This commit has been accessed 627 times via Git panel.
commit a629959330b21df514a8acbc05c499bb024cde88
tree c74817651f7417c6f1bcf168aba76e20e2246eae
parent de52cd33b5ff4a0fedb254c5fbb9f266a856abb4
author Engels Antonio <engels@majcms.org> 1277314187 +0800
committer Engels Antonio <engels@majcms.org> 1277314187 +0800
maj-0.14-20070125-bb.zip
diff --git a/add.php b/add.php
index 726a394..1d6f1f6 100644
--- a/add.php
+++ b/add.php
@@ -4,11 +4,35 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
if (isset($_REQUEST['title_input']) and isset($_REQUEST['body_input']) and !empty($_REQUEST['title_input']) and !empty($_REQUEST['body_input'])) {
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']));
}
-$login_username = file_get_contents("data/username.txt");
+if ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) {
+ $login_username = file_get_contents("data/username.txt");
+}
+
+if ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) {
+ if (file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt") and file_exists("data/bb.txt")) {
+ $login_username = $_SESSION['logged_in'];
+ }
+}
if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
exit();
@@ -89,6 +113,26 @@ $max_file_size = 8000000;
<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<p>
+
+<?php
+
+if ($_SESSION['logged_in'] != file_get_contents("data/username.txt") and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/members/active/{$_SESSION['logged_in']}/ul.txt")) { ?>
+
+<p><input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_image_size; ?>">
+<input autocomplete=off type=file name=image_input> Select optional image.</p>
+
+<p><input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>">
+<input autocomplete=off type=file name=file_input> Select optional file.</p>
+
+<?php } ?>
+
+
+<?php
+
+if ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) {
+
+?>
+
<select name="select_year">
<option selected>
<option><?php echo $entry_year; ?>
@@ -290,7 +334,17 @@ $max_file_size = 8000000;
<p><input type=checkbox name=sticky>Put entry title in Quick Links box.<br>
<input type=checkbox name=pdf>Allow PDF generation for this entry.<br>
<input type=checkbox name=display>Always display. If this is not a private entry, it will be displayed even if its category is hidden or isolated.<br>
-<input type=checkbox name=private>Private entry. This entry will unconditionally be invisible to visitors, even if always display is set.</p>
+<input type=checkbox name=private <?php if (file_exists("data/ml.txt")) { echo checked; } ?>>Private entry. This entry will unconditionally be invisible to visitors<?php if (file_exists("data/ml.txt")) { echo " and to the mailing list"; } ?>, even if always display is set.
+
+<?php if (file_exists("data/bb.txt")) { ?>
+<br>
+<input type=checkbox name=member <?php if (file_exists("data/member.txt")) { echo checked; } ?>>Only registered members can view this entry.
+
+<?php } ?>
+
+</p>
+
+<?php } ?>
<table border=0 cellspacing=0 cellpadding=0><tr><td>
@@ -463,6 +517,22 @@ $fp_title_txt = fopen($title_file,"w");
fwrite($fp_title_txt,$title_write_content);
fclose($fp_title_txt);
+$author_file = $item_dir . '/author.txt';
+$fp_author_txt = fopen($author_file,"w");
+fwrite($fp_author_txt,$_SESSION['logged_in']);
+fclose($fp_author_txt);
+
+if (file_get_contents("data/username.txt") == $_SESSION['logged_in']) {
+ $post_file = "data/lastpost.txt";
+}
+elseif (file_exists("data/members/active/{$_SESSION['logged_in']}")) {
+ $post_file = "data/members/active/{$_SESSION['logged_in']}/bb-post.txt";
+}
+
+$fp_post_txt = fopen($post_file,"w");
+fwrite($fp_post_txt,$entry);
+fclose($fp_post_txt);
+
$date_file = $item_dir . '/date.txt';
$fp_date_txt = fopen($date_file,"w");
fwrite($fp_date_txt,$timestamp);
@@ -587,6 +657,93 @@ if (isset($_REQUEST['private']) and !empty($_REQUEST['private']) and ($_REQUEST[
}
}
+if (file_exists("data/bb.txt") and file_exists("data/member.txt") and (($_SESSION['logged_in'] != file_get_contents("data/username.txt")) or (isset($_REQUEST['member']) and !empty($_REQUEST['member']) and ($_REQUEST['member'] == "on")))) {
+ touch("data/items/$entry/member.txt");
+}
+
+if (file_exists("data/members/active") and file_exists("data/ml.txt") and file_exists("data/email.txt") and !file_exists($private_sem)) {
+
+ if (file_exists("data/ml-reply2.txt")) {
+ $ml_reply2 = file_get_contents("data/ml-reply2.txt");
+ }
+
+ if ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) {
+ $ml_from = file_get_contents("data/email.txt");
+ }
+
+ if ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) {
+ if (file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt") and file_exists("data/bb.txt")) {
+ $ml_from = file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt");
+ }
+ }
+
+ $ml_subject = ucfirst($_REQUEST['title_input']);
+ if (file_exists("data/ml-prepend.txt")) {
+ $ml_subject = file_get_contents("data/ml-prepend.txt") . " " . $ml_subject;
+ }
+
+ $ml_mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+ $ml_body = ucfirst($_REQUEST['body_input']);
+ //$ml_body = htmlentities($ml_body,ENT_NOQUOTES);
+ $ml_body = str_replace('<br />', "\n", $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/crying.png border=0>', ':((', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/frown.png border=0>', ':(', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/indifferent.png border=0>', ':|', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/laughing.png border=0>', ':D', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/lick.png border=0>', ':P', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/ohno.png border=0>', ':O', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/smile.png border=0>', ':)', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/surprised.png border=0>', '=)', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/undecided.png border=0>', ':\\', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/wink.png border=0>', ';)', $ml_body);
+
+ if (file_exists("data/ml-header.txt")) {
+ $ml_header = file_get_contents("data/ml-header.txt");
+ $ml_body = $ml_header . "\n\n" . $ml_body;
+ }
+
+ $ml_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $ml_url = str_replace('//', '/', $ml_url);
+ $ml_url = "http://" . $ml_url . "index.php?entry={$entry}&show=comments";
+
+ $ml_body = $ml_body . "\n\nPlease visit the following URL for the online version of this message:\n\n" . $ml_url;
+
+ if (file_exists("data/ml-footer.txt")) {
+ $ml_footer = file_get_contents("data/ml-footer.txt");
+ $ml_body = $ml_body . "\n\n" . $ml_footer;
+ }
+
+ if ($dh_ml_member = opendir("data/members/active")) {
+ while (($ml_member = readdir($dh_ml_member)) !== false) {
+ if ($ml_member != "." && $ml_member != ".." && fnmatch("*", $ml_member)) {
+
+ if (file_exists("data/members/active/$ml_member/noml.txt")) {
+ continue;
+ }
+
+ if (file_exists("data/members/active/$ml_member/vacation.txt")) {
+ continue;
+ }
+
+ $ml_to = file_get_contents("data/members/active/$ml_member/email.txt");
+
+ if (file_exists("data/ml-reply2.txt")) {
+ mail($ml_to, $ml_subject, $ml_body,
+ "From: $ml_from\r\n" .
+ "Reply-To: $ml_reply2\r\n" .
+ "X-Mailer: $ml_mailer");
+ }
+ else {
+ mail($ml_to, $ml_subject, $ml_body,
+ "From: $ml_from\r\n" .
+ "X-Mailer: $ml_mailer");
+ }
+ }
+ }
+ closedir($dh_ml_member);
+ }
+}
+
if (isset($_REQUEST['pdf']) and !empty($_REQUEST['pdf']) and ($_REQUEST['pdf'] == "on")) {
if (!file_exists("data/items/$entry/pdf")) {
mkdir("data/items/$entry/pdf");
diff --git a/cat.php b/cat.php
index fad3f08..e90cd87 100644
--- a/cat.php
+++ b/cat.php
@@ -5,6 +5,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
diff --git a/colors.php b/colors.php
index cf26860..959ac82 100644
--- a/colors.php
+++ b/colors.php
@@ -4,6 +4,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
diff --git a/del.php b/del.php
index 5e297f1..cef0b14 100644
--- a/del.php
+++ b/del.php
@@ -4,6 +4,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
function rmdirr($recurse_dirname)
diff --git a/dig.php b/dig.php
index 38f5b64..175cf8b 100644
--- a/dig.php
+++ b/dig.php
@@ -5,6 +5,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
?>
<title>Dig!</title>
@@ -90,6 +106,10 @@ if ($dh_search_items = opendir($dir)) {
continue;
}
+ if (file_exists("data/items/$entry_search_items/member.txt") and !isset($_SESSION['logged_in'])) {
+ continue;
+ }
+
if ($entry_search_items != "." && $entry_search_items != "..") {
$total_entries[] = $entry_search_items;
}
diff --git a/edit.php b/edit.php
index 9255d35..ac8c66e 100644
--- a/edit.php
+++ b/edit.php
@@ -4,6 +4,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
function rmdirr($recurse_dirname)
@@ -257,26 +273,34 @@ if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment'])) { ?>
<div id=panel_title><?php readfile($title_file); ?></div>
<div id=panel_body><?php readfile($body_file); ?></div>
-<div id=panel_footer><font style="font-size: 10px; color: #999999;"><?php readfile($date_file); ?><?php
-if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
- if (file_exists($revisions_file)) {
- echo ' (Revision ';
- readfile($revisions_file);
- echo ')';
+<div id=panel_footer><font style="font-size: 10px; color: #999999;"><?php
+
+if (file_exists("data/items/{$_REQUEST['entry']}/author.txt")) {
+ readfile("data/items/{$_REQUEST['entry']}/author.txt");
+ echo " - ";
+}
+
+readfile($date_file);
+
+if (file_exists($revisions_file)) {
+ echo ' (Revision ';
+ readfile($revisions_file);
+ echo ')';
+}
+
+if (file_exists("data/items/{$_REQUEST['entry']}/category.txt")) {
+ echo ' Filed under ';
+ $category_key = file_get_contents("data/items/{$_REQUEST['entry']}/category.txt");
+ $category_key = strtolower($category_key);
+ if (file_exists("data/categories/{$category_key}/title.txt")) {
+ $category_dsp = file_get_contents("data/categories/{$category_key}/title.txt");
+ echo "$category_key ($category_dsp)";
}
- if (file_exists("data/items/{$_REQUEST['entry']}/category.txt")) {
- echo ' Filed under ';
- $category_key = file_get_contents("data/items/{$_REQUEST['entry']}/category.txt");
- $category_key = strtolower($category_key);
- if (file_exists("data/categories/{$category_key}/title.txt")) {
- $category_dsp = file_get_contents("data/categories/{$category_key}/title.txt");
- echo "$category_key ($category_dsp)";
- }
- else {
- echo "$category_key";
- }
+ else {
+ echo "$category_key";
}
}
+
?></font></div>
</td></tr></table></p>
@@ -347,7 +371,15 @@ else {
<p><input type=checkbox name=sticky <?php $sticky_sem = 'data/sticky/' . $_REQUEST['entry']; if (file_exists($sticky_sem)) { echo checked; } ?>>Put entry title in Quick Links box.<br>
<input type=checkbox name=pdf <?php if (file_exists("data/items/{$_REQUEST['entry']}/pdf/file")) { echo checked; } ?>>Allow PDF generation for this entry.<br>
<input type=checkbox name=display <?php $display_sem = "data/items/{$_REQUEST['entry']}/cat.txt"; if (file_exists($display_sem)) { echo checked; } ?>>Always display. If this is not a private entry, it will be displayed even if its category is hidden or isolated.<br>
-<input type=checkbox name=private <?php $private_sem = "data/items/{$_REQUEST['entry']}/private.txt"; if (file_exists($private_sem)) { echo checked; } ?>>Private entry. This entry will unconditionally be invisible to visitors, even if always display is set.</p>
+<input type=checkbox name=private <?php $private_sem = "data/items/{$_REQUEST['entry']}/private.txt"; if (file_exists($private_sem)) { echo checked; } ?>>Private entry. This entry will unconditionally be invisible to visitors<?php if (file_exists("data/ml.txt")) { echo " and to the mailing list"; } ?>, even if always display is set.
+
+<?php if (file_exists("data/bb.txt")) { ?>
+<br>
+<input type=checkbox name=member <?php $member_sem = "data/items/{$_REQUEST['entry']}/member.txt"; if (file_exists($member_sem)) { echo checked; } ?>>Only registered members can view this entry.
+
+<?php } ?>
+
+</p>
<input type=hidden name=entry value="<?php echo $_REQUEST['entry']; ?>">
<table border=0 cellspacing=0 cellpadding=0><tr><td>
@@ -704,6 +736,18 @@ if (!isset($_REQUEST['private']) or empty($_REQUEST['private'])) {
}
}
+$member_sem = "data/items/{$_REQUEST['entry']}/member.txt";
+if (isset($_REQUEST['member']) and !empty($_REQUEST['member']) and ($_REQUEST['member'] == "on")) {
+ if (!file_exists($member_sem)) {
+ touch($member_sem);
+ }
+}
+if (!isset($_REQUEST['member']) or empty($_REQUEST['member'])) {
+ if (file_exists($member_sem)) {
+ unlink($member_sem);
+ }
+}
+
if (isset($_REQUEST['pdf']) and !empty($_REQUEST['pdf']) and ($_REQUEST['pdf'] == "on")) {
if (!file_exists("data/items/{$_REQUEST['entry']}/pdf")) {
mkdir("data/items/{$_REQUEST['entry']}/pdf");
diff --git a/images/smileys/offline.png b/images/smileys/offline.png
new file mode 100644
index 0000000..5f18576
Binary files /dev/null and b/images/smileys/offline.png differ
diff --git a/images/widget.member.png b/images/widget.member.png
new file mode 100644
index 0000000..006870b
Binary files /dev/null and b/images/widget.member.png differ
diff --git a/index.php b/index.php
index f9c4d20..0c6bbcf 100644
--- a/index.php
+++ b/index.php
@@ -7,6 +7,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$dir = "data/items";
$default_title = file_get_contents("data/title.txt");
@@ -201,9 +217,100 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and isset($_REQUEST
if ($_REQUEST['key'] == $login_key) {
if ($_REQUEST['action'] == "approve") {
- $live_dir = 'data/items/' . $_REQUEST['entry'] .'/comments/live/' . $_REQUEST['comment'];
+ $live_dir = "data/items/{$_REQUEST['entry']}/comments/live/{$_REQUEST['comment']}";
rename($comment_dir, $live_dir);
unlink("$live_dir/key.txt");
+
+ $cat_dir = file_get_contents("data/items/{$_REQUEST['entry']}/category.txt");
+
+ if (file_exists("data/members/active") and file_exists("data/ml.txt") and file_exists("data/email.txt") and !file_exists("data/items/{$_REQUEST['entry']}/private.txt") and !file_exists("data/categories/$cat_dir/private.txt")) {
+
+ if (file_exists("data/ml-reply2.txt")) {
+ $ml_reply2 = file_get_contents("data/ml-reply2.txt");
+ }
+
+ $ml_from = file_get_contents("$live_dir/email.txt");
+ $ml_from = str_replace(" at ","@",$ml_from);
+
+ $ml_subject = file_get_contents("data/items/{$_REQUEST['entry']}/title.txt");
+ if (file_exists("data/ml-prepend.txt")) {
+ $ml_subject = file_get_contents("data/ml-prepend.txt") . " " . $ml_subject;
+ }
+ $ml_subject = "Re: " . $ml_subject;
+
+ $ml_mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+ $ml_body = file_get_contents("$live_dir/comment.txt");
+ $ml_body = str_replace('<br />', "\n", $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/crying.png border=0>', ':((', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/frown.png border=0>', ':(', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/indifferent.png border=0>', ':|', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/laughing.png border=0>', ':D', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/lick.png border=0>', ':P', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/ohno.png border=0>', ':O', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/smile.png border=0>', ':)', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/surprised.png border=0>', '=)', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/undecided.png border=0>', ':\\', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/wink.png border=0>', ';)', $ml_body);
+
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt")) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $ml_body = preg_replace("/\b($badwords)\b/i",$censor,$ml_body);
+ }
+
+ if (file_exists("data/ml-header.txt")) {
+ $ml_header = file_get_contents("data/ml-header.txt");
+ $ml_body = $ml_header . "\n\n" . $ml_body;
+ }
+
+ $ml_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $ml_url = str_replace('//', '/', $ml_url);
+ $ml_url = "http://" . $ml_url . "index.php?entry={$_REQUEST['entry']}&show=comments";
+
+ $ml_body = $ml_body . "\n\nPlease visit the following URL for the full thread:\n\n" . $ml_url;
+
+ if (file_exists("data/ml-footer.txt")) {
+ $ml_footer = file_get_contents("data/ml-footer.txt");
+ $ml_body = $ml_body . "\n\n" . $ml_footer;
+ }
+
+
+ if ($dh_ml_member = opendir("data/members/active")) {
+ while (($ml_member = readdir($dh_ml_member)) !== false) {
+ if ($ml_member != "." && $ml_member != ".." && fnmatch("*", $ml_member)) {
+
+ if (file_exists("data/members/active/$ml_member/noml.txt")) {
+ continue;
+ }
+
+ if (file_exists("data/members/active/$ml_member/vacation.txt")) {
+ continue;
+ }
+
+ $ml_to = file_get_contents("data/members/active/$ml_member/email.txt");
+
+ if (file_exists("data/ml-reply2.txt")) {
+ mail($ml_to, $ml_subject, $ml_body,
+ "From: $ml_from\r\n" .
+ "Reply-To: $ml_reply2\r\n" .
+ "X-Mailer: $ml_mailer");
+ }
+ else {
+ mail($ml_to, $ml_subject, $ml_body,
+ "From: $ml_from\r\n" .
+ "X-Mailer: $ml_mailer");
+ }
+ }
+ }
+ closedir($dh_ml_member);
+ }
+ }
+
}
if ($_REQUEST['action'] == "delete") {
rmdirr($comment_dir);
@@ -249,7 +356,7 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
fclose($fp_views);
}
- if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_REQUEST['capcha_put']) and !empty($_REQUEST['capcha_get']) and isset($_REQUEST['firstname']) and !empty($_REQUEST['firstname']) and isset($_REQUEST['lastname']) and !empty($_REQUEST['lastname']) and isset($_REQUEST['email']) and !empty($_REQUEST['email']) and isset($_REQUEST['new_comment']) and !empty($_REQUEST['new_comment']) and isset($_REQUEST['capcha_put']) and !empty($_REQUEST['capcha_put']) and ($_REQUEST['capcha_get'] == $_REQUEST['capcha_put']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email']))) {
+ if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_REQUEST['firstname']) and !empty($_REQUEST['firstname']) and isset($_REQUEST['lastname']) and !empty($_REQUEST['lastname']) and isset($_REQUEST['email']) and !empty($_REQUEST['email']) and isset($_REQUEST['new_comment']) and !empty($_REQUEST['new_comment']) and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_put']) and ($_REQUEST['captcha_get'] == $_REQUEST['captcha_put']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email']))) {
if (!file_exists("$check/comments")) {
mkdir("$check/comments");
@@ -307,14 +414,16 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
fclose($fp_timestamp_txt);
$fp_firstname_txt = fopen("$check/comments/pending/$comment_entry_dir/firstname.txt","w");
- $firstname = ucwords($_REQUEST['firstname']);
+ $firstname = strtolower($_REQUEST['firstname']);
+ $firstname = ucwords($firstname);
$firstname = trim($firstname);
$firstname = htmlentities($firstname, ENT_NOQUOTES);
fwrite($fp_firstname_txt,$firstname);
fclose($fp_firstname_txt);
$fp_lastname_txt = fopen("$check/comments/pending/$comment_entry_dir/lastname.txt","w");
- $lastname = ucwords($_REQUEST['lastname']);
+ $lastname = strtolower($_REQUEST['lastname']);
+ $lastname = ucwords($lastname);
$lastname = trim($lastname);
$lastname = htmlentities($lastname, ENT_NOQUOTES);
fwrite($fp_lastname_txt,$lastname);
@@ -339,6 +448,12 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
fclose($fp_url_txt);
}
+ if (isset($_REQUEST['cauthor']) and !empty($_REQUEST['cauthor'])) {
+ $fp_cauthor_txt = fopen("$check/comments/pending/$comment_entry_dir/author.txt","w");
+ fwrite($fp_cauthor_txt,$_REQUEST['cauthor']);
+ fclose($fp_cauthor_txt);
+ }
+
$key_rand = str_rand(14);
$fp_key_txt = fopen("$check/comments/pending/$comment_entry_dir/key.txt","w");
fwrite($fp_key_txt,$key_rand);
@@ -470,11 +585,21 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and file_exists("da
$description = substr($description,0,210);
$description = htmlentities($description, ENT_NOQUOTES);
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt") and (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))))) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $description = preg_replace("/\b($badwords)\b/i",$censor,$description);
+ }
+
echo "<meta name=\"description\" content=\"{$description}\">";
}
}
}
-
}
?>
@@ -749,7 +874,7 @@ if (file_exists("header.php")) {
}
?>
-<table border=0 cellspacing=0 cellpadding=0 width=905>
+<table border=0 cellspacing=0 cellpadding=0 width=<?php if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) { echo "990"; } else { echo "905"; } ?>>
<tr><td width=175 valign=top>
<div id=panel_title>Profile</div>
@@ -821,6 +946,11 @@ include("data/profile.php");
<a href="<?php echo $_SERVER['PHP_SELF']; ?>">Home</a><br>
<?php
+
+if (file_exists("data/bb.txt") and file_exists("data/members/active")) {
+ echo '<a href=member.php?id=all>Members</a><br>';
+}
+
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
echo '<a href=add.php>Add Entry</a><br>';
echo '<a href=settings.php>Settings</a><br>';
@@ -828,8 +958,17 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo '<a href=cat.php>Categories</a><br>';
echo '<a href=colors.php>Colors</a><br>';
echo '<a href=login.php>Logout</a>';
+} elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != $login_username) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+ if (file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt")) {
+ echo '<a href=add.php>Add Entry</a><br>';
+ }
+ echo '<a href=options.php>Options</a><br>';
+ echo '<a href=login.php>Logout</a>';
}
else {
+ if (file_exists("data/bb.txt") and file_exists("data/reg.txt")) {
+ echo '<a href=reg.php>Register</a><br>';
+ }
echo '<a href=login.php>Login</a>';
}
?>
@@ -845,6 +984,10 @@ if (file_exists("data/sticky")) {
continue;
}
+ if (file_exists("data/items/$entry_sticky_list/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
$get_cat_dir = file_get_contents("data/items/$entry_sticky_list/category.txt");
if (file_exists("data/categories/$get_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_sticky_list/cat.txt")) {
@@ -924,7 +1067,110 @@ if (file_exists("data/panels")) {
}
?>
-</td><td width=15> </td><td valign=top width=525>
+</td><td width=15> </td><td valign=top width=<?php if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) { echo "610"; } else { echo "525"; } ?>>
+
+<?php
+
+if (file_exists("data/bb.txt") and file_exists("data/bb-summary.txt") and !file_exists("data/lite.txt") and !isset($_REQUEST['entry']) and !isset($_REQUEST['category']) and !isset($_REQUEST['start']) and !isset($_REQUEST['author']) and !isset($_REQUEST['archive']) and !isset($_REQUEST['find'])) {
+
+if ($dh_latest_post_items = opendir($dir)) {
+ while (($entry_latest_post_items = readdir($dh_latest_post_items)) !== false) {
+
+ if (file_exists("data/items/$entry_latest_post_items/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$entry_latest_post_items/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $cat_dir = file_get_contents("data/items/$entry_latest_post_items/category.txt");
+
+ if (file_exists("data/categories/$cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_latest_post_items/cat.txt")) {
+ continue;
+ }
+
+ if ($entry_latest_post_items != "." && $entry_latest_post_items != ".." && fnmatch("*", $entry_latest_post_items)) {
+ $show_latest_post_items[] = $entry_latest_post_items;
+ }
+ }
+ closedir($dh_latest_post_items);
+}
+
+rsort($show_latest_post_items);
+reset($show_latest_post_items);
+$count_latest_post_items = count($show_latest_post_items);
+
+if ($count_latest_post_items > 0) {
+
+ echo "<div id=panel_title>Latest Entries</div><div id=panel_body>";
+ echo "<table border=0 cellspacing=1 cellpadding=2 bgcolor=#cccccc width=100%>";
+ echo "<tr><td bgcolor=#eeeeee align=center><p>topic</p></td><td bgcolor=#eeeeee align=center><p>author</p></td><td bgcolor=#eeeeee align=center><p>views</p></td><td bgcolor=#eeeeee align=center><p>comments</p></td><td bgcolor=#eeeeee align=center><p>last post</p></td></tr>";
+
+ $increment_latest_post_entries = 0;
+ $show_latest_post_entries = 5;
+
+ while ($increment_latest_post_entries <= $show_latest_post_entries) {
+ echo '<tr><td bgcolor=#ffffff><a href=' . $_SERVER['PHP_SELF'] . '?entry=' . $show_latest_post_items[$increment_latest_post_entries] . '>';
+ readfile("$dir/$show_latest_post_items[$increment_latest_post_entries]/title.txt");
+ echo '</a></td>';
+ echo '<td bgcolor=#ffffff><a href=member.php?id=';
+ readfile("$dir/$show_latest_post_items[$increment_latest_post_entries]/author.txt");
+ echo '>';
+ readfile("$dir/$show_latest_post_items[$increment_latest_post_entries]/author.txt");
+ echo '</a></td>';
+ echo '<td bgcolor=#ffffff align=right>';
+ if (!file_exists("$dir/$show_latest_post_items[$increment_latest_post_entries]/views.txt")) {
+ echo 0;
+ }
+ else {
+ readfile("$dir/$show_latest_post_items[$increment_latest_post_entries]/views.txt");
