DATEIVERGLEICH
Erstellt: 22.05.2005 00:31:58
   
Modus: Alle Zeilen  
   
Linke Datei: D:\Localhost_2\nuke5.5\html\mainfile.php     Rechte Datei: D:\Localhost\pragmaMx\stable\mainfile.php  
1 <?php <> 1 <?php // $Id: mainfile.php,v 1.7 2005/04/16 13:12:22 tora60 Exp $
2     2 /************************************
3 ob_start("ob_gzhandler");   3 pragmaMx  Content Management System
4     4 Copyright (c) 2005 pragmaMx Dev Team - http://pragmaMx.org
5 /************************************************************************/   5 ***********************************
6 /* PHP-NUKE: Advanced Content Management System                         */      
7 /* ============================================                         */      
8 /*                                                                      */      
9 /* Copyright (c) 2002 by Francisco Burzi (fbc@mandrakesoft.com)         */      
10 /* http://phpnuke.org                                                   */      
11 /*                                                                      */      
12 /* This program is free software. You can redistribute it and/or modify */   6 This program is free software; you can redistribute it and/or modify
13 /* it under the terms of the GNU General Public License as published by */   7 it under the terms of the GNU General Public License as published by
14 /* the Free Software Foundation; either version 2 of the License.       */   8 the Free Software Foundation; either version 2 of the License, or
15 /************************************************************************/   9 (at your option) any later version.
16     10 ***********************************
17 foreach ($HTTP_GET_VARS as $secvalue) {   11 $Source: /cvsroot/pragmamx/stable/mainfile.php,v $
18     if (eregi("<[^>]*script*\"?[^>]*>", $secvalue)) {      
19         die ("I don't like you...");      
20    }   12 $Revision: 1.7 $
21 }   13 $Author: tora60 $
      14 $Date: 2005/04/16 13:12:22 $
      15 ************************************/
      16 /// Benchmarkanzeige initialisieren
22     17 if(!defined("MX_TIME")) {
23 if (eregi("mainfile.php",$PHP_SELF)) {   18         $vstarttime = explode(" ",microtime());
24     Header("Location: index.php");   19         define("MX_TIME",(float)$vstarttime[1] + (float)$vstarttime[0]);
25     die();   20         unset($vstarttime);
26 }   21         }
27   = 22  
28 require_once("config.php"); <> 23 // Ausgabepuffer auf jeden Fall starten, wird am Ende dieser Datei
29 require_once("includes/sql_layer.php");   24 // wieder geloescht und evtl. der ob_gzhandler gestartet
30 $dbi = sql_connect($dbhost, $dbuname, $dbpass, $dbname);      
31 $mainfile = 1;   25 ob_start();
32   = 26  
33 if (isset($newlang)) { <> 27 ################################################################
34     if (file_exists("language/lang-$newlang.php")) {   28 // verschiedene Grundeinstellungen
35         setcookie("lang",$newlang,time()+31536000);   29 define("mxMainFileLoaded","1");
36         include("language/lang-$newlang.php");   30 define('MX_DOC_ROOT',dirname(__file__));
37         $currentlang = $newlang;      
38     } else {   31  
39         setcookie("lang",$language,time()+31536000);   32 // Nur Parsefehler melden
40         include("language/lang-$language.php");   33 error_reporting(E_PARSE);
41         $currentlang = $language;      
42     }   34  
43 } elseif (isset($lang)) {   35 // paresfehler in config.php abfangen
44     include("language/lang-$lang.php");      
45     $currentlang = $lang;      
46 } else {   36 if (!include('config.php')) {
47     setcookie("lang",$language,time()+31536000);   37         $msg = "<br><br>Error:<br>the config-file is missing or corrupted!";
48     include("language/lang-$language.php");   38         if (is_dir('install') && !is_file('config.php')) {
49     $currentlang = $language;   39                 $msg = "<br><br><img src=\"images/logo.gif\" alt=\"pragmaMx\" /><br><br>pragmaMx seems not to be installed correctly, or you're running pragmaMx for the first time. <br />Click <a href=\"install/\"><b>here</b></a> to run the installer.";
50 }   40                 }
51     41         die($msg);
52 function get_lang($module) {      
53     global $currentlang;      
54     if ($module == admin) {      
55         if (file_exists("admin/language/lang-$currentlang.php")) {      
56             include_once("admin/language/lang-$currentlang.php");      
57         } = 42         }
58     } else { <> 43  
59         if (file_exists("modules/$module/language/lang-$currentlang.php")) {      44 // nur für phpNuke-Kompatibilität
60             include_once("modules/$module/language/lang-$currentlang.php");   45 $GLOBALS["mainfile"] = 1;
    = 46  
    -+ 47 if (!isset($GLOBALS["mxDemoMode"])) {
      48         $GLOBALS["mxDemoMode"] = false;
61         } = 49         }
62     } +-    
63 }      
64   = 50  
65 function is_admin($admin) { <> 51 // Systemkonstanten definieren, diese Datei kann in gewissem Masse angepasst werden
66     global $prefix, $dbi;   52 require_once("includes/mx_baseconfig.php");
67     if(!is_array($admin)) {      
68         $admin = base64_decode($admin);      
69         $admin = explode(":", $admin);      
70         $aid = "$admin[0]";      
71         $pwd = "$admin[1]";      
72     } else {      
73         $aid = "$admin[0]";      
74         $pwd = "$admin[1]";      
75     }   53  
76     $result = sql_query("select pwd from ".$prefix."_authors where aid='$aid'", $dbi);      
77     list($pass) = sql_fetch_row($result, $dbi);      
78     if($pass == $pwd && $pass != "") {      
79         return 1;      
80     }      
81    return 0;   54 // zu alte php-Version
82 }   55 if (MX_PHP_VERSION < 410) die("<br>Sorry, PHP-Version > 4.1.0 is required.");
83   = 56  
84 function is_user($user) { <> 57 // mainfile direkt aufgerufen? Erst hier, wegen php-Version!
