$retval .= $usermenu->parse( 'item', 'current' );
}
else
{
$retval .= $usermenu->parse( 'item', 'option' );
}
}
// This function will show the user options for all installed plugins
// (if any)
$plugin_options = PLG_getUserOptions();
$nrows = count( $plugin_options );
for( $i = 1; $i <= $nrows; $i++ )
{
$plg = current( $plugin_options );
$usermenu->set_var( 'option_label', $plg->adminlabel );
if( !empty( $plg->numsubmissions ))
{
$usermenu->set_var( 'option_count', '(' . $plg->numsubmissions . ')' );
}
else
{
$usermenu->set_var( 'option_count', '' );
}
$usermenu->set_var( 'option_url', $plg->adminurl );
if( $thisUrl == $plg->adminurl )
{
$retval .= $usermenu->parse( 'item', 'current' );
}
else
{
$retval .= $usermenu->parse( 'item', 'option' );
}
next( $plugin_options );
}
$url = $_CONF['site_url'] . '/usersettings.php?mode=edit';
$usermenu->set_var( 'option_label', $LANG01[48] );
$usermenu->set_var( 'option_count', '' );
$usermenu->set_var( 'option_url', $url );
if( $thisUrl == $url )
{
$retval .= $usermenu->parse( 'item', 'current' );
}
else
{
$retval .= $usermenu->parse( 'item', 'option' );
}
$url = $_CONF['site_url'] . '/usersettings.php?mode=preferences';
$usermenu->set_var( 'option_label', $LANG01[49] );
$usermenu->set_var( 'option_count', '' );
$usermenu->set_var( 'option_url', $url );
if( $thisUrl == $url )
{
$retval .= $usermenu->parse( 'item', 'current' );
}
else
{
$retval .= $usermenu->parse( 'item', 'option' );
}
$url = $_CONF['site_url'] . '/users.php?mode=logout';
$usermenu->set_var( 'option_label', $LANG01[19] );
$usermenu->set_var( 'option_count', '' );
$usermenu->set_var( 'option_url', $url );
$retval .= $usermenu->parse( 'item', 'option' );
$retval .= COM_endBlock( COM_getBlockTemplate( 'user_block', 'footer' ));
}
else
{
$retval .= COM_startBlock( $LANG01[47], $help,
COM_getBlockTemplate( 'user_block', 'header' ));
$login = new Template( $_CONF['path_layout'] );
$login->set_file( 'form', 'loginform.thtml' );
$login->set_var( 'site_url', $_CONF['site_url'] );
$login->set_var( 'layout_url', $_CONF['layout_url'] );
$login->set_var( 'lang_username', $LANG01[21] );
$login->set_var( 'lang_password', $LANG01[57] );
$login->set_var( 'lang_login', $LANG01[58] );
$login->set_var( 'lang_signup', $LANG01[59] );
$retval .= $login->parse( 'output', 'form' );
$retval .= COM_endBlock( COM_getBlockTemplate( 'user_block', 'footer' ));
}
return $retval;
}
/**
* Prints administration menu
*
* This will return the administration menu items that the user has
* sufficient rights to -- Admin Block on right side.
*
* @param string $help Help file to show
* @param string $title Menu Title
* @see function COM_userMenu
*
*/
function COM_adminMenu( $help = '', $title = '' )
{
global $_TABLES, $_USER, $_CONF, $LANG01, $_BLOCK_TEMPLATE, $LANG_PDF, $HTTP_SERVER_VARS;
$retval = '';
if( empty( $_USER['username'] ))
{
return $retval;
}
$plugin_options = PLG_getAdminOptions();
$nrows = count( $plugin_options );
if( SEC_isModerator() OR SEC_hasrights( 'story.edit,block.edit,topic.edit,link.edit,event.edit,poll.edit,user.edit,plugin.edit,user.mail', 'OR' ) OR ( $nrows > 0 ))
{
// what's our current URL?