+ }
+ echo '</td>';
+
+ if ($dh_summary_comments = opendir("$dir/$show_latest_post_items[$increment_latest_post_entries]/comments/live")) {
+ while (($entry_summary_comments = readdir($dh_summary_comments)) !== false) {
+ if ($entry_summary_comments != "." && $entry_summary_comments != ".." && fnmatch("*", $entry_summary_comments)) {
+ $items_summary_comments[] = $entry_summary_comments;
+ }
+ }
+ closedir($dh_summary_comments);
+ }
+ rsort($items_summary_comments);
+ $summary_comments = count($items_summary_comments);
+ if ($summary_comments < 1) {
+ echo "<td bgcolor=#ffffff align=right><p>0</p></td>";
+ echo "<td bgcolor=#ffffff align=right><p>";
+ $iso_year = substr($show_latest_post_items[$increment_latest_post_entries],0,4);
+ $iso_month = substr($show_latest_post_items[$increment_latest_post_entries],4,2);
+ $iso_day = substr($show_latest_post_items[$increment_latest_post_entries],6,2);
+ $iso_last = $iso_year . "-" . $iso_month . "-" . $iso_day;
+ echo $iso_last;
+ echo "</p></td>";
+ }
+ else {
+ echo "<td bgcolor=#ffffff align=right><p>$summary_comments</p></td>";
+ echo "<td bgcolor=#ffffff align=right><p>";
+ $iso_year = substr($items_summary_comments[0],0,4);
+ $iso_month = substr($items_summary_comments[0],4,2);
+ $iso_day = substr($items_summary_comments[0],6,2);
+ $iso_last = $iso_year . "-" . $iso_month . "-" . $iso_day;
+ echo $iso_last;
+ echo "</p></td>";
+ }
+ unset($items_summary_comments);
+
+ $increment_latest_post_entries = $increment_latest_post_entries + 1;
+ }
+}
+
+if ($count_latest_post_items > 0) {
+ echo "</table></div>";
+}
+
+}
+
+?>
<?php
@@ -936,13 +1182,17 @@ if (is_dir($dir)) {
continue;
}
+ if (file_exists("data/items/$entry_main/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
$cat_dir = file_get_contents("data/items/$entry_main/category.txt");
if (file_exists("data/categories/$cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_main/cat.txt")) {
continue;
}
- if (file_exists("data/nocat.txt") and file_exists("data/items/$entry_main/category.txt") and !file_exists("data/items/$entry_main/cat.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['category']) or empty($_REQUEST['category'])) and (!isset($_REQUEST['entry']) or empty($_REQUEST['entry']))) {
+ if (file_exists("data/nocat.txt") and file_exists("data/items/$entry_main/category.txt") and !file_exists("data/items/$entry_main/cat.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['category']) or empty($_REQUEST['category'])) and (!isset($_REQUEST['entry']) or empty($_REQUEST['entry'])) and (!isset($_REQUEST['author']) or empty($_REQUEST['author']))) {
continue;
}
@@ -955,6 +1205,41 @@ if (is_dir($dir)) {
$items[] = $entry_main;
}
}
+ elseif (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and file_exists("data/members/active/{$_REQUEST['author']}") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$entry_main/author.txt") and (file_get_contents("data/items/$entry_main/author.txt") == $_REQUEST['author'])) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and !file_exists("data/members/active/{$_REQUEST['author']}") and (file_get_contents("data/username.txt") == $_REQUEST['author']) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$entry_main/author.txt") and (file_get_contents("data/items/$entry_main/author.txt") == $_REQUEST['author'])) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "private")) {
+ if (file_exists("data/items/$entry_main/private.txt")) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "member")) {
+ if (file_exists("data/items/$entry_main/member.txt")) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "passwd")) {
+ if (file_exists("data/items/$entry_main/passwd.txt")) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "filedrop")) {
+ if (file_exists("data/items/$entry_main/filedrop")) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "album")) {
+ if (file_exists("images/$entry_main/album")) {
+ $items[] = $entry_main;
+ }
+ }
else {
$items[] = $entry_main;
}
@@ -1008,7 +1293,18 @@ foreach ($disp as $d) {
continue;
}
- echo '<table border=0 cellspacing=0 cellpadding=0 bgcolor=#CCCCCC style="background-color: transparent;"><tr><td width=525><div id=panel_title>';
+ if (file_exists("$dir/$d/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ echo '<table border=0 cellspacing=0 cellpadding=0 bgcolor=#CCCCCC style="background-color: transparent;"><tr><td width=';
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+ echo '><div id=panel_title>';
readfile("$dir/$d/title.txt");
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
@@ -1025,6 +1321,9 @@ foreach ($disp as $d) {
if (file_exists("$dir/$d/private.txt")) {
echo '<img src=images/widget.private.png border=0 width=11 height=11 align=right alt="private entry">';
}
+ if (file_exists("$dir/$d/member.txt")) {
+ echo '<img src=images/widget.member.png border=0 width=11 height=11 align=right alt="member-only entry">';
+ }
if (file_exists("$dir/$d/cat.txt")) {
echo '<img src=images/widget.cat.png border=0 width=11 height=11 align=right alt="always display">';
}
@@ -1051,7 +1350,185 @@ foreach ($disp as $d) {
}
- echo '</div><div id=panel_body>';
+ echo '</div><div id=panel_body><table border=0 cellspacing=0 cellpadding=0><tr>';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt") and file_exists("$dir/$d/author.txt")) {
+ echo "<td width=85 valign=top><p>";
+ $author = file_get_contents("$dir/$d/author.txt");
+ echo "<a href=member.php?id=$author>";
+ if ((file_get_contents("data/username.txt") == $author) and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
+ if (file_exists("images/avatar.gif")) {
+ $avatar_gif_image_size = getimagesize("images/avatar.gif");
+ $avatar_gif_image_width = $avatar_gif_image_size[0];
+ $avatar_gif_image_height = $avatar_gif_image_size[1];
+
+ $max_avatar_gif_image_width = 80;
+
+ if ($avatar_gif_image_width > $max_avatar_gif_image_width) {
+ $sizefactor = (double) ($max_avatar_gif_image_width / $avatar_gif_image_width) ;
+ $avatar_gif_image_width = (int) ($avatar_gif_image_width * $sizefactor);
+ $avatar_gif_image_height = (int) ($avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.gif border=0 width=";
+ echo $avatar_gif_image_width;
+ echo " height=";
+ echo $avatar_gif_image_height;
+ }
+ if (file_exists("images/avatar.jpg")) {
+ $avatar_jpg_image_size = getimagesize("images/avatar.jpg");
+ $avatar_jpg_image_width = $avatar_jpg_image_size[0];
+ $avatar_jpg_image_height = $avatar_jpg_image_size[1];
+
+ $max_avatar_jpg_image_width = 80;
+
+ if ($avatar_jpg_image_width > $max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($max_avatar_jpg_image_width / $avatar_jpg_image_width) ;
+ $avatar_jpg_image_width = (int) ($avatar_jpg_image_width * $sizefactor);
+ $avatar_jpg_image_height = (int) ($avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.jpg border=0 width=";
+ echo $avatar_jpg_image_width;
+ echo " height=";
+ echo $avatar_jpg_image_height;
+ }
+ if (file_exists("images/avatar.png")) {
+ $avatar_png_image_size = getimagesize("images/avatar.png");
+ $avatar_png_image_width = $avatar_png_image_size[0];
+ $avatar_png_image_height = $avatar_png_image_size[1];
+
+ $max_avatar_png_image_width = 80;
+
+ if ($avatar_png_image_width > $max_avatar_png_image_width) {
+ $sizefactor = (double) ($max_avatar_png_image_width / $avatar_png_image_width) ;
+ $avatar_png_image_width = (int) ($avatar_png_image_width * $sizefactor);
+ $avatar_png_image_height = (int) ($avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.png border=0 width=";
+ echo $avatar_png_image_width;
+ echo " height=";
+ echo $avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ elseif (file_exists("images/members/$author/avatar.jpg") or file_exists("images/members/$author/avatar.gif") or file_exists("images/members/$author/avatar.png")) {
+ if (file_exists("images/members/$author/avatar.gif")) {
+ $avatar_gif_image_size = getimagesize("images/members/$author/avatar.gif");
+ $avatar_gif_image_width = $avatar_gif_image_size[0];
+ $avatar_gif_image_height = $avatar_gif_image_size[1];
+
+ $max_avatar_gif_image_width = 80;
+
+ if ($avatar_gif_image_width > $max_avatar_gif_image_width) {
+ $sizefactor = (double) ($max_avatar_gif_image_width / $avatar_gif_image_width) ;
+ $avatar_gif_image_width = (int) ($avatar_gif_image_width * $sizefactor);
+ $avatar_gif_image_height = (int) ($avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$author/avatar.gif border=0 width=";
+ echo $avatar_gif_image_width;
+ echo " height=";
+ echo $avatar_gif_image_height;
+ }
+ if (file_exists("images/members/$author/avatar.jpg")) {
+ $avatar_jpg_image_size = getimagesize("images/members/$author/avatar.jpg");
+ $avatar_jpg_image_width = $avatar_jpg_image_size[0];
+ $avatar_jpg_image_height = $avatar_jpg_image_size[1];
+
+ $max_avatar_jpg_image_width = 80;
+
+ if ($avatar_jpg_image_width > $max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($max_avatar_jpg_image_width / $avatar_jpg_image_width) ;
+ $avatar_jpg_image_width = (int) ($avatar_jpg_image_width * $sizefactor);
+ $avatar_jpg_image_height = (int) ($avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$author/avatar.jpg border=0 width=";
+ echo $avatar_jpg_image_width;
+ echo " height=";
+ echo $avatar_jpg_image_height;
+ }
+ if (file_exists("images/members/$author/avatar.png")) {
+ $avatar_png_image_size = getimagesize("images/members/$author/avatar.png");
+ $avatar_png_image_width = $avatar_png_image_size[0];
+ $avatar_png_image_height = $avatar_png_image_size[1];
+
+ $max_avatar_png_image_width = 80;
+
+ if ($avatar_png_image_width > $max_avatar_png_image_width) {
+ $sizefactor = (double) ($max_avatar_png_image_width / $avatar_png_image_width) ;
+ $avatar_png_image_width = (int) ($avatar_png_image_width * $sizefactor);
+ $avatar_png_image_height = (int) ($avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$author/avatar.png border=0 width=";
+ echo $avatar_png_image_width;
+ echo " height=";
+ echo $avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ echo "$author</a><br>";
+ if ((file_get_contents("data/username.txt") == $author) and file_exists("data/rank.txt")) {
+ echo "administrator<br>";
+ }
+ elseif (file_exists("data/members/active/$author/rank.txt") and file_exists("data/rank.txt")) {
+ $rank = file_get_contents("data/members/active/$author/rank.txt");
+ echo "$rank<br>";
+ }
+ elseif (!file_exists("data/members/active/$author/rank.txt") and file_exists("data/rank.txt")) {
+ echo "member<br>";
+ }
+
+ if ($dh_posts = opendir("data/items")) {
+ while (($entry_posts = readdir($dh_posts)) !== false) {
+
+ if (file_exists("data/items/$entry_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$entry_posts/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $post_cat_dir = file_get_contents("data/items/$entry_posts/category.txt");
+
+ if (file_exists("data/categories/$post_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_posts/cat.txt")) {
+ continue;
+ }
+
+ if ($entry_posts != "." && $entry_posts != ".." && fnmatch("*", $entry_posts)) {
+ if (file_exists("data/members/active/$author") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$entry_posts/author.txt") and (file_get_contents("data/items/$entry_posts/author.txt") == $author)) {
+ $items_posts[] = $entry_posts;
+ }
+ }
+ elseif (!file_exists("data/members/active/$author") and (file_get_contents("data/username.txt") == $author) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$entry_posts/author.txt") and (file_get_contents("data/items/$entry_posts/author.txt") == $author)) {
+ $items_posts[] = $entry_posts;
+ }
+ }
+ }
+ }
+ closedir($dh_posts);
+ }
+ $posts = count($items_posts);
+ if ($posts == 1) {
+ echo "$posts post";
+ }
+ if ($posts > 1) {
+ echo "$posts posts";
+ }
+ unset($items_posts);
+
+ echo "</p></td><td width=513 valign=top>";
+
+ }
+ else {
+ echo "<td width=598 valign=top>";
+ }
if (file_exists("$dir/$d/passwd.txt")) {
$passwd = file_get_contents("$dir/$d/passwd.txt");
@@ -1064,6 +1541,10 @@ foreach ($disp as $d) {
}
echo '<font style="font-size: 10px; color: #999999;">';
+ if ((file_exists("$dir/$d/author.txt") and (file_exists("data/bb.txt") and !file_exists("data/avatar.txt")) or (file_exists("$dir/$d/author.txt") and (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and !file_exists("data/avatar.txt"))))) {
+ $xavatar_author = file_get_contents("$dir/$d/author.txt");
+ echo "<a href=member.php?id=$xavatar_author>$xavatar_author</a> - ";
+ }
readfile("$dir/$d/date.txt");
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
if (file_exists("$dir/$d/revisions.txt")) {
@@ -1090,10 +1571,31 @@ foreach ($disp as $d) {
echo "This entry is password protected. If you know the magic word, click <a href=passwd.php?entry=$d>here</a> to enter it.";
}
else {
- readfile("$dir/$d/body.txt");
+ $entry_body = file_get_contents("$dir/$d/body.txt");
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt") and (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))))) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $entry_body = preg_replace("/\b($badwords)\b/i",$censor,$entry_body);
+ }
+ echo $entry_body;
}
- echo '</div><div id=panel_footer>';
+
+ if ((file_get_contents("data/username.txt") == $author) and file_exists("data/sig.txt") and file_exists("data/bb.txt") and file_exists("data/bb-sig.txt")) {
+ $sig = file_get_contents("data/sig.txt");
+ echo "<br><br>--<br>$sig";
+ }
+ elseif (file_exists("data/members/active/$author/sig.txt") and file_exists("data/bb.txt") and file_exists("data/bb-sig.txt")) {
+ $sig = file_get_contents("data/members/active/$author/sig.txt");
+ echo "<br><br>--<br>$sig";
+ }
+
+ echo '</td></tr></table></div><div id=panel_footer>';
echo '<font style="font-size: 10px; color: ';
if (file_exists("data/colors/pf-font.txt")) {
readfile("data/colors/pf-font.txt");
@@ -1293,7 +1795,16 @@ else {
echo '</div></td></tr></table>';
if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and isset($_REQUEST['show']) and !empty($_REQUEST['show']) and ($_REQUEST['show'] == album) and file_exists("images/$d/album")) {
- echo '<table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
echo '<div id=panel_title>Album';
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
echo '<a href=del.php?entry=';
@@ -1419,7 +1930,16 @@ else {
}
if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and isset($_REQUEST['show']) and !empty($_REQUEST['show']) and ($_REQUEST['show'] == filedrop) and file_exists("$dir/$d/filedrop/files")) {
- echo '<table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
echo '<div id=panel_title>Filedrop';
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
echo '<a href=del.php?entry=';
@@ -1477,7 +1997,16 @@ else {
}
if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and isset($_REQUEST['show']) and !empty($_REQUEST['show']) and ($_REQUEST['show'] == pdf) and file_exists("data/items/$d/pdf/file")) {
- echo '<table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
echo '<div id=panel_title>PDF';
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
echo '<a href=del.php?entry=';
@@ -1531,7 +2060,16 @@ else {
if (file_exists("$dir/$d/passwd.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['passwd']) or ($crypt_passwd != $passwd))) {
}
else {
- echo '<table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
if ($dh_comments = opendir("$dir/$d/comments/live")) {
while (($entry_comments = readdir($dh_comments)) !== false) {
if ($entry_comments != "." && $entry_comments != ".." && fnmatch("*", $entry_comments)) { $show_comments[] = $entry_comments;
@@ -1566,12 +2104,193 @@ else {
}
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
- echo '<a href=del.php?entry=' . $d . '&comment=' . $comment . '&type=live><img src=images/widget.del.png width=10 height=10 border=0 align=right alt="delete comment"></a>';
+ echo '<a href=del.php?entry=' . $d . '&comment=' . $comment . '&type=live><img src=images/widget.del.png width=11 height=11 border=0 align=right alt="delete comment"></a>';
echo '<a href=edit.php?entry=' . $d . '&comment=' . $comment . '><img src=images/widget.edit.png width=11 height=11 border=0 align=right alt="edit comment"></a>';
}
- echo '</div>';
- echo '<div id=panel_body>';
- echo '<font style="font-size: 10px; color: #999999;">';
+ echo '</div><div id=panel_body><table border=0 cellspacing=0 cellpadding=0><tr>';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt") and file_exists("$dir/$d/comments/live/$comment/author.txt")) {
+ echo "<td width=85 valign=top><p>";
+ $c_author = file_get_contents("$dir/$d/comments/live/$comment/author.txt");
+ echo "<a href=member.php?id=$c_author>";
+ if ((file_get_contents("data/username.txt") == $c_author) and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
+ if (file_exists("images/avatar.gif")) {
+ $c_avatar_gif_image_size = getimagesize("images/avatar.gif");
+ $c_avatar_gif_image_width = $c_avatar_gif_image_size[0];
+ $c_avatar_gif_image_height = $c_avatar_gif_image_size[1];
+
+ $c_max_avatar_gif_image_width = 80;
+
+ if ($c_avatar_gif_image_width > $c_max_avatar_gif_image_width) {
+ $sizefactor = (double) ($c_max_avatar_gif_image_width / $c_avatar_gif_image_width) ;
+ $c_avatar_gif_image_width = (int) ($c_avatar_gif_image_width * $sizefactor);
+ $c_avatar_gif_image_height = (int) ($c_avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.gif border=0 width=";
+ echo $c_avatar_gif_image_width;
+ echo " height=";
+ echo $c_avatar_gif_image_height;
+ }
+ if (file_exists("images/avatar.jpg")) {
+ $c_avatar_jpg_image_size = getimagesize("images/avatar.jpg");
+ $c_avatar_jpg_image_width = $c_avatar_jpg_image_size[0];
+ $c_avatar_jpg_image_height = $c_avatar_jpg_image_size[1];
+
+ $c_max_avatar_jpg_image_width = 80;
+
+ if ($c_avatar_jpg_image_width > $c_max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($c_max_avatar_jpg_image_width / $c_avatar_jpg_image_width) ;
+ $c_avatar_jpg_image_width = (int) ($c_avatar_jpg_image_width * $sizefactor);
+ $c_avatar_jpg_image_height = (int) ($c_avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.jpg border=0 width=";
+ echo $c_avatar_jpg_image_width;
+ echo " height=";
+ echo $c_avatar_jpg_image_height;
+ }
+ if (file_exists("images/avatar.png")) {
+ $c_avatar_png_image_size = getimagesize("images/avatar.png");
+ $c_avatar_png_image_width = $c_avatar_png_image_size[0];
+ $c_avatar_png_image_height = $c_avatar_png_image_size[1];
+
+ $c_max_avatar_png_image_width = 80;
+
+ if ($c_avatar_png_image_width > $c_max_avatar_png_image_width) {
+ $sizefactor = (double) ($c_max_avatar_png_image_width / $c_avatar_png_image_width) ;
+ $c_avatar_png_image_width = (int) ($c_avatar_png_image_width * $sizefactor);
+ $c_avatar_png_image_height = (int) ($c_avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.png border=0 width=";
+ echo $c_avatar_png_image_width;
+ echo " height=";
+ echo $c_avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ elseif (file_exists("images/members/$c_author/avatar.jpg") or file_exists("images/members/$c_author/avatar.gif") or file_exists("images/members/$c_author/avatar.png")) {
+ if (file_exists("images/members/$c_author/avatar.gif")) {
+ $c_avatar_gif_image_size = getimagesize("images/members/$c_author/avatar.gif");
+ $c_avatar_gif_image_width = $c_avatar_gif_image_size[0];
+ $c_avatar_gif_image_height = $c_avatar_gif_image_size[1];
+
+ $c_max_avatar_gif_image_width = 80;
+
+ if ($c_avatar_gif_image_width > $c_max_avatar_gif_image_width) {
+ $sizefactor = (double) ($c_max_avatar_gif_image_width / $c_avatar_gif_image_width) ;
+ $c_avatar_gif_image_width = (int) ($c_avatar_gif_image_width * $sizefactor);
+ $c_avatar_gif_image_height = (int) ($c_avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$c_author/avatar.gif border=0 width=";
+ echo $c_avatar_gif_image_width;
+ echo " height=";
+ echo $c_avatar_gif_image_height;
+ }
+ if (file_exists("images/members/$c_author/avatar.jpg")) {
+ $c_avatar_jpg_image_size = getimagesize("images/members/$c_author/avatar.jpg");
+ $c_avatar_jpg_image_width = $c_avatar_jpg_image_size[0];
+ $c_avatar_jpg_image_height = $c_avatar_jpg_image_size[1];
+
+ $c_max_avatar_jpg_image_width = 80;
+
+ if ($c_avatar_jpg_image_width > $c_max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($c_max_avatar_jpg_image_width / $c_avatar_jpg_image_width) ;
+ $c_avatar_jpg_image_width = (int) ($c_avatar_jpg_image_width * $sizefactor);
+ $c_avatar_jpg_image_height = (int) ($c_avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$c_author/avatar.jpg border=0 width=";
+ echo $c_avatar_jpg_image_width;
+ echo " height=";
+ echo $c_avatar_jpg_image_height;
+ }
+ if (file_exists("images/members/$c_author/avatar.png")) {
+ $c_avatar_png_image_size = getimagesize("images/members/$c_author/avatar.png");
+ $c_avatar_png_image_width = $c_avatar_png_image_size[0];
+ $c_avatar_png_image_height = $c_avatar_png_image_size[1];
+
+ $c_max_avatar_png_image_width = 80;
+
+ if ($c_avatar_png_image_width > $c_max_avatar_png_image_width) {
+ $sizefactor = (double) ($c_max_avatar_png_image_width / $c_avatar_png_image_width) ;
+ $c_avatar_png_image_width = (int) ($c_avatar_png_image_width * $sizefactor);
+ $c_avatar_png_image_height = (int) ($c_avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$c_author/avatar.png border=0 width=";
+ echo $c_avatar_png_image_width;
+ echo " height=";
+ echo $c_avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ echo "$c_author</a><br>";
+ if ((file_get_contents("data/username.txt") == $c_author) and file_exists("data/rank.txt")) {
+ echo "administrator<br>";
+ }
+ elseif (file_exists("data/members/active/$c_author/rank.txt") and file_exists("data/rank.txt")) {
+ $c_rank = file_get_contents("data/members/active/$c_author/rank.txt");
+ echo "$c_rank<br>";
+ }
+ elseif (!file_exists("data/members/active/$c_author/rank.txt") and file_exists("data/rank.txt")) {
+ echo "member<br>";
+ }
+
+ if ($c_dh_posts = opendir("data/items")) {
+ while (($c_entry_posts = readdir($c_dh_posts)) !== false) {
+
+ if (file_exists("data/items/$c_entry_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$c_entry_posts/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $c_post_cat_dir = file_get_contents("data/items/$c_entry_posts/category.txt");
+
+ if (file_exists("data/categories/$c_post_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$c_entry_posts/cat.txt")) {
+ continue;
+ }
+
+ if ($c_entry_posts != "." && $c_entry_posts != ".." && fnmatch("*", $c_entry_posts)) {
+ if (file_exists("data/members/active/$c_author") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$c_entry_posts/author.txt") and (file_get_contents("data/items/$c_entry_posts/author.txt") == $c_author)) {
+ $c_items_posts[] = $c_entry_posts;
+ }
+ }
+ elseif (!file_exists("data/members/active/$c_author") and (file_get_contents("data/username.txt") == $c_author) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$c_entry_posts/author.txt") and (file_get_contents("data/items/$c_entry_posts/author.txt") == $c_author)) {
+ $c_items_posts[] = $c_entry_posts;
+ }
+ }
+ }
+ }
+ closedir($c_dh_posts);
+ }
+ $c_posts = count($c_items_posts);
+ if ($c_posts == 1) {
+ echo "$c_posts post";
+ }
+ if ($c_posts > 1) {
+ echo "$c_posts posts";
+ }
+ unset($c_items_posts);
+
+ echo "</p></td><td width=513 valign=top>";
+ }
+ else {
+ echo "<td width=598 valign=top>";
+ }
+
+ echo '<p><font style="font-size: 10px; color: #999999;">';
+ if ((file_exists("$dir/$d/comments/live/$comment/author.txt") and (file_exists("data/bb.txt") and !file_exists("data/avatar.txt")) or (file_exists("$dir/$d/comments/live/$comment/author.txt") and (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and !file_exists("data/avatar.txt"))))) {
+ $cxavatar_author = file_get_contents("$dir/$d/comments/live/$comment/author.txt");
+ echo "<a href=member.php?id=$cxavatar_author>$cxavatar_author</a> - ";
+ }
readfile("$dir/$d/comments/live/$comment/timestamp.txt");
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
if (file_exists("$dir/$d/comments/live/$comment/revisions.txt")) {
@@ -1581,8 +2300,19 @@ else {
}
}
echo '</font><font style="font-size: 5px;"><br><br></font>';
- readfile("$dir/$d/comments/live/$comment/comment.txt");
- echo '</div>';
+ $entry_comment = file_get_contents("$dir/$d/comments/live/$comment/comment.txt");
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt") and (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))))) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $entry_comment = preg_replace("/\b($badwords)\b/i",$censor,$entry_comment);
+ }
+ echo $entry_comment;
+ echo '</p></tr></table></div>';
}
unset($show_comments);
echo '</td></tr></table>';
@@ -1590,7 +2320,16 @@ else {
if (!file_exists("data/nocomment.txt")) {
