| [ PHPXref.com ] | [ Generated: Sun Jul 20 16:40:17 2008 ] | [ BLOG:CMS 4.1.3 ] |
| [ Index ] [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * BLOG:CMS: PHP/MySQL Personal Content Management System (CMS) 4 * http://blogcms.com/ 5 * ---------------------------------------------------------------- 6 * 7 * Copyright (C) 2003-2005 Radek HULÁN 8 * http://hulan.cz/contact/ 9 * 10 * Based on: 11 * ---------------------------------------------------------------- 12 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) 13 * Copyright (C) 2002-2003 The Nucleus Group 14 * 15 * ---------------------------------------------------------------- 16 * This program is free software; you can redistribute it and/or 17 * modify it under the terms of the GNU General Public License 18 * as published by the Free Software Foundation; either version 2 19 * of the License, or (at your option) any later version. 20 **/ 21 22 $CONF = array(); 23 include('./cfg.php'); 24 25 $action = requestVar('action'); 26 switch($action) { 27 case 'addcomment': 28 addComment('comment'); 29 break; 30 case 'addpreview': 31 addComment('preview'); 32 break; 33 case 'sendmessage': 34 sendMessage(); 35 break; 36 case 'createaccount': 37 createAccount(); 38 break; 39 case 'forgotpassword': 40 forgotPassword(); 41 break; 42 case 'votepositive': 43 doKarma('pos'); 44 break; 45 case 'votenegative': 46 doKarma('neg'); 47 break; 48 case 'plugin': 49 callPlugin(); 50 break; 51 default: 52 doError(_ERROR_BADACTION); 53 } 54 55 function addComment($type) { 56 global $CONF, $errormessage, $manager; 57 $CONF['ItemURL']=$CONF['IndexURL']; 58 59 $post['itemid'] = intPostVar('itemid'); 60 $post['user'] = postVar('user'); 61 $post['userid'] = postVar('userid'); 62 $post['body'] = postVar('body'); 63 64 // set cookies when required 65 $remember = intPostVar('remember'); 66 if ($remember == 1) { 67 $lifetime = time()+2592000; 68 setcookie($CONF['CookiePrefix'] . 'comment_user',$post['user'],$lifetime,'/','',0); 69 setcookie($CONF['CookiePrefix'] . 'comment_userid', $post['userid'],$lifetime,'/','',0); 70 } 71 72 $comments = & new COMMENTS(intval($post['itemid'])); 73 $blogid = getBlogIDFromItemID(intval($post['itemid'])); 74 checkban($blogid); 75 $blog =& $manager->getBlog($blogid); 76 77 // note: preAddComment gets called somewhere inside addComment 78 $errormessage = $comments->addComment($blog->getCorrectTime(),$post,$type); 79 $manager->notify('PostAddComment',array('comment' => &$post, 'errormessage' => $errormessage)); 80 81 if (empty($errormessage) || !isset($errormessage)) { 82 // redirect when adding comments succeeded 83 $url = fancyLink(intval($post['itemid'])); 84 $query=sql_query('select max(cnumber) as anchor from '.sql_table('comment').' where citem='.strval($post['itemid'])); 85 if ($row=sql_fetch_object($query)) 86 if (strstr($url,'?')) 87 $url.='&comment='.$row->anchor.'#comment'.strval($row->anchor); 88 else 89 $url.='?comment='.$row->anchor.'#comment'.strval($row->anchor); 90 header('Expires: 0'); 91 header('Pragma: no-cache'); 92 Header('Location: ' . $url); 93 exit; 94 // } 95 } else { 96 // else, show error message using default skin for blog 97 doError($errormessage, new SKIN($blog->getDefaultSkin())); 98 } 99 } 100 101 // Sends a message from the current member to the member given as argument 102 function sendMessage() { 103 global $CONF, $member; 104 $CONF['ItemURL']=$CONF['IndexURL']; 105 106 107 $error = validateMessage(); 108 if ($error != '') doError($error); 109 110 if (!