85     global $prefix, $dbi, $user_prefix;   58 if (eregi("mainfile.php",$_SERVER['PHP_SELF'])) die ("You can't access this file directly...");
86     if(!is_array($user)) {      
87         $user = base64_decode($user);      
88         $user = explode(":", $user);      
89         $uid = "$user[0]";      
90         $pwd = "$user[2]";      
91     } else {      
92         $uid = "$user[0]";      
93         $pwd = "$user[2]";      
94     }      
95     $result = sql_query("select pass from ".$user_prefix."_users where uid='$uid'", $dbi);      
96     list($pass) = sql_fetch_row($result, $dbi);      
97     if($pass == $pwd && $pass != "") {      
98         return 1;      
99     }      
100     return 0;      
101 }   59  
102   = 60  
103 function title($text) { <> 61 // System-Funktionen und unveränderbare Grundeinstellungen laden
104     OpenTable();   62 require_once("includes/mx_system.php");
105     echo "<center><font class=\"title\"><b>$text</b></font></center>";      
106     CloseTable();      
107     echo "<br>";      
108 }      
109   = 63  
110 function is_active($module) { <>    
111     global $prefix, $dbi;      
112     $result = sql_query("select active from ".$prefix."_modules where title='$module'", $dbi);      
113     list ($act) = sql_fetch_row($result, $dbi);      
114     if (!$result OR $act == 0) {      
115         return 0;      
116     } else {   64 // API's einbinden
117         return 1;   65 require_once("includes/mx_api.php");
118    }   66 require_once("includes/mx_api_2.php"); // in dieser Datei befinden sich Anzeige-Funktionen, die editiert werden können
119 }      
120   = 67  
121 function render_blocks($side, $blockfile, $title, $content, $bid, $url) { <> 68 #####################################################
122     if ($url == "") {   69 // Datenbankverbindung herstellen und Session starten
123         if ($blockfile == "") {   70 require_once("includes/sql_layer.php");
124             if ($side == "c") {   71 require_once("includes/mx_session.php");
125                 themecenterbox($title, $content);      
126             } else {      
127                 themesidebox($title, $content);      
128             }      
129         } else {   72 if (!mxSessionStart()) {
130             if ($side == "c") {   73         die('<strong>Session: initialisation failed</strong><br><br>');
131                 blockfileinc($title, $blockfile, 1);      
132             } else {      
133                 blockfileinc($title, $blockfile);      
134             }      
135         } = 74         }
136     } else { <>    
137         if ($side == "c") {   75 if(empty($dbi)){
138             headlines($bid,1);   76         die("<br><br>Selection from database failed!<br><br>Kein Zugriff auf die Datenbank möglich, bitte überprüfen Sie die Einstellungen.");
139         } else {      
140             headlines($bid);      
141         } = 77         }
142     } +-    
143 }      
144   = 78  
145 function blocks($side) { <> 79 // sql_inject Überprüfung starten
146     global $storynum, $prefix, $multilingual, $currentlang, $dbi, $admin, $user;   80 if ($GLOBALS['vkpSafeSqlinject'] && @is_file('includes/mx_detect.php')) {
147     if ($multilingual == 1) {   81         include_once('includes/detection/config.php');
148        $querylang = "AND (blanguage='$currentlang' OR blanguage='')";   82         include_once('includes/mx_detect.php');
149     } else {      
150         $querylang = "";      
151     }      
152     if (strtolower($side[0]) == "l") {      
153         $pos = "l";      
154     } elseif (strtolower($side[0]) == "r") {      
155         $pos = "r";      
156     }  elseif (strtolower($side[0]) == "c") {      
157         $pos = "c";      
158     }      
159     $side = $pos;      
160     $result = sql_query("select bid, bkey, title, content, url, blockfile, view from ".$prefix."_blocks where position='$pos' AND active='1' $querylang ORDER BY weight ASC", $dbi);      
161     while(list($bid, $bkey, $title, $content, $url, $blockfile, $view) = sql_fetch_row($result, $dbi)) {      
162         if ($bkey == admin) {      
163             adminblock();   83         mxDetectCheckBanning();
164         } elseif ($bkey == userbox) {      
165             userblock();   84         mxDetectStart();
166         } elseif ($bkey == "") {      
167             if ($view == 0) {      
168                 render_blocks($side, $blockfile, $title, $content, $bid, $url);      
169             } elseif ($view == 1 AND is_user($user) || is_admin($admin)) {      
170                 render_blocks($side, $blockfile, $title, $content, $bid, $url);      
171             } elseif ($view == 2 AND is_admin($admin)) {      
172                 render_blocks($side, $blockfile, $title, $content, $bid, $url);      
173             } elseif ($view == 3 AND !is_user($user) || is_admin($admin)) {      
174                 render_blocks($side, $blockfile, $title, $content, $bid, $url);      
175             }      
176         } = 85         }
177     } +-    
178 }      
179   = 86  
180 function message_box() { <> 87 define('MX_IS_ADMIN',mxIsAdmin()); // Adminberechtigung initialisieren
181     global $bgcolor1, $bgcolor2, $user, $admin, $cookie, $textcolor2, $prefix, $multilingual, $currentlang, $dbi;   88 define('MX_IS_USER' ,mxIsUser()); // Userberechtigung  initialisieren
182     if ($multilingual == 1) {      
183         $querylang = "AND (mlanguage='$currentlang' OR mlanguage='')";      
184     } else {      
185         $querylang = "";      
186     }      
187     $result = sql_query("select mid, title, content, date, expire, view from ".$prefix."_message where active='1' $querylang", $dbi);      
188     if (sql_num_rows($result, $dbi) == 0) {      
189         return;      
190     } else {      
191         while (list($mid, $title, $content, $mdate, $expire, $view) = sql_fetch_row($result, $dbi)) {      