- echo '<p><table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<p><table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
echo '<p><font style="font-size: 12px;"><b>Add Comment</b></font></p>';
if (file_exists("$dir/$d/passwd.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['passwd']) or ($crypt_passwd != $passwd))) {
@@ -1598,25 +2337,64 @@ if (!file_exists("data/nocomment.txt")) {
}
else {
- $capcha_rand = str_rand(7);
+ $captcha_rand = str_rand(7);
- echo '<p>Fill out the form below and enter <b>' . $capcha_rand . '</b> in the anti-spam field to add your comment. Note that it will not be posted immediately, but will be ';
-
- if (file_exists("data/email.txt")) {
- echo "e-mailed";
- }
- else {
- echo "sent";
+ echo "<p>Fill out the form below";
+
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ echo " and enter <b>$captcha_rand</b> in the anti-spam field";
}
- echo ' to me first. Comments with bogus contact information will be discarded.</p>';
-
+ echo " to add your comment.";
+
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ echo " Note that it will not be posted immediately, but will be ";
+
+ if (file_exists("data/email.txt")) {
+ echo "e-mailed";
+ }
+ else {
+ echo "sent";
+ }
+
+ echo " to me first.";
+
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and !file_exists("data/members/active/{$_SESSION['logged_in']}"))) {
+ echo " Comments with bogus contact information will be discarded.";
+ }
+ }
+ echo "</p>";
+
?>
<table border=0 cellspacing=2 cellpadding=0 width=500>
<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>?entry=<?php echo $d; ?>&show=comments" method="post">
- <input type=hidden name=capcha_get value="<?php echo $capcha_rand; ?>">
- <tr><td width=75><p>First Name*</p></td><td width=300><input class=input type=text autocomplete=off name=firstname maxlength=30></td><td rowspan=7 valign=top width=75 align=right>
+ <input type=hidden name=captcha_get value="<?php echo $captcha_rand; ?>">
+ <tr>
+
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+?>
+ <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php $logged_in_author = explode(" ", file_get_contents("data/author.txt")); echo trim(str_replace(",","",$logged_in_author[0])); ?>"></p></td>
+<?php
+}
+elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+?>
+ <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/firstname.txt"); ?>"></p></td>
+<?php
+}
+else {
+
+?>
+
+<td width=75><p>First Name*</p></td><td width=300><input class=input type=text autocomplete=off name=firstname maxlength=30></td>
+
+<?php
+
+}
+
+?>
+ <td rowspan=7 valign=top width=75 align=right>
<table border=0 cellspacing=1 cellpadding=2>
<tr><td><img src=images/smileys/crying.png border=0></td><td><p>:((</p></td><td ><p>crying</p></td></tr>
<tr><td><img src=images/smileys/frown.png border=0></td><td><p>:(</p></td><td><p>frown</p></td></tr>
@@ -1630,11 +2408,91 @@ if (!file_exists("data/nocomment.txt")) {
<tr><td><img src=images/smileys/wink.png border=0></td><td><p>;)</p></td><td><p>wink</p></td></tr>
</td></tr>
</table>
+
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+?>
+ <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo trim(str_replace(",","",$logged_in_author[1])); ?>"></p></td>
+<?php
+}
+elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+?>
+ <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/lastname.txt"); ?>"></p></td>
+<?php
+}
+else {
+
+?>
+
<tr><td><p>Last Name*</p></td><td><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
+
+<?php
+
+}
+
+?>
+
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ if (file_exists("data/email.txt")) {
+?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/email.txt"); ?>"></p></td>
+<?php
+ }
+ else {
+ echo "<tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>";
+ }
+}
+elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt"); ?>"></p></td>
+<?php
+}
+else {
+
+?>
+
<tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
+
+<?php
+
+}
+
+?>
+
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php file_get_contents("data/url.txt"); ?>"></p></td>
+<?php
+}
+elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/url.txt")) { echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/url.txt"); } ?>"></p></td>
+<?php
+}
+else {
+
+?>
+
<tr><td><p>Website</p></td><td colspan=2><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
- <tr><td ><p>Comment*</p></td><td ><textarea class=input name=new_comment rows=10></textarea></td></tr>
- <tr><td><p>Anti-Spam*</p></td><td><input class=input type=text autocomplete=off name=capcha_put maxlength=7></td></tr>
+
+<?php
+
+}
+
+?>
+
+ <tr><td><p>Comment*</p></td><td><textarea class=input name=new_comment rows=15></textarea></td></tr>
+ <?php
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ echo "<input type=hidden name=captcha_put value=\"$captcha_rand\">";
+ }
+ else {
+ echo "<tr><td><p>Anti-Spam*</p></td><td><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>";
+ }
+ ?>
+
<tr><td><p></p></td><td><input class=input type=submit value="click here to submit your comment"></td></tr>
</form>
</table>
@@ -1644,8 +2502,8 @@ if (!file_exists("data/nocomment.txt")) {
<?php
}
-if (!isset($_SESSION['logged_in'])) {
- if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_REQUEST['capcha_put']) and !empty($_REQUEST['capcha_get']) and isset($_REQUEST['firstname']) and !empty($_REQUEST['firstname']) and isset($_REQUEST['lastname']) and !empty($_REQUEST['lastname']) and isset($_REQUEST['email']) and !empty($_REQUEST['email']) and isset($_REQUEST['new_comment']) and !empty($_REQUEST['new_comment']) and isset($_REQUEST['capcha_put']) and !empty($_REQUEST['capcha_put']) and ($_REQUEST['capcha_get'] == $_REQUEST['capcha_put']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email']))) {
+if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt") and file_exists("data/members/active/{$_SESSION['logged_in']}")))) {
+ if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_REQUEST['firstname']) and !empty($_REQUEST['firstname']) and isset($_REQUEST['lastname']) and !empty($_REQUEST['lastname']) and isset($_REQUEST['email']) and !empty($_REQUEST['email']) and isset($_REQUEST['new_comment']) and !empty($_REQUEST['new_comment']) and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_put']) and ($_REQUEST['captcha_get'] == $_REQUEST['captcha_put']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email']))) {
echo '<p><table border=0 cellspacing=0 cellpadding=0><tr><td><p><font style="font-size: 12px;"><b>Thanks!</b></font></p><p>Your comment has been submitted for approval.<br>Please check back soon to see if it has been posted.</p></td></tr></table></p>';
}
}
@@ -1681,7 +2539,16 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo '<p><b>Pending Comments</b></p>';
}
foreach ($show_pending_comments as $pending_comment) {
- echo '<p><table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<p><table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
echo '<div id=panel_title>';
if (file_exists("$dir/$d/comments/pending/$pending_comment/url.txt")) {
@@ -1701,7 +2568,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo ' <';
readfile("$dir/$d/comments/pending/$pending_comment/email.txt");
echo '>';
- echo '<a href=del.php?entry=' . $d . '&comment=' . $pending_comment . '&type=pending><img src=images/widget.del.png width=10 height=10 border=0 align=right alt="delete comment"></a>';
+ echo '<a href=del.php?entry=' . $d . '&comment=' . $pending_comment . '&type=pending><img src=images/widget.del.png width=11 height=11 border=0 align=right alt="delete comment"></a>';
$pending_comment_key_file = "$dir/$d/comments/pending/$pending_comment/key.txt";
$open_pending_comment_key_file = fopen($pending_comment_key_file,"r");
@@ -1710,12 +2577,194 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo '<a href=' . $_SERVER['PHP_SELF'] . '?entry=' . $d . '&comment=' . $pending_comment . '&key=' . $pending_comment_login_key . '&action=approve><img src=images/widget.cat.png width=11 height=11 border=0 align=right alt="post comment"></a>';
echo '</div>';
- echo '<div id=panel_body>';
- echo '<font style="font-size: 10px; color: #999999;">';
+ echo '</div><div id=panel_body><table border=0 cellspacing=0 cellpadding=0><tr>';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt") and file_exists("$dir/$d/comments/pending/$pending_comment/author.txt")) {
+ echo "<td width=85 valign=top><p>";
+ $pc_author = file_get_contents("$dir/$d/comments/pending/$pending_comment/author.txt");
+ echo "<a href=member.php?id=$pc_author>";
+ if ((file_get_contents("data/username.txt") == $pc_author) and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
+ if (file_exists("images/avatar.gif")) {
+ $pc_avatar_gif_image_size = getimagesize("images/avatar.gif");
+ $pc_avatar_gif_image_width = $pc_avatar_gif_image_size[0];
+ $pc_avatar_gif_image_height = $pc_avatar_gif_image_size[1];
+
+ $pc_max_avatar_gif_image_width = 80;
+
+ if ($pc_avatar_gif_image_width > $pc_max_avatar_gif_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_gif_image_width / $pc_avatar_gif_image_width) ;
+ $pc_avatar_gif_image_width = (int) ($pc_avatar_gif_image_width * $sizefactor);
+ $pc_avatar_gif_image_height = (int) ($pc_avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.gif border=0 width=";
+ echo $pc_avatar_gif_image_width;
+ echo " height=";
+ echo $pc_avatar_gif_image_height;
+ }
+ if (file_exists("images/avatar.jpg")) {
+ $pc_avatar_jpg_image_size = getimagesize("images/avatar.jpg");
+ $pc_avatar_jpg_image_width = $pc_avatar_jpg_image_size[0];
+ $pc_avatar_jpg_image_height = $pc_avatar_jpg_image_size[1];
+
+ $pc_max_avatar_jpg_image_width = 80;
+
+ if ($pc_avatar_jpg_image_width > $pc_max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_jpg_image_width / $pc_avatar_jpg_image_width) ;
+ $pc_avatar_jpg_image_width = (int) ($pc_avatar_jpg_image_width * $sizefactor);
+ $pc_avatar_jpg_image_height = (int) ($pc_avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.jpg border=0 width=";
+ echo $pc_avatar_jpg_image_width;
+ echo " height=";
+ echo $pc_avatar_jpg_image_height;
+ }
+ if (file_exists("images/avatar.png")) {
+ $pc_avatar_png_image_size = getimagesize("images/avatar.png");
+ $pc_avatar_png_image_width = $pc_avatar_png_image_size[0];
+ $pc_avatar_png_image_height = $pc_avatar_png_image_size[1];
+
+ $pc_max_avatar_png_image_width = 80;
+
+ if ($pc_avatar_png_image_width > $pc_max_avatar_png_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_png_image_width / $pc_avatar_png_image_width) ;
+ $pc_avatar_png_image_width = (int) ($pc_avatar_png_image_width * $sizefactor);
+ $pc_avatar_png_image_height = (int) ($pc_avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.png border=0 width=";
+ echo $pc_avatar_png_image_width;
+ echo " height=";
+ echo $pc_avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ elseif (file_exists("images/members/$pc_author/avatar.jpg") or file_exists("images/members/$pc_author/avatar.gif") or file_exists("images/members/$pc_author/avatar.png")) {
+ if (file_exists("images/members/$pc_author/avatar.gif")) {
+ $pc_avatar_gif_image_size = getimagesize("images/members/$pc_author/avatar.gif");
+ $pc_avatar_gif_image_width = $pc_avatar_gif_image_size[0];
+ $pc_avatar_gif_image_height = $pc_avatar_gif_image_size[1];
+
+ $pc_max_avatar_gif_image_width = 80;
+
+ if ($pc_avatar_gif_image_width > $pc_max_avatar_gif_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_gif_image_width / $pc_avatar_gif_image_width) ;
+ $pc_avatar_gif_image_width = (int) ($pc_avatar_gif_image_width * $sizefactor);
+ $pc_avatar_gif_image_height = (int) ($pc_avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$pc_author/avatar.gif border=0 width=";
+ echo $pc_avatar_gif_image_width;
+ echo " height=";
+ echo $pc_avatar_gif_image_height;
+ }
+ if (file_exists("images/members/$pc_author/avatar.jpg")) {
+ $pc_avatar_jpg_image_size = getimagesize("images/members/$pc_author/avatar.jpg");
+ $pc_avatar_jpg_image_width = $pc_avatar_jpg_image_size[0];
+ $pc_avatar_jpg_image_height = $pc_avatar_jpg_image_size[1];
+
+ $pc_max_avatar_jpg_image_width = 80;
+
+ if ($pc_avatar_jpg_image_width > $pc_max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_jpg_image_width / $pc_avatar_jpg_image_width) ;
+ $pc_avatar_jpg_image_width = (int) ($pc_avatar_jpg_image_width * $sizefactor);
+ $pc_avatar_jpg_image_height = (int) ($pc_avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$pc_author/avatar.jpg border=0 width=";
+ echo $pc_avatar_jpg_image_width;
+ echo " height=";
+ echo $pc_avatar_jpg_image_height;
+ }
+ if (file_exists("images/members/$pc_author/avatar.png")) {
+ $pc_avatar_png_image_size = getimagesize("images/members/$pc_author/avatar.png");
+ $pc_avatar_png_image_width = $pc_avatar_png_image_size[0];
+ $pc_avatar_png_image_height = $pc_avatar_png_image_size[1];
+
+ $pc_max_avatar_png_image_width = 80;
+
+ if ($pc_avatar_png_image_width > $pc_max_avatar_png_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_png_image_width / $pc_avatar_png_image_width) ;
+ $pc_avatar_png_image_width = (int) ($pc_avatar_png_image_width * $sizefactor);
+ $pc_avatar_png_image_height = (int) ($pc_avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$pc_author/avatar.png border=0 width=";
+ echo $pc_avatar_png_image_width;
+ echo " height=";
+ echo $pc_avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ echo "$pc_author</a><br>";
+ if ((file_get_contents("data/username.txt") == $pc_author) and file_exists("data/rank.txt")) {
+ echo "administrator<br>";
+ }
+ elseif (file_exists("data/members/active/$pc_author/rank.txt") and file_exists("data/rank.txt")) {
+ $pc_rank = file_get_contents("data/members/active/$pc_author/rank.txt");
+ echo "$pc_rank<br>";
+ }
+ elseif (!file_exists("data/members/active/$pc_author/rank.txt") and file_exists("data/rank.txt")) {
+ echo "member<br>";
+ }
+
+ if ($pc_dh_posts = opendir("data/items")) {
+ while (($pc_entry_posts = readdir($pc_dh_posts)) !== false) {
+
+ if (file_exists("data/items/$pc_entry_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$pc_entry_posts/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $pc_post_cat_dir = file_get_contents("data/items/$pc_entry_posts/category.txt");
+
+ if (file_exists("data/categories/$pc_post_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$pc_entry_posts/cat.txt")) {
+ continue;
+ }
+
+ if ($pc_entry_posts != "." && $pc_entry_posts != ".." && fnmatch("*", $pc_entry_posts)) {
+ if (file_exists("data/members/active/$pc_author") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$pc_entry_posts/author.txt") and (file_get_contents("data/items/$pc_entry_posts/author.txt") == $pc_author)) {
+ $pc_items_posts[] = $pc_entry_posts;
+ }
+ }
+ elseif (!file_exists("data/members/active/$pc_author") and (file_get_contents("data/username.txt") == $pc_author) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$pc_entry_posts/author.txt") and (file_get_contents("data/items/$pc_entry_posts/author.txt") == $pc_author)) {
+ $pc_items_posts[] = $pc_entry_posts;
+ }
+ }
+ }
+ }
+ closedir($pc_dh_posts);
+ }
+ $pc_posts = count($pc_items_posts);
+ if ($pc_posts == 1) {
+ echo "$pc_posts post";
+ }
+ if ($pc_posts > 1) {
+ echo "$pc_posts posts";
+ }
+ unset($pc_items_posts);
+
+ echo "</p></td><td width=513 valign=top>";
+ }
+ else {
+ echo "<td width=598 valign=top>";
+ }
+
+ echo '<p><font style="font-size: 10px; color: #999999;">';
+ if ((file_exists("$dir/$d/comments/pending/$pending_comment/author.txt") and (file_exists("data/bb.txt") and !file_exists("data/avatar.txt")) or (file_exists("$dir/$d/comments/pending/$pending_comment/author.txt") and (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and !file_exists("data/avatar.txt"))))) {
+ $pxavatar_author = file_get_contents("$dir/$d/comments/pending/$pending_comment/author.txt");
+ echo "<a href=member.php?id=$pxavatar_author>$pxavatar_author</a> - ";
+ }
readfile("$dir/$d/comments/pending/$pending_comment/timestamp.txt");
echo '</font><font style="font-size: 5px;"><br><br></font>';
readfile("$dir/$d/comments/pending/$pending_comment/comment.txt");
- echo '</div>';
+ echo '</p></tr></table></div>';
unset($show_pending_comments);
echo '</td></tr></table></p>';
}
@@ -1734,6 +2783,27 @@ if (($start >= $increase) and ($start != 0)) {
if (isset($_REQUEST['archive']) and !empty($_REQUEST['archive'])) {
echo "archive={$_REQUEST['archive']}&";
}
+ if (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and file_exists("data/members/active/{$_REQUEST['author']}") and file_exists("data/bb.txt")) {
+ echo "author={$_REQUEST['author']}&";
+ }
+ if (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and !file_exists("data/members/active/{$_REQUEST['author']}") and (file_get_contents("data/username.txt") == $_REQUEST['author']) and file_exists("data/bb.txt")) {
+ echo "author={$_REQUEST['author']}&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "private")) {
+ echo "find=private&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "member")) {
+ echo "find=member&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "passwd")) {
+ echo "find=passwd&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "album")) {
+ echo "find=album&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "filedrop")) {
+ echo "find=filedrop&";
+ }
echo "start=" . ($start-$increase) . "\">previous</a></p></td>";
}
@@ -1745,6 +2815,27 @@ if ($end < sizeof($items)) {
if (isset($_REQUEST['archive']) and !empty($_REQUEST['archive'])) {
echo "archive={$_REQUEST['archive']}&";
}
+ if (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and file_exists("data/members/active/{$_REQUEST['author']}") and file_exists("data/bb.txt")) {
+ echo "author={$_REQUEST['author']}&";
+ }
+ if (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and !file_exists("data/members/active/{$_REQUEST['author']}") and (file_get_contents("data/username.txt") == $_REQUEST['author']) and file_exists("data/bb.txt")) {
+ echo "author={$_REQUEST['author']}&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "private")) {
+ echo "find=private&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "member")) {
+ echo "find=member&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "passwd")) {
+ echo "find=passwd&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "album")) {
+ echo "find=album&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "filedrop")) {
+ echo "find=filedrop&";
+ }
echo "start=" . ($start+$increase) . "\">next</a></p></td>";
}
?>
@@ -1764,6 +2855,10 @@ if ($dh_latest_items = opendir($dir)) {
continue;
}
+ if (file_exists("data/items/$entry_latest_items/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
$cat_dir = file_get_contents("data/items/$entry_latest_items/category.txt");
if (file_exists("data/categories/$cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_latest_items/cat.txt")) {
@@ -1811,6 +2906,71 @@ if ($count_latest_items > 0) {
echo '</div>';
?>
+<?php
+if (file_exists("data/bb.txt") and file_exists("data/bb-stats.txt")) {
+ echo "<div id=panel_title>Bulletin Board</div><div id=panel_body>";
+ if (file_exists("data/members/active") and file_exists("data/bb.txt")) {
+ if ($dh_active_list = opendir("data/members/active")) {
+ while (($entry_active_list = readdir($dh_active_list)) !== false) {
+ if ($entry_active_list != "." && $entry_active_list != ".." && fnmatch("*", $entry_active_list)) {
+ $show_active_list[] = $entry_active_list;
+ }
+ }
+ closedir($dh_active_list);
+ }
+
+ sort($show_active_list);
+ reset($show_active_list);
+ $count_active_list = count($show_active_list);
+ if ($count_active_list > 0) {
+ echo "Registered Members: $count_active_list";
+ }
+ }
+
+
+ if (file_exists("data/items")) {
+ if ($dh_mempost_list = opendir("data/items")) {
+ while (($entry_mempost_list = readdir($dh_mempost_list)) !== false) {
+
+ if (file_exists("data/items/$entry_mempost_list/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$entry_mempost_list/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $get_cat_dir = file_get_contents("data/items/$entry_mempost_list/category.txt");
+
+ if (file_exists("data/categories/$get_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_mempost_list/cat.txt")) {
+ continue;
+ }
+
+ if ($entry_mempost_list != "." && $entry_mempost_list != ".." && fnmatch("*", $entry_mempost_list)) {
+ $entry_mempost_list = substr("$entry_mempost_list",0,6);
+ $show_mempost_list[] = $entry_mempost_list;
+ }
+ }
+ closedir($dh_mempost_list);
+ }
+ rsort($show_mempost_list);
+ $count_mempost_list = count($show_mempost_list);
+ echo "<br>Total Posts: $count_mempost_list";
+ unset($show_mempost_list);
+ }
+
+ if (file_exists("data/bb-new.txt")) {
+ $bb_new = file_get_contents("data/bb-new.txt");
+ echo "<br>Newest User: <a href=member.php?id=$bb_new>$bb_new</a>";
+ }
+ if (file_exists("data/bb-last.txt")) {
+ $bb_last = file_get_contents("data/bb-last.txt");
+ echo "<br>Latest Login: <a href=member.php?id=$bb_last>$bb_last</a>";
+ }
+ echo "</div>";
+}
+?>
+
<form enctype="multipart/form-data" action="dig.php" method="post">
<div id=panel_title>Search</div>
<div id=panel_body>
@@ -1818,6 +2978,20 @@ if ($count_latest_items > 0) {
</div>
</form>
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
+ echo "<div id=panel_title>Find Entries</div><div id=panel_body>";
+ echo "<a href=index.php?find=private>Private</a>";
+ if (file_exists("data/bb.txt")) {
+ echo "<br><a href=index.php?find=member>Members-Only</a>";
+ }
+ echo "<br><a href=index.php?find=passwd>Password Protected</a>";
+ echo "<br><a href=index.php?find=filedrop>With Attached Files</a>";
+ echo "<br><a href=index.php?find=album>With Photo Album</a>";
+ echo "</div>";
+}
+?>
+
<?php
if (file_exists("data/categories")) {
if ($dh_categories = opendir("data/categories")) {
@@ -1851,7 +3025,7 @@ if ($count_latest_items > 0) {
$category_title = file_get_contents("data/categories/$category/title.txt");
}
else {
- $category_title = ucfirst($category);
+ $category_title = ucfirst(str_replace("_"," ",$category));
}
echo $category_title;
echo "</a><br />";
@@ -1887,6 +3061,7 @@ if ($count_latest_items > 0) {
echo '<br>Sitemap Requests: ';
readfile("data/sitemap.txt");
}
+
echo '</div>';
}
}
@@ -1941,7 +3116,72 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
}
?>
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and file_exists("data/members/confirmed") and !file_exists("data/xapp.txt") and file_exists("data/bb.txt") and file_exists("data/reg.txt")) {
+ if ($dh_pending_list = opendir("data/members/confirmed")) {
+ while (($entry_pending_list = readdir($dh_pending_list)) !== false) {
+
+ if ($entry_pending_list != "." && $entry_pending_list != ".." && fnmatch("*", $entry_pending_list)) {
+ $show_pending_list[] = $entry_pending_list;
+ }
+ }
+ closedir($dh_pending_list);
+ }
+ sort($show_pending_list);
+ reset($show_pending_list);
+ $count_pending_list = count($show_pending_list);
+
+ if ($count_pending_list > 0) {
+ echo "<div id=panel_title>Pending Member";
+ if ($count_pending_list > 1) {
+ echo "s";
+ }
+ echo "</div><div id=panel_body>Please approve or deny $count_pending_list pending membership request";
+ if ($count_pending_list > 1) {
+ echo "s";
+ }
+ echo " below.</div>";
+ foreach ($show_pending_list as $pending_list_entry) {
+ echo "<div id=panel_title>$pending_list_entry";
+ echo '<a href=reg.php?username=';
+ echo $pending_list_entry;
+ echo '&key=';
+ readfile("data/members/confirmed/$pending_list_entry/key.txt");
+ echo '&action=deny><img src=images/widget.del.png border=0 width=11 height=11 align=right alt=deny></a><a href=reg.php?username=';
+ echo $pending_list_entry;
+ echo '&key=';
+ readfile("data/members/confirmed/$pending_list_entry/key.txt");
+ echo '&action=approve><img src=images/widget.cat.png border=0 width=11 height=11 align=right alt=approve></a></div>';
+ echo "<div id=panel_body>";
+ if (file_exists("data/members/confirmed/$pending_list_entry/url.txt")) {
+ echo "<a href=\"";
+ readfile("data/members/confirmed/$pending_list_entry/url.txt");
+ echo "\" target=_pending>";
+ }
+ readfile("data/members/confirmed/$pending_list_entry/firstname.txt");
+ echo " ";
+ readfile("data/members/confirmed/$pending_list_entry/lastname.txt");
+ if (file_exists("data/members/confirmed/$pending_list_entry/url.txt")) {
+ echo "</a>";
+ }
+ echo "<br>";
+ readfile("data/members/confirmed/$pending_list_entry/email.txt");
+ if (file_exists("data/members/confirmed/$pending_list_entry/timestamp.txt")) {
+ $confirmed = file_get_contents("data/members/confirmed/$pending_list_entry/timestamp.txt");
+ $confirmed_year = substr($confirmed,0,4);
+ $confirmed_month = substr($confirmed,4,2);
