This commit has been accessed 558 times via Git panel.
commit 8ddffabab9d446808955ab63e9c643c4032a19bf
tree 183270bed3f0aef7d22792edc177e9bcd06814d4
parent 9256d60951f9080e60c929e10506c155714b2032
author Engels Antonio <engels@majcms.org> 1277314199 +0800
committer Engels Antonio <engels@majcms.org> 1277314199 +0800
maj-0.14-20080705-bb.zip
diff --git a/images/oops.png b/images/oops.png
new file mode 100755
index 0000000..93cb64a
Binary files /dev/null and b/images/oops.png differ
diff --git a/images/pdf.png b/images/pdf.png
index e542731..7c40208 100644
Binary files a/images/pdf.png and b/images/pdf.png differ
diff --git a/index.php b/index.php
index f024a95..74d626d 100644
--- a/index.php
+++ b/index.php
@@ -480,8 +480,7 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
fclose($fp_lastname_txt);
$fp_email_txt = fopen("$check/comments/pending/$comment_entry_dir/email.txt","w");
- $email = str_replace("@"," at ",$_POST['email']);
- $email = strtolower($email);
+ $email = strtolower($_POST['email']);
$email = trim($email);
$email = htmlentities($email, ENT_NOQUOTES);
fwrite($fp_email_txt,$email);
@@ -678,8 +677,10 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and file_exists("da
$description = substr($description,0,210);
$description = htmlentities($description, ENT_NOQUOTES);
- if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt") and (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))))) {
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt") and (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))))) {
+
$badwords = file_get_contents("data/pf-badwords.txt");
+
if (file_exists("data/pf-censor.txt")) {
$censor = file_get_contents("data/pf-censor.txt");
}
@@ -1958,7 +1959,8 @@ if (count($items) == 0) {
echo '<div id=panel_title>';
}
- echo 'Oops!</div><div id=panel_body>';
+ echo "Oops!</div><div id=panel_body><table border=0 cellspacing=0 cellpadding=4><tr>";
+ echo "<td valign=middle><img src=images/oops.png width=36 height=36 border=0></td><td valign=middle>";
if ((count($grand) == 0) and (count($_GET) == 0)) {
echo "No entries found. Perhaps this is a fresh install.";
@@ -1968,11 +1970,11 @@ if (count($items) == 0) {
echo "The entry you are looking for does not exist or is off limits to you.";
}
else {
- echo "Login required. Entries are off limits until you do.";
+ echo "Login required. Entries are off limits without proper credentials.";
}
}
- echo '</div>';
+ echo '</td></tr></table></div>';
if (file_exists("data/round.txt")) {
echo '<b class="rbbottom"><b class="rb4b"></b><b class="rb3b"></b><b class="rb2b"></b><b class="rb1b"></b></b>';
@@ -2932,7 +2934,7 @@ if (file_exists("data/panels")) {
if ($dl_file != "." && $dl_file != ".." && fnmatch("*", $dl_file)) {
echo '<table border=0 cellspacing=0 cellpadding=4><tr><td>';
echo '<a href=' . $_SERVER['PHP_SELF'] . '?entry=' . $d . '&download=' . $dl_file. '&type=pdf>';
- echo '<img src=images/pdf.png width=48 height=48 border=0 alt="download file"></a></td>';
+ echo '<img src=images/pdf.png width=36 height=36 border=0 alt="download file"></a></td>';
echo '<td><p><b>';
echo $dl_file;
echo'</b><br>';
@@ -3243,208 +3245,184 @@ if (file_exists("data/panels")) {
echo '</td></tr></table>';
}
-if (!file_exists("data/nocomment.txt") or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in']))) {
-
- echo '<p><table border=0 cellspacing=0 cellpadding=0 width=';
+ if (!file_exists("data/nocomment.txt") or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in']))) {
- if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
- echo "610";
- }
- else {
- echo "525";
- }
-
- echo '><tr><td>';
- echo '<p><font style="font-size: 12px;"><b>Add Comment</b></font></p>';
-
- if (file_exists("$dir/$d/passwd.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['passwd']) or ($crypt_passwd != $passwd))) {
- echo "<p>This entry is password protected. If you know the magic word, click <a href=passwd.php?entry=$d&show=comments>here</a> to enter it.</p>";
- }
- else {
-
- $captcha_rand = str_rand(7);
-
- echo "<p>Fill out the form below";
+ echo '<p><table border=0 cellspacing=0 cellpadding=0 width=';
- if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
- echo " and enter <b>$captcha_rand</b> in the anti-spam field";
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
}
- echo " to add your comment.";
+ echo '><tr><td>';
- if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
- echo " Note that it will not be posted immediately, but will be ";
-
- if (file_exists("data/email.txt")) {
- echo "e-mailed";
- }
- else {
- echo "sent";
- }
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt") and file_exists("data/members/active/{$_SESSION['logged_in']}")))) {
- echo " to me first.";
-
- if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and !file_exists("data/members/active/{$_SESSION['logged_in']}"))) {
- echo " Comments with bogus contact information will be discarded.";
- }
- }
- echo "</p>";
-
- ?>
+ if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_POST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_POST['firstname']) and !empty($_POST['firstname']) and isset($_POST['lastname']) and !empty($_POST['lastname']) and isset($_POST['email']) and !empty($_POST['email']) and isset($_POST['new_comment']) and !empty($_POST['new_comment']) and isset($_POST['captcha_put']) and !empty($_POST['captcha_put']) and ($_REQUEST['captcha_get'] == $_POST['captcha_put']) and (ereg("@", $_POST['email'])) and (ereg("\.", $_POST['email']))) {
- <table border=0 cellspacing=2 cellpadding=0 width=500>
- <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>?entry=<?php echo $d; ?>&show=comments" method="post">
- <input type=hidden name=captcha_get value="<?php echo $captcha_rand; ?>">
- <tr>
-
-<?php
-if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
-?>
- <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php $logged_in_author = explode(" ", file_get_contents("data/author.txt")); echo trim(str_replace(",","",$logged_in_author[0])); ?>"></p></td>
-<?php
-}
-elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
-?>
- <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/firstname.txt"); ?>"></p></td>
-<?php
-}
-else {
-
-?>
-
-<td width=75><p>First Name*</p></td><td width=300><input class=input type=text autocomplete=off name=firstname maxlength=30></td>
-
-<?php
-
-}
-
-?>
- <td rowspan=7 valign=top width=75 align=right>
- <table border=0 cellspacing=1 cellpadding=2>
- <tr><td><img src=images/smileys/crying.png border=0></td><td><p>:((</p></td><td ><p>crying</p></td></tr>
- <tr><td><img src=images/smileys/frown.png border=0></td><td><p>:(</p></td><td><p>frown</p></td></tr>
- <tr><td><img src=images/smileys/indifferent.png border=0></td><td><p>:|</p></td><td><p>indifferent</p></td></tr>
- <tr><td><img src=images/smileys/laughing.png border=0></td><td><p>:D</p></td><td><p>laughing</p></td></tr>
- <tr><td><img src=images/smileys/lick.png border=0></td><td><p>:P</p></td><td><p>lick</p></td></tr>
- <tr><td><img src=images/smileys/ohno.png border=0></td><td><p>:O</p></td><td><p>oh no!</p></td></tr>
- <tr><td><img src=images/smileys/smile.png border=0></td><td><p>:)</p></td><td><p>smile</p></td></tr>
- <tr><td><img src=images/smileys/surprised.png border=0></td><td><p>=)</p></td><td><p>surprised</p></td></tr>
- <tr><td><img src=images/smileys/undecided.png border=0></td><td><p>:\</p></td><td><p>undecided</p></td></tr>
- <tr><td><img src=images/smileys/wink.png border=0></td><td><p>;)</p></td><td><p>wink</p></td></tr>
- </td></tr>
- </table>
-
-<?php
-if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
-?>
- <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo trim(str_replace(",","",$logged_in_author[1])); ?>"></p></td>
-<?php
-}
-elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
-?>
- <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/lastname.txt"); ?>"></p></td>
-<?php
-}
-else {
-
-?>
-
- <tr><td><p>Last Name*</p></td><td><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
