PC World 2005 April

home *** CD-ROM | disk | FTP | other *** search

/ PC World 2005 April / PCWorld_2005-04_cd.bin / akce / web / phpnuke / PHP-Nuke-7.5.exe / html / mainfile.php < prev next >

Wrap

PHP Script | 2004-08-23 | 43KB | 1,182 lines

<?php /************************************************************************/ /* PHP-NUKE: Advanced Content Management System */ /* ============================================ */ /* */ /* Copyright (c) 2002 by Francisco Burzi */ /* http://phpnuke.org */ /* */ /* This program is free software. You can redistribute it and/or modify */ /* it under the terms of the GNU General Public License as published by */ /* the Free Software Foundation; either version 2 of the License. */ /************************************************************************/ /* Additional security checking code 2003 by chatserv */ /* http://www.nukefixes.com -- http://www.nukeresources.com */ /************************************************************************/ //Union Tap //Copyright Zhen-Xjell 2004 http://nukecops.com //Beta 3 Code to prevent UNION SQL Injections unset($matches); unset($loc); if (preg_match("/([OdWo5NIbpuU4V2iJT0n]{5}) /", rawurldecode($loc=$_SERVER["QUERY_STRING"]), $matches)) { die(); } if (stristr($_SERVER["QUERY_STRING"],'%20union%20')) header("Location: index.php"); $phpver = phpversion(); if ($phpver >= '4.0.4pl1' && strstr($HTTP_USER_AGENT,'compatible')) { if (extension_loaded('zlib')) { ob_end_clean(); ob_start('ob_gzhandler'); } } else if ($phpver > '4.0') { if (strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip')) { if (extension_loaded('zlib')) { $do_gzip_compress = TRUE; ob_start(); ob_implicit_flush(0); //header('Content-Encoding: gzip'); } } } $phpver = explode(".", $phpver); $phpver = "$phpver[0]$phpver[1]"; if ($phpver >= 41) { $PHP_SELF = $_SERVER['PHP_SELF']; } if (!ini_get("register_globals")) { import_request_variables('GPC'); } if(isset($admin)) { $admin = base64_decode($admin); $admin = addslashes($admin); $admin = base64_encode($admin); } if(isset($user)) { $user = base64_decode($user); $user = addslashes($user); $user = base64_encode($user); } if (phpversion() < "4.1.0") { $_GET = $HTTP_GET_VARS; $_POST = $HTTP_POST_VARS; $_SERVER = $HTTP_SERVER_VARS; } foreach ($_GET as $secvalue) { if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*object*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*style*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*form*\"?[^>]*>", $secvalue)) || (eregi("$[^>]*\"?[^)]*$", $secvalue)) || (eregi("\"", $secvalue))) { die ("<center><img src=images/logo.gif> The html tags you attempted to use are not allowed [ <a href=\"javascript:history.go(-1)\">Go Back</a> ]"); } } foreach ($_POST as $secvalue) { if ((eregi("<[^>]script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]style*\"?[^>]*>", $secvalue))) { die ("<center><img src=images/logo.gif> The html tags you attempted to use are not allowed [ <a href=\"javascript:history.go(-1)\">Go Back</a> ]"); } } if (eregi("mainfile.php",$_SERVER['PHP_SELF'])) { Header("Location: index.php"); die(); } if ($forum_admin == 1) { require_once("../../../config.php"); require_once("../../../db/db.php"); } elseif ($inside_mod == 1) { require_once("../../config.php"); require_once("../../db/db.php"); } else { require_once("config.php"); require_once("db/db.php"); /* FOLLOWING TWO LINES ARE DEPRECATED BUT ARE HERE FOR OLD MODULES COMPATIBILITY */ /* PLEASE START USING THE NEW SQL ABSTRACTION LAYER. SEE MODULES DOC FOR DETAILS */ require_once("includes/sql_layer.php"); $dbi = sql_connect($dbhost, $dbuname, $dbpass, $dbname); } $mainfile = 1; $result = $db->sql_query("SELECT * FROM ".$prefix."_config"); $row = $db->sql_fetchrow($result); $sitename = $row['sitename']; $nukeurl = $row['nukeurl']; $site_logo = $row['site_logo']; $slogan = $row['slogan']; $startdate = $row['startdate']; $adminmail = stripslashes($row['adminmail']); $anonpost = $row['anonpost']; $Default_Theme = $row['Default_Theme']; $foot1 = $row['foot1']; $foot2 = $row['foot2']; $foot3 = $row['foot3']; $commentlimit = intval($row['commentlimit']); $anonymous = $row['anonymous']; $minpass = intval($row['minpass']); $pollcomm = intval($row['pollcomm']); $articlecomm = intval($row['articlecomm']); $broadcast_msg = intval($row['broadcast_msg']); $my_headlines = intval($row['my_headlines']); $top = intval($row['top']); $storyhome = intval($row['storyhome']); $user_news = intval($row['user_news']); $oldnum = intval($row['oldnum']); $ultramode = intval($row['ultramode']); $banners = intval($row['banners']); $backend_title = $row['backend_title']; $backend_language = $row['backend_language']; $language = $row['language']; $locale = $row['locale']; $multilingual = intval($row['multilingual']); $useflags = intval($row['useflags']); $notify = intval($row['notify']); $notify_email = $row['notify_email']; $notify_subject = $row['notify_subject']; $notify_message = $row['notify_message']; $notify_from = $row['notify_from']; $moderate = intval($row['moderate']); $admingraphic = intval($row['admingraphic']); $httpref = intval($row['httpref']); $httprefmax = intval($row['httprefmax']); $CensorMode = intval($row['CensorMode']); $CensorReplace = $row['CensorReplace']; $copyright = $row['copyright']; $Version_Num = $row['Version_Num']; $domain = eregi_replace("http://", "", $nukeurl); $tipath = "images/topics/"; $mtime = microtime(); $mtime = explode(" ",$mtime); $mtime = $mtime[1] + $mtime[0]; $start_time = $mtime; if ($forum_admin != 1) { if (isset($newlang) AND !eregi("\.","$newlang")) { if (file_exists("language/lang-".$newlang.".php")) { setcookie("lang",$newlang,time()+31536000); include("language/lang-".$newlang.".php"); $currentlang = $newlang; } else { setcookie("lang",$language,time()+31536000); include("language/lang-".$language.".php"); $currentlang = $language; } } elseif (isset($lang)) { include("language/lang-".$lang.".php"); $currentlang = $lang; } else { setcookie("lang",$language,time()+31536000); include("language/lang-".$language.".php"); $currentlang = $language; } } function get_lang($module) { global $currentlang, $language; if (file_exists("modules/$module/language/lang-".$currentlang.".php")) { if ($module == admin) { include_once("admin/language/lang-".$currentlang.".php"); } else { include_once("modules/$module/language/lang-".$currentlang.".php"); } } else { if ($module == admin) { include_once("admin/language/lang-".$currentlang.".php"); } else { include_once("modules/$module/language/lang-".$language.".php"); } } } function is_admin($admin) { global $prefix, $db; if(!is_array($admin)) { $admin = addslashes($admin); $admin = base64_decode($admin); $admin = explode(":", $admin); $aid = "$admin[0]"; $pwd = "$admin[1]"; } else { $aid = "$admin[0]"; $pwd = "$admin[1]"; } if ($aid != "" AND $pwd != "") { $aid = substr("$aid", 0,25); $result = $db->sql_query("SELECT pwd FROM ".$prefix."_authors WHERE aid='$aid'"); $row = $db->sql_fetchrow($result); $pass = $row['pwd']; if($pass == $pwd && $pass != "") { return 1; } } return 0; } function is_user($user) { global $prefix, $db, $user_prefix; if(!is_array($user)) { $user = addslashes($user); $user = base64_decode($user); $user = explode(":", $user); $uid = "$user[0]"; $pwd = "$user[2]"; } else { $uid = "$user[0]"; $pwd = "$user[2]"; } $uid = addslashes($uid); $uid = intval($uid); if ($uid != "" AND $pwd != "") { $result = $db->sql_query("SELECT user_password FROM ".$user_prefix."_users WHERE user_id='$uid'"); $row = $db->sql_fetchrow($result); $pass = $row['user_password']; if($pass == $pwd && $pass != "") { return 1; } } return 0; } function is_group($user, $name) { global $prefix, $db, $user_prefix; if(!is_array($user)) { $user = addslashes($user); $user = base64_decode($user); $user = explode(":", $user); $uid = "$user[0]"; $pwd = "$user[2]"; } else { $uid = "$user[0]"; $uid = intval($uid); $pwd = "$user[2]"; } if ($uid != "" AND $pwd != "") { $result = $db->sql_query("SELECT user_password FROM ".$user_prefix."_users WHERE user_id='$uid'"); $row = $db->sql_fetchrow($result); $pass = $row['user_password']; if($pass == $pwd && $pass != "") { $result2 = $db->sql_query("SELECT points FROM ".$user_prefix."_users WHERE user_id='$uid'"); $row2 = $db->sql_fetchrow($result2); $points = $row2['points']; $result3 = $db->sql_query("SELECT mod_group FROM ".$prefix."_modules WHERE title='$name'"); $row3 = $db->sql_fetchrow($result3); $mod_group = $row3['mod_group']; $result4 = $db->sql_query("SELECT points FROM ".$prefix."_groups WHERE id='$mod_group'"); $row4 = $db->sql_fetchrow($result4); $grp = intval($row4['points']); if (($points >= 0 AND $points >= $grp) OR $mod_group == 0) { return 1; } } } return 0; } function update_points($id) { global $user_prefix, $prefix, $db, $user; if (is_user($user)) { if(!is_array($user)) { $user = addslashes($user); $user1 = base64_decode($user); $user1 = explode(":", $user1); $username = "$user1[1]"; } else { $username = "$user1[1]"; } if ($db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_groups")) > '0') { $id = intval($id); $result = $db->sql_query("SELECT points FROM ".