+ $confirmed_day = substr($confirmed,6,2);
+ $confirmed_hh = substr($confirmed,8,2);
+ $confirmed_mm = substr($confirmed,10,2);
+ $email_confirmed = date("d M Y H:i", mktime($confirmed_hh, $confirmed_mm, 0, $confirmed_month, $confirmed_day, $confirmed_year));
+ echo "<br>$email_confirmed";
+ }
+ echo "</div>";
+ }
+ }
+}
+?>
<?php
if (file_exists("data/albums")) {
@@ -1952,6 +3192,10 @@ if (file_exists("data/albums")) {
continue;
}
+ if (file_exists("data/items/$entry_album_list/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
$pull_cat_dir = file_get_contents("data/items/$entry_album_list/category.txt");
if (file_exists("data/categories/$pull_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_album_list/cat.txt")) {
@@ -1999,6 +3243,10 @@ if (file_exists("data/items")) {
continue;
}
+ if (file_exists("data/items/$entry_archive_list/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
$get_cat_dir = file_get_contents("data/items/$entry_archive_list/category.txt");
if (file_exists("data/categories/$get_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_archive_list/cat.txt")) {
diff --git a/login.php b/login.php
index 0a1d2c6..b877dfe 100644
--- a/login.php
+++ b/login.php
@@ -5,6 +5,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
?>
<style>
@@ -60,8 +76,21 @@ a:active {
<?php
-$login_username = file_get_contents("data/username.txt");
-$login_password = file_get_contents("data/password.txt");
+if ($_REQUEST['username'] == file_get_contents("data/username.txt")) {
+ $login_username = file_get_contents("data/username.txt");
+ $login_password = file_get_contents("data/password.txt");
+ $last_login = "data/lastlog.txt";
+ $logins = "data/logins.txt";
+}
+
+if ($_REQUEST['username'] != file_get_contents("data/username.txt")) {
+ if (file_exists("data/members/active/{$_REQUEST['username']}") and file_exists("data/bb.txt")) {
+ $login_username = $_REQUEST['username'];
+ $login_password = file_get_contents("data/members/active/{$_REQUEST['username']}/password.txt");
+ $last_login = "data/members/active/{$_REQUEST['username']}/bb-last.txt";
+ $logins = "data/members/active/{$_REQUEST['username']}/bb-logins.txt";
+ }
+}
/* Fun with crypt! */
$crypt_password = sha1($_REQUEST['password']);
@@ -77,6 +106,23 @@ if ($login_username != $_REQUEST['username'] || $login_password != $crypt_passwo
$_SESSION['logged_in'] = $_REQUEST['username'];
+$lastlog = date("YmdHis", time() + $offset);
+$fp_lastlog_txt = fopen($last_login,"w");
+fwrite($fp_lastlog_txt,$lastlog);
+fclose($fp_lastlog_txt);
+
+if (file_exists("data/bb.txt") and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))) {
+ $fp_latest_login_txt = fopen("data/bb-last.txt","w");
+ fwrite($fp_latest_login_txt,$_SESSION['logged_in']);
+ fclose($fp_latest_login_txt);
+}
+
+$login_count = file_get_contents($logins);
+$login_count = $login_count + 1;
+$login_count_file = fopen($logins, "w");
+fwrite($login_count_file, $login_count);
+fclose($login_count_file);
+
if (isset($_SESSION['logged_in'])) {
echo '<p>You are now logged in as ' . $_SESSION['logged_in'] . '. Click <a href=index.php>here</a> to continue.</p>';
}
diff --git a/member.php b/member.php
new file mode 100644
index 0000000..ca1789b
--- /dev/null
+++ b/member.php
@@ -0,0 +1,785 @@
+<?php
+
+session_start();
+header("Cache-control: private");
+
+error_reporting(E_ERROR);
+
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
+if (file_exists("data/lite.txt")) {
+ exit();
+}
+
+if (!file_exists("data/bb.txt")) {
+ exit();
+}
+
+if (!isset($_REQUEST['id']) or empty($_REQUEST['id'])) {
+ exit();
+}
+
+if (isset($_REQUEST['id']) and ($_REQUEST['id'] != file_get_contents("data/username.txt")) and !file_exists("data/members/active/{$_REQUEST['id']}") and ($_REQUEST['id'] != "all")) {
+ exit();
+}
+
+$id = $_REQUEST['id'];
+
+$login_username = file_get_contents("data/username.txt");
+
+if (file_get_contents("data/username.txt") != $id) {
+ $member_firstname = file_get_contents("data/members/active/$id/firstname.txt");
+ $member_lastname = file_get_contents("data/members/active/$id/lastname.txt");
+}
+
+?>
+
+<style>
+
+body
+{
+ color: #666666;
+ margin: 0px 0px 10px 10px;
+ padding: 0px;
+ text-align: left;
+ font-family: verdana, helvetica, sans-serif;
+ background-color: #FFFFFF;
+ }
+
+p, td
+{
+ font-size: 11px;
+}
+
+a
+{
+ font-weight: bold;
+ text-decoration: none;
+}
+
+a:link
+{
+ color: #666666;
+}
+
+a:visited
+{
+ color: #666666;
+}
+
+a:hover
+{
+ color: #336699;
+}
+
+a:active {
+ color: #336699;
+}
+#panel_title
+{
+ font-family: verdana, helvetica, sans-serif;
+ font-size: 12px;
+ font-weight: bold;
+ color: #666666;
+ padding: 5px 5px 5px 5px;
+ background-color: transparent;
+ margin: 10px 0px 0px 0px;
+ border-color: #CCCCCC;
+ border-width: 1px 1px 0px 1px;
+ border-style: solid solid none solid;
+}
+#panel_body
+{
+ font-family: verdana, helvetica, sans-serif;
+ font-size: 11px;
+ color: #666666;
+ padding: 5px 5px 5px 5px;
+ background-color: transparent;
+ margin: 0px;
+ border-color: #CCCCCC;
+ border-width: 1px 1px 1px 1px;
+ border-style: solid solid solid solid;
+}
+#panel_footer
+{
+ font-family: verdana, helvetica, sans-serif;
+ font-size: 11px;
+ color: #666666;
+ padding: 5px 5px 5px 5px;
+ background-color: transparent;
+ margin: 0px;
+ border-color: #CCCCCC;
+ border-width: 0px 1px 1px 1px;
+ border-style: none solid solid solid;
+ text-align: right;
+}
+.submit {
+ color: #666666;
+ background: #ffffff;
+ border: #999999 solid 1px;
+ width: 100%;
+ font-family: verdana,helvetica,sans-serif;
+ font-size: 11px
+}
+</style>
+
+<?php if ($id == "all") {
+
+if (isset($_REQUEST['edit']) and !empty($_REQUEST['edit']) and ($_REQUEST['edit'] == "on") and isset($_REQUEST['username']) and !empty($_REQUEST['username']) and file_exists("data/members/active/{$_REQUEST['username']}") and isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+
+ if (isset($_REQUEST['rw']) and !empty($_REQUEST['rw']) and ($_REQUEST['rw'] == "on") and !file_exists("data/members/active/{$_REQUEST['username']}/rw.txt")) {
+ touch("data/members/active/{$_REQUEST['username']}/rw.txt");
+ }
+
+ if ((!isset($_REQUEST['rw']) or empty($_REQUEST['rw'])) and file_exists("data/members/active/{$_REQUEST['username']}/rw.txt")) {
+ unlink("data/members/active/{$_REQUEST['username']}/rw.txt");
+ }
+
+ if (isset($_REQUEST['ul']) and !empty($_REQUEST['ul']) and ($_REQUEST['ul'] == "on") and !file_exists("data/members/active/{$_REQUEST['username']}/ul.txt")) {
+ touch("data/members/active/{$_REQUEST['username']}/ul.txt");
+ }
+
+ if ((!isset($_REQUEST['ul']) or empty($_REQUEST['ul'])) and file_exists("data/members/active/{$_REQUEST['username']}/ul.txt")) {
+ unlink("data/members/active/{$_REQUEST['username']}/ul.txt");
+ }
+
+ if (isset($_REQUEST['noml']) and !empty($_REQUEST['noml']) and ($_REQUEST['noml'] == "on") and !file_exists("data/members/active/{$_REQUEST['username']}/noml.txt")) {
+ touch("data/members/active/{$_REQUEST['username']}/noml.txt");
+ }
+
+ if ((!isset($_REQUEST['noml']) or empty($_REQUEST['noml'])) and file_exists("data/members/active/{$_REQUEST['username']}/noml.txt")) {
+ unlink("data/members/active/{$_REQUEST['username']}/noml.txt");
+ }
+
+ if (isset($_REQUEST['rank']) and !empty($_REQUEST['rank']) and (strtolower($_REQUEST['rank']) != "member")) {
+ $rank_file = "data/members/active/{$_REQUEST['username']}/rank.txt";
+ $fp_rank_txt = fopen($rank_file,"w");
+ fwrite($fp_rank_txt,$_REQUEST['rank']);
+ fclose($fp_rank_txt);
+ }
+
+ if ((!isset($_REQUEST['rank']) or empty($_REQUEST['rank'])) and file_exists("data/members/active/{$_REQUEST['username']}/rank.txt")) {
+ unlink("data/members/active/{$_REQUEST['username']}/rank.txt");
+ }
+
+ if (isset($_REQUEST['del']) and !empty($_REQUEST['del']) and ($_REQUEST['del'] == "on")) {
+ function rmdirr($recurse_dirname)
+ {
+
+ if (!file_exists($recurse_dirname)) {
+ return false;
+ }
+
+ if (is_file($recurse_dirname)) {
+ return unlink($recurse_dirname);
+ }
+
+ $recurse_dir = dir($recurse_dirname);
+ while (false !== $recurse_entry = $recurse_dir->read()) {
+
+ if ($recurse_entry == '.' || $recurse_entry == '..') {
+ continue;
+ }
+
+ rmdirr("$recurse_dirname/$recurse_entry");
+ }
+
+ $recurse_dir->close();
+ return rmdir($recurse_dirname);
+ }
+ rmdirr("data/members/active/{$_REQUEST['username']}");
+ }
+}
+
+
+?>
+
+<table border=0 cellspacing=0 cellpadding=0 bgcolor=#CCCCCC style="background-color: transparent;" width=525><tr><td><div id=panel_title>Members</div><div id=panel_body><table border=0 cellspacing=1 cellpadding=2 bgcolor=#cccccc width=513>
+<tr><td bgcolor=#eeeeee align=center><p>status</p></td><td bgcolor=#eeeeee align=center><p>username</p></td><td bgcolor=#eeeeee align=center><p>member since</p></td><td bgcolor=#eeeeee align=center><p>logins</p></td><td bgcolor=#eeeeee align=center><p>posts</p></td><?php
+
+if (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ echo "<td bgcolor=#eeeeee align=center><p>rw</p></td><td bgcolor=#eeeeee align=center><p>ul</p></td><td bgcolor=#eeeeee align=center><p>noml</p></td><td bgcolor=#eeeeee align=center><p>delete</p></td><td bgcolor=#eeeeee align=center><p>rank</p></td><td bgcolor=#eeeeee align=center><p>action</p></td>";
+}
+
+?></tr>
+
+<?php
+
+$show_member_list[] = file_get_contents("data/username.txt");
+
+if (file_exists("data/members/active")) {
+ if ($dh_member_list = opendir("data/members/active")) {
+ while (($entry_member_list = readdir($dh_member_list)) !== false) {
+ if ($entry_member_list != "." && $entry_member_list != ".." && fnmatch("*", $entry_member_list)) {
+ $show_member_list[] = $entry_member_list;
+ }
+ }
+ closedir($dh_member_list);
+ }
+
+ sort($show_member_list);
+ reset($show_member_list);
+ $count_member_list = count($show_member_list);
+
+ if ($count_member_list > 0) {
+
+ $sess_dir = session_save_path();
+
+ if (file_exists("data/bb-idle.txt")) {
+ $idle = file_get_contents("data/bb-idle.txt");
+ }
+ else {
+ $idle = 15;
+ }
+
+ foreach ($show_member_list as $member_list_entry) {
+ echo "<tr><td bgcolor=#ffffff align=center><p>";
+
+ $sess_count = 0;
+
+ if (is_dir($sess_dir)) {
+ if ($sess_dh = opendir($sess_dir)) {
+ while (($sess_file = readdir($sess_dh)) !== false) {
+ if ($sess_file != '.' && $sess_file != '..') {
+ if ((time() - fileatime("$sess_dir/$sess_file")) < ($idle * 60)) {
+
+ $sess_content = file_get_contents("$sess_dir/$sess_file");
+
+
+ if (preg_match("/logged_in/",$sess_content)) {
+ if (preg_match("/$member_list_entry/",$sess_content)) {
+ $sess_count++;
+ }
+ }
+ }
+ }
+ }
+ closedir($sess_dh);
+ }
+ }
+
+ if (($sess_count > 0) or (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $member_list_entry))) {
+ echo "<img src=images/smileys/smile.png>";
+ }
+ else {
+ echo "<img src=images/smileys/offline.png>";
+ }
+
+ echo "</p></td><td bgcolor=#ffffff><p><a href=member.php?id=$member_list_entry>$member_list_entry</a></p></td>";
+
+ if ($member_list_entry == file_get_contents("data/username.txt") or (file_exists("data/members/active/$member_list_entry") and !file_exists("data/members/active/$member_list_entry/timestamp.txt"))) {
+ echo "<td bgcolor=#ffffff align=center><p><nobr><code>-</code></nobr></p></td>";
+ }
+
+ if (file_exists("data/members/active/$member_list_entry") and ($member_list_entry != file_get_contents("data/username.txt")) and file_exists("data/members/active/$member_list_entry/timestamp.txt")) {
+ $joined = file_get_contents("data/members/active/$member_list_entry/timestamp.txt");
+ $joined_year = substr($joined,0,4);
+ $joined_month = substr($joined,4,2);
+ $joined_day = substr($joined,6,2);
+ $member_since = date("d M Y", mktime(0, 0, 0, $joined_month, $joined_day, $joined_year));
+ echo "<td bgcolor=#ffffff align=center><p><nobr><code>$member_since</code></nobr></p></td>";
+ }
+
+ if ((file_get_contents("data/username.txt") == $member_list_entry) and file_exists("data/logins.txt")) {
+ $logins = file_get_contents("data/logins.txt");
+ echo "<td bgcolor=#ffffff align=right><p><code>$logins</code></p></td>";
+ }
+ elseif (file_exists("data/members/active/$member_list_entry") and file_exists("data/members/active/$member_list_entry/bb-logins.txt")) {
+ $logins = file_get_contents("data/members/active/$member_list_entry/bb-logins.txt");
+ echo "<td bgcolor=#ffffff align=right><p><code>$logins</code></p></td>";
+ }
+
+ if ((file_get_contents("data/username.txt") == $member_list_entry) and !file_exists("data/logins.txt")) {
+ echo "<td bgcolor=#ffffff align=right><p><code>0</code></p></td>";
+ }
+ elseif (file_exists("data/members/active/$member_list_entry") and !file_exists("data/members/active/$member_list_entry/bb-logins.txt")) {
+ echo "<td bgcolor=#ffffff align=right><p><code>0</code></p></td>";
+ }
+
+ if ($dh_posts = opendir("data/items")) {
+ while (($member_posts = readdir($dh_posts)) !== false) {
+
+ if (file_exists("data/items/$member_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$member_posts/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $post_cat_dir = file_get_contents("data/items/$member_posts/category.txt");
+
+ if (file_exists("data/categories/$post_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$member_posts/cat.txt")) {
+ continue;
+ }
+
+ if ($member_posts != "." && $member_posts != ".." && fnmatch("*", $member_posts)) {
+ if (file_exists("data/members/active/$member_list_entry") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$member_posts/author.txt") and (file_get_contents("data/items/$member_posts/author.txt") == $member_list_entry)) {
+ $items_posts[] = $member_posts;
+ }
+ }
+ elseif (!file_exists("data/members/active/$member_list_entry") and (file_get_contents("data/username.txt") == $member_list_entry) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$member_posts/author.txt") and (file_get_contents("data/items/$member_posts/author.txt") == $member_list_entry)) {
+ $items_posts[] = $member_posts;
+ }
+ }
+ }
+ }
+ closedir($dh_posts);
+ }
+
+ $posts = count($items_posts);
+ echo "<td bgcolor=#ffffff align=right><p><code>$posts</code></p></td>";
+ unset($items_posts);
+
+ if (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+
+ if (($member_list_entry != file_get_contents("data/username.txt")) and file_exists("data/members/active/$member_list_entry")) {
+
+ echo "<form action=member.php method=post><input type=hidden name=id value=all><input type=hidden name=edit value=on><input type=hidden name=username value=$member_list_entry>";
+ echo "<td bgcolor=#ffffff align=center><p><input type=checkbox name=rw";
+ if (file_exists("data/members/active/$member_list_entry/rw.txt")) {
+ echo " checked";
+ }
+ echo "></p></td><td bgcolor=#ffffff align=center><p><input type=checkbox name=ul";
+ if (file_exists("data/members/active/$member_list_entry/ul.txt")) {
+ echo " checked";
+ }
+ echo "></p></td><td bgcolor=#ffffff align=center><p><input type=checkbox name=noml";
+ if (file_exists("data/members/active/$member_list_entry/noml.txt")) {
+ echo " checked";
+ }
+ echo "></p></td><td bgcolor=#ffffff align=center><p><input type=checkbox name=del></p></td><td bgcolor=#ffffff align=center><p><input class=submit type=text name=rank autocomplete=off value=\"";
+ if (file_exists("data/members/active/$member_list_entry/rank.txt")) {
+ readfile("data/members/active/$member_list_entry/rank.txt");
+ }
+ else {
+ echo member;
+ }
+ echo "\"></p></td><td bgcolor=#ffffff align=center><p><input class=submit type=submit value=submit></p></td></form>";
+ }
+ if ($member_list_entry == file_get_contents("data/username.txt")) {
+ echo "<td colspan=6 bgcolor=#ffffff align=center><p><a href=settings.php>administrator settings</a></p></td>";
+ }
+ }
+ }
+ }
+}
+?>
+
+</table></div><div id=panel_footer><font style="font-size: 10px; color: #999999;"><a href=index.php>home</a> | <a href=member.php?id=all>members</a> | <a href=login.php>
+<?php
+if (isset($_SESSION['logged_in'])) {
+ echo "logout";
+}
+else {
+ echo "login";
+}
+?>
+</a></font></div>
+</td></tr></table>
+
+<?php exit(); } ?>
+
+<table border=0 cellspacing=0 cellpadding=0 bgcolor=#CCCCCC style="background-color: transparent;"><tr><td width=525><div id=panel_title><?php
+
+if (file_get_contents("data/username.txt") == $id) {
+ readfile("data/author.txt");
+ if (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) and !file_exists("data/members/active/{$_SESSION['logged_in']}")) {
+ echo " <";
+ readfile("data/email.txt");
+ echo " >";
+ }
+}
+else {
+ echo "$member_firstname $member_lastname";
+
+ if (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) and !file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/members/active/$id/email.txt")) {
+ $email = file_get_contents("data/members/active/$id/email.txt");
+ $email = str_replace("@"," at ",$email);
+ echo " <$email>";
+ }
+
+}
+
+
+?></div><div id=panel_body><table border=0 cellspacing=0 cellpadding=0><tr><td width=90 valign=top><p>
+
+<?php
+
+
+if ((file_get_contents("data/username.txt") == $id) and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
+ if (file_exists("images/avatar.gif")) {
+ $avatar_gif_image_size = getimagesize("images/avatar.gif");
+ $avatar_gif_image_width = $avatar_gif_image_size[0];
+ $avatar_gif_image_height = $avatar_gif_image_size[1];
+
+ $max_avatar_gif_image_width = 80;
+
+ if ($avatar_gif_image_width > $max_avatar_gif_image_width) {
+ $sizefactor = (double) ($max_avatar_gif_image_width / $avatar_gif_image_width) ;
+ $avatar_gif_image_width = (int) ($avatar_gif_image_width * $sizefactor);
+ $avatar_gif_image_height = (int) ($avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.gif border=0 width=";
+ echo $avatar_gif_image_width;
+ echo " height=";
+ echo $avatar_gif_image_height;
+ }
+ if (file_exists("images/avatar.jpg")) {
+ $avatar_jpg_image_size = getimagesize("images/avatar.jpg");
+ $avatar_jpg_image_width = $avatar_jpg_image_size[0];
+ $avatar_jpg_image_height = $avatar_jpg_image_size[1];
+
+ $max_avatar_jpg_image_width = 80;
+
+ if ($avatar_jpg_image_width > $max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($max_avatar_jpg_image_width / $avatar_jpg_image_width) ;
+ $avatar_jpg_image_width = (int) ($avatar_jpg_image_width * $sizefactor);
+ $avatar_jpg_image_height = (int) ($avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.jpg border=0 width=";
+ echo $avatar_jpg_image_width;
+ echo " height=";
+ echo $avatar_jpg_image_height;
+ }
+ if (file_exists("images/avatar.png")) {
+ $avatar_png_image_size = getimagesize("images/avatar.png");
+ $avatar_png_image_width = $avatar_png_image_size[0];
+ $avatar_png_image_height = $avatar_png_image_size[1];
+
+ $max_avatar_png_image_width = 80;
+
+ if ($avatar_png_image_width > $max_avatar_png_image_width) {
+ $sizefactor = (double) ($max_avatar_png_image_width / $avatar_png_image_width) ;
+ $avatar_png_image_width = (int) ($avatar_png_image_width * $sizefactor);
+ $avatar_png_image_height = (int) ($avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.png border=0 width=";
+ echo $avatar_png_image_width;
+ echo " height=";
+ echo $avatar_png_image_height;
+ }
+echo "><br>";
+}
+elseif (file_exists("images/members/$id/avatar.jpg") or file_exists("images/members/$id/avatar.gif") or file_exists("images/members/$id/avatar.png")) {
+ if (file_exists("images/members/$id/avatar.gif")) {
+ $avatar_gif_image_size = getimagesize("images/members/$id/avatar.gif");
+ $avatar_gif_image_width = $avatar_gif_image_size[0];
+ $avatar_gif_image_height = $avatar_gif_image_size[1];
+
+ $max_avatar_gif_image_width = 80;
+
+ if ($avatar_gif_image_width > $max_avatar_gif_image_width) {
+ $sizefactor = (double) ($max_avatar_gif_image_width / $avatar_gif_image_width) ;
+ $avatar_gif_image_width = (int) ($avatar_gif_image_width * $sizefactor);
+ $avatar_gif_image_height = (int) ($avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$id/avatar.gif border=0 width=";
+ echo $avatar_gif_image_width;
+ echo " height=";
+ echo $avatar_gif_image_height;
+ }
+ if (file_exists("images/members/$id/avatar.jpg")) {
+ $avatar_jpg_image_size = getimagesize("images/members/$id/avatar.jpg");
+ $avatar_jpg_image_width = $avatar_jpg_image_size[0];
+ $avatar_jpg_image_height = $avatar_jpg_image_size[1];
+
+ $max_avatar_jpg_image_width = 80;
+
+ if ($avatar_jpg_image_width > $max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($max_avatar_jpg_image_width / $avatar_jpg_image_width) ;
+ $avatar_jpg_image_width = (int) ($avatar_jpg_image_width * $sizefactor);
+ $avatar_jpg_image_height = (int) ($avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$id/avatar.jpg border=0 width=";
+ echo $avatar_jpg_image_width;
+ echo " height=";
+ echo $avatar_jpg_image_height;
+ }
+ if (file_exists("images/members/$id/avatar.png")) {
+ $avatar_png_image_size = getimagesize("images/members/$id/avatar.png");
+ $avatar_png_image_width = $avatar_png_image_size[0];
+ $avatar_png_image_height = $avatar_png_image_size[1];
+
+ $max_avatar_png_image_width = 80;
+
+ if ($avatar_png_image_width > $max_avatar_png_image_width) {
+ $sizefactor = (double) ($max_avatar_png_image_width / $avatar_png_image_width) ;
+ $avatar_png_image_width = (int) ($avatar_png_image_width * $sizefactor);
+ $avatar_png_image_height = (int) ($avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$id/avatar.png border=0 width=";
+ echo $avatar_png_image_width;
+ echo " height=";
+ echo $avatar_png_image_height;
+ }
+echo "><br>";
+}
+echo "<b>$id</b><br>";
+
+if ((file_get_contents("data/username.txt") == $id) and file_exists("data/rank.txt")) {
+ echo "administrator";
+}
+elseif (file_exists("data/members/active/$id/rank.txt") and file_exists("data/rank.txt")) {
+ $rank = file_get_contents("data/members/active/$id/rank.txt");
+ echo "$rank";
+}
+elseif (!file_exists("data/members/active/$id/rank.txt") and file_exists("data/rank.txt")) {
+ echo "member";
+}
+
+?>
+
+
+</p></td><td width=435 valign=top><table border=0 cellspacing=0 cellpadding=2>
+
+<?php
+if ((file_get_contents("data/username.txt") == $id) and file_exists("data/url.txt") and isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in'])) {
+ $member_url = file_get_contents("data/url.txt");
+ echo "<tr><td width=75><p>website</p></td><td><p><a href=$member_url target=_majbb><code>$member_url</code></a></p></td></tr>";
+}
+elseif (file_exists("data/members/active/$id/url.txt") and isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in'])) {
+ $member_url = file_get_contents("data/members/active/$id/url.txt");
+ echo "<tr><td width=75><p>website</p></td><td><p><a href=$member_url target=_majbb><code>$member_url</code></a></p></td></tr>";
+}
+
+if (file_exists("data/members/active/$id/timestamp.txt")) {
+ $joined = file_get_contents("data/members/active/$id/timestamp.txt");
+ $joined_year = substr($joined,0,4);
+ $joined_month = substr($joined,4,2);
+ $joined_day = substr($joined,6,2);
+ $joined_hh = substr($joined,8,2);
+ $joined_mm = substr($joined,10,2);
+ $member_since = date("d M Y H:i", mktime($joined_hh, $joined_mm, 0, $joined_month, $joined_day, $joined_year));
+ echo "<tr><td width=75><p>member since</p></td><td><p><code>$member_since</code></p></td></tr>";
+}
+
+if ((file_get_contents("data/username.txt") == $id) and file_exists("data/lastlog.txt")) {
+ $lastlog = file_get_contents("data/lastlog.txt");
+ $lastlog_year = substr($lastlog,0,4);
+ $lastlog_month = substr($lastlog,4,2);
+ $lastlog_day = substr($lastlog,6,2);
+ $lastlog_hh = substr($lastlog,8,2);
+ $lastlog_mm = substr($lastlog,10,2);
+ $last_login = date("d M Y H:i", mktime($lastlog_hh, $lastlog_mm, 0, $lastlog_month, $lastlog_day, $lastlog_year));
+ echo "<tr><td width=75><p>last login</p></td><td><p><code>$last_login</code></p></td></tr>";
+}
+elseif (file_exists("data/members/active/$id/bb-last.txt")) {
+ $lastlog = file_get_contents("data/members/active/$id/bb-last.txt");
+ $lastlog_year = substr($lastlog,0,4);
+ $lastlog_month = substr($lastlog,4,2);
+ $lastlog_day = substr($lastlog,6,2);
+ $lastlog_hh = substr($lastlog,8,2);
+ $lastlog_mm = substr($lastlog,10,2);
+ $last_login = date("d M Y H:i", mktime($lastlog_hh, $lastlog_mm, 0, $lastlog_month, $lastlog_day, $lastlog_year));
+ echo "<tr><td width=75><p>last login</p></td><td><p><code>$last_login</code></p></td></tr>";
+}
+
+if ((file_get_contents("data/username.txt") == $id) and file_exists("data/lastpost.txt")) {
+ $lastpost = file_get_contents("data/lastpost.txt");
+ $lastpost_year = substr($lastpost,0,4);
+ $lastpost_month = substr($lastpost,4,2);
+ $lastpost_day = substr($lastpost,6,2);
+ $lastpost_hh = substr($lastpost,8,2);
+ $lastpost_mm = substr($lastpost,10,2);
+ $last_post = date("d M Y H:i", mktime($lastpost_hh, $lastpost_mm, 0, $lastpost_month, $lastpost_day, $lastpost_year));