-
-<?php
-
-}
-
-?>
-
-<?php
-if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
- if (file_exists("data/email.txt")) {
-?>
- <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/email.txt"); ?>"></p></td>
-<?php
- }
- else {
- echo "<tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>";
- }
-}
-elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
-?>
- <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt"); ?>"></p></td>
-<?php
-}
-else {
+ echo '<p><table border=0 cellspacing=0 cellpadding=0><tr><td><p><font style="font-size: 12px;"><b>Thanks!</b></font></p><p>Your comment has been submitted for approval. Please check back soon to see if it has been posted.</p></td></tr></table></p>';
+ }
+ }
-?>
+ echo '<p><font style="font-size: 12px;"><b>Add Comment</b></font></p>';
- <tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
+ if (file_exists("$dir/$d/passwd.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['passwd']) or ($crypt_passwd != $passwd))) {
+ echo "<p>This entry is password protected. If you know the magic word, click <a href=passwd.php?entry=$d&show=comments>here</a> to enter it.</p>";
+ }
+ else {
+ $captcha_rand = str_rand(7);
+
+ echo "<p>Fill out the form below";
-<?php
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ echo " and enter <b>$captcha_rand</b> in the anti-spam field";
+ }
-}
+ echo " to add your comment.";
-?>
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ echo " Note that it will not be posted immediately, but will be ";
+
+ if (file_exists("data/email.txt")) {
+ echo "e-mailed";
+ }
+ else {
+ echo "sent";
+ }
+
+ echo " to me first.";
-<?php
-if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
-?>
- <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php file_get_contents("data/url.txt"); ?>"></p></td>
-<?php
-}
-elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
-?>
- <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/url.txt")) { echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/url.txt"); } ?>"></p></td>
-<?php
-}
-else {
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and !file_exists("data/members/active/{$_SESSION['logged_in']}"))) {
+ echo " Comments with bogus contact information will be discarded.";
+ }
+ }
+ echo "</p>";
-?>
+ ?>
+
+ <table border=0 cellspacing=2 cellpadding=0 width=500>
+ <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>?entry=<?php echo $d; ?>&show=comments" method="post">
+ <input type=hidden name=captcha_get value="<?php echo $captcha_rand; ?>">
+ <tr>
+
+ <?php
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ ?>
+ <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php $logged_in_author = explode(" ", file_get_contents("data/author.txt")); echo trim(str_replace(",","",$logged_in_author[0])); ?>"></p></td>
+ <?php
+ }
+ elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+ ?>
+ <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/firstname.txt"); ?>"></p></td>
+ <?php
+ }
+ else {
+ ?>
+ <td width=75><p>First Name*</p></td><td width=300><input class=input type=text autocomplete=off name=firstname maxlength=30></td>
+ <?php
+ }
+ ?>
+ <td rowspan=7 valign=top width=75 align=right>
+ <table border=0 cellspacing=1 cellpadding=2>
+ <tr><td><img src=images/smileys/crying.png border=0></td><td><p>:((</p></td><td ><p>crying</p></td></tr>
+ <tr><td><img src=images/smileys/frown.png border=0></td><td><p>:(</p></td><td><p>frown</p></td></tr>
+ <tr><td><img src=images/smileys/indifferent.png border=0></td><td><p>:|</p></td><td><p>indifferent</p></td></tr>
+ <tr><td><img src=images/smileys/laughing.png border=0></td><td><p>:D</p></td><td><p>laughing</p></td></tr>
+ <tr><td><img src=images/smileys/lick.png border=0></td><td><p>:P</p></td><td><p>lick</p></td></tr>
+ <tr><td><img src=images/smileys/ohno.png border=0></td><td><p>:O</p></td><td><p>oh no!</p></td></tr>
+ <tr><td><img src=images/smileys/smile.png border=0></td><td><p>:)</p></td><td><p>smile</p></td></tr>
+ <tr><td><img src=images/smileys/surprised.png border=0></td><td><p>=)</p></td><td><p>surprised</p></td></tr>
+ <tr><td><img src=images/smileys/undecided.png border=0></td><td><p>:\</p></td><td><p>undecided</p></td></tr>
+ <tr><td><img src=images/smileys/wink.png border=0></td><td><p>;)</p></td><td><p>wink</p></td></tr>
+ </td></tr>
+ </table>
+
+ <?php
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ ?>
+ <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo trim(str_replace(",","",$logged_in_author[1])); ?>"></p></td>
+ <?php
+ }
+ elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+ ?>
+ <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/lastname.txt"); ?>"></p></td>
+ <?php
+ }
+ else {
+ ?>
+ <tr><td><p>Last Name*</p></td><td><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
+ <?php
+ }
- <tr><td><p>Website</p></td><td colspan=2><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
-<?php
+ if (file_exists("data/email.txt")) {
+ ?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/email.txt"); ?>"></p></td>
+ <?php
+ }
+ else {
+ echo "<tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>";
+ }
+ }
+ elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+ ?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt"); ?>"></p></td>
+ <?php
+ }
+ else {
+ ?>
+ <tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
+ <?php
+ }
-}
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ ?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php file_get_contents("data/url.txt"); ?>"></p></td>
+ <?php
+ }
+ elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+ ?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/url.txt")) { echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/url.txt"); } ?>"></p></td>
+ <?php
+ }
+ else {
+ ?>
+ <tr><td><p>Website</p></td><td colspan=2><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
+ <?php
+ }
+ ?>
+ <tr><td><p>Comment*</p></td><td><textarea class=input name=new_comment rows=15></textarea></td></tr>
+ <?php
-?>
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ echo "<input type=hidden name=captcha_put value=\"$captcha_rand\">";
+ }
+ else {
+ echo "<tr><td><p>Anti-Spam*</p></td><td><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>";
+ }
- <tr><td><p>Comment*</p></td><td><textarea class=input name=new_comment rows=15></textarea></td></tr>
- <?php
- if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
- echo "<input type=hidden name=captcha_put value=\"$captcha_rand\">";
- }
- else {
- echo "<tr><td><p>Anti-Spam*</p></td><td><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>";
+ ?>
+ <tr><td><p></p></td><td><input class=input type=submit value="click here to submit your comment"></td></tr>
+ </form>
+ </table>
+ <?php
}
?>
-
- <tr><td><p></p></td><td><input class=input type=submit value="click here to submit your comment"></td></tr>
- </form>
- </table>
- <?php } ?>
- </td></tr></table></p>
-
-<?php
-}
-
-if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt") and file_exists("data/members/active/{$_SESSION['logged_in']}")))) {
- if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_POST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_POST['firstname']) and !empty($_POST['firstname']) and isset($_POST['lastname']) and !empty($_POST['lastname']) and isset($_POST['email']) and !empty($_POST['email']) and isset($_POST['new_comment']) and !empty($_POST['new_comment']) and isset($_POST['captcha_put']) and !empty($_POST['captcha_put']) and ($_REQUEST['captcha_get'] == $_POST['captcha_put']) and (ereg("@", $_POST['email'])) and (ereg("\.", $_POST['email']))) {
- echo '<p><table border=0 cellspacing=0 cellpadding=0><tr><td><p><font style="font-size: 12px;"><b>Thanks!</b></font></p><p>Your comment has been submitted for approval.<br>Please check back soon to see if it has been posted.</p></td></tr></table></p>';
- }
-}
- ?>
-
-
-
- <?php
+ </td></tr></table></p>
+ <?php
+ }
}
}
-?>
-<?php
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
+