$prefix."_groups_points WHERE id='$id'"); $row = $db->sql_fetchrow($result); $rpoints = intval($row['points']); $db->sql_query("UPDATE ".$user_prefix."_users SET points=points+" . $rpoints . " WHERE username='$username'"); } } } function title($text) { OpenTable(); echo "<center>$text</center>"; CloseTable(); echo " "; } function is_active($module) { global $prefix, $db; $module = trim($module); $result = $db->sql_query("SELECT active FROM ".$prefix."_modules WHERE title='$module'"); $row = $db->sql_fetchrow($result); $act = intval($row['active']); if (!$result OR $act == 0) { return 0; } else { return 1; } } function render_blocks($side, $blockfile, $title, $content, $bid, $url) { if ($url == "") { if ($blockfile == "") { if ($side == "c") { themecenterbox($title, $content); } elseif ($side == "d") { themecenterbox($title, $content); } else { themesidebox($title, $content); } } else { if ($side == "c") { blockfileinc($title, $blockfile, 1); } elseif ($side == "d") { blockfileinc($title, $blockfile, 1); } else { blockfileinc($title, $blockfile); } } } else { if ($side == "c" OR $side == "d") { headlines($bid,1); } else { headlines($bid); } } } function blocks($side) { global $storynum, $prefix, $multilingual, $currentlang, $db, $admin, $user; if ($multilingual == 1) { $querylang = "AND (blanguage='$currentlang' OR blanguage='')"; } else { $querylang = ""; } if (strtolower($side[0]) == "l") { $pos = "l"; } elseif (strtolower($side[0]) == "r") { $pos = "r"; } elseif (strtolower($side[0]) == "c") { $pos = "c"; } elseif (strtolower($side[0]) == "d") { $pos = "d"; } $side = $pos; $sql = "SELECT bid, bkey, title, content, url, blockfile, view, expire, action, subscription FROM ".$prefix."_blocks WHERE bposition='$pos' AND active='1' $querylang ORDER BY weight ASC"; $result = $db->sql_query($sql); while($row = $db->sql_fetchrow($result)) { $bid = intval($row['bid']); $title = $row['title']; $content = $row['content']; $url = $row['url']; $blockfile = $row['blockfile']; $view = intval($row['view']); $expire = $row['expire']; $action = $row['action']; $now = time(); $sub = $row['subscription']; if ($sub == 0 OR ($sub == 1 AND !paid())) { if ($expire != 0 AND $expire <= $now) { if ($action == "d") { $db->sql_query("UPDATE ".$prefix."_blocks SET active='0', expire='0' WHERE bid='$bid'"); return; } elseif ($action == "r") { $db->sql_query("DELETE FROM ".$prefix."_blocks WHERE bid='$bid'"); return; } } if ($row[bkey] == admin) { adminblock(); } elseif ($row[bkey] == userbox) { userblock(); } elseif ($row[bkey] == "") { if ($view == 0) { render_blocks($side, $blockfile, $title, $content, $bid, $url); } elseif ($view == 1 AND is_user($user) || is_admin($admin)) { render_blocks($side, $blockfile, $title, $content, $bid, $url); } elseif ($view == 2 AND is_admin($admin)) { render_blocks($side, $blockfile, $title, $content, $bid, $url); } elseif ($view == 3 AND !is_user($user) || is_admin($admin)) { render_blocks($side, $blockfile, $title, $content, $bid, $url); } } } } } function message_box() { global $bgcolor1, $bgcolor2, $user, $admin, $cookie, $textcolor2, $prefix, $multilingual, $currentlang, $db; if ($multilingual == 1) { $querylang = "AND (mlanguage='$currentlang' OR mlanguage='')"; } else { $querylang = ""; } $result = $db->sql_query("SELECT mid, title, content, date, expire, view FROM ".$prefix."_message WHERE active='1' $querylang"); if ($numrows = $db->sql_numrows($result) == 0) { return; } else { while ($row = $db->sql_fetchrow($result)) { $mid = intval($row['mid']); $title = $row['title']; $content = $row['content']; $mdate = $row['date']; $expire = intval($row['expire']); $view = intval($row['view']); if ($title != "" && $content != "") { if ($expire == 0) { $remain = _UNLIMITED; } else { $etime = (($mdate+$expire)-time())/3600; $etime = (int)$etime; if ($etime < 1) { $remain = _EXPIRELESSHOUR; } else { $remain = ""._EXPIREIN." $etime "._HOURS.""; } } if ($view == 5 AND paid()) { OpenTable(); echo "<center>$title</center> \n" ."$content"; if (is_admin($admin)) { echo " <center>[ "._MVIEWSUBUSERS." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</center>"; } CloseTable(); echo " "; } elseif ($view == 4 AND is_admin($admin)) { OpenTable(); echo "<center>$title</center> \n" ."$content" ." <center>[ "._MVIEWADMIN." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</center>"; CloseTable(); echo " "; } elseif ($view == 3 AND is_user($user) || is_admin($admin)) { OpenTable(); echo "<center>$title</center> \n" ."$content"; if (is_admin($admin)) { echo " <center>[ "._MVIEWUSERS." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</center>"; } CloseTable(); echo " "; } elseif ($view == 2 AND !is_user($user) || is_admin($admin)) { OpenTable(); echo "<center>$title</center> \n" ."$content"; if (is_admin($admin)) { echo " <center>[ "._MVIEWANON." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</center>"; } CloseTable(); echo " "; } elseif ($view == 1) { OpenTable(); echo "<center>$title</center> \n" ."$content"; if (is_admin($admin)) { echo " <center>[ "._MVIEWALL." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</center>"; } CloseTable(); echo " "; } if ($expire != 0) { $past = time()-$expire; if ($mdate < $past) { $db->sql_query("UPDATE ".$prefix."_message SET active='0' WHERE mid='$mid'"); } } } } } } function online() { global $user, $cookie, $prefix, $db; cookiedecode($user); $ip = $_SERVER["REMOTE_ADDR"]; $uname = $cookie[1]; if (!isset($uname)) { $uname = "$ip"; $guest = 1; } $past = time()-3600; $db->sql_query("DELETE FROM ".$prefix."_session WHERE time < '$past'"); $result = $db->sql_query("SELECT time FROM ".$prefix."_session WHERE uname='$uname'"); $ctime = time(); if ($row = $db->sql_fetchrow($result)) { $db->sql_query("UPDATE ".$prefix."_session SET uname='$uname', time='$ctime', host_addr='$ip', guest='$guest' WHERE uname='$uname'"); } else { $db->sql_query("INSERT INTO ".$prefix."_session (uname, time, host_addr, guest) VALUES ('$uname', '$ctime', '$ip', '$guest')"); } } function blockfileinc($title, $blockfile, $side=0) { $blockfiletitle = $title; $file = @file("blocks/".$blockfile.""); if (!$file) { $content = _BLOCKPROBLEM; } else { include("blocks/".$blockfile.""); } if ($content == "") { $content = _BLOCKPROBLEM2; } if ($side == 1) { themecenterbox($blockfiletitle, $content); } elseif ($side == 2) { themecenterbox($blockfiletitle, $content); } else { themesidebox($blockfiletitle, $content); } } function selectlanguage() { global $useflags, $currentlang; if ($useflags == 1) { $title = _SELECTLANGUAGE; $content = "<center>"._SELECTGUILANG." "; $langdir = dir("language"); while($func=$langdir->read()) { if(substr($func, 0, 5) == "lang-") { $menulist .= "$func "; } } closedir($langdir->handle); $menulist = explode(" ", $menulist); sort($menulist); for ($i=0; $i < sizeof($menulist); $i++) { if($menulist[$i]!="") { $tl = ereg_replace("lang-","",$menulist[$i]); $tl = ereg_replace(".php","",$tl); $altlang = ucfirst($tl); $content .= "<a href=\"index.php?newlang=".$tl."\"><img src=\"images/language/flag-".$tl.".png\" border=\"0\" alt=\"$altlang\" title=\"$altlang\" hspace=\"3\" vspace=\"3\"></a> "; } } $content .= "</center>"; themesidebox($title, $content); } else { $title = _SELECTLANGUAGE; $content = "<center>"._SELECTGUILANG." "; $content .= "<form action=\"index.php\" method=\"get\"><select name=\"newlanguage\" onChange=\"top.location.href=this.options[this.selectedIndex].value\">"; $handle=opendir('language'); while ($file = readdir($handle)) { if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) { $langFound = $matches[1]; $languageslist .= "$langFound "; } } closedir($handle); $languageslist = explode(" ", $languageslist); sort($languageslist); for ($i=0; $i < sizeof($languageslist); $i++) { if($languageslist[$i]!="") { $content .= "<option value=\"index.php?newlang=$languageslist[$i]\" "; if($languageslist[$i]==$currentlang) $content .= " selected"; $content .= ">".ucfirst($languageslist[$i])."</option>\n"; } } $content .= "</select></form></center>"; themesidebox($title, $content); } } function ultramode() { global $prefix, $db; $ultra = "ultramode.txt"; $file = fopen("$ultra", "w"); fwrite($file, "General purpose self-explanatory file with news headlines\n"); $result = $db->sql_query("SELECT sid, aid, title, time, comments, topic FROM ".$prefix."_stories ORDER BY time DESC LIMIT 0,10"); while ($row = $db->sql_fetchrow($result)) { $rsid = intval($row['sid']); $raid = $row['aid']; $rtitle = $row['title']; $rtime = $row['time']; $rcomments = $row['comments']; $rtopic = $row['topic']; $row2 = $db->sql_fetchrow($db->sql_query("select topictext, topicimage from ".$prefix."_topics where topicid='$rtopic'")); $topictext = $row2['topictext']; $topicimage = $row2['topicimage']; $content = "%%\n$rtitle\n/modules.php?name=News&file=article&sid=$rsid\n$rtime\n$raid\n$topictext\n$rcomments\n$topicimage\n"; fwrite($file, $content); } fclose($file); } function cookiedecode($user) { global $cookie, $prefix, $db, $user_prefix; $user = addslashes($user); $user = base64_decode($user); $cookie = explode(":", $user); $result = $db->sql_query("SELECT user_password FROM ".