+ echo "<tr><td width=75><p>last post</p></td><td><p><code>$last_post</code></p></td></tr>";
+}
+elseif (file_exists("data/members/active/$id/bb-post.txt")) {
+ $lastpost = file_get_contents("data/members/active/$id/bb-post.txt");
+ $lastpost_year = substr($lastpost,0,4);
+ $lastpost_month = substr($lastpost,4,2);
+ $lastpost_day = substr($lastpost,6,2);
+ $lastpost_hh = substr($lastpost,8,2);
+ $lastpost_mm = substr($lastpost,10,2);
+ $last_post = date("d M Y H:i", mktime($lastpost_hh, $lastpost_mm, 0, $lastpost_month, $lastpost_day, $lastpost_year));
+ echo "<tr><td width=75><p>last post</p></td><td><p><code>$last_post</code></p></td></tr>";
+}
+
+if (file_get_contents("data/username.txt") == $id) {
+ if (!file_exists("data/bb-views.txt")) {
+ $views = 0;
+ }
+ else {
+ $views = file_get_contents("data/bb-views.txt");
+ }
+ if (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ $views = $views + 1;
+ $views_file = fopen("data/bb-views.txt", "w");
+ fwrite($views_file, $views);
+ fclose($views_file);
+ }
+ echo "<tr><td width=75><p>profile views</p></td><td><p><code>$views</code></p></td></tr>";
+}
+elseif (file_exists("data/members/active/$id")) {
+ if (!file_exists("data/members/active/$id/bb-views.txt")) {
+ $views = 0;
+ }
+ else {
+ $views = file_get_contents("data/members/active/$id/bb-views.txt");
+ }
+ if (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != $id))) {
+ if (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ $views = $views + 1;
+ $views_file = fopen("data/members/active/$id/bb-views.txt", "w");
+ fwrite($views_file, $views);
+ fclose($views_file);
+ }
+ }
+ echo "<tr><td width=75><p>profile views</p></td><td><p><code>$views</code></p></td></tr>";
+}
+
+if ((file_get_contents("data/username.txt") == $id) and file_exists("data/logins.txt")) {
+ $logins = file_get_contents("data/logins.txt");
+ echo "<tr><td width=75><p>total logins</p></td><td><p><code>$logins</code></p></td></tr>";
+}
+elseif (file_exists("data/members/active/$id") and file_exists("data/members/active/$id/bb-logins.txt")) {
+ $logins = file_get_contents("data/members/active/$id/bb-logins.txt");
+ echo "<tr><td width=75><p>total logins</p></td><td><p><code>$logins</code></p></td></tr>";
+}
+
+if ($dh_posts = opendir("data/items")) {
+ while (($member_posts = readdir($dh_posts)) !== false) {
+
+ $total_posts[] = $member_posts;
+
+ if (file_exists("data/items/$member_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$member_posts/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $post_cat_dir = file_get_contents("data/items/$member_posts/category.txt");
+
+ if (file_exists("data/categories/$post_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$member_posts/cat.txt")) {
+ continue;
+ }
+
+ if ($member_posts != "." && $member_posts != ".." && fnmatch("*", $member_posts)) {
+ if (file_exists("data/members/active/$id") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$member_posts/author.txt") and (file_get_contents("data/items/$member_posts/author.txt") == $id)) {
+ $items_posts[] = $member_posts;
+ }
+ }
+ elseif (!file_exists("data/members/active/$id") and (file_get_contents("data/username.txt") == $id) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$member_posts/author.txt") and (file_get_contents("data/items/$member_posts/author.txt") == $id)) {
+ $items_posts[] = $member_posts;
+ }
+ }
+ }
+ }
+ closedir($dh_posts);
+}
+
+$posts = count($items_posts);
+$all_posts = count($total_posts);
+$ratio_posts = (($posts/$all_posts) * 90);
+$ratio_posts = number_format($ratio_posts,2);
+echo "<tr><td width=75><p>total posts</p></td><td><p><code>$posts</code></p></td></tr>";
+echo "<tr><td width=75><p> </p></td><td><p><code>{$ratio_posts}% of total</code></p></td></tr>";
+if ($posts > 0) {
+ echo "<tr><td width=75><p> </p></td><td><p><a href=index.php?author=$id><code>find all posts by $id</code></a></p></td></tr>";
+}
+unset($items_posts);
+unset($total_posts);
+
+?>
+
+<tr><td><p>permissions</p></td><td><p><code>
+<?php
+if ($id == file_get_contents("data/username.txt")) {
+ echo "rw";
+}
+if (($id != file_get_contents("data/username.txt")) and file_exists("data/members/active/$id")) {
+ if (file_exists("data/members/active/$id/rw.txt")) {
+ echo "rw";
+ }
+ else {
+ echo "ro";
+ }
+}
+if (($id != file_get_contents("data/username.txt")) and file_exists("data/members/active/$id")) {
+ if (file_exists("data/members/active/$id/ul.txt")) {
+ echo " upload";
+ }
+}
+?>
+</code></p></td></tr>
+<tr><td><p>status</p></td><td><p><code>
+<?php
+$sess_dir = session_save_path();
+
+if (file_exists("data/bb-idle.txt")) {
+ $idle = file_get_contents("data/bb-idle.txt");
+}
+else {
+ $idle = 15;
+}
+
+$sess_count = 0;
+
+if (is_dir($sess_dir)) {
+ if ($sess_dh = opendir($sess_dir)) {
+ while (($sess_file = readdir($sess_dh)) !== false) {
+ if ($sess_file != '.' && $sess_file != '..') {
+ if ((time() - fileatime("$sess_dir/$sess_file")) < ($idle * 60)) {
+
+ $sess_content = file_get_contents("$sess_dir/$sess_file");
+
+ if (preg_match("/logged_in/",$sess_content)) {
+ if (preg_match("/$id/",$sess_content)) {
+ $sess_count++;
+ }
+ }
+ }
+ }
+ }
+ closedir($sess_dh);
+ }
+}
+
+if (($sess_count > 0) or (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $id))) {
+ echo "online";
+}
+else {
+ echo "offline";
+}
+?>
+</code></p></td></tr>
+
+</table></td></tr></table></div>
+<div id=panel_footer><font style="font-size: 10px; color: #999999;"><a href=index.php>home</a> | <a href=member.php?id=all>members</a> | <a href=login.php>
+<?php
+if (isset($_SESSION['logged_in'])) {
+ echo "logout";
+}
+else {
+ echo "login";
+}
+?>
+</a></font></div>
+</td></tr></table>
diff --git a/options.php b/options.php
new file mode 100644
index 0000000..d38b7a5
--- /dev/null
+++ b/options.php
@@ -0,0 +1,482 @@
+<?php
+
+session_start();
+header("Cache-control: private");
+
+error_reporting(E_ERROR);
+
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
+if (file_exists("data/lite.txt")) {
+ exit();
+}
+
+if (!file_exists("data/bb.txt")) {
+ exit();
+}
+
+?>
+
+<style>
+body
+{
+ color: #666666;
+ margin: 10px;
+ padding: 0px;
+ text-align: left;
+ font-family: verdana, helvetica, sans-serif;
+ background-color: #FFFFFF;
+}
+p
+{
+ font-size: 11px;
+}
+a
+{
+ font-weight: bold;
+ text-decoration: none;
+}
+a:link, a:visited
+{
+ color: #666666;
+}
+a:hover
+{
+ color: #336699;
+}
+a:active {
+ color: #336699;
+}
+.input {
+ color: #666666;
+ background: #ffffff;
+ border: #999999 solid 1px;
+ width: 300px;
+ font-family: verdana,helvetica,sans-serif;
+ font-size: 11px;
+ font-weight: normal;
+}
+</style>
+
+<?php
+
+if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and isset($_REQUEST['key']) and !empty($_REQUEST['key'])) {
+
+ $username = $_REQUEST['username'];
+
+ if (file_exists("data/members/active/$username") and ($_REQUEST['key'] == file_get_contents("data/members/active/$username/key.txt"))) {
+ unlink("data/members/active/$username/key.txt");
+ unlink("data/members/active/$username/vacation.txt");
+ unlink("data/members/active/$username/email.txt");
+ rename("data/members/active/$username/new-email.txt","data/members/active/$username/email.txt");
+ echo "<p><font style=\"font-size: 12px;\"><b>Thanks!</b></font></p><p>You have successfully verified your new e-mail address.<br>Click <a href=index.php>here</a> to go to the index page.</p>";
+ }
+ exit();
+}
+
+if (!isset($_SESSION['logged_in'])) {
+ exit();
+}
+
+if ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) {
+ exit();
+}
+
+if (!file_exists("data/members/active/{$_SESSION['logged_in']}")) {
+ exit();
+}
+
+if (isset($_REQUEST['email']) and !empty($_REQUEST['email']) and (file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt") != $_REQUEST['email']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email']))) {
+ $email_write_content = strtolower($_REQUEST['email']);
+ $email_write_content = trim($email_write_content);
+ $email_write_content = htmlentities($email_write_content, ENT_NOQUOTES);
+ $fp_email_txt = fopen("data/members/active/{$_SESSION['logged_in']}/new-email.txt","w");
+ fwrite($fp_email_txt,$email_write_content);
+ fclose($fp_email_txt);
+
+ function str_rand($length = 8, $seeds = 'abcdefghijklmnopqrstuvwxyz0123456789') {
+ $str = '';
+ $seeds_count = strlen($seeds);
+
+ list($usec, $sec) = explode(' ', microtime());
+ $seed = (float) $sec + ((float) $usec * 100000);
+ mt_srand($seed);
+
+ for ($i = 0; $length > $i; $i++) {
+ $str .= $seeds{mt_rand(0, $seeds_count - 1)};
+ }
+
+ return $str;
+ }
+
+ $key_email = str_rand(40);
+
+ $fp_key_txt = fopen("data/members/active/{$_SESSION['logged_in']}/key.txt","w");
+ fwrite($fp_key_txt,$key_email);
+ fclose($fp_key_txt);
+
+ $firstname = file_get_contents("data/members/active/{$_SESSION['logged_in']}/firstname.txt");
+
+ $old_email = file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt");
+
+ $mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+
+ $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $sig_url = str_replace('//', '/', $sig_url);
+ $sig_url = "http://" . $sig_url;
+
+ $sig_author = file_get_contents("data/author.txt");
+ $from_email = file_get_contents("data/email.txt");
+
+ $confirm_change = "Hi $firstname,\n\nWe have received an e-mail address modification request ($old_email to $email_write_content) at $sig_url. To confirm this, simply visit this link:\n\n{$sig_url}options.php?username={$_SESSION['logged_in']}&key=$key_email\n\nIf you have any questions, send them to $from_email.\n\nThanks!\n\n--\n$sig_author\n$sig_url\n";
+
+ $confirm_change = wordwrap($confirm_change);
+
+ mail($email_write_content, "confirm $key_email", $confirm_change,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ echo "<p>Confirmation request sent. Check your $email_write_content inbox for details.</p>";
+}
+
+if ((!isset($_REQUEST['url']) or empty($_REQUEST['url'])) and isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ unlink("data/members/active/{$_SESSION['logged_in']}/url.txt");
+}
+
+if (isset($_REQUEST['url']) and !empty($_REQUEST['url']) and (ereg("\.", $_REQUEST['url']))) {
+ $url = str_replace('http://', '', $_REQUEST['url']);
+ $url = strtolower($url);
+ $url = trim($url);
+ $url = 'http://' . $url;
+ $url = htmlentities($url, ENT_NOQUOTES);
+ $fp_url_txt = fopen("data/members/active/{$_SESSION['logged_in']}/url.txt","w");
+ fwrite($fp_url_txt,$url);
+ fclose($fp_url_txt);
+}
+
+if ((!isset($_REQUEST['sig']) or empty($_REQUEST['sig'])) and isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ unlink("data/members/active/{$_SESSION['logged_in']}/sig.txt");
+}
+
+if (isset($_REQUEST['sig']) and !empty($_REQUEST['sig'])) {
+ $sig = strip_tags($_REQUEST['sig']);
+ $sig = str_replace("[b]","<b>",$sig);
+ $sig = str_replace("[/b]","</b>",$sig);
+ $sig = str_replace("[i]","<i>",$sig);
+ $sig = str_replace("[/i]","</i>",$sig);
+ $sig = str_replace("[u]","<u>",$sig);
+ $sig = str_replace("[/u]","</u>",$sig);
+ $sig = str_replace("[sup]","<sup>",$sig);
+ $sig = str_replace("[/sup]","</sup>",$sig);
+ $sig = str_replace("[sub]","<sub>",$sig);
+ $sig = str_replace("[/sub]","</sub>",$sig);
+ $sig = str_replace("[strike]","<strike>",$sig);
+ $sig = str_replace("[/strike]","</strike>",$sig);
+ $sig = str_replace("\n","<br>", $sig);
+ $sig = ucfirst($sig);
+ $sig = trim($sig);
+ $fp_sig_txt = fopen("data/members/active/{$_SESSION['logged_in']}/sig.txt","w");
+ fwrite($fp_sig_txt,$sig);
+ fclose($fp_sig_txt);
+}
+
+if (isset($_REQUEST['del_avatar']) and !empty($_REQUEST['del_avatar']) and ($_REQUEST['del_avatar'] == "on")) {
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.gif");
+ }
+
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.jpg");
+ }
+
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.png");
+ }
+}
+
+if (isset($_FILES['avatar']) and !empty($_FILES['avatar'])) {
+
+$max_image_size = 1000000;
+
+ if (is_uploaded_file($_FILES['avatar']['tmp_name'])) {
+
+ if ($_FILES['avatar']['size']<=$max_image_size) {
+
+ if (($_FILES['avatar']['type']=="image/gif") || ($_FILES['avatar']['type']=="image/pjpeg") || ($_FILES['avatar']['type']=="image/jpeg") || ($_FILES['avatar']['type']=="image/png")) {
+
+ if (!file_exists("images/members")) {
+ mkdir("images/members");
+ }
+
+ if (!file_exists("images/members/{$_SESSION['logged_in']}")) {
+ mkdir("images/members/{$_SESSION['logged_in']}");
+ }
+
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.gif");
+ }
+
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.jpg");
+ }
+
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.png");
+ }
+
+ if ($_FILES['avatar']['type']=="image/gif") {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/members/{$_SESSION['logged_in']}/avatar.gif");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+
+ if (($_FILES['avatar']['type']=="image/jpeg") or ($_FILES['avatar']['type']=="image/pjpeg")) {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/members/{$_SESSION['logged_in']}/avatar.jpg");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+
+ if ($_FILES['avatar']['type']=="image/png") {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/members/{$_SESSION['logged_in']}/avatar.png");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+}
+
+if (isset($_REQUEST['vacation']) and !empty($_REQUEST['vacation']) and ($_REQUEST['vacation'] == "on") and !file_exists("data/members/active/{$_SESSION['logged_in']}/vacation.txt")) {
+ touch("data/members/active/{$_SESSION['logged_in']}/vacation.txt");
+}
+
+if (!isset($_REQUEST['vacation']) or empty($_REQUEST['vacation'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/members/active/{$_SESSION['logged_in']}/vacation.txt")) {
+ unlink("data/members/active/{$_SESSION['logged_in']}/vacation.txt");
+ }
+ }
+}
+
+if (file_exists("data/members/active/{$_SESSION['logged_in']}/key.txt") and !file_exists("data/members/active/{$_SESSION['logged_in']}/vacation.txt")) {
+ touch("data/members/active/{$_SESSION['logged_in']}/vacation.txt");
+}
+
+if (isset($_REQUEST['current_passwd']) and !empty($_REQUEST['current_passwd']) and isset($_REQUEST['new_passwd']) and !empty($_REQUEST['new_passwd']) and isset($_REQUEST['confirm_passwd']) and !empty($_REQUEST['confirm_passwd'])) {
+
+ if (file_exists("data/bb-passlen.txt")) {
+ $pass_len = file_get_contents("data/bb-passlen.txt");
+ }
+ else {
+ $pass_len = 8;
+ }
+
+ $current_passwd = trim($_REQUEST['current_passwd']);
+ $new_passwd = trim($_REQUEST['new_passwd']);
+ $confirm_passwd = trim($_REQUEST['confirm_passwd']);
+
+ if ((strlen($new_passwd) < $pass_len) or (strlen($confirm_passwd) < $pass_len)) {
+ echo "<p>Passwords must be composed of at least $pass_len characters.</p>";
+ }
+ else {
+ /* Fun with crypt! */
+ $current_passwd = sha1($current_passwd);
+ $current_passwd = md5($current_passwd);
+ $current_passwd = crypt($current_passwd, $current_passwd);
+ $new_passwd = sha1($new_passwd);
+ $new_passwd = md5($new_passwd);
+ $new_passwd = crypt($new_passwd, $new_passwd);
+ $confirm_passwd = sha1($confirm_passwd);
+ $confirm_passwd = md5($confirm_passwd);
+ $confirm_passwd = crypt($confirm_passwd, $confirm_passwd);
+
+ if (($current_passwd != file_get_contents("data/members/active/{$_SESSION['logged_in']}/password.txt")) or ($new_passwd != $confirm_passwd)) {
+ echo "<p>Passwords do not match.</p>";
+ }
+ else {
+ $fp_passwd_txt = fopen("data/members/active/{$_SESSION['logged_in']}/password.txt","w");
+ fwrite($fp_passwd_txt,$new_passwd);
+ fclose($fp_passwd_txt);
+ $login_url = "http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/login.php";
+ $login_url = str_replace("//login.php", "/login.php", $login_url);
+ echo "<p>Password successfully changed and encrypted on record.</p>";
+ }
+ }
+}
+
+?>
+
+<table border=0 cellspacing=1 cellpadding=2 bgcolor=#cccccc>
+<tr><td bgcolor=#ffffff colspan=2 align=right><p>you are logged in as <b><?php echo "<b>{$_SESSION['logged_in']}</b>"; ?> </b></p></td></tr>
+<tr><td bgcolor=#ffffff><?php
+if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) {
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif")) {
+ $avatar_gif_image_size = getimagesize("images/members/{$_SESSION['logged_in']}/avatar.gif");
+ $avatar_gif_image_width = $avatar_gif_image_size[0];
+ $avatar_gif_image_height = $avatar_gif_image_size[1];
+
+ $max_avatar_gif_image_width = 80;
+
+ if ($avatar_gif_image_width > $max_avatar_gif_image_width) {
+ $sizefactor = (double) ($max_avatar_gif_image_width / $avatar_gif_image_width) ;
+ $avatar_gif_image_width = (int) ($avatar_gif_image_width * $sizefactor);
+ $avatar_gif_image_height = (int) ($avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/{$_SESSION['logged_in']}/avatar.gif border=0 width=";
+ echo $avatar_gif_image_width;
+ echo " height=";
+ echo $avatar_gif_image_height;
+ }
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg")) {
+ $avatar_jpg_image_size = getimagesize("images/members/{$_SESSION['logged_in']}/avatar.jpg");
+ $avatar_jpg_image_width = $avatar_jpg_image_size[0];
+ $avatar_jpg_image_height = $avatar_jpg_image_size[1];
+
+ $max_avatar_jpg_image_width = 80;
+
+ if ($avatar_jpg_image_width > $max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($max_avatar_jpg_image_width / $avatar_jpg_image_width) ;
+ $avatar_jpg_image_width = (int) ($avatar_jpg_image_width * $sizefactor);
+ $avatar_jpg_image_height = (int) ($avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/{$_SESSION['logged_in']}/avatar.jpg border=0 width=";
+ echo $avatar_jpg_image_width;
+ echo " height=";
+ echo $avatar_jpg_image_height;
+ }
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) {
+ $avatar_png_image_size = getimagesize("images/members/{$_SESSION['logged_in']}/avatar.png");
+ $avatar_png_image_width = $avatar_png_image_size[0];
+ $avatar_png_image_height = $avatar_png_image_size[1];
+
+ $max_avatar_png_image_width = 80;
+
+ if ($avatar_png_image_width > $max_avatar_png_image_width) {
+ $sizefactor = (double) ($max_avatar_png_image_width / $avatar_png_image_width) ;
+ $avatar_png_image_width = (int) ($avatar_png_image_width * $sizefactor);
+ $avatar_png_image_height = (int) ($avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/{$_SESSION['logged_in']}/avatar.png border=0 width=";
+ echo $avatar_png_image_width;
+ echo " height=";
+ echo $avatar_png_image_height;
+ }
+ echo ">";
+}
+?></p></td><td bgcolor=#ffffff><p>
+
+<?php
+
+echo "<b>";
+readfile("data/members/active/{$_SESSION['logged_in']}/firstname.txt");
+echo " ";
+readfile("data/members/active/{$_SESSION['logged_in']}/lastname.txt");
+echo "</b>";
+
+if (file_exists("data/members/active/{$_SESSION['logged_in']}/rank.txt") and file_exists("data/rank.txt")) {
+ $rank = file_get_contents("data/members/active/{$_SESSION['logged_in']}/rank.txt");
+ echo "<br>$rank";
+}
+elseif (!file_exists("data/members/active/{$_SESSION['logged_in']}/rank.txt") and file_exists("data/rank.txt")) {
+ echo "<br>member";
+}
+
+if (file_exists("data/members/active/{$_SESSION['logged_in']}/timestamp.txt")) {
+ $joined = file_get_contents("data/members/active/{$_SESSION['logged_in']}/timestamp.txt");
+ $joined_year = substr($joined,0,4);
+ $joined_month = substr($joined,4,2);
+ $joined_day = substr($joined,6,2);
+ $joined_hh = substr($joined,8,2);
+ $joined_mm = substr($joined,10,2);
+ $member_since = date("d M Y H:i", mktime($joined_hh, $joined_mm, 0, $joined_month, $joined_day, $joined_year));
+ echo "<p align=right>member since<code> $member_since </code>";
+}
+
+if (file_exists("data/members/active/{$_SESSION['logged_in']}/bb-last.txt")) {
+ $lastlog = file_get_contents("data/members/active/{$_SESSION['logged_in']}/bb-last.txt");
+ $lastlog_year = substr($lastlog,0,4);
+ $lastlog_month = substr($lastlog,4,2);
+ $lastlog_day = substr($lastlog,6,2);
+ $lastlog_hh = substr($lastlog,8,2);
+ $lastlog_mm = substr($lastlog,10,2);
+ $last_login = date("d M Y H:i", mktime($lastlog_hh, $lastlog_mm, 0, $lastlog_month, $lastlog_day, $lastlog_year));
+ echo "<br>last login<code> $last_login </code>";
+}
+
+?>
+
+</p></td></tr>
+
+<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
+<input type=hidden name=edit value=on>
+
+<?php if (!file_exists("data/members/active/{$_SESSION['logged_in']}/key.txt")) { ?>
+<tr><td bgcolor=#ffffff><p>e-mail address*</p></td><td bgcolor=#ffffff colspan=2><input class=input type=text autocomplete=off name=email maxlength=60 value=<?php readfile("data/members/active/{$_SESSION['logged_in']}/email.txt"); ?>></td></tr>
+<?php } ?>
+
+<tr><td bgcolor=#ffffff><p>website</p></td><td bgcolor=#ffffff colspan=2><input class=input type=text autocomplete=off name=url maxlength=300 <?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/url.txt")) { echo "value=";readfile("data/members/active/{$_SESSION['logged_in']}/url.txt"); } ?>></td></tr>
+
+<?php if (file_exists("data/bb.txt") and file_exists("data/bb-sig.txt")) { ?>
+
+<tr><td bgcolor=#ffffff><p>signature</p></td><td bgcolor=#ffffff colspan=2><textarea class=input name=sig><?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/sig.txt")) {
+
+ $get_sig = file_get_contents("data/members/active/{$_SESSION['logged_in']}/sig.txt");
+ $get_sig = str_replace("<b>","[b]",$get_sig);
+ $get_sig = str_replace("</b>","[/b]",$get_sig);
+ $get_sig = str_replace("<i>","[i]",$get_sig);
+ $get_sig = str_replace("</i>","[/i]",$get_sig);
+ $get_sig = str_replace("<u>","[u]",$get_sig);
+ $get_sig = str_replace("</u>","[/u]",$get_sig);
+ $get_sig = str_replace("<sup>","[sup]",$get_sig);
+ $get_sig = str_replace("</sup>","[/sup]",$get_sig);
+ $get_sig = str_replace("<sub>","[sub]",$get_sig);
+ $get_sig = str_replace("</sub>","[/sub]",$get_sig);
+ $get_sig = str_replace("<strike>","[strike]",$get_sig);
+ $get_sig = str_replace("</strike>","[/strike]",$get_sig);
+ $get_sig = str_replace("<br>","\n",$get_sig);
+ echo $get_sig;
+
+} ?></textarea></td></tr>
+
+<?php } ?>
+
+<tr><td bgcolor=#ffffff><p>upload avatar</p></td><td bgcolor=#ffffff colspan=2><input type=file autocomplete=off name=avatar></td></tr>
+<?php
+if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) { ?>
+<tr><td bgcolor=#ffffff><p></p></td><td bgcolor=#ffffff colspan=2><p><input type=checkbox name=del_avatar>delete existing avatar</p></td></tr>
+<?php } if (file_exists("data/ml.txt") and !file_exists("data/members/active/{$_SESSION['logged_in']}/key.txt")) { ?>
+<tr><td bgcolor=#ffffff><p></p></td><td bgcolor=#ffffff colspan=2><p><input type=checkbox name=vacation <?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/vacation.txt")) { echo checked; } ?>>temporarily disable mailing list subscription</p></td></tr>
+<?php } ?>
+<tr><td bgcolor=#ffffff><p>current password</p></td><td bgcolor=#ffffff colspan=2><input class=input type=password autocomplete=off name=current_passwd maxlength=30></td></tr>
+<tr><td bgcolor=#ffffff><p>new password</p></td><td bgcolor=#ffffff width=300><input class=input type=password autocomplete=off name=new_passwd maxlength=30></td></tr>
+<tr><td bgcolor=#ffffff><p>confirm password</p></td><td bgcolor=#ffffff><input class=input type=password autocomplete=off name=confirm_passwd maxlength=30></td></tr>
+<tr><td bgcolor=#ffffff><p></p></td><td bgcolor=#ffffff><input class=input type=submit value="click here to activate new settings"></td></tr>
+</form>
+<form enctype="multipart/form-data" action="<?php echo 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); ?>" method="post">
+<tr><td bgcolor=#ffffff><p></p></td><td bgcolor=#ffffff><input class=input type=submit value="click here to go to the index page"></td></tr>
+</form>
+</table>
diff --git a/panels.php b/panels.php
index 2fbc6b5..b6bc790 100644
--- a/panels.php
+++ b/panels.php
@@ -5,6 +5,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
diff --git a/passwd.php b/passwd.php
index 7002d77..fe098bb 100644
--- a/passwd.php
+++ b/passwd.php
@@ -47,6 +47,22 @@ a:active {
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
$dir = "data/items/" . $_REQUEST['entry'];
diff --git a/reg.php b/reg.php
new file mode 100644
index 0000000..f6f6653
--- /dev/null
+++ b/reg.php
@@ -0,0 +1,460 @@
+<?php
+
+if (file_exists("data/lite.txt")) {
+ exit();
+}
+
+if (!file_exists("data/reg.txt")) {
+ exit();
+}
+
+error_reporting(E_ERROR);
+
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
+if (file_exists("data/offset.txt")) {
+ $offset = file_get_contents("data/offset.txt");
+}
+else {
+ $offset = 0;
+}
+
+if (file_exists("data/bb-min-age.txt")) {
+ $minage = file_get_contents("data/bb-min-age.txt");
+}
+else {
+ $minage = 5;
+}
+
+if (file_exists("data/bb-max-age.txt")) {
+ $maxage = file_get_contents("data/bb-max-age.txt");
+}
+else {
+ $maxage = 125;
+}
+
+?>
+
+<style>
+body
+{
+ color: #666666;
+ margin: 10px;
+ padding: 0px;
+ text-align: left;