if ($dh_pending_comments = opendir("$dir/$d/comments/pending")) {
+
while (($entry_pending_comments = readdir($dh_pending_comments)) !== false) {
+
if ($entry_pending_comments != "." && $entry_pending_comments != ".." && fnmatch("*", $entry_pending_comments)) {
$show_pending_comments[] = $entry_pending_comments;
}
@@ -3454,9 +3432,11 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
asort($show_pending_comments);
reset($show_pending_comments);
+
$count_pending_comments = count($show_pending_comments);
if ($count_pending_comments > 0) {
+
if ($count_pending_comments == 1) {
echo '<p><b>Pending Comment</b></p>';
}
@@ -3464,6 +3444,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo '<p><b>Pending Comments</b></p>';
}
foreach ($show_pending_comments as $pending_comment) {
+
echo '<p><table border=0 cellspacing=0 cellpadding=0 width=';
if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
@@ -3516,10 +3497,15 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo '</div><div id=panel_body><table border=0 cellspacing=0 cellpadding=0><tr>';
if (file_exists("data/bb.txt") and file_exists("data/avatar.txt") and file_exists("$dir/$d/comments/pending/$pending_comment/author.txt")) {
+
echo "<td width=85 valign=top><p>";
+
$pc_author = file_get_contents("$dir/$d/comments/pending/$pending_comment/author.txt");
+
echo "<a href=member.php?id=$pc_author>";
+
if ((file_get_contents("data/username.txt") == $pc_author) and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
+
if (file_exists("images/avatar.gif")) {
$pc_avatar_gif_image_size = getimagesize("images/avatar.gif");
$pc_avatar_gif_image_width = $pc_avatar_gif_image_size[0];
@@ -3577,6 +3563,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo "><br>";
}
elseif (file_exists("images/members/$pc_author/avatar.jpg") or file_exists("images/members/$pc_author/avatar.gif") or file_exists("images/members/$pc_author/avatar.png")) {
+
if (file_exists("images/members/$pc_author/avatar.gif")) {
$pc_avatar_gif_image_size = getimagesize("images/members/$pc_author/avatar.gif");
$pc_avatar_gif_image_width = $pc_avatar_gif_image_size[0];
@@ -3634,6 +3621,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo "><br>";
}
echo "$pc_author</a><br>";
+
if ((file_get_contents("data/username.txt") == $pc_author) and file_exists("data/rank.txt")) {
echo "administrator<br>";
}
@@ -3646,6 +3634,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
}
if ($pc_dh_posts = opendir("data/items")) {
+
while (($pc_entry_posts = readdir($pc_dh_posts)) !== false) {
if (file_exists("data/items/$pc_entry_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
@@ -3693,6 +3682,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
}
echo '<p><font style="font-size: 10px; color: #999999;">';
+
if ((file_exists("$dir/$d/comments/pending/$pending_comment/author.txt") and (file_exists("data/bb.txt") and !file_exists("data/avatar.txt")) or (file_exists("$dir/$d/comments/pending/$pending_comment/author.txt") and (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and !file_exists("data/avatar.txt"))))) {
$pxavatar_author = file_get_contents("$dir/$d/comments/pending/$pending_comment/author.txt");
echo "<a href=member.php?id=$pxavatar_author>$pxavatar_author</a> - ";
@@ -4286,6 +4276,13 @@ if (file_exists("data/comments/latest/$cmonth")) {
if ($dh_latest_comments = opendir("data/comments/latest/$cmonth")) {
while (($entry_latest_comments = readdir($dh_latest_comments)) !== false) {
+
+ $today = date("YmdHis", time() + $offset);
+
+ if (($entry_latest_comments > $today) and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
if ($entry_latest_comments != "." && $entry_latest_comments != "..") {
$show_latest_comments[] = $entry_latest_comments;
}
diff --git a/member.php b/member.php
index a605078..412c1f5 100644
--- a/member.php
+++ b/member.php
@@ -486,7 +486,6 @@ else {
if (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) and !file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/members/active/$id/email.txt")) {
$email = file_get_contents("data/members/active/$id/email.txt");
- $email = str_replace("@"," at ",$email);
echo " <$email>";
}
diff --git a/move.php b/move.php
index c8d937a..9a4801d 100644
--- a/move.php
+++ b/move.php
@@ -1,13 +1,17 @@
<?php
session_start();
+
header("Cache-control: private");
error_reporting(E_ERROR);
if (get_magic_quotes_gpc()) {
+
function stripslashes_array($data) {
+
if (is_array($data)){
+
foreach ($data as $key => $value){
$data[$key] = stripslashes_array($value);
}
@@ -27,6 +31,13 @@ if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username
exit();
}
+if (!isset($_REQUEST['entry']) or empty($_REQUEST['entry'])) {
+ exit();
+}
+else {
+ $entry = trim($_REQUEST['entry']);
+}
+
function rmdirr($recurse_dirname) {
if (!file_exists($recurse_dirname)) {
@@ -52,9 +63,122 @@ function rmdirr($recurse_dirname) {
return rmdir($recurse_dirname);
}
+if (isset($_POST['target']) and !empty($_POST['target'])) {
+
+ $target = trim($_POST['target']);
+
+ if (isset($_POST['comment']) and !empty($_POST['comment']) and isset($_POST['type']) and !empty($_POST['type'])) {
+
+ $comment = trim($_POST['comment']);
+ $type = trim($_POST['type']);
+
+ if (file_exists("data/items/$entry/comments/$type/$comment") and file_exists("data/items/$target")) {
+
+ if (!file_exists("data/items/$target/comments")) {
+ mkdir("data/items/$target/comments");
+ }
+
+ if (!file_exists("data/items/$target/comments/$type")) {
+ mkdir("data/items/$target/comments/$type");
+ }
+
+ rename("data/items/$entry/comments/$type/$comment","data/items/$target/comments/$type/$comment");
+
+ if ($type == "pending") {
+
+ if (file_exists("data/comments/pending/$entry/count.txt")) {
+
+ $count = file_get_contents("data/comments/pending/$entry/count.txt");
+
+ if ($count <= 1) {
+ rmdirr("data/comments/pending/$entry");
+ }
+ else {
+ $count = $count - 1;
+ $count_txt = fopen("data/comments/pending/$entry/count.txt","w");
+ fwrite($count_txt,$count);
+ fclose($count_txt);
+ }
+ }
+
+ if (file_exists("data/comments/pending/$target/count.txt")) {
+
+ $count = file_get_contents("data/comments/pending/$target/count.txt");
+ $count = $count + 1;
+ }
+ else {
+ $count = 1;
+ }
+
+ if (!file_exists("data/comments/pending/$target")) {
+ mkdir("data/comments/pending/$target");
+ }
+
+ $count_txt = fopen("data/comments/pending/$target/count.txt","w");
+ fwrite($count_txt,$count);
+ fclose($count_txt);
+ }
+ }
+ }
+ else {
+ if (!file_exists("data/items/$target/comments/live/$entry")) {
+
+ if (!file_exists("data/items/$target/comments")) {
+ mkdir("data/items/$target/comments");
+ }
+
+ if (!file_exists("data/items/$target/comments/live")) {
+ mkdir("data/items/$target/comments/live");
+ }
+
+ rename("data/items/$entry","data/items/$target/comments/live/$entry");
+
+ rename("data/items/$target/comments/live/$entry/body.txt","data/items/$target/comments/live/$entry/comment.txt");
+ rename("data/items/$target/comments/live/$entry/date.txt","data/items/$target/comments/live/$entry/timestamp.txt");
+
+ if (file_exists("data/items/$target/comments/live/$entry/author.txt")) {
+
+ $author = file_get_contents("data/items/$target/comments/live/$entry/author.txt");
+
+ if ($author != file_get_contents("data/username.txt") and file_exists("data/members/active/$author")) {
+
+ copy("data/members/active/$author/firstname.txt","data/items/$target/comments/live/$entry/firstname.txt");
+ copy("data/members/active/$author/lastname.txt","data/items/$target/comments/live/$entry/lastname.txt");
+ copy("data/members/active/$author/email.txt","data/items/$target/comments/live/$entry/email.txt");
+
+ if (file_exists("data/members/active/$author/url.txt")) {
+ copy("data/members/active/$author/url.txt","data/items/$target/comments/live/$entry/url.txt");
+ }
+ }
+ else {
+ $author_name = explode(" ", file_get_contents("data/author.txt"));
+ $author_fname = ucfirst(trim(str_replace(",","",$author_name[0])));
+ $author_lname = ucfirst(trim(str_replace(",","",$author_name[1])));
+