$thisUrl = COM_getCurrentURL();
$adminmenu = new Template( $_CONF['path_layout'] );
if( isset( $_BLOCK_TEMPLATE['adminoption'] ))
{
$templates = explode( ',', $_BLOCK_TEMPLATE['adminoption'] );
$adminmenu->set_file( array( 'option' => $templates[0],
'current' => $templates[1] ));
}
else
{
$adminmenu->set_file( array( 'option' => 'adminoption.thtml',
'current' => 'adminoption_off.thtml' ));
}
$adminmenu->set_var( 'site_url', $_CONF['site_url'] );
$adminmenu->set_var( 'layout_url', $_CONF['layout_url'] );
$adminmenu->set_var( 'block_name', str_replace( '_', '-', 'admin_block' ));
if( empty( $title ))
{
$title = DB_getItem( $_TABLES['blocks'], 'title',
"name = 'admin_block'" );
}
$retval .= COM_startBlock( $title, $help,
COM_getBlockTemplate( 'admin_block', 'header' ));
$topicsql = '';
if( SEC_isModerator() || SEC_hasrights( 'story.edit' ))
{
$tresult = DB_query( "SELECT tid FROM {$_TABLES['topics']}"
. COM_getPermSQL() );
$trows = DB_numRows( $tresult );
if( $trows > 0 )
{
$tids = array();
for( $i = 0; $i < $trows; $i++ )
{
$T = DB_fetchArray( $tresult );
$tids[] = $T['tid'];
}
if( sizeof( $tids ) > 0 )
{
$topicsql = " (tid IN ('" . implode( "','", $tids ) . "'))";
}
}
}
if( SEC_isModerator() || (( $_CONF['usersubmission'] == 1 ) && SEC_hasRights( 'user.edit,user.delete' )))
{
$num = 0;
if( SEC_hasrights( 'story.edit' ))
{
if( empty( $topicsql ))
{
$num += DB_count( $_TABLES['storysubmission'] );
}
else
{
$sresult = DB_query( "SELECT COUNT(*) AS count FROM {$_TABLES['storysubmission']} WHERE" . $topicsql );
$S = DB_fetchArray( $sresult );
$num += $S['count'];
}
if( $_CONF['listdraftstories'] == 1 )
{
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (draft_flag = 1)";
if( !empty( $topicsql ))
{
$sql .= ' AND' . $topicsql;
}
$result = DB_query( $sql . COM_getPermSQL( 'AND', 0, 3 ));
$A = DB_fetchArray( $result );
$num += $A['count'];
}
}
if( SEC_hasrights( 'event.edit' ))
{
$num += DB_count( $_TABLES['eventsubmission'] );
}
if( SEC_hasrights( 'link.edit' ))
{
$num += DB_count( $_TABLES['linksubmission'] );
}
if( $_CONF['usersubmission'] == 1 )
{
if( SEC_hasrights( 'user.edit' ) && SEC_hasrights( 'user.delete' ))
{
$emptypwd = md5( '' );
$num += DB_count( $_TABLES['users'], 'passwd', $emptypwd );
}
}
// now handle submissions for plugins
$num = $num + PLG_getSubmissionCount();
$url = $_CONF['site_admin_url'] . '/moderation.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[10] );
$adminmenu->set_var( 'option_count', $num );
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if( SEC_hasrights( 'story.edit' ))
{
$url = $_CONF['site_admin_url'] . '/story.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[11] );
if( empty( $topicsql ))
{
$numstories = DB_count( $_TABLES['stories'] );
}
else
{
$nresult = DB_query( "SELECT COUNT(*) AS count from {$_TABLES['stories']} WHERE" . $topicsql );
$N = DB_fetchArray( $nresult );
$numstories = $N['count'];
}
$adminmenu->set_var( 'option_count', $numstories );
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if( SEC_hasrights( 'block.edit' ))
{
$url = $_CONF['site_admin_url'] . '/block.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[12] );
$adminmenu->set_var( 'option_count', DB_count( $_TABLES['blocks'] ));
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if( SEC_hasrights( 'topic.edit' ))
{
$url = $_CONF['site_admin_url'] . '/topic.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[13] );
$adminmenu->set_var( 'option_count', DB_count( $_TABLES['topics'] ));
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if( SEC_hasrights( 'link.edit' ))
{
$url = $_CONF['site_admin_url'] . '/link.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[14] );
$adminmenu->set_var( 'option_count', DB_count( $_TABLES['links'] ));
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if( SEC_hasrights( 'event.edit' ))
{
$url = $_CONF['site_admin_url'] . '/event.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[15] );
$adminmenu->set_var( 'option_count', DB_count( $_TABLES['events'] ));
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if( SEC_hasrights( 'poll.edit' ))
{
$url = $_CONF['site_admin_url'] . '/poll.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[16] );
$adminmenu->set_var( 'option_count', DB_count( $_TABLES['pollquestions'] ));