+ font-family: verdana, helvetica, sans-serif;
+ background-color: #FFFFFF;
+}
+p
+{
+ font-size: 11px;
+}
+a
+{
+ font-weight: bold;
+ text-decoration: none;
+}
+a:link, a:visited
+{
+ color: #666666;
+}
+a:hover
+{
+ color: #336699;
+}
+a:active {
+ color: #336699;
+}
+.input {
+ color: #666666;
+ background: #ffffff;
+ border: #999999 solid 1px;
+ width: 300px;
+ font-family: verdana,helvetica,sans-serif;
+ font-size: 11px;
+ font-weight: normal;
+}
+.bd {
+ color: #666666;
+ background: #ffffff;
+ border: #999999 solid 1px;
+ width: 98px;
+ font-family: verdana,helvetica,sans-serif;
+ font-size: 11px;
+ font-weight: normal;
+}
+</style>
+
+<?php
+
+// 20061014 - reg.php
+
+function str_rand($length = 8, $seeds = 'abcdefghijklmnopqrstuvwxyz0123456789') {
+ $str = '';
+ $seeds_count = strlen($seeds);
+
+ list($usec, $sec) = explode(' ', microtime());
+ $seed = (float) $sec + ((float) $usec * 100000);
+ mt_srand($seed);
+
+ for ($i = 0; $length > $i; $i++) {
+ $str .= $seeds{mt_rand(0, $seeds_count - 1)};
+ }
+
+ return $str;
+}
+
+function rmdirr($recurse_dirname)
+{
+
+ if (!file_exists($recurse_dirname)) {
+ return false;
+ }
+
+ if (is_file($recurse_dirname)) {
+ return unlink($recurse_dirname);
+ }
+
+ $recurse_dir = dir($recurse_dirname);
+ while (false !== $recurse_entry = $recurse_dir->read()) {
+
+ if ($recurse_entry == '.' || $recurse_entry == '..') {
+ continue;
+ }
+
+ rmdirr("$recurse_dirname/$recurse_entry");
+ }
+
+ $recurse_dir->close();
+ return rmdir($recurse_dirname);
+}
+
+if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and isset($_REQUEST['key']) and !empty($_REQUEST['key']) and isset($_REQUEST['action']) and !empty($_REQUEST['action'])) {
+
+ $username = $_REQUEST['username'];
+
+ if (file_exists("data/members/confirmed/$username") and ($_REQUEST['key'] == file_get_contents("data/members/confirmed/$username/key.txt"))) {
+ if ($_REQUEST['action'] == "approve") {
+ unlink("data/members/confirmed/$username/key.txt");
+ $timestamp = date("YmdHis", time() + $offset);
+ $fp_timestamp_txt = fopen("data/members/confirmed/$username/timestamp.txt","w");
+ fwrite($fp_timestamp_txt,$timestamp);
+ fclose($fp_timestamp_txt);
+ if (!file_exists("data/members/active")) {
+ mkdir("data/members/active");
+ }
+ rename("data/members/confirmed/$username","data/members/active/$username");
+
+ $password = str_rand(16);
+
+ /* Fun with crypt! */
+ $passwd = sha1($password);
+ $passwd = md5($passwd);
+ $passwd = crypt($passwd, $passwd);
+
+ $fp_passwd_txt = fopen("data/members/active/$username/password.txt","w");
+ fwrite($fp_passwd_txt,$passwd);
+ fclose($fp_passwd_txt);
+
+ $firstname = file_get_contents("data/members/active/$username/firstname.txt");
+ $lastname = file_get_contents("data/members/active/$username/lastname.txt");
+ $email = file_get_contents("data/members/active/$username/email.txt");
+ $from_email = file_get_contents("data/email.txt");
+
+ $mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+
+ $sig_author = file_get_contents("data/author.txt");
+
+ $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $sig_url = str_replace('//', '/', $sig_url);
+ $sig_url = "http://" . $sig_url;
+
+ $registered_notice = "$firstname $lastname ($email), AKA $username, has been successfully registered at {$sig_url}.";
+ $registered_notice = wordwrap($registered_notice);
+
+ $password_notice = "Hi $firstname,\n\nYour membership at $sig_url has been activated.\n\nThe initial password for \"$username\" is \"$password\" (case-sensitive). Please change this as soon as possible. For security reasons, your password on record is encrypted - you're the only one who knows what it is.\n\nIf you need further assistance, please send email to $from_email.\n\nThanks!\n\n--\n$sig_author\n$sig_url\n";
+
+ $password_notice = wordwrap($password_notice);
+
+ mail($from_email, "registration notice ($email)", $registered_notice,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ mail($email, "password notice ($username)", $password_notice,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ $fp_new_txt = fopen("data/bb-new.txt","w");
+ fwrite($fp_new_txt,$username);
+ fclose($fp_new_txt);
+
+ echo "<p><font style=\"font-size: 12px;\"><b>Approved</b></font></p><p>The e-mail address ";
+ readfile("data/members/active/$username/email.txt");
+ echo " has been registered.<br>Click <a href=index.php>here</a> to go to the index page.</p>";
+ }
+
+ if ($_REQUEST['action'] == "deny") {
+ rmdirr("data/members/confirmed/$username");
+ echo "<p><font style=\"font-size: 12px;\"><b>Denied</b></font></p><p>The e-mail address ";
+ readfile("data/members/active/$username/email.txt");
+ echo " will not be registered.<br>Registration request deleted.<br>Click <a href=index.php>here</a> to go to the index page.</p>";
+ }
+
+ }
+ exit();
+}
+
+if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and isset($_REQUEST['key']) and !empty($_REQUEST['key'])) {
+
+ $username = $_REQUEST['username'];
+
+ if (file_exists("data/members/pending/$username") and ($_REQUEST['key'] == file_get_contents("data/members/pending/$username/key.txt"))) {
+
+ $firstname = file_get_contents("data/members/pending/$username/firstname.txt");
+ $lastname = file_get_contents("data/members/pending/$username/lastname.txt");
+ $email = file_get_contents("data/members/pending/$username/email.txt");
+ $from_email = file_get_contents("data/email.txt");
+
+ $mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+
+ $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $sig_url = str_replace('//', '/', $sig_url);
+ $sig_url = "http://" . $sig_url;
+
+ $sig_author = file_get_contents("data/author.txt");
+
+ unlink("data/members/pending/$username/key.txt");
+
+ $timestamp = date("YmdHis", time() + $offset);
+
+ $fp_timestamp_txt = fopen("data/members/pending/$username/timestamp.txt","w");
+ fwrite($fp_timestamp_txt,$timestamp);
+ fclose($fp_timestamp_txt);
+
+ if (!file_exists("data/xapp.txt")) {
+ if (!file_exists("data/members/confirmed")) {
+ mkdir("data/members/confirmed");
+ }
+ rename("data/members/pending/$username","data/members/confirmed/$username");
+
+ $key = str_rand(40);
+
+ $fp_key_txt = fopen("data/members/confirmed/$username/key.txt","w");
+ fwrite($fp_key_txt,$key);
+ fclose($fp_key_txt);
+
+ $confirmation_notice = "$firstname $lastname, AKA $username, successfully confirmed the e-mail address $email for registration at {$sig_url}.\n\nVisit the link below to approve this registration:\n\n{$sig_url}reg.php?username=$username&key=$key&action=approve\n\nVisit the link below to deny this registration:\n\n{$sig_url}reg.php?username=$username&key=$key&action=deny\n\nYou can also approve or deny pending registration requests at a later time by logging on to your blog.";
+ $confirmation_notice = wordwrap($confirmation_notice);
+
+ mail($from_email, "confirmation notice ($email)", $confirmation_notice,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+ }
+ else {
+ if (!file_exists("data/members/active")) {
+ mkdir("data/members/active");
+ }
+ rename("data/members/pending/$username","data/members/active/$username");
+ $registered_notice = "$firstname $lastname ($email), AKA $username, has been successfully registered at {$sig_url}.";
+ $registered_notice = wordwrap($registered_notice);
+
+ mail($from_email, "registration notice ($email)", $registered_notice,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ $password = str_rand(16);
+
+ /* Fun with crypt! */
+ $passwd = sha1($password);
+ $passwd = md5($passwd);
+ $passwd = crypt($passwd, $passwd);
+
+ $fp_passwd_txt = fopen("data/members/active/$username/password.txt","w");
+ fwrite($fp_passwd_txt,$passwd);
+ fclose($fp_passwd_txt);
+
+ $firstname = file_get_contents("data/members/active/$username/firstname.txt");
+ $lastname = file_get_contents("data/members/active/$username/lastname.txt");
+ $email = file_get_contents("data/members/active/$username/email.txt");
+ $from_email = file_get_contents("data/email.txt");
+
+ $mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+
+ $sig_author = file_get_contents("data/author.txt");
+
+ $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $sig_url = str_replace('//', '/', $sig_url);
+ $sig_url = "http://" . $sig_url;
+
+ $password_notice = "Hi $firstname,\n\nYour membership at $sig_url has been activated.\n\nThe initial password for \"$username\" is \"$password\" (case-sensitive). Please change this as soon as possible. For security reasons, your password on record is encrypted - you're the only one who knows what it is.\n\nIf you need further assistance, please send email to $from_email.\n\nThanks!\n\n--\n$sig_author\n$sig_url\n";
+
+ $password_notice = wordwrap($password_notice);
+
+ mail($email, "password notice ($username)", $password_notice,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ $fp_new_txt = fopen("data/bb-new.txt","w");
+ fwrite($fp_new_txt,$username);
+ fclose($fp_new_txt);
+
+ }
+
+ echo "<p><font style=\"font-size: 12px;\"><b>Thanks!</b></font></p><p>You have successfully verified your e-mail address.<br>";
+
+ if (file_exists("data/xapp.txt")) {
+ echo "You are now a registered member on this site.";
+ }
+ else {
+ echo "Your membership will be activated as soon as your registration is approved.";
+ }
+
+ echo "<br>Click <a href=index.php>here</a> to go to the index page.</p>";
+
+ }
+
+ exit();
+}
+
+if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and ($_REQUEST['username'] != "all") and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_REQUEST['firstname']) and !empty($_REQUEST['firstname']) and isset($_REQUEST['lastname']) and !empty($_REQUEST['lastname']) and isset($_REQUEST['email']) and !empty($_REQUEST['email']) and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_put']) and ($_REQUEST['captcha_get'] == $_REQUEST['captcha_put']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email'])) and (strpos(file_get_contents("data/bb-reserved.txt"), $_REQUEST['username']) === false) and isset($_REQUEST['bd_year']) and !empty($_REQUEST['bd_year']) and isset($_REQUEST['bd_month']) and !empty($_REQUEST['bd_month']) and isset($_REQUEST['bd_day']) and !empty($_REQUEST['bd_day']) and (strlen($_REQUEST['bd_year']) == "4") and (strlen($_REQUEST['bd_month']) == "2") and (strlen($_REQUEST['bd_day']) == "2") and is_numeric($_REQUEST['bd_year']) and is_numeric($_REQUEST['bd_month']) and is_numeric($_REQUEST['bd_day']) and ((date("Y", time() + $offset) - $_REQUEST['bd_year']) <= $maxage) and ((date("Y", time() + $offset) - $_REQUEST['bd_year']) >= $minage) and ($_REQUEST['bd_month'] >= 1) and ($_REQUEST['bd_month'] <= 12) and ($_REQUEST['bd_day'] >= 1) and ($_REQUEST['bd_day'] <= 31)) {
+
+ $username = strtolower($_REQUEST['username']);
+ $username = str_replace(" ","_",$username);
+ $username = trim($username);
+ $username = htmlentities($username, ENT_NOQUOTES);
+
+ $firstname = strtolower($_REQUEST['firstname']);
+ $firstname = ucwords($firstname);
+ $firstname = trim($firstname);
+ $firstname = htmlentities($firstname, ENT_NOQUOTES);
+
+ $lastname = strtolower($_REQUEST['lastname']);
+ $lastname = ucwords($lastname);
+ $lastname = trim($lastname);
+ $lastname = htmlentities($lastname, ENT_NOQUOTES);
+
+ $email = strtolower($_REQUEST['email']);
+ $email = trim($email);
+ $email = htmlentities($email, ENT_NOQUOTES);
+
+ if (!file_exists("data/members")) {
+ mkdir("data/members");
+ }
+
+ if (!file_exists("data/members/pending")) {
+ mkdir("data/members/pending");
+ }
+
+ if (!file_exists("data/members/pending/$username") and !file_exists("data/members/confirmed/$username") and !file_exists("data/members/active/$username") and ($username != file_get_contents("data/username.txt"))) {
+ mkdir("data/members/pending/$username");
+
+ $fp_firstname_txt = fopen("data/members/pending/$username/firstname.txt","w");
+ fwrite($fp_firstname_txt,$firstname);
+ fclose($fp_firstname_txt);
+
+ $fp_lastname_txt = fopen("data/members/pending/$username/lastname.txt","w");
+ fwrite($fp_lastname_txt,$lastname);
+ fclose($fp_lastname_txt);
+
+ $fp_email_txt = fopen("data/members/pending/$username/email.txt","w");
+ fwrite($fp_email_txt,$email);
+ fclose($fp_email_txt);
+
+ $bday = $_REQUEST['bd_year'] . $_REQUEST['bd_month'] . $_REQUEST['bd_day'];
+ $fp_bday_txt = fopen("data/members/pending/$username/bday.txt","w");
+ fwrite($fp_bday_txt,$bday);
+ fclose($fp_bday_txt);
+
+ if (isset($_REQUEST['url']) and !empty($_REQUEST['url']) and (ereg("\.", $_REQUEST['url']))) {
+ $url = str_replace('http://', '', $_REQUEST['url']);
+ $url = strtolower($url);
+ $url = trim($url);
+ $url = 'http://' . $url;
+ $url = htmlentities($url, ENT_NOQUOTES);
+ $fp_url_txt = fopen("data/members/pending/$username/url.txt","w");
+ fwrite($fp_url_txt,$url);
+ fclose($fp_url_txt);
+ }
+
+ $key = str_rand(40);
+
+ $fp_key_txt = fopen("data/members/pending/$username/key.txt","w");
+ fwrite($fp_key_txt,$key);
+ fclose($fp_key_txt);
+
+ $mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+
+ $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $sig_url = str_replace('//', '/', $sig_url);
+ $sig_url = "http://" . $sig_url;
+
+ $sig_author = file_get_contents("data/author.txt");
+ $from_email = file_get_contents("data/email.txt");
+
+ $confirm_thanks = "Hi $firstname,\n\nWe have received a registration request for $email to $sig_url. To confirm this, simply visit this link:\n\n{$sig_url}reg.php?username=$username&key=$key\n\nIf you do not wish to be a member, please disregard this message. If you think you are being maliciously registered, or have any other questions, send them to $from_email.\n\nThanks!\n\n--\n$sig_author\n$sig_url\n";
+
+ $confirm_thanks = wordwrap($confirm_thanks);
+
+ mail($email, "confirm $key", $confirm_thanks,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ echo "<p><font style=\"font-size: 12px;\"><b>Thanks!</b></font></p><p>Your registration request was successfully submitted. Check your $email inbox for details.<br>You can register another e-mail address below or click <a href=index.php>here</a> to go to the index page.</p>";
+
+ }
+ else {
+ echo "<p><font style=\"font-size: 12px;\"><b>Oops!</b></font></p><p>Sorry, the username $username is already taken. Please try another one.</p>";
+ }
+}
+
+?>
+
+<p><b>Register</b></p>
+
+<p>Fill out the form below and enter <b><?php $captcha_rand = str_rand(7); echo $captcha_rand; ?></b> as your registration code.</p>
+
+<?php
+
+if (file_exists("data/bb-disclaimer.txt")) {
+ echo "<table border=0 cellspacing=0 cellpadding=0 width=400><tr><td><p>";
+ readfile("data/bb-disclaimer.txt");
+ echo "</p></td></tr><tr><td><p> </p></td></tr></table>";
+}
+
+?>
+
+<table border=0 cellspacing=2 cellpadding=0>
+<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
+<input type=hidden name=captcha_get value="<?php echo $captcha_rand; ?>">
+<tr><td width=100><p>Username</p></td><td colspan=3><input class=input type=text autocomplete=off name=username maxlength=30></td></tr>
+<tr><td width=100><p>First Name</p></td><td width=300 colspan=3><input class=input type=text autocomplete=off name=firstname maxlength=30></td></tr>
+<tr><td width=100><p>Last Name</p></td><td colspan=3><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
+<tr><td width=100><p>E-mail Address</p></td><td colspan=3><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
+<tr><td width=100><p>Birthdate</p></td><td><input class=bd type=text autocomplete=off name=bd_year maxlength=4 value=<?php echo date("Y", time() + $offset); ?>></td><td><input class=bd type=text autocomplete=off name=bd_month maxlength=2 value=<?php echo date("m", time() + $offset); ?>></td><td><input class=bd type=text autocomplete=off name=bd_day maxlength=2 value=<?php echo date("d", time() + $offset); ?>></td></tr>
+<tr><td width=100><p>Website</p></td><td colspan=3><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
+<tr><td width=100><p>Registration Code</p></td><td colspan=3><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>
+<tr><td><p></p></td><td colspan=3><input class=input type=submit value="click here to submit your registration"></td></tr>
+</form>
+<form enctype="multipart/form-data" action="<?php echo 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); ?>" method="post">
+<tr><td><p></p></td><td colspan=3><input class=input type=submit value="click here to go to the index page"></td></tr>
+</for
diff --git a/rss.php b/rss.php
index 66cbeb5..4d5e61f 100644
--- a/rss.php
+++ b/rss.php
@@ -2,6 +2,22 @@
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
if (isset($_REQUEST['ver']) and !empty($_REQUEST['ver'])) {
$title_file = "data/title.txt";
$fp_title = fopen($title_file, "r");
@@ -47,6 +63,10 @@ if (isset($_REQUEST['ver']) and !empty($_REQUEST['ver'])) {
continue;
}
+ if (file_exists("data/items/$entry_rss_items/member.txt")) {
+ continue;
+ }
+
if ($entry_rss_items != "." && $entry_rss_items != ".." && fnmatch("*", $entry_rss_items) && !file_exists("data/items/$entry_rss_items/private.txt")) {
$show_rss_items[] = $entry_rss_items;
}
@@ -98,6 +118,16 @@ if (isset($_REQUEST['ver']) and !empty($_REQUEST['ver'])) {
$description = strip_tags($description);
$description = htmlentities($description, ENT_NOQUOTES);
$description = str_replace("&","&",$description);
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt")) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $description = preg_replace("/\b($badwords)\b/i",$censor,$description);
+ }
echo $description;
echo "</description>\n";
echo "</item>\n";
@@ -155,6 +185,16 @@ if (isset($_REQUEST['ver']) and !empty($_REQUEST['ver'])) {
$description = strip_tags($description);
$description = htmlentities($description, ENT_NOQUOTES);
$description = str_replace("&","&",$description);
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt")) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $description = preg_replace("/\b($badwords)\b/i",$censor,$description);
+ }
echo $description;
echo "</description>\n";
echo "<dc:creator>$author</dc:creator>\n";
@@ -201,6 +241,16 @@ if (isset($_REQUEST['ver']) and !empty($_REQUEST['ver'])) {
$description = strip_tags($description);
$description = htmlentities($description, ENT_NOQUOTES);
$description = str_replace("&","&",$description);
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt")) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $description = preg_replace("/\b($badwords)\b/i",$censor,$description);
+ }
echo $description;
echo "</description>\n";
echo "<dc:creator>$author</dc:creator>";
diff --git a/settings.php b/settings.php
index d094484..00822f5 100644
--- a/settings.php
+++ b/settings.php
@@ -4,6 +4,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
@@ -185,6 +201,356 @@ if (!isset($_REQUEST['old']) or empty($_REQUEST['old'])) {
}
}
+if (isset($_REQUEST['pf']) and !empty($_REQUEST['pf']) and ($_REQUEST['pf'] == "on") and !file_exists("data/pf.txt")) {
+ touch("data/pf.txt");
+}
+
+if (!isset($_REQUEST['pf']) or empty($_REQUEST['pf'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/pf.txt")) {
+ unlink("data/pf.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['pf_badwords']) and !empty($_REQUEST['pf_badwords']) and (file_get_contents("data/pf-badwords.txt") != $_REQUEST['pf_badwords'])) {
+ $pf_badwords_write_content = strtolower($_REQUEST['pf_badwords']);
+ $pf_badwords_write_content = str_replace("\n","|",$pf_badwords_write_content);
+ $pf_badwords_write_content = str_replace("\r","|",$pf_badwords_write_content);
+ $pf_badwords_write_content = str_replace("||","|",$pf_badwords_write_content);
+ $pf_badwords_write_content = trim($pf_badwords_write_content);
+ $fp_pf_badwords_txt = fopen("data/pf-badwords.txt","w");
+ fwrite($fp_pf_badwords_txt,$pf_badwords_write_content);
+ fclose($fp_pf_badwords_txt);
+}
+
+if (!isset($_REQUEST['pf_badwords']) or empty($_REQUEST['pf_badwords'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/pf-badwords.txt")) {
+ unlink("data/pf-badwords.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['pf_censor']) and !empty($_REQUEST['pf_censor']) and (file_get_contents("data/pf-censor.txt") != $_REQUEST['pf_censor'])) {
+ $pf_censor_write_content = strtolower($_REQUEST['pf_censor']);
+ $pf_censor_write_content = trim($pf_censor_write_content);
+ $fp_pf_censor_txt = fopen("data/pf-censor.txt","w");
+ fwrite($fp_pf_censor_txt,$pf_censor_write_content);
+ fclose($fp_pf_censor_txt);
+}
+
+if (!isset($_REQUEST['pf_censor']) or empty($_REQUEST['pf_censor'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/pf-censor.txt")) {
+ unlink("data/pf-censor.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['bb']) and !empty($_REQUEST['bb']) and ($_REQUEST['bb'] == "on") and !file_exists("data/bb.txt")) {
+ touch("data/bb.txt");
+}
+
+if (!isset($_REQUEST['bb']) or empty($_REQUEST['bb'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb.txt")) {
+ unlink("data/bb.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['reg']) and !empty($_REQUEST['reg']) and ($_REQUEST['reg'] == "on") and !file_exists("data/reg.txt")) {
+ touch("data/reg.txt");
+}
+
+if (!isset($_REQUEST['reg']) or empty($_REQUEST['reg'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/reg.txt")) {
+ unlink("data/reg.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['xapp']) and !empty($_REQUEST['xapp']) and ($_REQUEST['xapp'] == "on") and !file_exists("data/xapp.txt")) {
+ touch("data/xapp.txt");
+}
+
+if (!isset($_REQUEST['xapp']) or empty($_REQUEST['xapp'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/xapp.txt")) {
+ unlink("data/xapp.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['member']) and !empty($_REQUEST['member']) and ($_REQUEST['member'] == "on") and !file_exists("data/member.txt")) {
+ touch("data/member.txt");
+}
+
+if (!isset($_REQUEST['member']) or empty($_REQUEST['member'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/member.txt")) {
+ unlink("data/member.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['ml']) and !empty($_REQUEST['ml']) and ($_REQUEST['ml'] == "on") and !file_exists("data/ml.txt")) {
+ touch("data/ml.txt");
+}
+
+if (!isset($_REQUEST['ml']) or empty($_REQUEST['ml'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/ml.txt")) {
+ unlink("data/ml.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['stats']) and !empty($_REQUEST['stats']) and ($_REQUEST['stats'] == "on") and !file_exists("data/bb-stats.txt")) {
+ touch("data/bb-stats.txt");
+}
+
+if (!isset($_REQUEST['stats']) or empty($_REQUEST['stats'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-stats.txt")) {
+ unlink("data/bb-stats.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['summary']) and !empty($_REQUEST['summary']) and ($_REQUEST['summary'] == "on") and !file_exists("data/bb-summary.txt")) {
+ touch("data/bb-summary.txt");
+}
+
+if (!isset($_REQUEST['summary']) or empty($_REQUEST['summary'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-summary.txt")) {
+ unlink("data/bb-summary.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['rank']) and !empty($_REQUEST['rank']) and ($_REQUEST['rank'] == "on") and !file_exists("data/rank.txt")) {
+ touch("data/rank.txt");
+}
+
+if (!isset($_REQUEST['rank']) or empty($_REQUEST['rank'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/rank.txt")) {
+ unlink("data/rank.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['sigs']) and !empty($_REQUEST['sigs']) and ($_REQUEST['sigs'] == "on") and !file_exists("data/bb-sig.txt")) {
+ touch("data/bb-sig.txt");
+}
+
+if (!isset($_REQUEST['sigs']) or empty($_REQUEST['sigs'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-sig.txt")) {
+ unlink("data/bb-sig.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['avatars']) and !empty($_REQUEST['avatars']) and ($_REQUEST['avatars'] == "on") and !file_exists("data/avatar.txt")) {
+ touch("data/avatar.txt");
+}
+
+if (!isset($_REQUEST['avatars']) or empty($_REQUEST['avatars'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/avatar.txt")) {
+ unlink("data/avatar.txt");
+ }
+ }
+}
+
+if ((!isset($_REQUEST['sig']) or empty($_REQUEST['sig'])) and isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ unlink("data/sig.txt");
+}
+
+if (isset($_REQUEST['sig']) and !empty($_REQUEST['sig'])) {
+ $sig = str_replace("[b]","<b>",$_REQUEST['sig']);
+ $sig = str_replace("[/b]","</b>",$sig);
+ $sig = str_replace("[i]","<i>",$sig);
+ $sig = str_replace("[/i]","</i>",$sig);
+ $sig = str_replace("[u]","<u>",$sig);
+ $sig = str_replace("[/u]","</u>",$sig);
+ $sig = str_replace("[sup]","<sup>",$sig);
+ $sig = str_replace("[/sup]","</sup>",$sig);
+ $sig = str_replace("[sub]","<sub>",$sig);
+ $sig = str_replace("[/sub]","</sub>",$sig);
+ $sig = str_replace("[strike]","<strike>",$sig);
+ $sig = str_replace("[/strike]","</strike>",$sig);