+ $fp_fname_txt = fopen("data/items/$target/comments/live/$entry/firstname.txt","w");
+ fwrite($fp_fname_txt, $author_fname);
+ fclose($fp_fname_txt);
+
+ $fp_lname_txt = fopen("data/items/$target/comments/live/$entry/lastname.txt","w");
+ fwrite($fp_lname_txt, $author_lname);
+ fclose($fp_lname_txt);
+
+ copy("data/email.txt","data/items/$target/comments/live/$entry/email.txt");
+ }
+ }
+
+ }
+ }
+
+ header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?entry=' . $target . '&show=comments');
+
+ exit();
+}
+
?>
<style>
+
body {
color: #666666;
margin: 10px;
@@ -94,7 +218,7 @@ a:active {
color: #666666;
background: #ffffff;
border: #999999 solid 1px;
- width: 200px;
+ width: 400px;
font-family: <?php
if (file_exists("data/fonts/input.txt")) {
$font_input = file_get_contents("data/fonts/input.txt");
@@ -103,170 +227,82 @@ a:active {
?> arial, helvetica, sans-serif;
font-size: 11px
}
+
</style>
-<table border=0 cellspacing=1 cellpadding=1>
-<form action=move.php method=post>
-<tr><td>entry</td><td><input type=text class=input name=entry maxlength=14 <?php
+<table border="0" cellspacing="1" cellpadding="1">
+<form action="move.php" method="post">
+<tr><td>current entry</td><td width="5"></td><td><b>
- if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
- echo "value=";
- echo trim($_REQUEST['entry']);
- echo " ";
- }
-?>autocomplete=off></td></tr>
+<?php echo file_get_contents("data/items/{$_REQUEST['entry']}/title.txt"); ?>
-<?php
- if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment']) and isset($_REQUEST['type']) and !empty($_REQUEST['type'])) {
- echo "<tr><td>comment </td><td><input type=text class=input name=comment maxlength=14 value=";
- echo trim($_REQUEST['comment']);
- echo " autocomplete=off><input type=hidden name=type value={$_REQUEST['type']}></td></tr>";
- }
-?>
-
-<tr><td>target </td><td><input type=text class=input name=target maxlength=14 autocomplete=off></td></tr>
-<tr><td></td><td><input type=submit class=input value="click here to move <?php
- if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment'])) {
- echo "comment";
- }
- else {
- echo "entry";
- }
-?>"></td></tr>
-</form>
-<form action=index.php method=post>
-<tr><td></td><td><input type=submit class=input value="click here to go to the index page"></td></tr>
-</form>
-</table>
+<input type="hidden" name="entry" value="<?php echo trim($_REQUEST['entry']); ?>">
<?php
-if (!isset($_REQUEST['entry']) or empty($_REQUEST['entry']) or !isset($_POST['target']) or empty($_POST['target'])) {
- exit();
-}
+if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment']) and isset($_REQUEST['type']) and !empty($_REQUEST['type'])) {
-$entry = trim($_REQUEST['entry']);
-$target = trim($_POST['target']);
+ echo "<input type=\"hidden\" name=\"comment\" value=\"{$_REQUEST['comment']}\">";
+ echo "<input type=\"hidden\" name=\"type\" value=\"{$_REQUEST['type']}\">";
-if (!file_exists("data/items/$entry") or !file_exists("data/items/$target")) {
- exit();
}
-if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment']) and isset($_REQUEST['type']) and !empty($_REQUEST['type']) and ($_REQUEST['type'] == "live")) {
-
- $comment = trim($_REQUEST['comment']);
-
- if (!file_exists("data/items/$entry/comments/live/$comment")) {
- exit();
- }
+?>
- if (!file_exists("data/items/$target/comments/live/$entry")) {
+</b></td></tr>
- if (!file_exists("data/items/$target/comments")) {
- mkdir("data/items/$target/comments");
- }
+<tr><td>target entry</td><td width="5"></td><td>
+<select class="input" name="target">
- if (!file_exists("data/items/$target/comments/live")) {
- mkdir("data/items/$target/comments/live");
- }
+<?php
- rename("data/items/$entry/comments/live/$comment","data/items/$target/comments/live/$comment");
+if ($dh_items = opendir("data/items")) {
- header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?entry=' . $target . '&show=comments');
+ while (($entry_item = readdir($dh_items)) !== false) {
- exit();
+ if ($entry_item != "." && $entry_item != ".." && ($_REQUEST['entry'] != $entry_item)) {
+ $target_items[] = $entry_item;
+ }
}
-
- exit();
+ closedir($dh_items);
}
-if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment']) and isset($_REQUEST['type']) and !empty($_REQUEST['type']) and ($_REQUEST['type'] == "pending")) {
+rsort($target_items);
+reset($target_items);
- $comment = trim($_REQUEST['comment']);
+foreach ($target_items as $target_entry) {
- if (!file_exists("data/items/$entry/comments/pending/$comment")) {
- exit();
- }
-
- if (!file_exists("data/items/$target/comments/pending/$entry")) {
-
- if (!file_exists("data/items/$target/comments")) {
- mkdir("data/items/$target/comments");
- }
+ echo "<option value=\"$target_entry\">";
+ readfile("data/items/$target_entry/title.txt");
+ echo "</option>";
- if (!file_exists("data/items/$target/comments/pending")) {
- mkdir("data/items/$target/comments/pending");
- }
-
- rename("data/items/$entry/comments/pending/$comment","data/items/$target/comments/pending/$comment");
-
- if (file_exists("data/comments/pending/$entry/count.txt")) {
-
- $count = file_get_contents("data/comments/pending/$entry/count.txt");
-
- if ($count <= 1) {
- rmdirr("data/comments/pending/$entry");
- }
- else {
- $count = $count - 1;
- $count_txt = fopen("data/comments/pending/$entry/count.txt","w");
- fwrite($count_txt,$count);
- fclose($count_txt);
- }
- }
-
- if (file_exists("data/comments/pending/$target/count.txt")) {
-
- $count = file_get_contents("data/comments/pending/$target/count.txt");
- $count = $count + 1;
- }
- else {
- $count = 1;
- }
-
-
- if (!file_exists("data/comments/pending/$target")) {
- mkdir("data/comments/pending/$target");
- }
-
- $count_txt = fopen("data/comments/pending/$target/count.txt","w");
- fwrite($count_txt,$count);
- fclose($count_txt);
-
- header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?entry=' . $target . '&show=comments');
-
- exit();
- }
-
- exit();
}
-if ((!isset($_REQUEST['comment']) or empty($_REQUEST['comment'])) and (!isset($_REQUEST['type']) or empty($_REQUEST['type'])) and !file_exists("data/items/$target/comments/live/$entry")) {
+?>
- if (!file_exists("data/items/$target/comments")) {
- mkdir("data/items/$target/comments");
- }
+</select>
+</td></tr>
- if (!file_exists("data/items/$target/comments/live")) {
- mkdir("data/items/$target/comments/live");
+<tr><td></td><td width="5"></td><td><input type="submit" class="input" value="click here to move <?php
+ if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment'])) {
+ echo "comment";
}
-
- rename("data/items/$entry","data/items/$target/comments/live/$entry");
- rename("data/items/$target/comments/live/$entry/body.txt","data/items/$target/comments/live/$entry/comment.txt");
- rename("data/items/$target/comments/live/$entry/date.txt","data/items/$target/comments/live/$entry/timestamp.txt");
-
- $author = file_get_contents(data/items/$target/comments/live/$entry/author.txt);
-
- copy("data/members/active/$author/firstname.txt","data/items/$target/comments/live/$entry/firstname.txt");
- copy("data/members/active/$author/lastname.txt","data/items/$target/comments/live/$entry/lastname.txt");
- copy("data/members/active/$author/email.txt","data/items/$target/comments/live/$entry/email.txt");
-
- if (file_exists("data/members/active/$author/url.txt")) {
- copy("data/members/active/$author/url.txt","data/items/$target/comments/live/$entry/url.txt");
+ else {
+ echo "entry";
}
+?>"></td></tr>
+</form>
- header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?entry=' . $target . '&show=comments');
-}
+<form action="index.php" method="get">
+<tr><td></td><td width="5"></td><td>
+<input type="hidden" name="entry" value="<?php echo trim($_REQUEST['entry']); ?>">
+<input type="hidden" name="show" value="comments">
+<input type="submit" class="input" value="click here to go back to the current entry">
+</td></tr>
+</form>
-?>
+<form action="index.php" method="post">
+<tr><td></td><td width="5"></td><td><input type="submit" class="input" value="click here to go to the index page"></td></tr>