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if( SEC_hasrights( 'user.edit' ))
{
$url = $_CONF['site_admin_url'] . '/user.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[17] );
$adminmenu->set_var( 'option_count', ( DB_count( $_TABLES['users'] ) -1 ));
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if( SEC_hasrights( 'group.edit' ))
{
$thisUsersGroups = SEC_getUserGroups();
$grp_list = implode( ',', $thisUsersGroups );
$result = DB_query( "SELECT COUNT(*) AS count FROM {$_TABLES['groups']} WHERE grp_id IN ($grp_list)" );
$A = DB_fetchArray( $result );
$url = $_CONF['site_admin_url'] . '/group.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[96] );
$adminmenu->set_var( 'option_count', $A['count'] );
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if( SEC_hasrights( 'user.mail' ))
{
$url = $_CONF['site_admin_url'] . '/mail.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[105] );
$adminmenu->set_var( 'option_count', 'N/A' );
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if(( $_CONF['backend'] == 1 ) && SEC_inGroup( 'Root' ))
{
$url = $_CONF['site_admin_url'] . '/syndication.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[38] );
$count = DB_count( $_TABLES['syndication'] );
$adminmenu->set_var( 'option_count', $count );
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if( SEC_hasrights( 'plugin.edit' ))
{
$url = $_CONF['site_admin_url'] . '/plugins.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[77] );
$adminmenu->set_var( 'option_count', DB_count( $_TABLES['plugins'] ));
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
// This will show the admin options for all installed plugins (if any)
for( $i = 1; $i <= $nrows; $i++ )
{
$plg = current( $plugin_options );
$adminmenu->set_var( 'option_url', $plg->adminurl );
$adminmenu->set_var( 'option_label', $plg->adminlabel );
if( empty( $plg->numsubmissions ))
{
$adminmenu->set_var( 'option_count', 'N/A' );
}
else
{
$adminmenu->set_var( 'option_count', $plg->numsubmissions );
}
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $plg->adminurl ) ? 'current' : 'option', true );
next( $plugin_options );
}
if( $_CONF['allow_mysqldump'] == 1 AND SEC_inGroup( 'Root' ))
{
$url = $_CONF['site_admin_url'] . '/database.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG01[103] );
$adminmenu->set_var( 'option_count', 'N/A' );
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
// Add PDF Generator Link if the feature is enabled
if(( $_CONF['pdf_enabled'] == 1 ) AND ( SEC_inGroup( 'Root' )))
{
$url = $_CONF['site_url'] . '/pdfgenerator.php';
$adminmenu->set_var( 'option_url', $url );
$adminmenu->set_var( 'option_label', $LANG_PDF[9] );
$adminmenu->set_var( 'option_count', 'N/A' );
$retval .= $adminmenu->parse( 'item',
( $thisUrl == $url ) ? 'current' : 'option' );
}
if( $_CONF['link_documentation'] == 1 )
{
$adminmenu->set_var( 'option_url', $_CONF['site_url'] . '/docs/' );
$adminmenu->set_var( 'option_label', $LANG01[113] );
$adminmenu->set_var( 'option_count', 'N/A' );
$retval .= $adminmenu->parse( 'item', 'option' );
}
if( SEC_inGroup( 'Root' ))
{
$adminmenu->set_var( 'option_url',
'http://www.geeklog.net/versionchecker.php?version=' . VERSION );
$adminmenu->set_var( 'option_label', $LANG01[107] );
$adminmenu->set_var( 'option_count', VERSION );
$retval .= $adminmenu->parse( 'item', 'option' );
}
$retval .= COM_endBlock( COM_getBlockTemplate( 'admin_block', 'footer' ));
}
return $retval;
}
/**
* Redirects user to a given URL
*
* This function COM_passes a meta tag to COM_refresh after a form is sent. This is
* necessary because for some reason Nutscrape and PHP4 don't play well with
* the header() function COM_100% of the time.
*
* @param string $url URL to send user to
*
*/
function COM_refresh( $url )
{
return "<html><head><meta http-equiv="refresh" content="0; URL=$url"></head></html>n";
}
/**
* This function displays the comment control bar
*
* Prints the control that allows the user to interact with Geeklog Comments
*
* @param string $sid ID of item in question
* @param string $title Title of item
* @param string $type Type of item (i.e. story, photo, etc)
* @param string $order Order that comments are displayed in
* @param string $mode Mode (nested, flat, etc.)