192         if ($title != "" && $content != "") {      
193             if ($expire == 0) {      
194                 $remain = _UNLIMITED;      
195             } else {      
196                 $etime = (($mdate+$expire)-time())/3600;      
197                 $etime = (int)$etime;      
198                 if ($etime < 1) {      
199                     $remain = _EXPIRELESSHOUR;      
200                 } else {      
201                     $remain = ""._EXPIREIN." $etime "._HOURS."";      
202                 }   89  
203             }   90 // phpNuke6.5 Datenbanklayer einbinden, falls vorhanden
204             if ($view == 4 AND is_admin($admin)) {   91 if (@is_file("includes/db/db.php")) {
205                 OpenTable();   92         include_once('includes/db/db.php');
206                 echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"      
207                     ."<font class=\"content\">$content</font>"      
208                     ."<br><br><center><font class=\"content\">[ "._MVIEWADMIN." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";      
209                 CloseTable();      
210                 echo "<br>";      
211             } elseif ($view == 3 AND is_user($user) || is_admin($admin)) {      
212                 OpenTable();      
213                 echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"      
214                     ."<font class=\"content\">$content</font>";      
215                 if (is_admin($admin)) {      
216                     echo "<br><br><center><font class=\"content\">[ "._MVIEWUSERS." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";      
217                 }      
218                 CloseTable();      
219                 echo "<br>";      
220             } elseif ($view == 2 AND !is_user($user) || is_admin($admin)) {      
221                 OpenTable();      
222                 echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"      
223                     ."<font class=\"content\">$content</font>";      
224                 if (is_admin($admin)) {      
225                     echo "<br><br><center><font class=\"content\">[ "._MVIEWANON." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";      
226                 }      
227                 CloseTable();      
228                 echo "<br>";      
229             } elseif ($view == 1) {      
230                 OpenTable();      
231                 echo "<center><font class=\"option\" color=\"$textcolor2\"><b>$title</b></font></center>\n"      
232                     ."<font class=\"content\">$content</font>";      
233                 if (is_admin($admin)) {      
234                     echo "<br><br><center><font class=\"content\">[ "._MVIEWALL." - $remain - <a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</font></center>";      
235                 }      
236                 CloseTable();      
237                 echo "<br>";      
238             }      
239             if ($expire != 0) {      
240                 $past = time()-$expire;      
241                 if ($mdate < $past) {      
242                     $result = sql_query("update ".$prefix."_message set active='0' where mid='$mid'", $dbi);      
243                 }      
244                 }      
245             }      
246         } = 93         }
247     } +-    
248 }      
249   = 94  
250 function online() { <> 95 // phpNuke Api einbinden (alte mainfile)
251     global $user, $cookie, $prefix, $dbi;   96 if (@is_file("includes/nukefunctions.php")) {
252     cookiedecode($user);      
253     $ip = getenv("REMOTE_ADDR");      
254     $username = $cookie[1];      
255     if (!isset($username)) {      
256         $username = "$ip";      
257         $guest = 1;      
258     }      
259     $past = time()-1800;      
260     sql_query("DELETE FROM ".$prefix."_session WHERE time < $past", $dbi);      
261     $result = sql_query("SELECT time FROM ".$prefix."_session WHERE username='$username'", $dbi);      
262     $ctime = time();      
263     if ($row = sql_fetch_array($result, $dbi)) {      
264         sql_query("UPDATE ".$prefix."_session SET username='$username', time='$ctime', host_addr='$ip', guest='$guest' WHERE username='$username'", $dbi);      
265     } else {      
266         sql_query("INSERT INTO ".$prefix."_session (username, time, host_addr, guest) VALUES ('$username', '$ctime', '$ip', '$guest')", $dbi);      
267     }      
268 }      
269   =    
270 function blockfileinc($title, $blockfile, $side=0) { <>    
271     $blockfiletitle = $title;      
272     $file = @file("blocks/$blockfile");      
273     if (!$file) {      
274         $content = _BLOCKPROBLEM;      
275     } else {      
276         include("blocks/$blockfile");   97         include_once("includes/nukefunctions.php");
277     }      
278     if ($content == "") {      
279         $content = _BLOCKPROBLEM2;      
280     }      
281     if ($side == 1) {      
282         themecenterbox($blockfiletitle, $content);      
283     } else {      
284         themesidebox($blockfiletitle, $content);      
285     }      
286 }      
287   =    
288 function selectlanguage() { +-    
289     global $useflags, $currentlang;      
290     if ($useflags == 1) {      
291     $title = _SELECTLANGUAGE;      
292     $content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br>";      
293     $langdir = dir("language");      
294     while($func=$langdir->read()) {      
295         if(substr($func, 0, 5) == "lang-") {      
296             $menulist .= "$func ";      
297         } = 98         }
298     } <> 99  
299     closedir($langdir->handle);      
300     $menulist = explode(" ", $menulist);      
301     sort($menulist);   100 // Debug-Mode
302    for ($i=0; $i < sizeof($menulist); $i++) {   101 if (!empty($GLOBALS['mxDebugService']) && MX_IS_ADMIN) {