$user_prefix."_users WHERE username='$cookie[1]'"); $row = $db->sql_fetchrow($result); $pass = $row['user_password']; if ($cookie[2] == $pass && $pass != "") { return $cookie; } else { unset($user); unset($cookie); } } function getusrinfo($user) { global $userinfo, $user_prefix, $db; $user = addslashes($user); $user2 = base64_decode($user); $user3 = explode(":", $user2); $result = $db->sql_query("SELECT * FROM ".$user_prefix."_users WHERE username='$user3[1]' AND user_password='$user3[2]'"); if ($db->sql_numrows($result) == 1) { $userinfo = $db->sql_fetchrow($result); } return $userinfo; } function FixQuotes ($what = "") { $what = ereg_replace("'","''",$what); while (eregi("\\\\'", $what)) { $what = ereg_replace("\\\\'","'",$what); } return $what; } /*********************************************************/ /* text filter */ /*********************************************************/ function check_words($Message) { global $CensorMode, $CensorReplace, $EditedMessage; include("config.php"); $EditedMessage = $Message; if ($CensorMode != 0) { if (is_array($CensorList)) { $Replace = $CensorReplace; if ($CensorMode == 1) { for ($i = 0; $i < count($CensorList); $i++) { $EditedMessage = eregi_replace("$CensorList[$i]([^a-zA-Z0-9])","$Replace\\1",$EditedMessage); } } elseif ($CensorMode == 2) { for ($i = 0; $i < count($CensorList); $i++) { $EditedMessage = eregi_replace("(^|[^[:alnum:]])$CensorList[$i]","\\1$Replace",$EditedMessage); } } elseif ($CensorMode == 3) { for ($i = 0; $i < count($CensorList); $i++) { $EditedMessage = eregi_replace("$CensorList[$i]","$Replace",$EditedMessage); } } } } return ($EditedMessage); } function delQuotes($string){ /* no recursive function to add quote to an HTML tag if needed */ /* and delete duplicate spaces between attribs. */ $tmp=""; # string buffer $result=""; # result string $i=0; $attrib=-1; # Are us in an HTML attrib ? -1: no attrib 0: name of the attrib 1: value of the atrib $quote=0; # Is a string quote delimited opened ? 0=no, 1=yes $len = strlen($string); while ($i<$len) { switch($string[$i]) { # What car is it in the buffer ? case "\"": #" # a quote. if ($quote==0) { $quote=1; } else { $quote=0; if (($attrib>0) && ($tmp != "")) { $result .= "=\"$tmp\""; } $tmp=""; $attrib=-1; } break; case "=": # an equal - attrib delimiter if ($quote==0) { # Is it found in a string ? $attrib=1; if ($tmp!="") $result.=" $tmp"; $tmp=""; } else $tmp .= '='; break; case " ": # a blank ? if ($attrib>0) { # add it to the string, if one opened. $tmp .= $string[$i]; } break; default: # Other if ($attrib<0) # If we weren't in an attrib, set attrib to 0 $attrib=0; $tmp .= $string[$i]; break; } $i++; } if (($quote!=0) && ($tmp != "")) { if ($attrib==1) $result .= "="; /* If it is the value of an atrib, add the '=' */ $result .= "\"$tmp\""; /* Add quote if needed (the reason of the function ;-) */ } return $result; } function check_html ($str, $strip="") { /* The core of this code has been lifted from phpslash */ /* which is licenced under the GPL. */ include("config.php"); if ($strip == "nohtml") $AllowableHTML=array(''); $str = stripslashes($str); $str = eregi_replace("<[[:space:]]*([^>]*)[[:space:]]*>",'<\\1>', $str); // Delete all spaces from html tags . $str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?[[:space:]]*([^\" >]*)[[:space:]]*\"?[^>]*>",'<a href="\\1">', $str); // Delete all attribs from Anchor, except an href, double quoted. $str = eregi_replace("<[[:space:]]* img[[:space:]]*([^>]*)[[:space:]]*>", '', $str); // Delete all img tags $str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?javascript[[:punct:]]*\"?[^>]*>", '', $str); // Delete javascript code from a href tags -- Zhen-Xjell @ http://nukecops.com $tmp = ""; while (ereg("<(/?[[:alpha:]]*)[[:space:]]*([^>]*)>",$str,$reg)) { $i = strpos($str,$reg[0]); $l = strlen($reg[0]); if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1)); else $tag = strtolower($reg[1]); if ($a = $AllowableHTML[$tag]) if ($reg[1][0] == "/") $tag = "</$tag>"; elseif (($a == 1) || ($reg[2] == "")) $tag = "<$tag>"; else { # Place here the double quote fix function. $attrb_list=delQuotes($reg[2]); // A VER $attrb_list = ereg_replace("&","&",$attrb_list); $tag = "<$tag" . $attrb_list . ">"; } # Attribs in tag allowed else $tag = ""; $tmp .