* @see COM_userComments
* @see COM_commentChildren
* @return string HTML Formated comment bar
*
*/
function COM_commentBar( $sid, $title, $type, $order, $mode )
{
global $_CONF, $_TABLES, $_USER, $LANG01, $_REQUEST, $HTTP_SERVER_VARS;
$page = array_pop( explode( '/', $HTTP_SERVER_VARS['PHP_SELF'] ));
$nrows = DB_count( $_TABLES['comments'], 'sid', $sid );
$commentbar = new Template( $_CONF['path_layout'] . 'comment' );
$commentbar->set_file( array( 'commentbar' => 'commentbar.thtml' ));
$commentbar->set_var( 'site_url', $_CONF['site_url'] );
$commentbar->set_var( 'layout_url', $_CONF['layout_url'] );
$commentbar->set_var( 'lang_comments', $LANG01[3] );
$commentbar->set_var( 'lang_refresh', $LANG01[39] );
$commentbar->set_var( 'lang_reply', $LANG01[25] );
$commentbar->set_var( 'lang_disclaimer', $LANG01[26] );
$commentbar->set_var( 'story_title', stripslashes( $title ));
$commentbar->set_var( 'num_comments', $nrows );
$commentbar->set_var( 'comment_type', $type );
if( $type == 'poll' )
{
$commentbar->set_var( 'story_link', $_CONF['site_url']
. "/pollbooth.php?scale=400&qid=$sid&aid=-1" );
}
else if( $type == 'article' )
{
$articleUrl = COM_buildUrl( $_CONF['site_url'] . '/article.php?story='
. $sid );
$commentbar->set_var( 'story_link', $articleUrl );
$commentbar->set_var( 'article_url', $articleUrl );
}
else
{
$commentbar->set_var( 'story_link', $_CONF['site_url']
. "/comment.php?type=$type&cid=$sid" );
}
if( $_USER['uid'] > 1 )
{
$username = $_USER['username'];
$fullname = DB_getItem( $_TABLES['users'], 'fullname',
"uid = '{$_USER['uid']}'" );
}
else
{
$result = DB_query( "SELECT username,fullname FROM {$_TABLES['users']} WHERE uid = 1" );
$N = DB_fetchArray( $result );
$username = $N['username'];
$fullname = $N['fullname'];
}
if( empty( $fullname ))
{
$fullname = $username;
}
$commentbar->set_var( 'user_name', $username );
$commentbar->set_var( 'user_fullname', $fullname );
if( !empty( $_USER['username'] ))
{
$commentbar->set_var( 'user_nullname', $username );
$commentbar->set_var( 'login_logout_url',
$_CONF['site_url'] . '/users.php?mode=logout' );
$commentbar->set_var( 'lang_login_logout', $LANG01[35] );
}
else
{
$commentbar->set_var( 'user_nullname', '' );
$commentbar->set_var( 'login_logout_url',
$_CONF['site_url'] . '/users.php?mode=new' );
$commentbar->set_var( 'lang_login_logout', $LANG01[61] );
}
if( $page == 'comment.php' )
{
$commentbar->set_var( 'parent_url',
$_CONF['site_url'] . '/comment.php' );
$hidden = '';
if( $_REQUEST['mode'] == 'view' )
{
$hidden .= '<input type="hidden" name="cid" value="' . $_REQUEST['cid'] . '">';
$hidden .= '<input type="hidden" name="pid" value="' . $_REQUEST['cid'] . '">';
}
else if( $_REQUEST['mode'] == 'display' )
{
$hidden .= '<input type="hidden" name="pid" value="' . $_REQUEST['pid'] . '">';
}
else /* This is likely a plugin (or a mistake) */
{
$hidden .= '<input type="hidden" name="cid" value="' . $sid . '">';
}
$commentbar->set_var( 'hidden_field', $hidden .
'<input type="hidden" name="mode" value="' . $_REQUEST['mode'] . '">' );
}
else if( $type == 'poll' )
{
$commentbar->set_var( 'parent_url',
$_CONF['site_url'] . '/pollbooth.php' );
$commentbar->set_var( 'hidden_field',
'<input type="hidden" name="scale" value="400">' .
'<input type="hidden" name="qid" value="' . $sid . '">' .
'<input type="hidden" name="aid" value="-1">' );
}
else
{
$commentbar->set_var( 'parent_url',
$_CONF['site_url'] . '/article.php' );
$commentbar->set_var( 'hidden_field',
'<input type="hidden" name="story" value="' . $sid . '">' );
}
// Order
$selector = '<select name="order">' . LB
. COM_optionList( $_TABLES['sortcodes'], 'code,name', $order )
. LB . '</select>';
$commentbar->set_var( 'order_selector', $selector);
// Mode
if( $page == 'comment.php' )
{
$selector = '<select name="format">';
}
else
{
$selector = '<select name="mode">';
}
$selector .= LB
. COM_optionList( $_TABLES['commentmodes'], 'mode,name', $mode )
. LB . '</select>';
$commentbar->set_var( 'mode_selector', $selector);
return $commentbar->finish( $commentbar->parse( 'output', 'commentbar' ));
}
/**
* This function prints &$comments (db results set of comments) in comment format
* -For previews, &$comments is assumed to be an associative array containing
* data for a single comment.
*
* @param array &$comments Database result set of comments to be printed
* @param string $mode 'flat', 'threaded', etc
* @param string $type Type of item (article, poll, etc.)