+</form>
+</table>
tree 183270bed3f0aef7d22792edc177e9bcd06814d4
parent 9256d60951f9080e60c929e10506c155714b2032
author Engels Antonio <engels@majcms.org> 1277314199 +0800
committer Engels Antonio <engels@majcms.org> 1277314199 +0800
maj-0.14-20080705-bb.zip
diff --git a/images/oops.png b/images/oops.png
new file mode 100755
index 0000000..93cb64a
Binary files /dev/null and b/images/oops.png differ
diff --git a/images/pdf.png b/images/pdf.png
index e542731..7c40208 100644
Binary files a/images/pdf.png and b/images/pdf.png differ
diff --git a/index.php b/index.php
index f024a95..74d626d 100644
--- a/index.php
+++ b/index.php
@@ -480,8 +480,7 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
fclose($fp_lastname_txt);
$fp_email_txt = fopen("$check/comments/pending/$comment_entry_dir/email.txt","w");
- $email = str_replace("@"," at ",$_POST['email']);
- $email = strtolower($email);
+ $email = strtolower($_POST['email']);
$email = trim($email);
$email = htmlentities($email, ENT_NOQUOTES);
fwrite($fp_email_txt,$email);
@@ -678,8 +677,10 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and file_exists("da
$description = substr($description,0,210);
$description = htmlentities($description, ENT_NOQUOTES);
- if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt") and (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))))) {
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt") and (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))))) {
+
$badwords = file_get_contents("data/pf-badwords.txt");
+
if (file_exists("data/pf-censor.txt")) {
$censor = file_get_contents("data/pf-censor.txt");
}
@@ -1958,7 +1959,8 @@ if (count($items) == 0) {
echo '<div id=panel_title>';
}
- echo 'Oops!</div><div id=panel_body>';
+ echo "Oops!</div><div id=panel_body><table border=0 cellspacing=0 cellpadding=4><tr>";
+ echo "<td valign=middle><img src=images/oops.png width=36 height=36 border=0></td><td valign=middle>";
if ((count($grand) == 0) and (count($_GET) == 0)) {
echo "No entries found. Perhaps this is a fresh install.";
@@ -1968,11 +1970,11 @@ if (count($items) == 0) {
echo "The entry you are looking for does not exist or is off limits to you.";
}
else {
- echo "Login required. Entries are off limits until you do.";
+ echo "Login required. Entries are off limits without proper credentials.";
}
}
- echo '</div>';
+ echo '</td></tr></table></div>';
if (file_exists("data/round.txt")) {
echo '<b class="rbbottom"><b class="rb4b"></b><b class="rb3b"></b><b class="rb2b"></b><b class="rb1b"></b></b>';
@@ -2932,7 +2934,7 @@ if (file_exists("data/panels")) {
if ($dl_file != "." && $dl_file != ".." && fnmatch("*", $dl_file)) {
echo '<table border=0 cellspacing=0 cellpadding=4><tr><td>';
echo '<a href=' . $_SERVER['PHP_SELF'] . '?entry=' . $d . '&download=' . $dl_file. '&type=pdf>';
- echo '<img src=images/pdf.png width=48 height=48 border=0 alt="download file"></a></td>';
+ echo '<img src=images/pdf.png width=36 height=36 border=0 alt="download file"></a></td>';
echo '<td><p><b>';
echo $dl_file;
echo'</b><br>';
@@ -3243,208 +3245,184 @@ if (file_exists("data/panels")) {
echo '</td></tr></table>';
}
-if (!file_exists("data/nocomment.txt") or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in']))) {
-
- echo '<p><table border=0 cellspacing=0 cellpadding=0 width=';
+ if (!file_exists("data/nocomment.txt") or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in']))) {
- if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
- echo "610";
- }
- else {
- echo "525";
- }
-
- echo '><tr><td>';
- echo '<p><font style="font-size: 12px;"><b>Add Comment</b></font></p>';
-
- if (file_exists("$dir/$d/passwd.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['passwd']) or ($crypt_passwd != $passwd))) {
- echo "<p>This entry is password protected. If you know the magic word, click <a href=passwd.php?entry=$d&show=comments>here</a> to enter it.</p>";
- }
- else {
-
- $captcha_rand = str_rand(7);
-
- echo "<p>Fill out the form below";
+ echo '<p><table border=0 cellspacing=0 cellpadding=0 width=';
- if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
- echo " and enter <b>$captcha_rand</b> in the anti-spam field";
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
}
- echo " to add your comment.";
+ echo '><tr><td>';
- if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
- echo " Note that it will not be posted immediately, but will be ";
-
- if (file_exists("data/email.txt")) {
- echo "e-mailed";
- }
- else {
- echo "sent";
- }
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt") and file_exists("data/members/active/{$_SESSION['logged_in']}")))) {
- echo " to me first.";
-
- if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and !file_exists("data/members/active/{$_SESSION['logged_in']}"))) {
- echo " Comments with bogus contact information will be discarded.";
- }
- }
- echo "</p>";
-
- ?>
+ if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_POST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_POST['firstname']) and !empty($_POST['firstname']) and isset($_POST['lastname']) and !empty($_POST['lastname']) and isset($_POST['email']) and !empty($_POST['email']) and isset($_POST['new_comment']) and !empty($_POST['new_comment']) and isset($_POST['captcha_put']) and !empty($_POST['captcha_put']) and ($_REQUEST['captcha_get'] == $_POST['captcha_put']) and (ereg("@", $_POST['email'])) and (ereg("\.", $_POST['email']))) {
- <table border=0 cellspacing=2 cellpadding=0 width=500>
- <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>?entry=<?php echo $d; ?>&show=comments" method="post">
- <input type=hidden name=captcha_get value="<?php echo $captcha_rand; ?>">
- <tr>
-
-<?php
-if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
-?>
- <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php $logged_in_author = explode(" ", file_get_contents("data/author.txt")); echo trim(str_replace(",","",$logged_in_author[0])); ?>"></p></td>
-<?php
-}
-elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
-?>
- <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/firstname.txt"); ?>"></p></td>
-<?php
-}
-else {
-
-?>
-
-<td width=75><p>First Name*</p></td><td width=300><input class=input type=text autocomplete=off name=firstname maxlength=30></td>
-
-<?php
-
-}
-
-?>
- <td rowspan=7 valign=top width=75 align=right>
- <table border=0 cellspacing=1 cellpadding=2>
- <tr><td><img src=images/smileys/crying.png border=0></td><td><p>:((</p></td><td ><p>crying</p></td></tr>
- <tr><td><img src=images/smileys/frown.png border=0></td><td><p>:(</p></td><td><p>frown</p></td></tr>
- <tr><td><img src=images/smileys/indifferent.png border=0></td><td><p>:|</p></td><td><p>indifferent</p></td></tr>
- <tr><td><img src=images/smileys/laughing.png border=0></td><td><p>:D</p></td><td><p>laughing</p></td></tr>
- <tr><td><img src=images/smileys/lick.png border=0></td><td><p>:P</p></td><td><p>lick</p></td></tr>
- <tr><td><img src=images/smileys/ohno.png border=0></td><td><p>:O</p></td><td><p>oh no!</p></td></tr>
- <tr><td><img src=images/smileys/smile.png border=0></td><td><p>:)</p></td><td><p>smile</p></td></tr>
- <tr><td><img src=images/smileys/surprised.png border=0></td><td><p>=)</p></td><td><p>surprised</p></td></tr>
- <tr><td><img src=images/smileys/undecided.png border=0></td><td><p>:\</p></td><td><p>undecided</p></td></tr>
- <tr><td><img src=images/smileys/wink.png border=0></td><td><p>;)</p></td><td><p>wink</p></td></tr>
- </td></tr>
- </table>
-
-<?php
-if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
-?>
- <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo trim(str_replace(",","",$logged_in_author[1])); ?>"></p></td>
-<?php
-}
-elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
-?>
- <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/lastname.txt"); ?>"></p></td>
-<?php
-}
-else {
-
-?>
-
- <tr><td><p>Last Name*</p></td><td><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
-
-<?php
-
-}
-
-?>
-
-<?php