= substr($str,0,$i) . $tag; $str = substr($str,$i+$l); } $str = $tmp . $str; return $str; exit; /* Squash PHP tags unconditionally */ $str = ereg_replace("<\?","",$str); return $str; } function filter_text($Message, $strip="") { global $EditedMessage; check_words($Message); $EditedMessage=check_html($EditedMessage, $strip); return ($EditedMessage); } /*********************************************************/ /* formatting stories */ /*********************************************************/ function formatTimestamp($time) { global $datetime, $locale; setlocale (LC_TIME, $locale); ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime); $datetime = strftime(""._DATESTRING."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1])); $datetime = ucfirst($datetime); return($datetime); } function formatAidHeader($aid) { global $prefix, $db; $result = $db->sql_query("SELECT url, email FROM ".$prefix."_authors WHERE aid='$aid'"); $row = $db->sql_fetchrow($result); $url = $row['url']; $email = stripslashes($row['email']); if (isset($url)) { $aid = "<a href=\"$url\">$aid</a>"; } elseif (isset($email)) { $aid = "<a href=\"mailto:$email\">$aid</a>"; } else { $aid = $aid; } echo "$aid"; } function get_author($aid) { global $prefix, $db; $result = $db->sql_query("SELECT url, email FROM ".$prefix."_authors WHERE aid='$aid'"); $row = $db->sql_fetchrow($result); $url = stripslashes($row['url']); $email = stripslashes($row['email']); if (isset($url)) { $aid = "<a href=\"$url\">$aid</a>"; } elseif (isset($email)) { $aid = "<a href=\"mailto:$email\">$aid</a>"; } else { $aid = $aid; } return($aid); } function themepreview($title, $hometext, $bodytext="", $notes="") { echo "$title $hometext"; if ($bodytext != "") { echo " $bodytext"; } if ($notes != "") { echo " "._NOTE." $notes"; } } function adminblock() { global $admin, $prefix, $db; if (is_admin($admin)) { $result = $db->sql_query("SELECT title, content FROM ".$prefix."_blocks WHERE bkey='admin'"); while ($row = $db->sql_fetchrow($result)) { $content = "$row[content]"; themesidebox($row[title], $row[content]); } $title = ""._WAITINGCONT.""; $num = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_queue")); $content = ""; $content .= "<big>·</big> <a href=\"admin.php?op=submissions\">"._SUBMISSIONS."</a>: $num "; $num = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_reviews_add")); $content .= "<big>·</big> <a href=\"admin.php?op=reviews\">"._WREVIEWS."</a>: $num "; $num = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_links_newlink")); $brokenl = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_links_modrequest WHERE brokenlink='1'")); $modreql = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_links_modrequest WHERE brokenlink='0'")); $content .= "<big>·</big> <a href=\"admin.php?op=Links\">"._WLINKS."</a>: $num "; $content .= "<big>·</big> <a href=\"admin.php?op=LinksListModRequests\">"._MODREQLINKS."</a>: $modreql "; $content .= "<big>·</big> <a href=\"admin.php?op=LinksListBrokenLinks\">"._BROKENLINKS."</a>: $brokenl "; $num = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_downloads_newdownload")); $brokend = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_downloads_modrequest WHERE brokendownload='1'")); $modreqd = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_downloads_modrequest WHERE brokendownload='0'")); $content .= "<big>·</big> <a href=\"admin.php?op=downloads\">"._UDOWNLOADS."</a>: $num "; $content .= "<big>·</big> <a href=\"admin.php?op=DownloadsListModRequests\">"._MODREQDOWN."</a>: $modreqd "; $content .= "<big>·</big> <a href=\"admin.php?op=DownloadsListBrokenDownloads\">"._BROKENDOWN."</a>: $brokend "; themesidebox($title, $content); } } function loginbox() { global $user; if (!is_user($user)) { $title = _LOGIN; $boxstuff = "<form action=\"modules.php?name=Your_Account\" method=\"post\">"; $boxstuff .= "<center>"._NICKNAME." "; $boxstuff .= "<input type=\"text\" name=\"username\" size=\"8\" maxlength=\"25\"> "; $boxstuff .= ""._PASSWORD." "; $boxstuff .= "<input type=\"password\" name=\"user_password\" size=\"8\" maxlength=\"20\"> "; $boxstuff .= "<input type=\"hidden\" name=\"op\" value=\"login\">"; $boxstuff .= "<input type=\"submit\" value=\""._LOGIN."\"></center></form>"; $boxstuff .= "<center>"._ASREGISTERED."</center>"; themesidebox($title, $boxstuff); } } function userblock() { global $user, $cookie, $db, $user_prefix; if((is_user($user)) AND ($cookie[8])) { $sql = "SELECT ublock FROM ".$user_prefix."_users WHERE user_id='$cookie[0]'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $title = ""._MENUFOR." $cookie[1]"; themesidebox($title, $row[ublock]); } } function getTopics($s_sid) { global $topicname, $topicimage, $topictext, $prefix, $db; $sid = intval($s_sid); $row = $db->sql_fetchrow($db->sql_query("SELECT topic FROM ".