$member->isLoggedIn()) { 111 $fromMail = postVar('frommail'); 112 if (!isValidMailAddress($fromMail)) 113 doError(_ERROR_BADMAILADDRESS); 114 $fromName = _MMAIL_FROMANON; 115 } else { 116 $fromMail = $member->getEmail(); 117 $fromName = $member->getDisplayName(); 118 } 119 120 $tomem = & new MEMBER(); 121 $tomem->readFromId(postVar('memberid')); 122 123 $message = _MMAIL_MSG . ' ' . $fromName . "\n" 124 . '(' . _MMAIL_FROMNUC. ' ' . $CONF['IndexURL'] .") \n\n" 125 . _MMAIL_MAIL . " \n\n" 126 . postVar('message'); 127 $message .= getMailFooter(); 128 129 $title = _MMAIL_TITLE . ' ' . $fromName; 130 @mail($tomem->getEmail(), $title, $message, "From: $fromMail \nContent-Type: text/plain; charset="._CHARSET); 131 132 if (postVar('url')) { 133 header('Expires: 0'); 134 header('Pragma: no-cache'); 135 Header('Location: ' . postVar('url')); 136 } else { 137 $CONF['MemberURL'] = $CONF['IndexURL']; 138 $url = createMemberLink($tomem->getID()); 139 header('Expires: 0'); 140 header('Pragma: no-cache'); 141 Header('Location: ' . $url); 142 } 143 144 } 145 146 function validateMessage() { 147 global $CONF, $member, $manager; 148 $CONF['ItemURL']=$CONF['IndexURL']; 149 150 if (!$CONF['AllowMemberMail']) 151 return _ERROR_MEMBERMAILDISABLED; 152 153 if (!$member->isLoggedIn() && !$CONF['NonmemberMail']) 154 return _ERROR_DISALLOWED; 155 156 if (!$member->isLoggedIn() && (!isValidMailAddress(postVar('frommail')))) 157 return _ERROR_BADMAILADDRESS; 158 159 // let plugins do verification (any plugin which thinks the comment is invalid 160 // can change 'error' to something other than '') 161 $result = ''; 162 $manager->notify('ValidateForm', array('type' => 'membermail', 'error' => &$result)); 163 164 return $result; 165 166 } 167 168 // creates a new user account 169 function createAccount() { 170 global $CONF, $manager; 171 172 if (!$CONF['AllowMemberCreate']) 173 doError(_ERROR_MEMBERCREATEDISABLED); 174 175 // create random password 176 $pw = genPassword(10); 177 // create member (non admin/can login/no notes) 178 $r = MEMBER::create(postVar('name'), postVar('realname'), $pw, postVar('email'), postVar('url'), 0, $CONF['NewMemberCanLogon'], ''); 179 if ($r != 1) 180 doError($r); 181 // send message containing password. 182 $newmem = & new MEMBER(); 183 $newmem->readFromName(postVar('name')); 184 $newmem->sendPassword($pw); 185 186 $manager->notify('PostRegister',array('member' => &$newmem)); 187 188 if (postVar('desturl')) { 189 header('Expires: 0'); 190 header('Pragma: no-cache'); 191 Header('Location: ' . postVar('desturl')); 192 } else { 193 printNiceMessage("Account was created!"); 194 } 195 } 196 197 // sends a new password 198 function forgotPassword() { 199 $membername = trim(postVar('name')); 200 201 if (!MEMBER::exists($membername)) 202 doError(_ERROR_NOSUCHMEMBER); 203 $mem = MEMBER::createFromName($membername); 204 205 // check if e-mail address is correct 206 if (!