303        if($menulist[$i]!="") {   102         @ini_set("display_errors",TRUE);
304             $tl = ereg_replace("lang-","",$menulist[$i]);   103         error_reporting(E_ALL);
305             $tl = ereg_replace(".php","",$tl);      
306             $altlang = ucfirst($tl);      
307             $content .= "<a href=\"index.php?newlang=$tl\"><img src=\"images/language/flag-$tl.png\" border=\"0\" alt=\"$altlang\" hspace=\"3\" vspace=\"3\"></a> ";      
308         } = 104         }
309     } <> 105  
310     $content .= "</font></center>";   106 // Demomode bei berechtigten Admins wieder abschalten
311     themesidebox($title, $content);   107 $GLOBALS["mxDemoMode"] = mxDemoMode();
312         } else {   108  
313     $title = _SELECTLANGUAGE;   109 // zur Kompatiblitaet mit Nuke-Modulen
314         $content = "<center><font class=\"content\">"._SELECTGUILANG."<br><br></font>";   110 ///// den Admin-Cookie simulieren
315     $content .= "<form action=\"index.php\" method=\"get\"><select name=\"newlanguage\" onChange=\"top.location.href=this.options[this.selectedIndex].value\">";   111 $_COOKIE["admin"] = mxSessionGetVar("admin"); 
316             $handle=opendir('language');   112 $GLOBALS["admin"] = (empty($_COOKIE["admin"])) ? "" : $_COOKIE["admin"] ;
317             while ($file = readdir($handle)) {   113 ///// den User-Cookie simulieren
318                 if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {   114 $_COOKIE["user"] = mxSessionGetVar("user"); 
319                     $langFound = $matches[1];   115 $GLOBALS["user"] = (empty($_COOKIE["user"])) ? "" : $_COOKIE["user"];
320                     $languageslist .= "$langFound ";      
321                 }      
322             }   116  
323             closedir($handle);   117 ///////////////////////////////////////////////////
324             $languageslist = explode(" ", $languageslist);   118 ///// - simuliert magic_quotes_gpc=1
325             sort($languageslist);   119 ///// - ersetzt bestimmte Sonderzeichen durch ihren HTML-Code
326             for ($i=0; $i < sizeof($languageslist); $i++) {   120 ///// - simuliert register_globals = On
327                 if($languageslist[$i]!="") {   121 if (count($_GET)) {
328         $content .= "<option value=\"index.php?newlang=$languageslist[$i]\" ";   122         foreach ($_GET as $key => $value) {
329                 if($languageslist[$i]==$currentlang) $content .= " selected";   123                 $_GET[$key] = mxSecureValue($value);
330         $content .= ">".ucfirst($languageslist[$i])."</option>\n";      
331                 } = 124                 }
332     } +-    
333     $content .= "</select></form></center>";      
334     themesidebox($title, $content);      
335         } = 125         }
336 } +-    
337   =    
338 function ultramode() { <> 126 if (count($_POST)) {
339     global $prefix, $dbi;      
340     $ultra = "ultramode.txt";      
341     $file = fopen("$ultra", "w");      
342     fwrite($file, "General purpose self-explanatory file with news headlines\n");      
343     $rfile=sql_query("select sid, aid, title, time, comments, topic from ".$prefix."_stories order by time DESC limit 0,10", $dbi);      
344     while(list($sid, $aid, $title, $time, $comments, $topic) = sql_fetch_row($rfile, $dbi)) {      
345         $rfile2=sql_query("select topictext, topicimage from ".$prefix."_topics where topicid=$topic", $dbi);      
346         list($topictext, $topicimage) = sql_fetch_row($rfile2, $dbi);      
347         $content = "%%\n$title\n/modules.php?name=News&file=article&sid=$sid\n$time\n$aid\n$topictext\n$comments\n$topicimage\n";      
348         fwrite($file, $content);      
349     }      
350     fclose($file);   127         foreach ($_POST as $key => $value) {
351 }   128                 $_POST[$key] = mxSecureValue($value);
352   =    
353 function cookiedecode($user) { <>    
354     global $cookie, $prefix, $dbi, $user_prefix;      
355     $user = base64_decode($user);      
356     $cookie = explode(":", $user);      
357     $result = sql_query("select pass from ".$user_prefix."_users where uname='$cookie[1]'", $dbi);      
358     list($pass) = sql_fetch_row($result, $dbi);      
359     if ($cookie[2] == $pass && $pass != "") {      
360         return $cookie;      
361     } else {      
362         unset($user);      
363         unset($cookie);      
364     }      
365 }   129                 }
366   =    
367 function getusrinfo($user) { +-    
368     global $userinfo, $user_prefix, $dbi;      
369     $user2 = base64_decode($user);      
370     $user3 = explode(":", $user2);      
371     $result = sql_query("select uid, name, uname, email, femail, url, user_avatar, user_icq, user_occ, user_from, user_intrest, user_sig, user_viewemail, user_theme, user_aim, user_yim, user_msnm, pass, storynum, umode, uorder, thold, noscore, bio, ublockon, ublock, theme, commentmax, newsletter from ".$user_prefix."_users where uname='$user3[1]' and pass='$user3[2]'", $dbi);      
372     if (sql_num_rows($result, $dbi) == 1) {      
373         $userinfo = sql_fetch_array($result, $dbi);      
374     }      
375     return $userinfo;      
376 }      
377   =    
378 function searchblock() { +-    
379     OpenTable();      
380     echo "<form action=\"modules.php?name=Forum&file=search\" method=\"post\">";      
381     echo "<input type=\"hidden\" name=\"addterm\" value=\"any\">";      
382     echo "<input type=\"hidden\" name=\"sortby\" value=\"p.post_time\">";      
383     echo "&nbsp;&nbsp;<b>"._SEARCH."</b>&nbsp;<input type=\"text\" name=\"term\" size=\"15\">";      
384     echo "<input type=\"hidden\" name=\"submit\" value=\"submit\"></form>";      
385     echo "<div align=\"left\"><font class=\"content\">&nbsp;&nbsp;[ <a href=\"modules.php?name=Forum&file=search&addterm=any&amp;sortby=p.post_time&amp;adv=1\">Advanced Search</a> ]</font></div>";      
386     CloseTable();      
387 }      