* @param string $order How to order the comments 'ASC' or 'DESC'
* @param boolean $delete_option if current user can delete comments
* @param boolean $preview Preview display (for edit) or not
* @return string HTML Formated Comment
*
*/
function COM_getComment( &$comments, $mode, $type, $order, $delete_option = false, $preview = false )
{
global $_CONF, $_TABLES, $_USER, $LANG01, $query;
$indent = 0; // begin with 0 indent
$level = array(); // used to track depth
$retval = ''; // initialize return value
$template = new Template( $_CONF['path_layout'] . 'comment' );
$template->set_file( array( 'comment' => 'comment.thtml',
'thread' => 'thread.thtml' ));
// generic template variables
$template->set_var( 'site_url', $_CONF['site_url'] );
$template->set_var( 'layout_url', $_CONF['layout_url'] );
$template->set_var( 'lang_replytothis', $LANG01[43] );
$template->set_var( 'lang_reply', $LANG01[25] );
$template->set_var( 'lang_authoredby', $LANG01[42] );
$template->set_var( 'lang_on', $LANG01[36] );
$template->set_var( 'order', $order );
// Make sure we have a default value for comment indentation
if( !isset( $_CONF['comment_indent'] ))
{
$_CONF['comment_indent'] = 25;
}
if( $preview )
{
$A = $comments;
$mode = 'flat';
}
else
{
$A = DB_fetchArray($comments);
}
if( empty( $A ) )
{
return '';
}
do
{
// determines indentation for current comment
if( $mode == 'threaded' || $mode == 'nested' )
{
$indent = ($A['indent'] - $A['pindent']) * $_CONF['comment_indent'];
}
// comment variables
$template->set_var( 'indent', $indent );
$template->set_var( 'author', $A['username'] );
$template->set_var( 'author_id', $A['uid'] );
if( $A['uid'] > 1 )
{
if( empty( $A['fullname'] ))
{
$template->set_var( 'author_fullname', $A['username'] );
$alttext = $A['username'];
}
else
{
$template->set_var( 'author_fullname', $A['fullname'] );
$alttext = $A['fullname'];
}
if( !empty( $A['photo'] ))
{
$template->set_var( 'author_photo', '<img src="'
. $_CONF['site_url']
. '/images/userphotos/' . $A['photo']
. '" alt="' . $alttext . '">' );
$template->set_var( 'camera_icon', '<a href="'
. $_CONF['site_url']
. '/users.php?mode=profile&uid=' . $A['uid']
. '"><img src="' . $_CONF['layout_url']
. '/images/smallcamera.gif" border="0" alt=""></a>' );
}
else
{
$template->set_var( 'author_photo', '' );
$template->set_var( 'camera_icon', '' );
}
$template->set_var( 'start_author_anchortag', '<a href="'
. $_CONF['site_url'] . '/users.php?mode=profile&uid='
. $A['uid'] . '">' );
$template->set_var( 'end_author_anchortag', '</a>' );
}
else
{
$template->set_var( 'author_fullname', $A['username'] );
$template->set_var( 'author_photo', '' );
$template->set_var( 'camera_icon', '' );
$template->set_var( 'start_author_anchortag', '' );
$template->set_var( 'end_author_anchortag', '' );
}
// hide reply link from anonymous users if they can't post replies
$hidefromanon = false;
if( empty( $_USER['username'] ) && (( $_CONF['loginrequired'] == 1 ) || ( $_CONF['commentsloginrequired'] == 1 )))
{
$hidefromanon = true;
}
// this will hide HTML that should not be viewed in preview mode
if( $preview || $hidefromanon )
{
$template->set_var( 'hide_if_preview', 'style="display:none"' );
}
else
{
$template->set_var( 'hide_if_preview', '' );
}
// for threaded mode, add a link to comment parent
if( $mode == 'threaded' && $A['pid'] != 0 && $indent == 0 )
{
$result = DB_query( "SELECT title,pid from {$_TABLES['comments']} where cid = '{$A['pid']}'" );
$P = DB_fetchArray( $result );
if ($P['pid'] != 0) {
$plink = $_CONF['site_url'] . '/comment.php?mode=display&sid='
. $A['sid'] . '&title=' . rawurlencode( $P['title'] )
. '&type=' . $type . '&order=' . $order . '&pid='
. $P['pid'];
} else {
$plink = $_CONF['site_url'] . '/comment.php?mode=view&sid='
. $A['sid'] . '&title=' . rawurlencode( $P['title'] )
. '&type=' . $type . '&order=' . $order . '&cid='
. $A['pid'] . '&format=threaded';
}
$template->set_var( 'parent_link', "| <a href="$plink">{$LANG01[44]}</a>");
}
else
{
$template->set_var( 'parent_link', '');
}
$template->set_var( 'date', strftime( $_CONF['date'], $A['nice_date'] ));
$template->set_var( 'sid', $A['sid'] );