+ $sig = str_replace("\n","<br>", $sig);
+ $sig = ucfirst($sig);
+ $sig = trim($sig);
+ $fp_sig_txt = fopen("data/sig.txt","w");
+ fwrite($fp_sig_txt,$sig);
+ fclose($fp_sig_txt);
+}
+
+if (isset($_REQUEST['pass_len']) and !empty($_REQUEST['pass_len']) and is_numeric($_REQUEST['pass_len']) and ($_REQUEST['pass_len'] > 0) and (file_get_contents("data/bb-passlen.txt") != $_REQUEST['pass_len'])) {
+ $pass_len_write_content = number_format($_REQUEST['pass_len'],0,'.','');
+ $fp_pass_len_txt = fopen("data/bb-passlen.txt","w");
+ fwrite($fp_pass_len_txt,$pass_len_write_content);
+ fclose($fp_pass_len_txt);
+}
+
+if (!isset($_REQUEST['pass_len']) or empty($_REQUEST['pass_len']) or !is_numeric($_REQUEST['pass_len']) or ($_REQUEST['pass_len'] <= 0)) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-passlen.txt")) {
+ unlink("data/bb-passlen.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['min_age']) and !empty($_REQUEST['min_age']) and is_numeric($_REQUEST['min_age']) and ($_REQUEST['min_age'] > 0) and (file_get_contents("data/bb-min-age.txt") != $_REQUEST['min_age'])) {
+ $min_age_write_content = number_format($_REQUEST['min_age'],0,'.','');
+ $fp_min_age_txt = fopen("data/bb-min-age.txt","w");
+ fwrite($fp_min_age_txt,$min_age_write_content);
+ fclose($fp_min_age_txt);
+}
+
+if (!isset($_REQUEST['min_age']) or empty($_REQUEST['min_age']) or !is_numeric($_REQUEST['min_age']) or ($_REQUEST['min_age'] <= 0)) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-min-age.txt")) {
+ unlink("data/bb-min-age.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['max_age']) and !empty($_REQUEST['max_age']) and is_numeric($_REQUEST['max_age']) and ($_REQUEST['max_age'] > 0) and (file_get_contents("data/bb-max-age.txt") != $_REQUEST['max_age'])) {
+ $max_age_write_content = number_format($_REQUEST['max_age'],0,'.','');
+ $fp_max_age_txt = fopen("data/bb-max-age.txt","w");
+ fwrite($fp_max_age_txt,$max_age_write_content);
+ fclose($fp_max_age_txt);
+}
+
+if (!isset($_REQUEST['max_age']) or empty($_REQUEST['max_age']) or !is_numeric($_REQUEST['max_age']) or ($_REQUEST['max_age'] <= 0)) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-max-age.txt")) {
+ unlink("data/bb-max-age.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['bb_idle']) and !empty($_REQUEST['bb_idle']) and is_numeric($_REQUEST['bb_idle']) and ($_REQUEST['bb_idle'] > 0) and (file_get_contents("data/bb-idle.txt") != $_REQUEST['bb_idle'])) {
+ $bb_idle_write_content = number_format($_REQUEST['bb_idle'],0,'.','');
+ $fp_bb_idle_txt = fopen("data/bb-idle.txt","w");
+ fwrite($fp_bb_idle_txt,$bb_idle_write_content);
+ fclose($fp_bb_idle_txt);
+}
+
+if (!isset($_REQUEST['bb_idle']) or empty($_REQUEST['bb_idle']) or !is_numeric($_REQUEST['bb_idle']) or ($_REQUEST['bb_idle'] <= 0)) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-idle.txt")) {
+ unlink("data/bb-idle.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['bb_reserved']) and !empty($_REQUEST['bb_reserved']) and (file_get_contents("data/bb-reserved.txt") != $_REQUEST['bb_reserved'])) {
+ $bb_reserved_write_content = strtolower($_REQUEST['bb_reserved']);
+ $bb_reserved_write_content = trim($bb_reserved_write_content);
+ $fp_bb_reserved_txt = fopen("data/bb-reserved.txt","w");
+ fwrite($fp_bb_reserved_txt,$bb_reserved_write_content);
+ fclose($fp_bb_reserved_txt);
+}
+
+if (!isset($_REQUEST['bb_reserved']) or empty($_REQUEST['bb_reserved'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-reserved.txt")) {
+ unlink("data/bb-reserved.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['bb_disclaimer']) and !empty($_REQUEST['bb_disclaimer']) and (file_get_contents("data/bb-disclaimer.txt") != $_REQUEST['bb_disclaimer'])) {
+ $bb_disclaimer_write_content = ucfirst($_REQUEST['bb_disclaimer']);
+ $bb_disclaimer_write_content = str_replace("\n","<br>",$bb_disclaimer_write_content);
+ $bb_disclaimer_write_content = trim($bb_disclaimer_write_content);
+ $fp_bb_disclaimer_txt = fopen("data/bb-disclaimer.txt","w");
+ fwrite($fp_bb_disclaimer_txt,$bb_disclaimer_write_content);
+ fclose($fp_bb_disclaimer_txt);
+}
+
+if (!isset($_REQUEST['bb_disclaimer']) or empty($_REQUEST['bb_disclaimer'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-disclaimer.txt")) {
+ unlink("data/bb-disclaimer.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['ml_reply2']) and !empty($_REQUEST['ml_reply2']) and (file_get_contents("data/ml-reply2.txt") != $_REQUEST['ml_reply2']) and (ereg("@", $_REQUEST['ml_reply2'])) and (ereg("\.", $_REQUEST['ml_reply2']))) {
+ $ml_reply2_write_content = strtolower($_REQUEST['ml_reply2']);
+ $ml_reply2_write_content = trim($ml_reply2_write_content);
+ $ml_reply2_write_content = htmlentities($ml_reply2_write_content, ENT_NOQUOTES);
+ $fp_ml_reply2_txt = fopen("data/ml-reply2.txt","w");
+ fwrite($fp_ml_reply2_txt,$ml_reply2_write_content);
+ fclose($fp_ml_reply2_txt);
+}
+
+if (!isset($_REQUEST['ml_reply2']) or empty($_REQUEST['ml_reply2'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/ml-reply2.txt")) {
+ unlink("data/ml-reply2.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['ml_prepend']) and !empty($_REQUEST['ml_prepend']) and (file_get_contents("data/ml-prepend.txt") != $_REQUEST['ml_prepend'])) {
+ $ml_prepend_write_content = ucfirst($_REQUEST['ml_prepend']);
+ $ml_prepend_write_content = trim($ml_prepend_write_content);
+ $fp_ml_prepend_txt = fopen("data/ml-prepend.txt","w");
+ fwrite($fp_ml_prepend_txt,$ml_prepend_write_content);
+ fclose($fp_ml_prepend_txt);
+}
+
+if (!isset($_REQUEST['ml_prepend']) or empty($_REQUEST['ml_prepend'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/ml-prepend.txt")) {
+ unlink("data/ml-prepend.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['ml_header']) and !empty($_REQUEST['ml_header']) and (file_get_contents("data/ml-header.txt") != $_REQUEST['ml_header'])) {
+ $ml_header_write_content = ucfirst($_REQUEST['ml_header']);
+ $ml_header_write_content = trim($ml_header_write_content);
+ $fp_ml_header_txt = fopen("data/ml-header.txt","w");
+ fwrite($fp_ml_header_txt,$ml_header_write_content);
+ fclose($fp_ml_header_txt);
+}
+
+if (!isset($_REQUEST['ml_header']) or empty($_REQUEST['ml_header'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/ml-header.txt")) {
+ unlink("data/ml-header.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['ml_footer']) and !empty($_REQUEST['ml_footer']) and (file_get_contents("data/ml-footer.txt") != $_REQUEST['ml_footer'])) {
+ $ml_footer_write_content = ucfirst($_REQUEST['ml_footer']);
+ $ml_footer_write_content = trim($ml_footer_write_content);
+ $fp_ml_footer_txt = fopen("data/ml-footer.txt","w");
+ fwrite($fp_ml_footer_txt,$ml_footer_write_content);
+ fclose($fp_ml_footer_txt);
+}
+
+if (!isset($_REQUEST['ml_footer']) or empty($_REQUEST['ml_footer'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/ml-footer.txt")) {
+ unlink("data/ml-footer.txt");
+ }
+ }
+}
+
if (isset($_REQUEST['del_favicon']) and !empty($_REQUEST['del_favicon']) and ($_REQUEST['del_favicon'] == "on")) {
if (file_exists("favicon.ico")) {
unlink("favicon.ico");
@@ -205,6 +571,20 @@ if (isset($_REQUEST['del_picture']) and !empty($_REQUEST['del_picture']) and ($_
}
}
+if (isset($_REQUEST['del_avatar']) and !empty($_REQUEST['del_avatar']) and ($_REQUEST['del_avatar'] == "on")) {
+ if (file_exists("images/avatar.gif")) {
+ unlink("images/avatar.gif");
+ }
+
+ if (file_exists("images/avatar.jpg")) {
+ unlink("images/avatar.jpg");
+ }
+
+ if (file_exists("images/avatar.png")) {
+ unlink("images/avatar.png");
+ }
+}
+
if (isset($_REQUEST['bg_scroll']) and !empty($_REQUEST['bg_scroll']) and ($_REQUEST['bg_scroll'] == "on") and !file_exists("data/bg-scroll.txt")) {
touch("data/bg-scroll.txt");
}
@@ -345,6 +725,58 @@ if (isset($_FILES['picture']) and !empty($_FILES['picture'])) {
}
}
+if (isset($_FILES['avatar']) and !empty($_FILES['avatar'])) {
+
+ if (is_uploaded_file($_FILES['avatar']['tmp_name'])) {
+
+ if ($_FILES['avatar']['size']<=$max_image_size) {
+
+ if (($_FILES['avatar']['type']=="image/gif") || ($_FILES['avatar']['type']=="image/pjpeg") || ($_FILES['avatar']['type']=="image/jpeg") || ($_FILES['avatar']['type']=="image/png")) {
+
+ if (!file_exists("images")) {
+ mkdir("images");
+ }
+
+ if (file_exists("images/avatar.gif")) {
+ unlink("images/avatar.gif");
+ }
+
+ if (file_exists("images/avatar.jpg")) {
+ unlink("images/avatar.jpg");
+ }
+
+ if (file_exists("images/avatar.png")) {
+ unlink("images/avatar.png");
+ }
+
+ if ($_FILES['avatar']['type']=="image/gif") {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/avatar.gif");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+
+ if (($_FILES['avatar']['type']=="image/jpeg") or ($_FILES['avatar']['type']=="image/pjpeg")) {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/avatar.jpg");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+
+ if ($_FILES['avatar']['type']=="image/png") {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/avatar.png");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+}
+
if (isset($_FILES['background']) and !empty($_FILES['background'])) {
if (is_uploaded_file($_FILES['background']['tmp_name'])) {
@@ -485,7 +917,7 @@ a:active {
<tr><td><p><input type=checkbox name=old <?php if (file_exists("data/old.txt")) { echo checked; } ?>> Display entries from oldest to newest.</p></td></tr>
<?php
if (file_exists("favicon.ico")) {
- echo '<tr><td></td><td><p><input type=checkbox name=del_favicon> Delete existing <i>favicon.ico</i>.</p></td></tr>';
+ echo '<tr><td></td><td><p><input type=checkbox name=del_favicon> Delete existing favicon.ico.</p></td></tr>';
}
if (file_exists("images/profile.gif") or file_exists("images/profile.jpg") or file_exists("images/profile.png")) {
echo '<tr><td></td><td><p><input type=checkbox name=del_picture> Delete existing profile picture.</p></td></tr>';
@@ -586,13 +1018,122 @@ if (file_exists("images/background.gif") or file_exists("images/background.jpg")
}
}
?>
-<tr><td><p>upload <a href=http://www.chami.com/html-kit/services/favicon/ target=_maj>favicon.ico</a></p></td><td><input autocomplete=off type=file name=favicon></td></tr>
+<tr><td><p>upload <a href=http://tools.dynamicdrive.com/favicon/ target=_maj>favicon.ico</a></p></td><td><input autocomplete=off type=file name=favicon></td></tr>
<tr><td><p>upload profile picture</p></td><td><input autocomplete=off type=file name=picture></td></tr>
<tr><td><p>upload background image</p></td><td><input autocomplete=off type=file name=background></td></tr>
<tr><td><p>profile*</p></td><td><textarea class=input name=profile rows=10><?php readfile("data/profile.php"); ?></textarea></td></tr>
<tr><td><p>current password</p></td><td><input autocomplete=off class=input type=password name=passwd_cur></td></tr>
<tr><td><p>new password</p></td><td><input autocomplete=off class=input type=password name=passwd_new></td></tr>
<tr><td><p>confirm new password</p></td><td><input autocomplete=off class=input type=password name=passwd_conf></td></tr>
+
+<?php if (!file_exists("data/lite.txt")) { ?>
+
+<tr><td><p>profanity filter</p></td><td><p><input type=checkbox name=pf <?php if (file_exists("data/pf.txt")) { echo checked; } ?>> Enable profanity filter.</p></td></tr>
+
+<?php if (file_exists("data/pf.txt")) { ?>
+
+<tr><td><p>badwords</p></td><td><p><textarea class=input name=pf_badwords><?php if (file_exists("data/pf-badwords.txt")) { echo str_replace("|","\n",file_get_contents("data/pf-badwords.txt")); } ?></textarea></p></td></tr>
+<tr><td><p>censor mark</p></td><td><p><input class=input autocomplete=off type=text name=pf_censor <?php
+if (file_exists("data/pf-censor.txt")) {
+ echo "value=";
+ readfile("data/pf-censor.txt");
+}
+
+?>></p></td></tr>
+
+<?php } ?>
+
+<tr><td <?php if (file_exists("data/bb.txt") and !file_exists("images/avatar.jpg") and !file_exists("images/avatar.gif") and !file_exists("images/avatar.png")) { echo "rowspan=8"; } if (file_exists("data/bb.txt") and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) { echo "rowspan=9"; } ?>><p>bulletin board</p></td><td><p><input type=checkbox name=bb <?php if (file_exists("data/bb.txt")) { echo checked; } ?>> Enable simple bulletin board.</p></td></tr>
+<?php if (file_exists("data/bb.txt")) { ?>
+<tr><td><p><input type=checkbox name=reg <?php if (file_exists("data/reg.txt")) { echo checked; } ?>> Enable new user registration.</p></td></tr>
+<tr><td><p><input type=checkbox name=xapp <?php if (file_exists("data/xapp.txt")) { echo checked; } ?>> Enable automatic activation of confirmed users.</p></td></tr>
+<tr><td><p><input type=checkbox name=member <?php if (file_exists("data/member.txt")) { echo checked; } ?>> Only members can view posts of other members.</p></td></tr>
+<tr><td><p><input type=checkbox name=stats <?php if (file_exists("data/bb-stats.txt")) { echo checked; } ?>> Enable statistics panel.</p></td></tr>
+<tr><td><p><input type=checkbox name=summary <?php if (file_exists("data/bb-summary.txt")) { echo checked; } ?>> Enable summary panel.</p></td></tr>
+<tr><td><p><input type=checkbox name=rank <?php if (file_exists("data/rank.txt")) { echo checked; } ?>> Enable ranks.</p></td></tr>
+<tr><td><p><input type=checkbox name=sigs <?php if (file_exists("data/bb-sig.txt")) { echo checked; } ?>> Enable signatures.</p></td></tr>
+<tr><td><p><input type=checkbox name=avatars <?php if (file_exists("data/avatar.txt")) { echo checked; } ?>> Enable avatars.</p></td></tr>
+
+<?php
+if (file_exists("images/avatar.gif") or file_exists("images/avatar.jpg") or file_exists("images/avatar.png")) {
+ echo '<tr><td><p><input type=checkbox name=del_avatar> Delete existing avatar.</p></td></tr>';
+}
+?>
+
+<tr><td><p>upload avatar</p></td><td><input autocomplete=off type=file name=avatar></td></tr>
+
+<?php if (file_exists("data/bb.txt") and file_exists("data/bb-sig.txt")) { ?>
+<tr><td><p>signature</p></td><td><textarea class=input name=sig><?php if (file_exists("data/sig.txt")) {
+
+ $get_sig = file_get_contents("data/sig.txt");
+ $get_sig = str_replace("<b>","[b]",$get_sig);
+ $get_sig = str_replace("</b>","[/b]",$get_sig);
+ $get_sig = str_replace("<i>","[i]",$get_sig);
+ $get_sig = str_replace("</i>","[/i]",$get_sig);
+ $get_sig = str_replace("<u>","[u]",$get_sig);
+ $get_sig = str_replace("</u>","[/u]",$get_sig);
+ $get_sig = str_replace("<sup>","[sup]",$get_sig);
+ $get_sig = str_replace("</sup>","[/sup]",$get_sig);
+ $get_sig = str_replace("<sub>","[sub]",$get_sig);
+ $get_sig = str_replace("</sub>","[/sub]",$get_sig);
+ $get_sig = str_replace("<strike>","[strike]",$get_sig);
+ $get_sig = str_replace("</strike>","[/strike]",$get_sig);
+ $get_sig = str_replace("<br>","\n",$get_sig);
+ echo $get_sig;
+
+} ?></textarea></td></tr>
+<?php } ?>
+
+<tr><td><p>minimum password length</p></td><td><input class=input autocomplete=off type=text name=pass_len <?php
+if (file_exists("data/bb-passlen.txt")) {
+ echo "value=";
+ readfile("data/bb-passlen.txt");
+}
+
+?>></td></tr>
+
+<tr><td><p>minimum age to register</p></td><td><input class=input autocomplete=off type=text name=min_age <?php
+if (file_exists("data/bb-min-age.txt")) {
+ echo "value=";
+ readfile("data/bb-min-age.txt");
+}
+
+?>></td></tr>
+
+<tr><td><p>maximum age to register</p></td><td><input class=input autocomplete=off type=text name=max_age <?php
+if (file_exists("data/bb-max-age.txt")) {
+ echo "value=";
+ readfile("data/bb-max-age.txt");
+}
+
+?>></td></tr>
+
+<tr><td><p>maximum idle time in minutes</p></td><td><input class=input autocomplete=off type=text name=bb_idle <?php
+if (file_exists("data/bb-idle.txt")) {
+ echo "value=";
+ readfile("data/bb-idle.txt");
+}
+?>></td></tr>
+
+<tr><td><p>reserved usernames</p></td><td><textarea class=input name=bb_reserved><?php if (file_exists("data/bb-reserved.txt")) { readfile("data/bb-reserved.txt"); } ?></textarea></td></tr>
+
+<tr><td><p>disclaimer</p></td><td><textarea class=input name=bb_disclaimer><?php if (file_exists("data/bb-disclaimer.txt")) { echo str_replace("<br>","\n",file_get_contents("data/bb-disclaimer.txt")); } ?></textarea></td></tr>
+
+<?php } ?>
+
+
+<tr><td><p>mailing list</p></td><td><p><input type=checkbox name=ml <?php if (file_exists("data/ml.txt")) { echo checked; } ?>> Enable simple mailing list.</p></td></tr>
+
+<?php if (file_exists("data/ml.txt")) { ?>
+
+<tr><td><p>reply-to</p></td><td><input class=input autocomplete=off type=text name=ml_reply2 <?php if (file_exists("data/ml-reply2.txt")) { echo "value=\""; readfile("data/ml-reply2.txt"); echo "\""; } ?>></td></tr>
+<tr><td><p>prepend to subject</p></td><td><input class=input autocomplete=off type=text name=ml_prepend <?php if (file_exists("data/ml-prepend.txt")) { echo "value=\""; readfile("data/ml-prepend.txt"); echo "\""; } ?>></td></tr>
+<tr><td><p>header</p></td><td><textarea class=input name=ml_header><?php if (file_exists("data/ml-header.txt")) { readfile("data/ml-header.txt"); } ?></textarea></td></tr>
+<tr><td><p>footer</p></td><td><textarea class=input name=ml_footer><?php if (file_exists("data/ml-footer.txt")) { readfile("data/ml-footer.txt"); } ?></textarea></td></tr>
+
+<?php } } ?>
+
+
<tr><td></td><td><input class=input type=submit value="click here to activate new settings"></td></tr>
<?php
diff --git a/sitemap.php b/sitemap.php
index 160448a..483017e 100644
--- a/sitemap.php
+++ b/sitemap.php
@@ -2,6 +2,20 @@
error_reporting(E_ERROR);
+function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+}
+
+$_REQUEST = stripslashes_array($_REQUEST);
+
$dir = "data/items";
if ($dh_sitemap_items = opendir($dir)) {
tree c74817651f7417c6f1bcf168aba76e20e2246eae
parent de52cd33b5ff4a0fedb254c5fbb9f266a856abb4
author Engels Antonio <engels@majcms.org> 1277314187 +0800
committer Engels Antonio <engels@majcms.org> 1277314187 +0800
maj-0.14-20070125-bb.zip
diff --git a/add.php b/add.php
index 726a394..1d6f1f6 100644
--- a/add.php
+++ b/add.php
@@ -4,11 +4,35 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
if (isset($_REQUEST['title_input']) and isset($_REQUEST['body_input']) and !empty($_REQUEST['title_input']) and !empty($_REQUEST['body_input'])) {
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']));
}
-$login_username = file_get_contents("data/username.txt");
+if ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) {
+ $login_username = file_get_contents("data/username.txt");
+}
+
+if ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) {
+ if (file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt") and file_exists("data/bb.txt")) {
+ $login_username = $_SESSION['logged_in'];
+ }
+}
if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
exit();
@@ -89,6 +113,26 @@ $max_file_size = 8000000;
<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<p>
+
+<?php
+
+if ($_SESSION['logged_in'] != file_get_contents("data/username.txt") and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/members/active/{$_SESSION['logged_in']}/ul.txt")) { ?>
+
+<p><input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_image_size; ?>">
+<input autocomplete=off type=file name=image_input> Select optional image.</p>
+
+<p><input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>">
+<input autocomplete=off type=file name=file_input> Select optional file.</p>
+
+<?php } ?>
+
+
+<?php
+
+if ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) {
+
+?>
+
<select name="select_year">
<option selected>
<option><?php echo $entry_year; ?>
@@ -290,7 +334,17 @@ $max_file_size = 8000000;
<p><input type=checkbox name=sticky>Put entry title in Quick Links box.<br>
<input type=checkbox name=pdf>Allow PDF generation for this entry.<br>
<input type=checkbox name=display>Always display. If this is not a private entry, it will be displayed even if its category is hidden or isolated.<br>
-<input type=checkbox name=private>Private entry. This entry will unconditionally be invisible to visitors, even if always display is set.</p>
+<input type=checkbox name=private <?php if (file_exists("data/ml.txt")) { echo checked; } ?>>Private entry. This entry will unconditionally be invisible to visitors<?php if (file_exists("data/ml.txt")) { echo " and to the mailing list"; } ?>, even if always display is set.
+
+<?php if (file_exists("data/bb.txt")) { ?>
+<br>
+<input type=checkbox name=member <?php if (file_exists("data/member.txt")) { echo checked; } ?>>Only registered members can view this entry.
+
+<?php } ?>
+
+</p>
+
+<?php } ?>
<table border=0 cellspacing=0 cellpadding=0><tr><td>
@@ -463,6 +517,22 @@ $fp_title_txt = fopen($title_file,"w");
fwrite($fp_title_txt,$title_write_content);
fclose($fp_title_txt);
+$author_file = $item_dir . '/author.txt';
+$fp_author_txt = fopen($author_file,"w");
+fwrite($fp_author_txt,$_SESSION['logged_in']);
+fclose($fp_author_txt);
+
+if (file_get_contents("data/username.txt") == $_SESSION['logged_in']) {
+ $post_file = "data/lastpost.txt";
+}
+elseif (file_exists("data/members/active/{$_SESSION['logged_in']}")) {
+ $post_file = "data/members/active/{$_SESSION['logged_in']}/bb-post.txt";
+}
+
+$fp_post_txt = fopen($post_file,"w");
+fwrite($fp_post_txt,$entry);
+fclose($fp_post_txt);
+
$date_file = $item_dir . '/date.txt';
$fp_date_txt = fopen($date_file,"w");
fwrite($fp_date_txt,$timestamp);
@@ -587,6 +657,93 @@ if (isset($_REQUEST['private']) and !empty($_REQUEST['private']) and ($_REQUEST[
}
}
+if (file_exists("data/bb.txt") and file_exists("data/member.txt") and (($_SESSION['logged_in'] != file_get_contents("data/username.txt")) or (isset($_REQUEST['member']) and !empty($_REQUEST['member']) and ($_REQUEST['member'] == "on")))) {
+ touch("data/items/$entry/member.txt");
+}
+
+if (file_exists("data/members/active") and file_exists("data/ml.txt") and file_exists("data/email.txt") and !file_exists($private_sem)) {
+
+ if (file_exists("data/ml-reply2.txt")) {
+ $ml_reply2 = file_get_contents("data/ml-reply2.txt");
+ }
+
+ if ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) {
+ $ml_from = file_get_contents("data/email.txt");
+ }
+
+ if ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) {
+ if (file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt") and file_exists("data/bb.txt")) {
+ $ml_from = file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt");
+ }
+ }
+
+ $ml_subject = ucfirst($_REQUEST['title_input']);
+ if (file_exists("data/ml-prepend.txt")) {
+ $ml_subject = file_get_contents("data/ml-prepend.txt") . " " . $ml_subject;
+ }
+
+ $ml_mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+ $ml_body = ucfirst($_REQUEST['body_input']);
+ //$ml_body = htmlentities($ml_body,ENT_NOQUOTES);
+ $ml_body = str_replace('<br />', "\n", $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/crying.png border=0>', ':((', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/frown.png border=0>', ':(', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/indifferent.png border=0>', ':|', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/laughing.png border=0>', ':D', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/lick.png border=0>', ':P', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/ohno.png border=0>', ':O', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/smile.png border=0>', ':)', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/surprised.png border=0>', '=)', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/undecided.png border=0>', ':\\', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/wink.png border=0>', ';)', $ml_body);
+
+ if (file_exists("data/ml-header.txt")) {
+ $ml_header = file_get_contents("data/ml-header.txt");
+ $ml_body = $ml_header . "\n\n" . $ml_body;
+ }
+
+ $ml_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $ml_url = str_replace('//', '/', $ml_url);
+ $ml_url = "http://" . $ml_url . "index.php?entry={$entry}&show=comments";
+
+ $ml_body = $ml_body . "\n\nPlease visit the following URL for the online version of this message:\n\n" . $ml_url;
+
+ if (file_exists("data/ml-footer.txt")) {
+ $ml_footer = file_get_contents("data/ml-footer.txt");
+ $ml_body = $ml_body . "\n\n" . $ml_footer;
+ }
+
+ if ($dh_ml_member = opendir("data/members/active")) {
+ while (($ml_member = readdir($dh_ml_member)) !== false) {
+ if ($ml_member != "." && $ml_member != ".." && fnmatch("*", $ml_member)) {
+
+ if (file_exists("data/members/active/$ml_member/noml.txt")) {
+ continue;
+ }
+
+ if (file_exists("data/members/active/$ml_member/vacation.txt")) {
+ continue;
+ }
+
+ $ml_to = file_get_contents("data/members/active/$ml_member/email.txt");
+
+ if (file_exists("data/ml-reply2.txt")) {
+ mail($ml_to, $ml_subject, $ml_body,
+ "From: $ml_from\r\n" .
+ "Reply-To: $ml_reply2\r\n" .
+ "X-Mailer: $ml_mailer");
+ }
+ else {
+ mail($ml_to, $ml_subject, $ml_body,
+ "From: $ml_from\r\n" .