388   =    
389 function FixQuotes ($what = "") { +-    
390         $what = ereg_replace("'","''",$what);      
391         while (eregi("\\\\'", $what)) {      
392                 $what = ereg_replace("\\\\'","'",$what);      
393         } = 130         }
394         return $what; +-    
395 }      
396   =    
397 /*********************************************************/ +-    
398 /* text filter                                           */      
399 /*********************************************************/      
400   =    
401 function check_words($Message) { +-    
402     global $EditedMessage;      
403     include("config.php");      
404     $EditedMessage = $Message;      
405     if ($CensorMode != 0) {      
406   =    
407         if (is_array($CensorList)) { <> 131 if (count($_COOKIE)) {
408             $Replace = $CensorReplace;   132         foreach ($_COOKIE as $key => $value) {
409             if ($CensorMode == 1) {   133                 $_COOKIE[$key] = mxSecureValue($value);
410                 for ($i = 0; $i < count($CensorList); $i++) {      
411                     $EditedMessage = eregi_replace("$CensorList[$i]([^a-zA-Z0-9])","$Replace\\1",$EditedMessage);      
412                 } = 134                 }
413             } elseif ($CensorMode == 2) { +-    
414                 for ($i = 0; $i < count($CensorList); $i++) {      
415                     $EditedMessage = eregi_replace("(^|[^[:alnum:]])$CensorList[$i]","\\1$Replace",$EditedMessage);      
416                 }      
417             } elseif ($CensorMode == 3) {      
418                 for ($i = 0; $i < count($CensorList); $i++) {      
419                     $EditedMessage = eregi_replace("$CensorList[$i]","$Replace",$EditedMessage);      
420                 }      
421             }      
422         } = 135         }
423     } <>    
424     return ($EditedMessage);   136 unset($key); unset($value);
425 }      
426   = 137  
427 function delQuotes($string){ <> 138 $HTTP_GET_VARS    = &$_GET;
428     /* no recursive function to add quote to an HTML tag if needed */      
429     /* and delete duplicate spaces between attribs. */      
430     $tmp="";    # string buffer      
431     $result=""; # result string      
432    $i=0;   139 $HTTP_POST_VARS   = &$_POST;
433     $attrib=-1; # Are us in an HTML attrib ?  -1: no attrib  0: name of the attrib   1: value of the atrib   140 $HTTP_COOKIE_VARS = &$_COOKIE;
434     $quote=0;   # Is a string quote delimited opened ? 0=no, 1=yes   141 $HTTP_SERVER_VARS = &$_SERVER;
435     $len = strlen($string);   142 $_REQUEST = array_merge($_GET,$_POST,$_COOKIE);
436     while ($i<$len) {   143 extract($_REQUEST, EXTR_OVERWRITE);
437         switch($string[$i]) { # What car is it in the buffer ?   144 if (!mxIniGet("register_globals")) {
438             case "\"": #"      # a quote.   145         extract($_SERVER, EXTR_OVERWRITE);
439                 if ($quote==0) {   146         if (count($_FILES)) {
440                     $quote=1;   147                 foreach ($_FILES as $upfile => $value) {
441                 } else {   148                         $$upfile = $value;
442                     $quote=0;   149                         foreach ($_FILES[$upfile] as $key => $value) {
443                     if (($attrib>0) && ($tmp != "")) { $result .= "=\"$tmp\""; }   150                                 ${$upfile.'_'.$key} = $value;
444                     $tmp="";   151                                 #print $upfile."_".$key ." = ".${$upfile.'_'.$key}." <br>";
445                     $attrib=-1;      
446                 }   152                                 }
447                 break;   153                         }
448             case "=":           # an equal - attrib delimiter   154                 unset($upfile); unset($value); unset($key);
449                 if ($quote==0) {  # Is it found in a string ?      
450                     $attrib=1;      
451                     if ($tmp!="") $result.=" $tmp";      
452                     $tmp="";      
453                 } else $tmp .= '=';      
454                 break;      
455             case " ":           # a blank ?      
456                 if ($attrib>0) {  # add it to the string, if one opened.      
457                     $tmp .= $string[$i];      
458                 } = 155                 }
459                 break; +-    
460             default:            # Other      
461                 if ($attrib<0)    # If we weren't in an attrib, set attrib to 0      
462                 $attrib=0;      
463                 $tmp .= $string[$i];      
464                 break;      
465         } = 156         }
466         $i++; <> 157 //////////// ende ////////////////////////////////
467     }      
468     if (($quote!=0) && ($tmp != "")) {      
469         if ($attrib==1) $result .= "=";      
470         /* If it is the value of an atrib, add the '=' */      
471         $result .= "\"$tmp\"";  /* Add quote if needed (the reason of the function ;-) */      
472     }      
473     return $result;      
474 }      
475   = 158  
476 function check_html ($str, $strip="") { <>    
477     /* The core of this code has been lifted from phpslash */      
478     /* which is licenced under the GPL. */      
479     include("config.php");      
480     if ($strip == "nohtml")      
481         $AllowableHTML=array('');      
482         $str = stripslashes($str);      
483         $str = eregi_replace("<[[:space:]]*([^>]*)[[:space:]]*>",      
484                          '<\\1>', $str);      
485                // Delete all spaces from html tags .      
486         $str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?[[:space:]]*([^\" >]*)[[:space:]]*\"?[^>]*>",      
487                          '<a href="\\1">', $str); # "      
488                // Delete all attribs from Anchor, except an href, double quoted.      