$template->set_var( 'type', $A['type'] );
// If deletion is allowed, displays delete link
if( $delete_option )
{
$deloption = '| <a href="' . $_CONF['site_url']
. '/comment.php?mode=delete&cid='
. $A['cid'] . '&sid=' . $A['sid'] . '&type='
. $type . '">' . $LANG01[28] . '</a> ';
if( !empty( $A['ipaddress'] ))
{
if( empty( $_CONF['ip_lookup'] ))
{
$deloption .= '| ' . $A['ipaddress'] . ' ';
}
else
{
$iplookup = str_replace( '*', $A['ipaddress'],
$_CONF['ip_lookup'] );
$deloption .= '| <a href="' . $iplookup . '">'
. $A['ipaddress'] . '</a> ';
}
}
$template->set_var( 'delete_option', $deloption );
}
else if( !empty( $_USER['username'] ))
{
$reportthis = ' | <a href="' . $_CONF['site_url']
. '/comment.php?mode=report&cid=' . $A['cid']
. '&type=' . $type . '" title="' . $LANG01[110]
. '">' . $LANG01[109] . '</a> ';
$template->set_var( 'delete_option', $reportthis );
}
else
{
$template->set_var( 'delete_option', '' );
}
$A['title'] = stripslashes( $A['title'] );
$A['title'] = htmlspecialchars( $A['title'] );
$A['title'] = str_replace( '$', '$', $A['title'] );
// and finally: format the actual text of the comment
$A['comment'] = stripslashes( $A['comment'] );
if( preg_match( '/<.*>/', $A['comment'] ) == 0 )
{
$A['comment'] = nl2br( $A['comment'] );
}
// highlight search terms if specified
if( !empty( $query ))
{
$A['comment'] = COM_highlightQuery( $A['comment'], $query );
}
$A['comment'] = str_replace( '$', '$', $A['comment'] );
$A['comment'] = str_replace( '{', '{', $A['comment'] );
$A['comment'] = str_replace( '}', '}', $A['comment'] );
// Replace any plugin autolink tags
$A['comment'] = PLG_replaceTags( $A['comment'] );
$template->set_var( 'title', $A['title'] );
$template->set_var( 'comments', $A['comment'] );
// parse the templates
if( $mode == 'threaded' && $indent > 0 )
{
$template->set_var( 'pid', $A['pid'] );
$retval .= $template->parse( 'output', 'thread' );
}
else
{
$template->set_var( 'pid', $A['cid'] );
$retval .= $template->parse( 'output', 'comment' );
}
}
while( $A = DB_fetchArray( $comments ));
return $retval;
}
/**
* This function displays the comments in a high level format.
*
* Begins displaying user comments for an item
*
* @param string $sid ID for item to show comments for
* @param string $title Title of item
* @param string $type Type of item (article, poll, etc.)
* @param string $order How to order the comments 'ASC' or 'DESC'
* @param string $mode comment mode (nested, flat, etc.)
* @param int $pid id of parent comment
* @param int $page page number of comments to display
* @param boolean $cid true if $pid should be interpreted as a cid instead
* @param boolean $delete_option if current user can delete comments
* @see function COM_commentBar
* @see function COM_commentChildren
* @return string HTML Formated Comments
*
*/
function COM_userComments( $sid, $title, $type='article', $order='', $mode='', $pid = 0, $page = 1, $cid = false, $delete_option = false )
{
global $_CONF, $_TABLES, $_USER, $LANG01;
if( !empty( $_USER['uid'] ) )
{
$result = DB_query( "SELECT commentorder,commentmode,commentlimit FROM {$_TABLES['usercomment']} WHERE uid = '{$_USER['uid']}'" );
$U = DB_fetchArray( $result );
if( empty( $order ) )
{
$order = $U['commentorder'];
}
if( empty( $mode ) )
{
$mode = $U['commentmode'];
}
$limit = $U['commentlimit'];
}
if( empty( $order ))
{
$order = 'ASC';
}
if( empty( $mode ))
{
$mode = $_CONF['comment_mode'];
}
if( empty( $limit ))
{
$limit = $_CONF['comment_limit'];
}
if( !is_numeric($page) || $page < 1 )
{
$page = 1;
}
$start = $limit * ( $page - 1 );
$template = new Template( $_CONF['path_layout'] . 'comment' );
$template->set_file( array( 'commentarea' => 'startcomment.thtml' ));
$template->set_var( 'site_url', $_CONF['site_url'] );
$template->set_var( 'layout_url', $_CONF['layout_url'] );
$template->set_var( 'commentbar',
COM_commentBar( $sid, $title, $type, $order, $mode));
if( $mode == 'nested' or $mode == 'threaded' or $mode == 'flat' )
{
// build query
switch( $mode )
{
case 'flat':
if( $cid )
{
$count = 1;
$q = "SELECT c.*, u.username, u.fullname, u.photo, "
. "unix_timestamp(c.date) AS nice_date "
. "FROM {$_TABLES['comments']} as c, {$_TABLES['users']} as u "