-if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
- if (file_exists("data/email.txt")) {
-?>
- <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/email.txt"); ?>"></p></td>
-<?php
- }
- else {
- echo "<tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>";
- }
-}
-elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
-?>
- <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt"); ?>"></p></td>
-<?php
-}
-else {
+ echo '<p><table border=0 cellspacing=0 cellpadding=0><tr><td><p><font style="font-size: 12px;"><b>Thanks!</b></font></p><p>Your comment has been submitted for approval. Please check back soon to see if it has been posted.</p></td></tr></table></p>';
+ }
+ }
-?>
+ echo '<p><font style="font-size: 12px;"><b>Add Comment</b></font></p>';
- <tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
+ if (file_exists("$dir/$d/passwd.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['passwd']) or ($crypt_passwd != $passwd))) {
+ echo "<p>This entry is password protected. If you know the magic word, click <a href=passwd.php?entry=$d&show=comments>here</a> to enter it.</p>";
+ }
+ else {
+ $captcha_rand = str_rand(7);
+
+ echo "<p>Fill out the form below";
-<?php
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ echo " and enter <b>$captcha_rand</b> in the anti-spam field";
+ }
-}
+ echo " to add your comment.";
-?>
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ echo " Note that it will not be posted immediately, but will be ";
+
+ if (file_exists("data/email.txt")) {
+ echo "e-mailed";
+ }
+ else {
+ echo "sent";
+ }
+
+ echo " to me first.";
-<?php
-if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
-?>
- <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php file_get_contents("data/url.txt"); ?>"></p></td>
-<?php
-}
-elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
-?>
- <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/url.txt")) { echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/url.txt"); } ?>"></p></td>
-<?php
-}
-else {
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and !file_exists("data/members/active/{$_SESSION['logged_in']}"))) {
+ echo " Comments with bogus contact information will be discarded.";
+ }
+ }
+ echo "</p>";
-?>
+ ?>
+
+ <table border=0 cellspacing=2 cellpadding=0 width=500>
+ <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>?entry=<?php echo $d; ?>&show=comments" method="post">
+ <input type=hidden name=captcha_get value="<?php echo $captcha_rand; ?>">
+ <tr>
+
+ <?php
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ ?>
+ <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php $logged_in_author = explode(" ", file_get_contents("data/author.txt")); echo trim(str_replace(",","",$logged_in_author[0])); ?>"></p></td>
+ <?php
+ }
+ elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+ ?>
+ <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/firstname.txt"); ?>"></p></td>
+ <?php
+ }
+ else {
+ ?>
+ <td width=75><p>First Name*</p></td><td width=300><input class=input type=text autocomplete=off name=firstname maxlength=30></td>
+ <?php
+ }
+ ?>
+ <td rowspan=7 valign=top width=75 align=right>
+ <table border=0 cellspacing=1 cellpadding=2>
+ <tr><td><img src=images/smileys/crying.png border=0></td><td><p>:((</p></td><td ><p>crying</p></td></tr>
+ <tr><td><img src=images/smileys/frown.png border=0></td><td><p>:(</p></td><td><p>frown</p></td></tr>
+ <tr><td><img src=images/smileys/indifferent.png border=0></td><td><p>:|</p></td><td><p>indifferent</p></td></tr>
+ <tr><td><img src=images/smileys/laughing.png border=0></td><td><p>:D</p></td><td><p>laughing</p></td></tr>
+ <tr><td><img src=images/smileys/lick.png border=0></td><td><p>:P</p></td><td><p>lick</p></td></tr>
+ <tr><td><img src=images/smileys/ohno.png border=0></td><td><p>:O</p></td><td><p>oh no!</p></td></tr>
+ <tr><td><img src=images/smileys/smile.png border=0></td><td><p>:)</p></td><td><p>smile</p></td></tr>
+ <tr><td><img src=images/smileys/surprised.png border=0></td><td><p>=)</p></td><td><p>surprised</p></td></tr>
+ <tr><td><img src=images/smileys/undecided.png border=0></td><td><p>:\</p></td><td><p>undecided</p></td></tr>
+ <tr><td><img src=images/smileys/wink.png border=0></td><td><p>;)</p></td><td><p>wink</p></td></tr>
+ </td></tr>
+ </table>
+
+ <?php
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ ?>
+ <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo trim(str_replace(",","",$logged_in_author[1])); ?>"></p></td>
+ <?php
+ }
+ elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+ ?>
+ <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/lastname.txt"); ?>"></p></td>
+ <?php
+ }
+ else {
+ ?>
+ <tr><td><p>Last Name*</p></td><td><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
+ <?php
+ }
- <tr><td><p>Website</p></td><td colspan=2><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
-<?php
+ if (file_exists("data/email.txt")) {
+ ?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/email.txt"); ?>"></p></td>
+ <?php
+ }
+ else {
+ echo "<tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>";
+ }
+ }
+ elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+ ?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt"); ?>"></p></td>
+ <?php
+ }
+ else {
+ ?>
+ <tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
+ <?php
+ }
-}
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ ?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php file_get_contents("data/url.txt"); ?>"></p></td>
+ <?php
+ }
+ elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+ ?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/url.txt")) { echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/url.txt"); } ?>"></p></td>
+ <?php
+ }
+ else {
+ ?>
+ <tr><td><p>Website</p></td><td colspan=2><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
+ <?php
+ }
+ ?>
+ <tr><td><p>Comment*</p></td><td><textarea class=input name=new_comment rows=15></textarea></td></tr>
+ <?php
-?>
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ echo "<input type=hidden name=captcha_put value=\"$captcha_rand\">";
+ }
+ else {
+ echo "<tr><td><p>Anti-Spam*</p></td><td><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>";
+ }
- <tr><td><p>Comment*</p></td><td><textarea class=input name=new_comment rows=15></textarea></td></tr>
- <?php
- if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
- echo "<input type=hidden name=captcha_put value=\"$captcha_rand\">";
- }
- else {
- echo "<tr><td><p>Anti-Spam*</p></td><td><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>";
+ ?>
+ <tr><td><p></p></td><td><input class=input type=submit value="click here to submit your comment"></td></tr>
+ </form>
+ </table>
+ <?php
}
?>
-
- <tr><td><p></p></td><td><input class=input type=submit value="click here to submit your comment"></td></tr>
- </form>
- </table>
- <?php } ?>
- </td></tr></table></p>
-
-<?php
-}
-
-if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt") and file_exists("data/members/active/{$_SESSION['logged_in']}")))) {
- if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_POST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_POST['firstname']) and !empty($_POST['firstname']) and isset($_POST['lastname']) and !empty($_POST['lastname']) and isset($_POST['email']) and !empty($_POST['email']) and isset($_POST['new_comment']) and !empty($_POST['new_comment']) and isset($_POST['captcha_put']) and !empty($_POST['captcha_put']) and ($_REQUEST['captcha_get'] == $_POST['captcha_put']) and (ereg("@", $_POST['email'])) and (ereg("\.", $_POST['email']))) {
- echo '<p><table border=0 cellspacing=0 cellpadding=0><tr><td><p><font style="font-size: 12px;"><b>Thanks!</b></font></p><p>Your comment has been submitted for approval.<br>Please check back soon to see if it has been posted.</p></td></tr></table></p>';
- }
-}
- ?>
-
-
-
- <?php
+ </td></tr></table></p>
+ <?php
+ }
}
}
-?>
-<?php
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
+
if ($dh_pending_comments = opendir("$dir/$d/comments/pending")) {
+