489         $str = eregi_replace("<img?",      
490                          '', $str); # "      
491         $tmp = "";      
492         while (ereg("<(/?[[:alpha:]]*)[[:space:]]*([^>]*)>",$str,$reg)) {      
493                 $i = strpos($str,$reg[0]);      
494                 $l = strlen($reg[0]);      
495                 if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1));      
496                 else $tag = strtolower($reg[1]);      
497                 if ($a = $AllowableHTML[$tag])      
498                         if ($reg[1][0] == "/") $tag = "</$tag>";      
499                         elseif (($a == 1) || ($reg[2] == "")) $tag = "<$tag>";      
500                         else {   159 // Sprache einstellen
501                           # Place here the double quote fix function.   160 $GLOBALS["language"] = (empty($GLOBALS["language"])) ? "german" : $GLOBALS["language"];
502                           $attrb_list=delQuotes($reg[2]);   161 $GLOBALS["lang"] = (mxSessionGetVar("lang")) ? mxSessionGetVar("lang") : $GLOBALS["language"];
503                           // A VER   162 if (isset($_REQUEST['newlang'])) {
504                           $attrb_list = ereg_replace("&","&amp;",$attrb_list);   163         $GLOBALS["currentlang"] = (@file_exists("language/lang-".$_REQUEST['newlang'].".php")) ? $_REQUEST['newlang'] : $GLOBALS["language"];
505                           $tag = "<$tag" . $attrb_list . ">";      
506                         } # Attribs in tag allowed      
507                 else $tag = "";      
508                 $tmp .= substr($str,0,$i) . $tag;      
509                 $str = substr($str,$i+$l);      
510         } = 164         }
511         $str = $tmp . $str; <> 165 else if (@file_exists("language/lang-".$GLOBALS["lang"].".php")) {
512         return $str;   166         $GLOBALS["currentlang"] = $GLOBALS["lang"];
513         exit;   167         }
514         /* Squash PHP tags unconditionally */      
515         $str = ereg_replace("<\?","",$str);      
516         return $str;   168 else {
517 }   169         $GLOBALS["currentlang"] = $GLOBALS["language"];
518     170         }
519 function filter_text($Message, $strip="") {   171 mxSessionSetVar("lang",$GLOBALS["currentlang"]);
520     global $EditedMessage;   172 mxSetNukeCookie("lang", $GLOBALS["currentlang"], 1);
521     check_words($Message);   173 $GLOBALS["lang"] = $GLOBALS["currentlang"]; 
522     $EditedMessage=check_html($EditedMessage, $strip);   174 $_COOKIE["lang"] = $GLOBALS["currentlang"]; 
523     return ($EditedMessage);   175 $HTTP_COOKIE_VARS["lang"] = $GLOBALS["currentlang"];
524 }   176 include_once("language/lang-".$GLOBALS["currentlang"].".php");
525   = 177  
526 /*********************************************************/ <> 178 ##################################################################################
527 /* formatting stories                                    */      
528 /*********************************************************/      
529     179 // output-handling
530 function formatTimestamp($time) {   180 // falls bereits ausgaben erfolgt, diese zwischenspeichern und Puffer beenden
531     global $datetime, $locale;      
532     setlocale ("LC_TIME", "$locale");      
533     ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime);      
534     $datetime = strftime(""._DATESTRING."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1]));      
535     $datetime = ucfirst($datetime);      
536     return($datetime);   181 $obtemp = trim(@ob_get_contents());
537 }   182 ob_end_clean();
538   = 183  
539 function formatAidHeader($aid) { <> 184 // Pufferhandler ermitteln
540     global $prefix, $dbi;   185 $mxoutputhandler = mxGetOutputHandler();
541     $holder = sql_query("SELECT url, email FROM ".$prefix."_authors where aid='$aid'", $dbi);   186 // Ausgabepuffer starten und evtl. Ausgabe komprimieren
542     if (!$holder) {      
543         echo _ERROR;      
544         exit();   187 ob_implicit_flush(0);
545     }      
546     list($url, $email) = sql_fetch_row($holder, $dbi);      
547     if (isset($url)) {      
548         $aid = "<a href=\"$url\">$aid</a>";      
549     } elseif (isset($email)) {      
550         $aid = "<a href=\"mailto:$email\">$aid</a>";      
551     } else {      
552         $aid = $aid;      
553     }      
554     echo "$aid";      
555 }      
556   =    
557 function get_author($aid) { <> 188 if ($mxoutputhandler) {
558     global $prefix, $dbi;      
559     $holder = sql_query("SELECT url, email FROM ".$prefix."_authors where aid='$aid'", $dbi);      
560     if (!$holder) {      
561         echo _ERROR;      
562         exit();   189         ob_start($mxoutputhandler);
563     }   190         }
564     list($url, $email) = sql_fetch_row($holder, $dbi);      
565     if (isset($url)) {      
566         $aid = "<a href=\"$url\">$aid</a>";      
567     } elseif (isset($email)) {      
568         $aid = "<a href=\"mailto:$email\">$aid</a>";      
569     } else {      
570         $aid = $aid;      
571     }      
572     return($aid);   191 unset($mxoutputhandler);
573 }      
574   = 192  
575 function themepreview($title, $hometext, $bodytext="", $notes="") { <> 193 // Ausgabepuffer auf jeden Fall ein 2tes mal starten, dass bei Fehlern, die Ausgabe,
576     echo "<b>$title</b><br><br>$hometext";   194 // auch erst am Ende des scripts in den komprimierten Handler geschrieben werden
577     if ($bodytext != "") {   195 // dies verhindert fruehzeitiges senden von HTTP-Headern (session)
578         echo "<br><br>$bodytext";      
579     }      
580     if ($notes != "") {      
581         echo "<br><br><b>"._NOTE."</b> <i>$notes</i>";      
582     }      
583 }   196 ob_start();
584   = 197  
585 function adminblock() { <> 198 // evtl. bereits vorhandene zwischengespeicherte Ausgaben jetzt erst ausgeben
586     global $admin, $prefix, $dbi;      
587     if (is_admin($admin)) {   199 if (!empty($obtemp)) {
588         $result = sql_query("select title, content from ".$prefix."_blocks where bkey='admin'", $dbi);      
589         while(list($title, $content) = sql_fetch_array($result, $dbi)) {      