($mem->getEmail() == postVar('email'))) 207 doError(_ERROR_INCORRECTEMAIL); 208 209 $pw = genPassword(10); 210 $mem->setPassword($pw); // change password 211 $mem->write(); // save 212 $mem->sendPassword($pw);// send 213 214 if (postVar('url')) { 215 header('Expires: 0'); 216 header('Pragma: no-cache'); 217 Header('Location: ' . postVar('url')); 218 } else { 219 printNiceMessage(_MSG_PASSWORDSENT); 220 } 221 } 222 223 224 225 // handle karma votes 226 function doKarma($type) { 227 global $itemid, $member, $CONF, $manager; 228 $CONF['ItemURL']=$CONF['IndexURL']; 229 230 if (!$manager->existsItem($itemid,0,0)) doError(_ERROR_NOSUCHITEM); 231 232 $blogid = getBlogIDFromItemID($itemid); 233 checkban($blogid); 234 235 $karma =& $manager->getKarma($itemid); 236 237 // check if not already voted 238 if (!$karma->isVoteAllowed(serverVar('REMOTE_ADDR'))) 239 doError(_ERROR_VOTEDBEFORE); 240 241 // check if item does allow voting 242 $item =& $manager->getItem($itemid,0,0); 243 if ($item['closed']) 244 doError(_ERROR_ITEMCLOSED); 245 246 switch($type) { 247 case 'pos': 248 $karma->votePositive(); 249 break; 250 case 'neg': 251 $karma->voteNegative(); 252 break; 253 } 254 255 $blogid = getBlogIDFromItemID($itemid); 256 $blog =& $manager->getBlog($blogid); 257 258 // send email to notification address, if any 259 if ($blog->getNotifyAddress() && $blog->notifyOnVote()) { 260 261 $mailto_msg = _NOTIFY_KV_MSG . ' ' . $itemid . "\n"; 262 $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $itemid . "\n\n"; 263 if ($member->isLoggedIn()) { 264 $mailto_msg .= _NOTIFY_MEMBER . ' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n"; 265 } 266 $mailto_msg .= _NOTIFY_IP . ' ' . serverVar('REMOTE_ADDR') . "\n"; 267 $mailto_msg .= _NOTIFY_HOST . ' ' . gethostbyaddr(serverVar('REMOTE_ADDR')) . "\n"; 268 $mailto_msg .= _NOTIFY_VOTE . "\n " . $type . "\n"; 269 $mailto_msg .= getMailFooter(); 270 271 $mailto_title = _NOTIFY_KV_TITLE . ' ' . strip_tags($item['title']) . ' (' . $itemid . ')'; 272 273 $frommail = $member->getNotifyFromMailAddress(); 274 275 $notify = & new NOTIFICATION($blog->getNotifyAddress()); 276 $notify->notify($mailto_title, $mailto_msg , $frommail); 277 } 278 279 280 $refererUrl = serverVar('HTTP_REFERER'); 281 if ($refererUrl) 282 $url = $refererUrl; 283 else 284 $url = fancyLink($itemid); 285 286 header('Expires: 0'); 287 header('Pragma: no-cache'); 288 Header('Location: ' . $url); 289 } 290 291 /** 292 * Calls a plugin action 293 */ 294 function callPlugin() { 295 global $manager; 296 297 $pluginName = 'NP_' . requestVar('name'); 298 $actionType = requestVar('type'); 299 300 // 1: check if plugin is installed 301 if (!$manager->pluginInstalled($pluginName)) 302 doError(_ERROR_NOSUCHPLUGIN); 303 304 // 2: call plugin 305 $pluginObject =& $manager->getPlugin($pluginName); 306 if ($pluginObject) 307 $error = $pluginObject->doAction($actionType); 308 else 309 $error = 'Could not load plugin (see actionlog)'; 310 311 // doAction returns error when: 312 // - an error occurred (duh) 313 // - no actions are allowed (doAction is not implemented) 314 if ($error) 315 doError($error); 316 317 } 318 319 function checkban($blogid) { 320 // check if banned 321 $ban = BAN::isBanned($blogid, serverVar('REMOTE_ADDR')); 322 if ($ban != 0) { 323 doError(_ERROR_BANNED1 . $ban->iprange . _ERROR_BANNED2 . $ban->message . _ERROR_BANNED3); 324 } 325 326 } 327 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| [ Powered by PHPXref - Served by Debian GNU/Linux ] |