. "WHERE c.uid = u.uid AND c.cid = $pid";
}
else
{
$count = DB_count( $_TABLES['comments'], 'sid', $sid );
$q = "SELECT c.*, u.username, u.fullname, u.photo, "
. "unix_timestamp(c.date) AS nice_date "
. "FROM {$_TABLES['comments']} as c, {$_TABLES['users']} as u "
. "WHERE c.uid = u.uid AND c.sid = '$sid' "
. "ORDER BY date $order LIMIT $start, $limit";
}
break;
case 'nested':
case 'threaded':
default:
if( $order == 'DESC' )
{
$cOrder = 'c.rht DESC';
}
else
{
$cOrder = 'c.lft ASC';
}
// We can simplify the query, and hence increase performance
// when pid = 0 (when fetching all the comments for a given sid)
if( $cid )
{
// count the total number of applicable comments
$q2 = "SELECT COUNT(*) "
. "FROM {$_TABLES['comments']} as c, {$_TABLES['comments']} as c2 "
. "WHERE c.sid = '$sid' AND (c.lft >= c2.lft AND c.lft <= c2.rht) "
. "AND c2.cid = $pid";
$result = DB_query( $q2 );
list( $count ) = DB_fetchArray( $result );
$q = "SELECT c.*, u.username, u.fullname, u.photo, c2.indent as pindent, "
. "unix_timestamp(c.date) AS nice_date "
. "FROM {$_TABLES['comments']} as c, {$_TABLES['comments']} as c2, "
. "{$_TABLES['users']} as u "
. "WHERE c.sid = '$sid' AND (c.lft >= c2.lft AND c.lft <= c2.rht) "
. "AND c2.cid = $pid AND c.uid = u.uid "
. "ORDER BY $cOrder LIMIT $start, $limit";
}
else
{
if( $pid == 0 )
{
// count the total number of applicable comments
$count = DB_count( $_TABLES['comments'], 'sid', $sid );
$q = "SELECT c.*, u.username, u.fullname, u.photo, 0 as pindent, "
. "unix_timestamp(c.date) AS nice_date "
. "FROM {$_TABLES['comments']} as c, {$_TABLES['users']} as u "
. "WHERE c.sid = '$sid' AND c.uid = u.uid "
. "ORDER BY $cOrder LIMIT $start, $limit";
}
else
{
// count the total number of applicable comments
$q2 = "SELECT COUNT(*) "
. "FROM {$_TABLES['comments']} as c, {$_TABLES['comments']} as c2 "
. "WHERE c.sid = '$sid' AND (c.lft > c2.lft AND c.lft < c2.rht) "
. "AND c2.cid = $pid";
$result = DB_query($q2);
list($count) = DB_fetchArray($result);
$q = "SELECT c.*, u.username, u.fullname, u.photo, c2.indent + 1 as pindent, "
. "unix_timestamp(c.date) AS nice_date "
. "FROM {$_TABLES['comments']} as c, {$_TABLES['comments']} as c2, "
. "{$_TABLES['users']} as u "
. "WHERE c.sid = '$sid' AND (c.lft > c2.lft AND c.lft < c2.rht) "
. "AND c2.cid = $pid AND c.uid = u.uid "
. "ORDER BY $cOrder LIMIT $start, $limit";
}
}
break;
}
$thecomments = '';
$result = DB_query( $q );
$thecomments .= COM_getComment( $result, $mode, $type, $order,
$delete_option );
// Pagination
$tot_pages = ceil( $count / $limit );
$pLink = $_CONF['site_url'] . "/article.php?story=$sid&type=$type&order=$order&mode=$mode";
$template->set_var( 'pagenav',
COM_printPageNavigation($pLink, $page, $tot_pages));
$template->set_var( 'comments', $thecomments );
$retval = $template->parse( 'output', 'commentarea' );
}
return $retval;
}
/**
* This censors inappropriate content
*
* This will replace 'bad words' with something more appropriate
*
* @param string $Message String to check
* @see function COM_checkHTML
* @return string Edited $Message
*
*/
function COM_checkWords( $Message )
{
global $_CONF;
$EditedMessage = $Message;
if( $_CONF['censormode'] != 0 )
{
if( is_array( $_CONF['censorlist'] ))
{
$Replacement = $_CONF['censorreplace'];
switch( $_CONF['censormode'])
{
case 1: # Exact match
$RegExPrefix = '(s*)';
$RegExSuffix = '(W*)';
break;
case 2: # Word beginning
$RegExPrefix = '(s*)';
$RegExSuffix = '(w*)';
break;
case 3: # Word fragment
$RegExPrefix = '(w*)';
$RegExSuffix = '(w*)';
break;
}
for( $i = 0; $i < count( $_CONF['censorlist']); $i++ )
{
$EditedMessage = eregi_replace( $RegExPrefix . $_CONF['censorlist'][$i] . $RegExSuffix, "1$Replacement2", $EditedMessage );
}
}
}
return $EditedMessage;
}
/**
* Takes some amount of text and replaces all javascript events on*= with in
*
* This script takes some amount of text and matches all javascript events, on*= (onBlur= onMouseClick=)
* and replaces them with in*=
* Essentially this will cause onBlur to become inBlur, onFocus to be inFocus
* These are not valid javascript events and the browser will ignore them.