590             $content = "<font class=\"content\">$content</font>";      
591             themesidebox($title, $content);   200         echo $obtemp;
592         } = 201         }
593         $title = ""._WAITINGCONT.""; <>    
594         $result = sql_query("select * from ".$prefix."_queue", $dbi);      
595         $num = sql_num_rows($result, $dbi);      
596         $content = "<font class=\"content\">";      
597         $content .= "<strong><big>&middot;</big></strong>&nbsp;<a href=\"admin.php?op=submissions\">"._SUBMISSIONS."</a>: $num<br>";      
598         $result = sql_query("select * from ".$prefix."_reviews_add", $dbi);      
599         $num = sql_num_rows($result, $dbi);      
600         $content .= "<strong><big>&middot;</big></strong>&nbsp;<a href=\"admin.php?op=reviews\">"._WREVIEWS."</a>: $num<br>";      
601         $result = sql_query("select * from ".$prefix."_links_newlink", $dbi);      
602         $num = sql_num_rows($result, $dbi);      
603         $content .= "<strong><big>&middot;</big></strong>&nbsp;<a href=\"admin.php?op=Links\">"._WLINKS."</a>: $num<br>";      
604         $result = sql_query("select * from ".$prefix."_downloads_newdownload", $dbi);      
605         $num = sql_num_rows($result, $dbi);      
606         $content .= "<strong><big>&middot;</big></strong>&nbsp;<a href=\"admin.php?op=downloads\">"._UDOWNLOADS."</a>: $num<br></font>";      
607         themesidebox($title, $content);      
608     }      
609 }   202 unset($obtemp);
610   = 203  
611 function loginbox() { <> 204 /// hier kann die Systemkonfiguration überprüft werden
612     global $user;   205 /// einfach folgende Zeile einkommentieren
613     if (!is_user($user)) {      
614         $title = _LOGIN;      
615         $boxstuff = "<form action=\"modules.php?name=Your_Account\" method=\"post\">";      
616         $boxstuff .= "<center><font class=\"content\">"._NICKNAME."<br>";      
617         $boxstuff .= "<input type=\"text\" name=\"uname\" size=\"8\" maxlength=\"25\"><br>";      
618         $boxstuff .= ""._PASSWORD."<br>";      
619         $boxstuff .= "<input type=\"password\" name=\"pass\" size=\"8\" maxlength=\"20\"><br>";      
620         $boxstuff .= "<input type=\"hidden\" name=\"op\" value=\"login\">";      
621         $boxstuff .= "<input type=\"submit\" value=\""._LOGIN."\"></font></center></form>";      
622         $boxstuff .= "<center><font class=\"content\">"._ASREGISTERED."</font></center>";      
623         themesidebox($title, $boxstuff);      
624     }   206  
625 }   207 # mxSystemInfo();
626   = 208  
627 function userblock() { <> 209 #mxDebugFuncVars($GLOBALS);
628     global $user, $cookie, $prefix, $dbi, $user_prefix;      
629     if((is_user($user)) AND ($cookie[8])) {      
630         $getblock = sql_query("select ublock from ".$user_prefix."_users where uid='$cookie[0]'", $dbi);      
631         $title = ""._MENUFOR." $cookie[1]";      
632         list($ublock) = sql_fetch_row($getblock, $dbi);      
633         themesidebox($title, $ublock);      
634     }   210  
635 }   211 /* CVS-Log:
636     212 $Log: mainfile.php,v $
637 function getTopics($s_sid) {   213 Revision 1.7  2005/04/16 13:12:22  tora60
638     global $topicname, $topicimage, $topictext, $prefix, $dbi;   214 dummy für demomode eingebaut
639     $sid = $s_sid;   215  
640     $result = sql_query("SELECT topic FROM ".$prefix."_stories where sid=$sid", $dbi);   216 Revision 1.6  2005/04/11 18:55:40  tora60
641    list($topic) = sql_fetch_row($result, $dbi);   217 error_reporting auf E_PARSE gestellt
642     $result = sql_query("SELECT topicid, topicname, topicimage, topictext FROM ".$prefix."_topics where topicid=$topic", $dbi);      
643     list($topicid, $topicname, $topicimage, $topictext) = sql_fetch_row($result, $dbi);      
644 }   218  
      219 Revision 1.5  2005/04/02 11:51:24  tora60
      220 mx-detection System eingebaut
645   = 221  
646 function headlines($bid, $cenbox=0) { <> 222 Revision 1.4  2005/04/02 11:49:00  tora60
647     global $prefix, $dbi;      
648     $result = sql_query("select title, content, url, refresh, time from ".$prefix."_blocks where bid='$bid'", $dbi);      
649     list($title, $content, $url, $refresh, $otime) = sql_fetch_row($result, $dbi);      
650     $past = time()-$refresh;      
651     if ($otime < $past) {      
652         $btime = time();   223 mx-detection System eingebaut
653         $rdf = parse_url($url);      
654         $fp = fsockopen($rdf['host'], 80, $errno, $errstr, 15);      
655         if (!$fp) {   224  
656             $content = "";   225 Revision 1.3  2005/03/26 16:14:12  tora60
657             //$content = "<font class=\"content\">"._RSSPROBLEM."</font>";   226 versch. alte Links geändert
658             $result = sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);      
659             $cont = 0;   227  
660             if ($cenbox == 0) {   228 Revision 1.2  2005/03/19 21:51:01  tora60
661                 themesidebox($title, $content);   229 Pfad zum Setup geändert > install
662             } else {      
663                 themecenterbox($title, $content);      
664             }   230  
665             return;   231 Revision 1.1  2005/03/19 18:14:19  tora60
666         }   232 init
667         if ($fp) {   233  
668             fputs($fp, "GET " . $rdf['path'] . "?" . $rdf['query'] . " HTTP/1.0\r\n");   234 Revision 1.10.2.12  2004/10/10 13:24:24  EllselAn
669             fputs($fp, "HOST: " . $rdf['host'] . "\r\n\r\n");   235 Credits und Datei-Header angepasst
670             $string     = "";      
671             while(!feof($fp)) {      
672                 $pagetext = fgets($fp,300);      
673                 $string .= chop($pagetext);      
674             }   236  
675             fputs($fp,"Connection: close\r\n\r\n");   237 Revision 1.10.2.11  2004/09/26 13:03:18  EllselAn
676             fclose($fp);   238 Konflikt aufgelöst
677             $items = explode("</item>",$string);      
678             $content = "<font class=\"content\">";      
679             for ($i=0;$i<10;$i++) {      