while (($entry_pending_comments = readdir($dh_pending_comments)) !== false) {
+
if ($entry_pending_comments != "." && $entry_pending_comments != ".." && fnmatch("*", $entry_pending_comments)) {
$show_pending_comments[] = $entry_pending_comments;
}
@@ -3454,9 +3432,11 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
asort($show_pending_comments);
reset($show_pending_comments);
+
$count_pending_comments = count($show_pending_comments);
if ($count_pending_comments > 0) {
+
if ($count_pending_comments == 1) {
echo '<p><b>Pending Comment</b></p>';
}
@@ -3464,6 +3444,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo '<p><b>Pending Comments</b></p>';
}
foreach ($show_pending_comments as $pending_comment) {
+
echo '<p><table border=0 cellspacing=0 cellpadding=0 width=';
if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
@@ -3516,10 +3497,15 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo '</div><div id=panel_body><table border=0 cellspacing=0 cellpadding=0><tr>';
if (file_exists("data/bb.txt") and file_exists("data/avatar.txt") and file_exists("$dir/$d/comments/pending/$pending_comment/author.txt")) {
+
echo "<td width=85 valign=top><p>";
+
$pc_author = file_get_contents("$dir/$d/comments/pending/$pending_comment/author.txt");
+
echo "<a href=member.php?id=$pc_author>";
+
if ((file_get_contents("data/username.txt") == $pc_author) and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
+
if (file_exists("images/avatar.gif")) {
$pc_avatar_gif_image_size = getimagesize("images/avatar.gif");
$pc_avatar_gif_image_width = $pc_avatar_gif_image_size[0];
@@ -3577,6 +3563,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo "><br>";
}
elseif (file_exists("images/members/$pc_author/avatar.jpg") or file_exists("images/members/$pc_author/avatar.gif") or file_exists("images/members/$pc_author/avatar.png")) {
+
if (file_exists("images/members/$pc_author/avatar.gif")) {
$pc_avatar_gif_image_size = getimagesize("images/members/$pc_author/avatar.gif");
$pc_avatar_gif_image_width = $pc_avatar_gif_image_size[0];
@@ -3634,6 +3621,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo "><br>";
}
echo "$pc_author</a><br>";
+
if ((file_get_contents("data/username.txt") == $pc_author) and file_exists("data/rank.txt")) {
echo "administrator<br>";
}
@@ -3646,6 +3634,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
}
if ($pc_dh_posts = opendir("data/items")) {
+
while (($pc_entry_posts = readdir($pc_dh_posts)) !== false) {
if (file_exists("data/items/$pc_entry_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
@@ -3693,6 +3682,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
}
echo '<p><font style="font-size: 10px; color: #999999;">';
+
if ((file_exists("$dir/$d/comments/pending/$pending_comment/author.txt") and (file_exists("data/bb.txt") and !file_exists("data/avatar.txt")) or (file_exists("$dir/$d/comments/pending/$pending_comment/author.txt") and (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and !file_exists("data/avatar.txt"))))) {
$pxavatar_author = file_get_contents("$dir/$d/comments/pending/$pending_comment/author.txt");
echo "<a href=member.php?id=$pxavatar_author>$pxavatar_author</a> - ";
@@ -4286,6 +4276,13 @@ if (file_exists("data/comments/latest/$cmonth")) {
if ($dh_latest_comments = opendir("data/comments/latest/$cmonth")) {
while (($entry_latest_comments = readdir($dh_latest_comments)) !== false) {
+
+ $today = date("YmdHis", time() + $offset);
+
+ if (($entry_latest_comments > $today) and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
if ($entry_latest_comments != "." && $entry_latest_comments != "..") {
$show_latest_comments[] = $entry_latest_comments;
}
diff --git a/member.php b/member.php
index a605078..412c1f5 100644
--- a/member.php
+++ b/member.php
@@ -486,7 +486,6 @@ else {
if (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) and !file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/members/active/$id/email.txt")) {
$email = file_get_contents("data/members/active/$id/email.txt");
- $email = str_replace("@"," at ",$email);
echo " <$email>";
}
diff --git a/move.php b/move.php
index c8d937a..9a4801d 100644
--- a/move.php
+++ b/move.php
@@ -1,13 +1,17 @@
<?php
session_start();
+
header("Cache-control: private");
error_reporting(E_ERROR);
if (get_magic_quotes_gpc()) {
+
function stripslashes_array($data) {
+
if (is_array($data)){
+
foreach ($data as $key => $value){
$data[$key] = stripslashes_array($value);
}
@@ -27,6 +31,13 @@ if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username
exit();
}
+if (!isset($_REQUEST['entry']) or empty($_REQUEST['entry'])) {
+ exit();
+}
+else {
+ $entry = trim($_REQUEST['entry']);
+}
+
function rmdirr($recurse_dirname) {
if (!file_exists($recurse_dirname)) {
@@ -52,9 +63,122 @@ function rmdirr($recurse_dirname) {
return rmdir($recurse_dirname);
}
+if (isset($_POST['target']) and !empty($_POST['target'])) {
+
+ $target = trim($_POST['target']);
+
+ if (isset($_POST['comment']) and !empty($_POST['comment']) and isset($_POST['type']) and !empty($_POST['type'])) {
+
+ $comment = trim($_POST['comment']);
+ $type = trim($_POST['type']);
+
+ if (file_exists("data/items/$entry/comments/$type/$comment") and file_exists("data/items/$target")) {
+
+ if (!file_exists("data/items/$target/comments")) {
+ mkdir("data/items/$target/comments");
+ }
+
+ if (!file_exists("data/items/$target/comments/$type")) {
+ mkdir("data/items/$target/comments/$type");
+ }
+
+ rename("data/items/$entry/comments/$type/$comment","data/items/$target/comments/$type/$comment");
+
+ if ($type == "pending") {
+
+ if (file_exists("data/comments/pending/$entry/count.txt")) {
+
+ $count = file_get_contents("data/comments/pending/$entry/count.txt");
+
+ if ($count <= 1) {
+ rmdirr("data/comments/pending/$entry");
+ }
+ else {
+ $count = $count - 1;
+ $count_txt = fopen("data/comments/pending/$entry/count.txt","w");
+ fwrite($count_txt,$count);
+ fclose($count_txt);
+ }
+ }
+
+ if (file_exists("data/comments/pending/$target/count.txt")) {
+
+ $count = file_get_contents("data/comments/pending/$target/count.txt");
+ $count = $count + 1;
+ }
+ else {
+ $count = 1;
+ }
+
+ if (!file_exists("data/comments/pending/$target")) {
+ mkdir("data/comments/pending/$target");
+ }
+
+ $count_txt = fopen("data/comments/pending/$target/count.txt","w");
+ fwrite($count_txt,$count);
+ fclose($count_txt);
+ }
+ }
+ }
+ else {
+ if (!file_exists("data/items/$target/comments/live/$entry")) {
+
+ if (!file_exists("data/items/$target/comments")) {
+ mkdir("data/items/$target/comments");
+ }
+
+ if (!file_exists("data/items/$target/comments/live")) {
+ mkdir("data/items/$target/comments/live");
+ }
+
+ rename("data/items/$entry","data/items/$target/comments/live/$entry");
+
+ rename("data/items/$target/comments/live/$entry/body.txt","data/items/$target/comments/live/$entry/comment.txt");
+ rename("data/items/$target/comments/live/$entry/date.txt","data/items/$target/comments/live/$entry/timestamp.txt");
+
+ if (file_exists("data/items/$target/comments/live/$entry/author.txt")) {
+
+ $author = file_get_contents("data/items/$target/comments/live/$entry/author.txt");
+
+ if ($author != file_get_contents("data/username.txt") and file_exists("data/members/active/$author")) {
+
+ copy("data/members/active/$author/firstname.txt","data/items/$target/comments/live/$entry/firstname.txt");
+ copy("data/members/active/$author/lastname.txt","data/items/$target/comments/live/$entry/lastname.txt");
+ copy("data/members/active/$author/email.txt","data/items/$target/comments/live/$entry/email.txt");
+
+ if (file_exists("data/members/active/$author/url.txt")) {
+ copy("data/members/active/$author/url.txt","data/items/$target/comments/live/$entry/url.txt");
+ }
+ }
+ else {
+ $author_name = explode(" ", file_get_contents("data/author.txt"));
+ $author_fname = ucfirst(trim(str_replace(",","",$author_name[0])));
+ $author_lname = ucfirst(trim(str_replace(",","",$author_name[1])));
+
+ $fp_fname_txt = fopen("data/items/$target/comments/live/$entry/firstname.txt","w");