* @param string $Message Text to filter
* @return string $Message with javascript filtered
* @see COM_checkWords
* @see COM_checkHTML
*
*/
function COM_killJS( $Message )
{
return( preg_replace( '/(s)+[oO][nN](w*) ?=/', '1in2=', $Message ));
}
/**
* Handles the part within a ...
section, i.e. escapes all...
' );
if( $start_pos !== false )
{
$end_pos = strpos( strtolower( $str ), '
' );' . $encoded . '' . $encoded . '
Posted on: 05/02/05 10:07pm
By: vadertech
$_CONF['path'] = '/geeklog-1.3.11/config.php'; // should end in a slashto
/home2/shrimp/public_html/geeklog-1.3.11/
require_once( '/geeklog-1.3.11/config.php' );to
/home2/shrimp/public_html/geeklog-1.3.11/config.php
Posted on: 05/02/05 10:14pm
By: Anonymous
Posted on: 05/02/05 10:16pm
By: Anonymous
Warning: mysql_connect(): Access denied for user: 'geeklog@localhost' (Using password: YES) in /home2/shrimp/public_html/geeklog-1.3.11/system/databases/mysql.class.php on line 112 Cannnot connect to DB server
Posted on: 05/02/05 10:21pm
By: vadertech
Posted on: 05/02/05 10:23pm
By: vadertech
Posted on: 05/02/05 10:25pm
By: Anonymous
Posted on: 05/02/05 10:33pm
By: Anonymous
Posted on: 05/02/05 10:38pm
By: vadertech
Posted on: 05/02/05 10:45pm
By: Anonymous
An SQL error has occured. Please see error.log for details.
Posted on: 05/02/05 10:48pm
By: vadertech
Posted on: 05/02/05 10:52pm
By: shrimp134
Posted on: 05/02/05 10:57pm
By: shrimp134
*** dummy entry *** Sat Feb 5 22:44:07 2005 - 1146: Table 'shrimp_geeklog.gl_plugins' doesn't exist. SQL in question: SELECT pi_name FROM gl_plugins WHERE pi_enabled = 1 Sat Feb 5 22:44:30 2005 - 1146: Table 'shrimp_geeklog.gl_plugins' doesn't exist. SQL in question: SELECT pi_name FROM gl_plugins WHERE pi_enabled = 1 Sat Feb 5 22:44:38 2005 - 1146: Table 'shrimp_geeklog.gl_plugins' doesn't exist. SQL in question: SELECT pi_name FROM gl_plugins WHERE pi_enabled = 1 Sat Feb 5 22:46:52 2005 - 1146: Table 'shrimp_geeklog.gl_plugins' doesn't exist. SQL in question: SELECT pi_name FROM gl_plugins WHERE pi_enabled = 1 Sat Feb 5 22:46:54 2005 - 1146: Table 'shrimp_geeklog.gl_plugins' doesn't exist. SQL in question: SELECT pi_name FROM gl_plugins WHERE pi_enabled = 1 Sat Feb 5 22:48:52 2005 - 1146: Table 'shrimp_geeklog.gl_plugins' doesn't exist. SQL in question: SELECT pi_name FROM gl_plugins WHERE pi_enabled = 1 Sat Feb 5 22:48:56 2005 - 1146: Table 'shrimp_geeklog.gl_plugins' doesn't exist. SQL in question: SELECT pi_name FROM gl_plugins WHERE pi_enabled = 1 Sat Feb 5 22:48:57 2005 - 1146: Table 'shrimp_geeklog.gl_plugins' doesn't exist. SQL in question: SELECT pi_name FROM gl_plugins WHERE pi_enabled = 1
Posted on: 06/02/05 01:01am
By: vadertech
Posted on: 14/05/05 04:22am
By: Anonymous
Posted on: 24/08/07 11:35am
By: Anonymous
Posted on: 24/08/07 11:46am
By: Dirk
Fri Aug 24 09:00:35 2007 - 1146: Table 'CMS.gl_plugins' doesn't exist. SQL in question: SELECT pi_name FROM gl_plugins WHERE pi_enabled = 1
Posted on: 24/08/07 01:29pm
By: Anonymous
Geeklog - Forum
https://www.geeklog.net/forum/viewtopic.php?showtopic=47498