680                 $link = ereg_replace(".*<link>","",$items[$i]);      
681                 $link = ereg_replace("</link>.*","",$link);      
682                 $title2 = ereg_replace(".*<title>","",$items[$i]);      
683                 $title2 = ereg_replace("</title>.*","",$title2);      
684                 if ($items[$i] == "") {      
685                     $content = "";      
686                     sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);      
687                     $cont = 0;   239  
688                     if ($cenbox == 0) {   240 Revision 1.10.2.9  2004/09/18 17:54:38  EllselAn
689                         themesidebox($title, $content);   241 Behandlung $_Request geändert
690                     } else {   242  
691                         themecenterbox($title, $content);   243 Revision 1.10.2.8  2004/09/13 12:11:36  EllselAn
692                     }   244 check auf pro-Version, nur wenn in mx_baseconfig auch aktiviert
693                     return;      
694                 } else {   245  
695                     if (strcmp($link,$title)) {   246 Revision 1.10.2.7  2004/09/06 21:08:01  EllselAn
696                         $cont = 1;   247 weiterleitung zu setup, wenn config.php fehlt
697                         $content .= "<strong><big>&middot;</big></strong><a href=\"$link\" target=\"new\">$title2</a><br>\n";      
698                     }   248  
699                 }   249 Revision 1.10.2.6  2004/09/06 13:56:26  EllselAn
700             }   250 detection aktiviert, reihenfolge geändert
701   = 251  
702         } <> 252 Revision 1.10.2.5  2004/09/02 20:04:05  EllselAn
703         sql_query("update ".$prefix."_blocks set content='$content', time='$btime' where bid='$bid'", $dbi);   253 Klammeraffe vor ob_get_contents
704     }   254  
705    $siteurl = ereg_replace("http://","",$url);   255 Revision 1.10.2.4  2004/08/31 22:57:10  EllselAn
706    $siteurl = explode("/",$siteurl);   256 Anpassung/Angleich an mX2.2
707     if (($cont == 1) OR ($content != "")) {      
708         $content .= "<br><a href=\"http://$siteurl[0]\" target=\"blank\"><b>"._HREADMORE."</b></a></font>";      
709     } elseif (($cont == 0) OR ($content == "")) {      
710         $content = "<font class=\"content\">"._RSSPROBLEM."</font>";      
711     }   257  
712     if ($cenbox == 0) {   258 Revision 1.10.2.3  2004/08/31 00:36:59  EllselAn
713         themesidebox($title, $content);   259 vergessene statusausgabe
714     } else {   260  
715         themecenterbox($title, $content);   261 Revision 1.10.2.2  2004/08/31 00:13:55  EllselAn
716    }   262 versch. Funktionen im Zusammenspiel mit der pro-Erkennung umgebaut
717 }   263  
      264 Revision 1.10.2.1  2004/08/27 13:19:03  EllselAn
      265 versch. neue Grundeinstellungen, mx-Pro Funktionen angepasst
718   = 266  
719 function automated_news() { <> 267 Revision 1.10  2003/11/05 16:27:33  EllselAn
720     global $prefix, $multilingual, $currentlang, $dbi;   268 phpNuke6.5 Datenbanklayer einbinden
721     if ($multilingual == 1) {      
722             $querylang = "WHERE (alanguage='$currentlang' OR alanguage='')"; /* the OR is needed to display stories who are posted to ALL languages */      
723     } else {      
724             $querylang = "";      
725     }   269  
726    $today = getdate();   270 Revision 1.9  2003/10/01 12:00:51  EllselAn
727     $day = $today[mday];   271 problem mit file_exists bei safe_mode=on
728     if ($day < 10) {      
729         $day = "0$day";      
730     }   272  
731     $month = $today[mon];   273 Revision 1.8  2003/09/28 22:35:39  HeidriDa
732     if ($month < 10) {   274 Die Upload Klasse wird included!
733         $month = "0$month";      
734     }   275  
735     $year = $today[year];   276 Revision 1.7  2003/09/27 15:41:28  EllselAn
736     $hour = $today[hours];   277 microtime-ermittlung für Benchmark optimiert
737     $min = $today[minutes];      
738     $sec = "00";   278  
739     $result = sql_query("select anid, time from ".$prefix."_autonews $querylang", $dbi);   279 Revision 1.6  2003/09/16 22:14:32  EllselAn
740     while(list($anid, $time) = sql_fetch_row($result, $dbi)) {   280 ini_set/ini_get Befehle geändert
741         ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $date);   281 register_globals Fix für $_FILES
742         if (($date[1] <= $year) AND ($date[2] <= $month) AND ($date[3] <= $day)) {      
743             if (($date[4] < $hour) AND ($date[5] >= $min) OR ($date[4] <= $hour) AND ($date[5] <= $min)) {      
744                 $result2 = sql_query("select catid, aid, title, time, hometext, bodytext, topic, informant, notes, ihome, alanguage, acomm from ".$prefix."_autonews where anid='$anid'", $dbi);      
745                 while(list($catid, $aid, $title, $a_time, $hometext, $bodytext, $topic, $author, $notes, $ihome, $alanguage, $acomm) = sql_fetch_row($result2, $dbi)) {      
746                     $title = stripslashes(FixQuotes($title));      
747                     $hometext = stripslashes(FixQuotes($hometext));      
748                     $bodytext = stripslashes(FixQuotes($bodytext));      
749                     $notes = stripslashes(FixQuotes($notes));      
750                     sql_query("insert into ".$prefix."_stories values (NULL, '$catid', '$aid', '$title', '$a_time', '$hometext', '$bodytext', '0', '0', '$topic', '$author', '$notes', '$ihome', '$alanguage', '$acomm', '0', '0', '0', '0')", $dbi);      
751                     sql_query("delete from ".$prefix."_autonews where anid='$anid'", $dbi);      
752                 }   282  
753             }   283 Revision 1.5  2003/09/11 20:30:23  EllselAn
      284 einbinden der config.php geändert
754         }   285  
755     }   286 Revision 1.4  2003/09/06 00:40:42  EllselAn
      287 einschalten von Errormeldungen im debugmode
756 }   288  
757   = 289  
758 function themecenterbox($title, $content) { <>    
759     OpenTable();      
760     echo "<center><fon class=\"option\"><b>$title</b></font></center><br>"      
761         ."$content";      
762     CloseTable();      
763     echo "<br>";      
764 }   290 */
765   = 291  
766 ?>   292 ?>