$prefix."_stories WHERE sid='$sid'")); $rtopic = $row['topic']; $result2 = $db->sql_query("SELECT topicid, topicname, topicimage, topictext FROM ".$prefix."_topics WHERE topicid='$rtopic'"); $row2 = $db->sql_fetchrow($result2); $topicid = intval($row2['topicid']); $topicname = $row2['topicname']; $topicimage = $row2['topicimage']; $topictext = $row2['topictext']; } function headlines($bid, $cenbox=0) { global $prefix, $db; $bid = intval($bid); $result = $db->sql_query("SELECT title, content, url, refresh, time FROM ".$prefix."_blocks WHERE bid='$bid'"); $row = $db->sql_fetchrow($result); $title = $row['title']; $content = $row['content']; $url = $row['url']; $refresh = intval($row['refresh']); $otime = $row['time']; $past = time()-$refresh; if ($otime < $past) { $btime = time(); $rdf = parse_url($url); $fp = fsockopen($rdf['host'], 80, $errno, $errstr, 15); if (!$fp) { $content = ""; $db->sql_query("UPDATE ".$prefix."_blocks SET content='$content', time='$btime' WHERE bid='$bid'"); $cont = 0; if ($cenbox == 0) { themesidebox($title, $content); } else { themecenterbox($title, $content); } return; } if ($fp) { if ($rdf['query'] != '') $rdf['query'] = "?" . $rdf['query']; fputs($fp, "GET " . $rdf['path'] . $rdf['query'] . " HTTP/1.0\r\n"); fputs($fp, "HOST: " . $rdf['host'] . "\r\n\r\n"); $string = ""; while(!feof($fp)) { $pagetext = fgets($fp,300); $string .= chop($pagetext); } fputs($fp,"Connection: close\r\n\r\n"); fclose($fp); $items = explode("</item>",$string); $content = ""; for ($i=0;$i<10;$i++) { $link = ereg_replace(".*<link>","",$items[$i]); $link = ereg_replace("</link>.*","",$link); $title2 = ereg_replace(".*<title>","",$items[$i]); $title2 = ereg_replace("</title>.*","",$title2); $title2 = stripslashes($title2); if ($items[$i] == "" AND $cont != 1) { $content = ""; $db->sql_query("UPDATE ".$prefix."_blocks SET content='$content', time='$btime' WHERE bid='$bid'"); $cont = 0; if ($cenbox == 0) { themesidebox($title, $content); } else { themecenterbox($title, $content); } return; } else { if (strcmp($link,$title2) AND $items[$i] != "") { $cont = 1; $content .= "<big>·</big><a href=\"$link\" target=\"new\">$title2</a> \n"; } } } } $db->sql_query("UPDATE ".$prefix."_blocks SET content='$content', time='$btime' WHERE bid='$bid'"); } $siteurl = ereg_replace("http://","",$url); $siteurl = explode("/",$siteurl); if (($cont == 1) OR ($content != "")) { $content .= " <a href=\"http://$siteurl[0]\" target=\"blank\">"._HREADMORE."</a>"; } elseif (($cont == 0) OR ($content == "")) { $content = ""._RSSPROBLEM.""; } if ($cenbox == 0) { themesidebox($title, $content); } else { themecenterbox($title, $content); } } function automated_news() { global $prefix, $multilingual, $currentlang, $db; if ($multilingual == 1) { $querylang = "WHERE (alanguage='$currentlang' OR alanguage='')"; /* the OR is needed to display stories who are posted to ALL languages */ } else { $querylang = ""; } $today = getdate(); $day = $today[mday]; if ($day < 10) { $day = "0$day"; } $month = $today[mon]; if ($month < 10) { $month = "0$month"; } $year = $today[year]; $hour = $today[hours]; $min = $today[minutes]; $sec = "00"; $result = $db->sql_query("SELECT anid, time FROM ".$prefix."_autonews $querylang"); while ($row = $db->sql_fetchrow($result)) { $anid = $row['anid']; $time = $row['time']; ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $date); if (($date[1] <= $year) AND ($date[2] <= $month) AND ($date[3] <= $day)) { if (($date[4] < $hour) AND ($date[5] >= $min) OR ($date[4] <= $hour) AND ($date[5] <= $min)) { $result2 = $db->sql_query("SELECT * FROM ".$prefix."_autonews WHERE anid='$anid'"); while ($row2 = $db->sql_fetchrow($result2)) { $title = stripslashes(FixQuotes($row2['title'])); $hometext = stripslashes(FixQuotes($row2['hometext'])); $bodytext = stripslashes(FixQuotes($row2['bodytext'])); $notes = stripslashes(FixQuotes($row2['notes'])); $catid2 = intval($row2['catid']); $aid2 = $row2['aid']; $time2 = $row2['time']; $topic2 = $row2['topic']; $informant2 = $row2['informant']; $ihome2 = intval($row2['ihome']); $alanguage2 = $row2['alanguage']; $acomm2 = intval($row2['acomm']); $associated2 = $row2['associated']; $num = $db->sql_numrows($db->sql_query("SELECT sid FROM ".$prefix."_stories WHERE title='$title'")); if ($num == 0) { $db->sql_query("DELETE FROM ".$prefix."_autonews WHERE anid='$anid'"); $db->sql_query("INSERT INTO ".$prefix."