+ fwrite($fp_fname_txt, $author_fname);
+ fclose($fp_fname_txt);
+
+ $fp_lname_txt = fopen("data/items/$target/comments/live/$entry/lastname.txt","w");
+ fwrite($fp_lname_txt, $author_lname);
+ fclose($fp_lname_txt);
+
+ copy("data/email.txt","data/items/$target/comments/live/$entry/email.txt");
+ }
+ }
+
+ }
+ }
+
+ header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?entry=' . $target . '&show=comments');
+
+ exit();
+}
+
?>
<style>
+
body {
color: #666666;
margin: 10px;
@@ -94,7 +218,7 @@ a:active {
color: #666666;
background: #ffffff;
border: #999999 solid 1px;
- width: 200px;
+ width: 400px;
font-family: <?php
if (file_exists("data/fonts/input.txt")) {
$font_input = file_get_contents("data/fonts/input.txt");
@@ -103,170 +227,82 @@ a:active {
?> arial, helvetica, sans-serif;
font-size: 11px
}
+
</style>
-<table border=0 cellspacing=1 cellpadding=1>
-<form action=move.php method=post>
-<tr><td>entry</td><td><input type=text class=input name=entry maxlength=14 <?php
+<table border="0" cellspacing="1" cellpadding="1">
+<form action="move.php" method="post">
+<tr><td>current entry</td><td width="5"></td><td><b>
- if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
- echo "value=";
- echo trim($_REQUEST['entry']);
- echo " ";
- }
-?>autocomplete=off></td></tr>
+<?php echo file_get_contents("data/items/{$_REQUEST['entry']}/title.txt"); ?>
-<?php
- if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment']) and isset($_REQUEST['type']) and !empty($_REQUEST['type'])) {
- echo "<tr><td>comment </td><td><input type=text class=input name=comment maxlength=14 value=";
- echo trim($_REQUEST['comment']);
- echo " autocomplete=off><input type=hidden name=type value={$_REQUEST['type']}></td></tr>";
- }
-?>
-
-<tr><td>target </td><td><input type=text class=input name=target maxlength=14 autocomplete=off></td></tr>
-<tr><td></td><td><input type=submit class=input value="click here to move <?php
- if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment'])) {
- echo "comment";
- }
- else {
- echo "entry";
- }
-?>"></td></tr>
-</form>
-<form action=index.php method=post>
-<tr><td></td><td><input type=submit class=input value="click here to go to the index page"></td></tr>
-</form>
-</table>
+<input type="hidden" name="entry" value="<?php echo trim($_REQUEST['entry']); ?>">
<?php
-if (!isset($_REQUEST['entry']) or empty($_REQUEST['entry']) or !isset($_POST['target']) or empty($_POST['target'])) {
- exit();
-}
+if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment']) and isset($_REQUEST['type']) and !empty($_REQUEST['type'])) {
-$entry = trim($_REQUEST['entry']);
-$target = trim($_POST['target']);
+ echo "<input type=\"hidden\" name=\"comment\" value=\"{$_REQUEST['comment']}\">";
+ echo "<input type=\"hidden\" name=\"type\" value=\"{$_REQUEST['type']}\">";
-if (!file_exists("data/items/$entry") or !file_exists("data/items/$target")) {
- exit();
}
-if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment']) and isset($_REQUEST['type']) and !empty($_REQUEST['type']) and ($_REQUEST['type'] == "live")) {
-
- $comment = trim($_REQUEST['comment']);
-
- if (!file_exists("data/items/$entry/comments/live/$comment")) {
- exit();
- }
+?>
- if (!file_exists("data/items/$target/comments/live/$entry")) {
+</b></td></tr>
- if (!file_exists("data/items/$target/comments")) {
- mkdir("data/items/$target/comments");
- }
+<tr><td>target entry</td><td width="5"></td><td>
+<select class="input" name="target">
- if (!file_exists("data/items/$target/comments/live")) {
- mkdir("data/items/$target/comments/live");
- }
+<?php
- rename("data/items/$entry/comments/live/$comment","data/items/$target/comments/live/$comment");
+if ($dh_items = opendir("data/items")) {
- header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?entry=' . $target . '&show=comments');
+ while (($entry_item = readdir($dh_items)) !== false) {
- exit();
+ if ($entry_item != "." && $entry_item != ".." && ($_REQUEST['entry'] != $entry_item)) {
+ $target_items[] = $entry_item;
+ }
}
-
- exit();
+ closedir($dh_items);
}
-if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment']) and isset($_REQUEST['type']) and !empty($_REQUEST['type']) and ($_REQUEST['type'] == "pending")) {
+rsort($target_items);
+reset($target_items);
- $comment = trim($_REQUEST['comment']);
+foreach ($target_items as $target_entry) {
- if (!file_exists("data/items/$entry/comments/pending/$comment")) {
- exit();
- }
-
- if (!file_exists("data/items/$target/comments/pending/$entry")) {
-
- if (!file_exists("data/items/$target/comments")) {
- mkdir("data/items/$target/comments");
- }
+ echo "<option value=\"$target_entry\">";
+ readfile("data/items/$target_entry/title.txt");
+ echo "</option>";
- if (!file_exists("data/items/$target/comments/pending")) {
- mkdir("data/items/$target/comments/pending");
- }
-
- rename("data/items/$entry/comments/pending/$comment","data/items/$target/comments/pending/$comment");
-
- if (file_exists("data/comments/pending/$entry/count.txt")) {
-
- $count = file_get_contents("data/comments/pending/$entry/count.txt");
-
- if ($count <= 1) {
- rmdirr("data/comments/pending/$entry");
- }
- else {
- $count = $count - 1;
- $count_txt = fopen("data/comments/pending/$entry/count.txt","w");
- fwrite($count_txt,$count);
- fclose($count_txt);
- }
- }
-
- if (file_exists("data/comments/pending/$target/count.txt")) {
-
- $count = file_get_contents("data/comments/pending/$target/count.txt");
- $count = $count + 1;
- }
- else {
- $count = 1;
- }
-
-
- if (!file_exists("data/comments/pending/$target")) {
- mkdir("data/comments/pending/$target");
- }
-
- $count_txt = fopen("data/comments/pending/$target/count.txt","w");
- fwrite($count_txt,$count);
- fclose($count_txt);
-
- header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?entry=' . $target . '&show=comments');
-
- exit();
- }
-
- exit();
}
-if ((!isset($_REQUEST['comment']) or empty($_REQUEST['comment'])) and (!isset($_REQUEST['type']) or empty($_REQUEST['type'])) and !file_exists("data/items/$target/comments/live/$entry")) {
+?>
- if (!file_exists("data/items/$target/comments")) {
- mkdir("data/items/$target/comments");
- }
+</select>
+</td></tr>
- if (!file_exists("data/items/$target/comments/live")) {
- mkdir("data/items/$target/comments/live");
+<tr><td></td><td width="5"></td><td><input type="submit" class="input" value="click here to move <?php
+ if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment'])) {
+ echo "comment";
}
-
- rename("data/items/$entry","data/items/$target/comments/live/$entry");
- rename("data/items/$target/comments/live/$entry/body.txt","data/items/$target/comments/live/$entry/comment.txt");
- rename("data/items/$target/comments/live/$entry/date.txt","data/items/$target/comments/live/$entry/timestamp.txt");
-
- $author = file_get_contents(data/items/$target/comments/live/$entry/author.txt);
-
- copy("data/members/active/$author/firstname.txt","data/items/$target/comments/live/$entry/firstname.txt");
- copy("data/members/active/$author/lastname.txt","data/items/$target/comments/live/$entry/lastname.txt");
- copy("data/members/active/$author/email.txt","data/items/$target/comments/live/$entry/email.txt");
-
- if (file_exists("data/members/active/$author/url.txt")) {
- copy("data/members/active/$author/url.txt","data/items/$target/comments/live/$entry/url.txt");
+ else {
+ echo "entry";
}
+?>"></td></tr>
+</form>
- header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?entry=' . $target . '&show=comments');
-}
+<form action="index.php" method="get">
+<tr><td></td><td width="5"></td><td>
+<input type="hidden" name="entry" value="<?php echo trim($_REQUEST['entry']); ?>">
+<input type="hidden" name="show" value="comments">
+<input type="submit" class="input" value="click here to go back to the current entry">
+</td></tr>
+</form>
-?>
+<form action="index.php" method="post">
+<tr><td></td><td width="5"></td><td><input type="submit" class="input" value="click here to go to the index page"></td></tr>
+</form>
+</table>