_stories VALUES (NULL, '$catid2', '$aid2', '$title', '$time2', '$hometext', '$bodytext', '0', '0', '$topic2', '$informant2', '$notes', '$ihome2', '$alanguage2', '$acomm2', '0', '0', '0', '0', '$associated2')"); } } } } } } function themecenterbox($title, $content) { OpenTable(); echo "<center>$title</center> " ."$content"; CloseTable(); echo " "; } function public_message() { global $prefix, $user_prefix, $db, $user, $admin, $p_msg, $cookie, $broadcast_msg; if ($broadcast_msg == 1) { if (is_user($user)) { cookiedecode($user); $result = $db->sql_query("SELECT broadcast FROM ".$user_prefix."_users WHERE username='$cookie[1]'"); $row = $db->sql_fetchrow($result); $upref = $row['broadcast']; if ($upref == 1) { $t_off = " [ <a href=\"modules.php?name=Your_Account&op=edithome\">"._TURNOFFMSG."</a> ]"; $pm_show = 1; } else { $pm_show = 0; } } else { $t_off = ""; } if (!is_user($user) OR (is_user($user) AND ($pm_show == 1))) { $p_msg = addslashes($p_msg); $c_mid = base64_decode($p_msg); $c_mid = intval($c_mid); $result2 = $db->sql_query("SELECT mid, content, date, who FROM ".$prefix."_public_messages WHERE mid > '$c_mid' ORDER BY date ASC LIMIT 1"); $row2 = $db->sql_fetchrow($result2); $mid = intval($row2['mid']); $content = $row2['content']; $tdate = $row2['date']; $who = $row2['who']; if ((!isset($c_mid)) OR ($c_mid = $mid)) { $public_msg = " <table width=\"90%\" border=\"1\" cellspacing=\"2\" cellpadding=\"0\" bgcolor=\"FFFFFF\" align=\"center\"><tr><td>\n"; $public_msg .= "<table width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"FF0000\"><tr><td>\n"; $public_msg .= ""._BROADCASTFROM." <a href=\"modules.php?name=Your_Account&op=userinfo&username=$who\">$who</a>: \"$content\""; $public_msg .= "$t_off"; $public_msg .= "</td></tr></table>"; $public_msg .= "</td></tr></table>"; $ref_date = $tdate+600; $actual_date = time(); if ($actual_date >= $ref_date) { $public_msg = ""; $numrows = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_public_messages")); if ($numrows == 1) { $db->sql_query("DELETE FROM ".$prefix."_public_messages"); $mid = 0; } else { $db->sql_query("DELETE FROM ".$prefix."_public_messages WHERE mid='$mid'"); } } if ($mid == 0 OR $mid == "") { setcookie("p_msg"); } else { $mid = addslashes($mid); $mid = base64_encode($mid); setcookie("p_msg",$mid,time()+600); } } } } else { $public_msg = ""; } return($public_msg); } function get_theme() { global $user, $cookie, $Default_Theme; if(is_user($user)) { $user = addslashes($user); $user2 = base64_decode($user); $t_cookie = explode(":", $user2); if($t_cookie[9]=="") $t_cookie[9]=$Default_Theme; if(isset($theme)) $t_cookie[9]=$theme; if(!$tfile=@opendir("themes/$t_cookie[9]")) { $ThemeSel = $Default_Theme; } else { $ThemeSel = $t_cookie[9]; } } else { $ThemeSel = $Default_Theme; } return($ThemeSel); } function removecrlf($str) { // Function for Security Fix by Ulf Harnhammar, VSU Security 2002 // Looks like I don't have so bad track record of security reports as Ulf believes // He decided to not contact me, but I'm always here, digging on the net return strtr($str, "\015\012", ' '); } function paid() { global $db, $user, $cookie, $adminmail, $sitename, $nukeurl, $subscription_url, $user_prefix, $prefix; if (is_user($user)) { if ($subscription_url != "") { $renew = ""._SUBRENEW." $subscription_url"; } else { $renew = ""; } cookiedecode($user); $sql = "SELECT * FROM ".$prefix."_subscriptions WHERE userid='$cookie[0]'"; $result = $db->sql_query($sql); $numrows = $db->sql_numrows($result); $row = $db->sql_fetchrow($result); if ($numrows == 0) { return 0; } elseif ($numrows != 0) { $time = time(); if ($row[subscription_expire] <= $time) { $db->sql_query("DELETE FROM ".$prefix."_subscriptions WHERE userid='$cookie[0]' AND id='$row[id]'"); $from = "$sitename <$adminmail>"; $subject = "$sitename: "._SUBEXPIRED.""; $body = ""._HELLO." $cookie[1]:\n\n"._SUBSCRIPTIONAT." $sitename "._HASEXPIRED."\n$renew\n\n"._HOPESERVED."\n\n$sitename "._TEAM."\n$nukeurl"; $row = $db->sql_fetchrow($db->sql_query("SELECT user_email FROM ".$user_prefix."_users WHERE id='$cookie[0]' AND nickname='$cookie[1]' AND password='$cookie[2]'")); mail($row[user_email], $subject, $body, "From: $from\nX-Mailer: PHP/" . phpversion()); } return 1; } } else { return 0; } } switch($gfx) { case "gfx": $datekey = date("F j"); $rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey)); $code = substr($rcode, 2, 6); $image = ImageCreateFromJPEG("images/code_bg.jpg"); $text_color = ImageColorAllocate($image, 80, 80, 80); Header("Content-type: image/jpeg"); ImageString ($image, 5, 12, 2, $code, $text_color); ImageJPEG($image, '', 75); ImageDestroy($image); die(); break; } ?>