+ "X-Mailer: $ml_mailer");
+ }
+ }
+ }
+ closedir($dh_ml_member);
+ }
+}
+
if (isset($_REQUEST['pdf']) and !empty($_REQUEST['pdf']) and ($_REQUEST['pdf'] == "on")) {
if (!file_exists("data/items/$entry/pdf")) {
mkdir("data/items/$entry/pdf");
diff --git a/cat.php b/cat.php
index fad3f08..e90cd87 100644
--- a/cat.php
+++ b/cat.php
@@ -5,6 +5,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
diff --git a/colors.php b/colors.php
index cf26860..959ac82 100644
--- a/colors.php
+++ b/colors.php
@@ -4,6 +4,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
diff --git a/del.php b/del.php
index 5e297f1..cef0b14 100644
--- a/del.php
+++ b/del.php
@@ -4,6 +4,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
function rmdirr($recurse_dirname)
diff --git a/dig.php b/dig.php
index 38f5b64..175cf8b 100644
--- a/dig.php
+++ b/dig.php
@@ -5,6 +5,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
?>
<title>Dig!</title>
@@ -90,6 +106,10 @@ if ($dh_search_items = opendir($dir)) {
continue;
}
+ if (file_exists("data/items/$entry_search_items/member.txt") and !isset($_SESSION['logged_in'])) {
+ continue;
+ }
+
if ($entry_search_items != "." && $entry_search_items != "..") {
$total_entries[] = $entry_search_items;
}
diff --git a/edit.php b/edit.php
index 9255d35..ac8c66e 100644
--- a/edit.php
+++ b/edit.php
@@ -4,6 +4,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
function rmdirr($recurse_dirname)
@@ -257,26 +273,34 @@ if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment'])) { ?>
<div id=panel_title><?php readfile($title_file); ?></div>
<div id=panel_body><?php readfile($body_file); ?></div>
-<div id=panel_footer><font style="font-size: 10px; color: #999999;"><?php readfile($date_file); ?><?php
-if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
- if (file_exists($revisions_file)) {
- echo ' (Revision ';
- readfile($revisions_file);
- echo ')';
+<div id=panel_footer><font style="font-size: 10px; color: #999999;"><?php
+
+if (file_exists("data/items/{$_REQUEST['entry']}/author.txt")) {
+ readfile("data/items/{$_REQUEST['entry']}/author.txt");
+ echo " - ";
+}
+
+readfile($date_file);
+
+if (file_exists($revisions_file)) {
+ echo ' (Revision ';
+ readfile($revisions_file);
+ echo ')';
+}
+
+if (file_exists("data/items/{$_REQUEST['entry']}/category.txt")) {
+ echo ' Filed under ';
+ $category_key = file_get_contents("data/items/{$_REQUEST['entry']}/category.txt");
+ $category_key = strtolower($category_key);
+ if (file_exists("data/categories/{$category_key}/title.txt")) {
+ $category_dsp = file_get_contents("data/categories/{$category_key}/title.txt");
+ echo "$category_key ($category_dsp)";
}
- if (file_exists("data/items/{$_REQUEST['entry']}/category.txt")) {
- echo ' Filed under ';
- $category_key = file_get_contents("data/items/{$_REQUEST['entry']}/category.txt");
- $category_key = strtolower($category_key);
- if (file_exists("data/categories/{$category_key}/title.txt")) {
- $category_dsp = file_get_contents("data/categories/{$category_key}/title.txt");
- echo "$category_key ($category_dsp)";
- }
- else {
- echo "$category_key";
- }
+ else {
+ echo "$category_key";
}
}
+
?></font></div>
</td></tr></table></p>
@@ -347,7 +371,15 @@ else {
<p><input type=checkbox name=sticky <?php $sticky_sem = 'data/sticky/' . $_REQUEST['entry']; if (file_exists($sticky_sem)) { echo checked; } ?>>Put entry title in Quick Links box.<br>
<input type=checkbox name=pdf <?php if (file_exists("data/items/{$_REQUEST['entry']}/pdf/file")) { echo checked; } ?>>Allow PDF generation for this entry.<br>
<input type=checkbox name=display <?php $display_sem = "data/items/{$_REQUEST['entry']}/cat.txt"; if (file_exists($display_sem)) { echo checked; } ?>>Always display. If this is not a private entry, it will be displayed even if its category is hidden or isolated.<br>
-<input type=checkbox name=private <?php $private_sem = "data/items/{$_REQUEST['entry']}/private.txt"; if (file_exists($private_sem)) { echo checked; } ?>>Private entry. This entry will unconditionally be invisible to visitors, even if always display is set.</p>
+<input type=checkbox name=private <?php $private_sem = "data/items/{$_REQUEST['entry']}/private.txt"; if (file_exists($private_sem)) { echo checked; } ?>>Private entry. This entry will unconditionally be invisible to visitors<?php if (file_exists("data/ml.txt")) { echo " and to the mailing list"; } ?>, even if always display is set.
+
+<?php if (file_exists("data/bb.txt")) { ?>
+<br>
+<input type=checkbox name=member <?php $member_sem = "data/items/{$_REQUEST['entry']}/member.txt"; if (file_exists($member_sem)) { echo checked; } ?>>Only registered members can view this entry.
+
+<?php } ?>
+
+</p>
<input type=hidden name=entry value="<?php echo $_REQUEST['entry']; ?>">
<table border=0 cellspacing=0 cellpadding=0><tr><td>
@@ -704,6 +736,18 @@ if (!isset($_REQUEST['private']) or empty($_REQUEST['private'])) {
}
}
+$member_sem = "data/items/{$_REQUEST['entry']}/member.txt";
+if (isset($_REQUEST['member']) and !empty($_REQUEST['member']) and ($_REQUEST['member'] == "on")) {
+ if (!file_exists($member_sem)) {
+ touch($member_sem);
+ }
+}
+if (!isset($_REQUEST['member']) or empty($_REQUEST['member'])) {
+ if (file_exists($member_sem)) {
+ unlink($member_sem);
+ }
+}
+
if (isset($_REQUEST['pdf']) and !empty($_REQUEST['pdf']) and ($_REQUEST['pdf'] == "on")) {
if (!file_exists("data/items/{$_REQUEST['entry']}/pdf")) {
mkdir("data/items/{$_REQUEST['entry']}/pdf");
diff --git a/images/smileys/offline.png b/images/smileys/offline.png
new file mode 100644
index 0000000..5f18576
Binary files /dev/null and b/images/smileys/offline.png differ
diff --git a/images/widget.member.png b/images/widget.member.png
new file mode 100644
index 0000000..006870b
Binary files /dev/null and b/images/widget.member.png differ
diff --git a/index.php b/index.php
index f9c4d20..0c6bbcf 100644
--- a/index.php
+++ b/index.php
@@ -7,6 +7,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$dir = "data/items";
$default_title = file_get_contents("data/title.txt");
@@ -201,9 +217,100 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and isset($_REQUEST
if ($_REQUEST['key'] == $login_key) {
if ($_REQUEST['action'] == "approve") {
- $live_dir = 'data/items/' . $_REQUEST['entry'] .'/comments/live/' . $_REQUEST['comment'];
+ $live_dir = "data/items/{$_REQUEST['entry']}/comments/live/{$_REQUEST['comment']}";
rename($comment_dir, $live_dir);
unlink("$live_dir/key.txt");
+
+ $cat_dir = file_get_contents("data/items/{$_REQUEST['entry']}/category.txt");
+
+ if (file_exists("data/members/active") and file_exists("data/ml.txt") and file_exists("data/email.txt") and !file_exists("data/items/{$_REQUEST['entry']}/private.txt") and !file_exists("data/categories/$cat_dir/private.txt")) {
+
+ if (file_exists("data/ml-reply2.txt")) {
+ $ml_reply2 = file_get_contents("data/ml-reply2.txt");
+ }
+
+ $ml_from = file_get_contents("$live_dir/email.txt");
+ $ml_from = str_replace(" at ","@",$ml_from);
+
+ $ml_subject = file_get_contents("data/items/{$_REQUEST['entry']}/title.txt");
+ if (file_exists("data/ml-prepend.txt")) {
+ $ml_subject = file_get_contents("data/ml-prepend.txt") . " " . $ml_subject;
+ }
+ $ml_subject = "Re: " . $ml_subject;
+
+ $ml_mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+ $ml_body = file_get_contents("$live_dir/comment.txt");
+ $ml_body = str_replace('<br />', "\n", $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/crying.png border=0>', ':((', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/frown.png border=0>', ':(', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/indifferent.png border=0>', ':|', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/laughing.png border=0>', ':D', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/lick.png border=0>', ':P', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/ohno.png border=0>', ':O', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/smile.png border=0>', ':)', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/surprised.png border=0>', '=)', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/undecided.png border=0>', ':\\', $ml_body);
+ $ml_body = str_replace('<img src=images/smileys/wink.png border=0>', ';)', $ml_body);
+
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt")) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $ml_body = preg_replace("/\b($badwords)\b/i",$censor,$ml_body);
+ }
+
+ if (file_exists("data/ml-header.txt")) {
+ $ml_header = file_get_contents("data/ml-header.txt");
+ $ml_body = $ml_header . "\n\n" . $ml_body;
+ }
+
+ $ml_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $ml_url = str_replace('//', '/', $ml_url);
+ $ml_url = "http://" . $ml_url . "index.php?entry={$_REQUEST['entry']}&show=comments";
+
+ $ml_body = $ml_body . "\n\nPlease visit the following URL for the full thread:\n\n" . $ml_url;
+
+ if (file_exists("data/ml-footer.txt")) {
+ $ml_footer = file_get_contents("data/ml-footer.txt");
+ $ml_body = $ml_body . "\n\n" . $ml_footer;
+ }
+
+
+ if ($dh_ml_member = opendir("data/members/active")) {
+ while (($ml_member = readdir($dh_ml_member)) !== false) {
+ if ($ml_member != "." && $ml_member != ".." && fnmatch("*", $ml_member)) {
+
+ if (file_exists("data/members/active/$ml_member/noml.txt")) {
+ continue;
+ }
+
+ if (file_exists("data/members/active/$ml_member/vacation.txt")) {
+ continue;
+ }
+
+ $ml_to = file_get_contents("data/members/active/$ml_member/email.txt");
+
+ if (file_exists("data/ml-reply2.txt")) {
+ mail($ml_to, $ml_subject, $ml_body,
+ "From: $ml_from\r\n" .
+ "Reply-To: $ml_reply2\r\n" .
+ "X-Mailer: $ml_mailer");
+ }
+ else {
+ mail($ml_to, $ml_subject, $ml_body,
+ "From: $ml_from\r\n" .
+ "X-Mailer: $ml_mailer");
+ }
+ }
+ }
+ closedir($dh_ml_member);
+ }
+ }
+
}
if ($_REQUEST['action'] == "delete") {
rmdirr($comment_dir);
@@ -249,7 +356,7 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
fclose($fp_views);
}
- if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_REQUEST['capcha_put']) and !empty($_REQUEST['capcha_get']) and isset($_REQUEST['firstname']) and !empty($_REQUEST['firstname']) and isset($_REQUEST['lastname']) and !empty($_REQUEST['lastname']) and isset($_REQUEST['email']) and !empty($_REQUEST['email']) and isset($_REQUEST['new_comment']) and !empty($_REQUEST['new_comment']) and isset($_REQUEST['capcha_put']) and !empty($_REQUEST['capcha_put']) and ($_REQUEST['capcha_get'] == $_REQUEST['capcha_put']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email']))) {
+ if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_REQUEST['firstname']) and !empty($_REQUEST['firstname']) and isset($_REQUEST['lastname']) and !empty($_REQUEST['lastname']) and isset($_REQUEST['email']) and !empty($_REQUEST['email']) and isset($_REQUEST['new_comment']) and !empty($_REQUEST['new_comment']) and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_put']) and ($_REQUEST['captcha_get'] == $_REQUEST['captcha_put']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email']))) {
if (!file_exists("$check/comments")) {
mkdir("$check/comments");
@@ -307,14 +414,16 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
fclose($fp_timestamp_txt);
$fp_firstname_txt = fopen("$check/comments/pending/$comment_entry_dir/firstname.txt","w");
- $firstname = ucwords($_REQUEST['firstname']);
+ $firstname = strtolower($_REQUEST['firstname']);
+ $firstname = ucwords($firstname);
$firstname = trim($firstname);
$firstname = htmlentities($firstname, ENT_NOQUOTES);
fwrite($fp_firstname_txt,$firstname);
fclose($fp_firstname_txt);
$fp_lastname_txt = fopen("$check/comments/pending/$comment_entry_dir/lastname.txt","w");
- $lastname = ucwords($_REQUEST['lastname']);
+ $lastname = strtolower($_REQUEST['lastname']);
+ $lastname = ucwords($lastname);
$lastname = trim($lastname);
$lastname = htmlentities($lastname, ENT_NOQUOTES);
fwrite($fp_lastname_txt,$lastname);
@@ -339,6 +448,12 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
fclose($fp_url_txt);
}
+ if (isset($_REQUEST['cauthor']) and !empty($_REQUEST['cauthor'])) {
+ $fp_cauthor_txt = fopen("$check/comments/pending/$comment_entry_dir/author.txt","w");
+ fwrite($fp_cauthor_txt,$_REQUEST['cauthor']);
+ fclose($fp_cauthor_txt);
+ }
+
$key_rand = str_rand(14);
$fp_key_txt = fopen("$check/comments/pending/$comment_entry_dir/key.txt","w");
fwrite($fp_key_txt,$key_rand);
@@ -470,11 +585,21 @@ if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and file_exists("da
$description = substr($description,0,210);
$description = htmlentities($description, ENT_NOQUOTES);
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt") and (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))))) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $description = preg_replace("/\b($badwords)\b/i",$censor,$description);
+ }
+
echo "<meta name=\"description\" content=\"{$description}\">";
}
}
}
-
}
?>
@@ -749,7 +874,7 @@ if (file_exists("header.php")) {
}
?>
-<table border=0 cellspacing=0 cellpadding=0 width=905>
+<table border=0 cellspacing=0 cellpadding=0 width=<?php if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) { echo "990"; } else { echo "905"; } ?>>
<tr><td width=175 valign=top>
<div id=panel_title>Profile</div>
@@ -821,6 +946,11 @@ include("data/profile.php");
<a href="<?php echo $_SERVER['PHP_SELF']; ?>">Home</a><br>
<?php
+
+if (file_exists("data/bb.txt") and file_exists("data/members/active")) {
+ echo '<a href=member.php?id=all>Members</a><br>';
+}
+
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
echo '<a href=add.php>Add Entry</a><br>';
echo '<a href=settings.php>Settings</a><br>';
@@ -828,8 +958,17 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo '<a href=cat.php>Categories</a><br>';
echo '<a href=colors.php>Colors</a><br>';
echo '<a href=login.php>Logout</a>';
+} elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != $login_username) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+ if (file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt")) {
+ echo '<a href=add.php>Add Entry</a><br>';
+ }
+ echo '<a href=options.php>Options</a><br>';
+ echo '<a href=login.php>Logout</a>';
}
else {
+ if (file_exists("data/bb.txt") and file_exists("data/reg.txt")) {
+ echo '<a href=reg.php>Register</a><br>';
+ }
echo '<a href=login.php>Login</a>';
}
?>
@@ -845,6 +984,10 @@ if (file_exists("data/sticky")) {
continue;
}
+ if (file_exists("data/items/$entry_sticky_list/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
$get_cat_dir = file_get_contents("data/items/$entry_sticky_list/category.txt");
if (file_exists("data/categories/$get_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_sticky_list/cat.txt")) {
@@ -924,7 +1067,110 @@ if (file_exists("data/panels")) {
}
?>
-</td><td width=15> </td><td valign=top width=525>
+</td><td width=15> </td><td valign=top width=<?php if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) { echo "610"; } else { echo "525"; } ?>>
+
+<?php
+
+if (file_exists("data/bb.txt") and file_exists("data/bb-summary.txt") and !file_exists("data/lite.txt") and !isset($_REQUEST['entry']) and !isset($_REQUEST['category']) and !isset($_REQUEST['start']) and !isset($_REQUEST['author']) and !isset($_REQUEST['archive']) and !isset($_REQUEST['find'])) {
+
+if ($dh_latest_post_items = opendir($dir)) {
+ while (($entry_latest_post_items = readdir($dh_latest_post_items)) !== false) {
+
+ if (file_exists("data/items/$entry_latest_post_items/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$entry_latest_post_items/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $cat_dir = file_get_contents("data/items/$entry_latest_post_items/category.txt");
+
+ if (file_exists("data/categories/$cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_latest_post_items/cat.txt")) {
+ continue;
+ }
+
+ if ($entry_latest_post_items != "." && $entry_latest_post_items != ".." && fnmatch("*", $entry_latest_post_items)) {
+ $show_latest_post_items[] = $entry_latest_post_items;
+ }
+ }
+ closedir($dh_latest_post_items);
+}
+
+rsort($show_latest_post_items);
+reset($show_latest_post_items);
+$count_latest_post_items = count($show_latest_post_items);
+
+if ($count_latest_post_items > 0) {
+
+ echo "<div id=panel_title>Latest Entries</div><div id=panel_body>";
+ echo "<table border=0 cellspacing=1 cellpadding=2 bgcolor=#cccccc width=100%>";
+ echo "<tr><td bgcolor=#eeeeee align=center><p>topic</p></td><td bgcolor=#eeeeee align=center><p>author</p></td><td bgcolor=#eeeeee align=center><p>views</p></td><td bgcolor=#eeeeee align=center><p>comments</p></td><td bgcolor=#eeeeee align=center><p>last post</p></td></tr>";
+
+ $increment_latest_post_entries = 0;
+ $show_latest_post_entries = 5;
+
+ while ($increment_latest_post_entries <= $show_latest_post_entries) {
+ echo '<tr><td bgcolor=#ffffff><a href=' . $_SERVER['PHP_SELF'] . '?entry=' . $show_latest_post_items[$increment_latest_post_entries] . '>';
+ readfile("$dir/$show_latest_post_items[$increment_latest_post_entries]/title.txt");
+ echo '</a></td>';
+ echo '<td bgcolor=#ffffff><a href=member.php?id=';
+ readfile("$dir/$show_latest_post_items[$increment_latest_post_entries]/author.txt");
+ echo '>';
+ readfile("$dir/$show_latest_post_items[$increment_latest_post_entries]/author.txt");
+ echo '</a></td>';
+ echo '<td bgcolor=#ffffff align=right>';
+ if (!file_exists("$dir/$show_latest_post_items[$increment_latest_post_entries]/views.txt")) {
+ echo 0;
+ }
+ else {
+ readfile("$dir/$show_latest_post_items[$increment_latest_post_entries]/views.txt");
+ }
+ echo '</td>';
+
+ if ($dh_summary_comments = opendir("$dir/$show_latest_post_items[$increment_latest_post_entries]/comments/live")) {
+ while (($entry_summary_comments = readdir($dh_summary_comments)) !== false) {
+ if ($entry_summary_comments != "." && $entry_summary_comments != ".." && fnmatch("*", $entry_summary_comments)) {
+ $items_summary_comments[] = $entry_summary_comments;
+ }
+ }
+ closedir($dh_summary_comments);
+ }
+ rsort($items_summary_comments);
+ $summary_comments = count($items_summary_comments);
+ if ($summary_comments < 1) {
+ echo "<td bgcolor=#ffffff align=right><p>0</p></td>";
+ echo "<td bgcolor=#ffffff align=right><p>";
+ $iso_year = substr($show_latest_post_items[$increment_latest_post_entries],0,4);
+ $iso_month = substr($show_latest_post_items[$increment_latest_post_entries],4,2);
+ $iso_day = substr($show_latest_post_items[$increment_latest_post_entries],6,2);
+ $iso_last = $iso_year . "-" . $iso_month . "-" . $iso_day;
+ echo $iso_last;
+ echo "</p></td>";
+ }
+ else {
+ echo "<td bgcolor=#ffffff align=right><p>$summary_comments</p></td>";
+ echo "<td bgcolor=#ffffff align=right><p>";
+ $iso_year = substr($items_summary_comments[0],0,4);
+ $iso_month = substr($items_summary_comments[0],4,2);
+ $iso_day = substr($items_summary_comments[0],6,2);
+ $iso_last = $iso_year . "-" . $iso_month . "-" . $iso_day;
+ echo $iso_last;
+ echo "</p></td>";
+ }
+ unset($items_summary_comments);
+
+ $increment_latest_post_entries = $increment_latest_post_entries + 1;
+ }
+}
+
+if ($count_latest_post_items > 0) {
+ echo "</table></div>";
+}
+
+}
+
+?>
<?php
@@ -936,13 +1182,17 @@ if (is_dir($dir)) {
continue;
}
+ if (file_exists("data/items/$entry_main/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
$cat_dir = file_get_contents("data/items/$entry_main/category.txt");
if (file_exists("data/categories/$cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_main/cat.txt")) {
continue;
}
- if (file_exists("data/nocat.txt") and file_exists("data/items/$entry_main/category.txt") and !file_exists("data/items/$entry_main/cat.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['category']) or empty($_REQUEST['category'])) and (!isset($_REQUEST['entry']) or empty($_REQUEST['entry']))) {
+ if (file_exists("data/nocat.txt") and file_exists("data/items/$entry_main/category.txt") and !file_exists("data/items/$entry_main/cat.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['category']) or empty($_REQUEST['category'])) and (!isset($_REQUEST['entry']) or empty($_REQUEST['entry'])) and (!isset($_REQUEST['author']) or empty($_REQUEST['author']))) {
continue;
}
@@ -955,6 +1205,41 @@ if (is_dir($dir)) {
$items[] = $entry_main;
}
}
+ elseif (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and file_exists("data/members/active/{$_REQUEST['author']}") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$entry_main/author.txt") and (file_get_contents("data/items/$entry_main/author.txt") == $_REQUEST['author'])) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and !file_exists("data/members/active/{$_REQUEST['author']}") and (file_get_contents("data/username.txt") == $_REQUEST['author']) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$entry_main/author.txt") and (file_get_contents("data/items/$entry_main/author.txt") == $_REQUEST['author'])) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "private")) {
+ if (file_exists("data/items/$entry_main/private.txt")) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "member")) {
+ if (file_exists("data/items/$entry_main/member.txt")) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "passwd")) {
+ if (file_exists("data/items/$entry_main/passwd.txt")) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "filedrop")) {
+ if (file_exists("data/items/$entry_main/filedrop")) {
+ $items[] = $entry_main;
+ }
+ }
+ elseif (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "album")) {
+ if (file_exists("images/$entry_main/album")) {
+ $items[] = $entry_main;
+ }
+ }
else {
$items[] = $entry_main;
}
@@ -1008,7 +1293,18 @@ foreach ($disp as $d) {
continue;
}
- echo '<table border=0 cellspacing=0 cellpadding=0 bgcolor=#CCCCCC style="background-color: transparent;"><tr><td width=525><div id=panel_title>';
+ if (file_exists("$dir/$d/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ echo '<table border=0 cellspacing=0 cellpadding=0 bgcolor=#CCCCCC style="background-color: transparent;"><tr><td width=';
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+ echo '><div id=panel_title>';
readfile("$dir/$d/title.txt");
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
@@ -1025,6 +1321,9 @@ foreach ($disp as $d) {
if (file_exists("$dir/$d/private.txt")) {
echo '<img src=images/widget.private.png border=0 width=11 height=11 align=right alt="private entry">';
}
+ if (file_exists("$dir/$d/member.txt")) {
+ echo '<img src=images/widget.member.png border=0 width=11 height=11 align=right alt="member-only entry">';
+ }
if (file_exists("$dir/$d/cat.txt")) {
echo '<img src=images/widget.cat.png border=0 width=11 height=11 align=right alt="always display">';
}
@@ -1051,7 +1350,185 @@ foreach ($disp as $d) {
}
- echo '</div><div id=panel_body>';
+ echo '</div><div id=panel_body><table border=0 cellspacing=0 cellpadding=0><tr>';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt") and file_exists("$dir/$d/author.txt")) {
+ echo "<td width=85 valign=top><p>";
+ $author = file_get_contents("$dir/$d/author.txt");
+ echo "<a href=member.php?id=$author>";
+ if ((file_get_contents("data/username.txt") == $author) and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
+ if (file_exists("images/avatar.gif")) {
+ $avatar_gif_image_size = getimagesize("images/avatar.gif");
+ $avatar_gif_image_width = $avatar_gif_image_size[0];
+ $avatar_gif_image_height = $avatar_gif_image_size[1];
+
+ $max_avatar_gif_image_width = 80;
+
+ if ($avatar_gif_image_width > $max_avatar_gif_image_width) {
+ $sizefactor = (double) ($max_avatar_gif_image_width / $avatar_gif_image_width) ;
+ $avatar_gif_image_width = (int) ($avatar_gif_image_width * $sizefactor);
+ $avatar_gif_image_height = (int) ($avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.gif border=0 width=";
+ echo $avatar_gif_image_width;
+ echo " height=";
+ echo $avatar_gif_image_height;
+ }
+ if (file_exists("images/avatar.jpg")) {
+ $avatar_jpg_image_size = getimagesize("images/avatar.jpg");
+ $avatar_jpg_image_width = $avatar_jpg_image_size[0];
+ $avatar_jpg_image_height = $avatar_jpg_image_size[1];
+
+ $max_avatar_jpg_image_width = 80;
+
+ if ($avatar_jpg_image_width > $max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($max_avatar_jpg_image_width / $avatar_jpg_image_width) ;
+ $avatar_jpg_image_width = (int) ($avatar_jpg_image_width * $sizefactor);
+ $avatar_jpg_image_height = (int) ($avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.jpg border=0 width=";
+ echo $avatar_jpg_image_width;
+ echo " height=";
+ echo $avatar_jpg_image_height;
+ }
+ if (file_exists("images/avatar.png")) {
+ $avatar_png_image_size = getimagesize("images/avatar.png");
+ $avatar_png_image_width = $avatar_png_image_size[0];
+ $avatar_png_image_height = $avatar_png_image_size[1];
+
+ $max_avatar_png_image_width = 80;
+
+ if ($avatar_png_image_width > $max_avatar_png_image_width) {
+ $sizefactor = (double) ($max_avatar_png_image_width / $avatar_png_image_width) ;
+ $avatar_png_image_width = (int) ($avatar_png_image_width * $sizefactor);
+ $avatar_png_image_height = (int) ($avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.png border=0 width=";
+ echo $avatar_png_image_width;
+ echo " height=";
+ echo $avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ elseif (file_exists("images/members/$author/avatar.jpg") or file_exists("images/members/$author/avatar.gif") or file_exists("images/members/$author/avatar.png")) {
+ if (file_exists("images/members/$author/avatar.gif")) {
+ $avatar_gif_image_size = getimagesize("images/members/$author/avatar.gif");
+ $avatar_gif_image_width = $avatar_gif_image_size[0];
+ $avatar_gif_image_height = $avatar_gif_image_size[1];
+
+ $max_avatar_gif_image_width = 80;
+
+ if ($avatar_gif_image_width > $max_avatar_gif_image_width) {
+ $sizefactor = (double) ($max_avatar_gif_image_width / $avatar_gif_image_width) ;
+ $avatar_gif_image_width = (int) ($avatar_gif_image_width * $sizefactor);
+ $avatar_gif_image_height = (int) ($avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$author/avatar.gif border=0 width=";
+ echo $avatar_gif_image_width;
+ echo " height=";
+ echo $avatar_gif_image_height;
+ }
+ if (file_exists("images/members/$author/avatar.jpg")) {
+ $avatar_jpg_image_size = getimagesize("images/members/$author/avatar.jpg");
+ $avatar_jpg_image_width = $avatar_jpg_image_size[0];
+ $avatar_jpg_image_height = $avatar_jpg_image_size[1];
+
+ $max_avatar_jpg_image_width = 80;
+
+ if ($avatar_jpg_image_width > $max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($max_avatar_jpg_image_width / $avatar_jpg_image_width) ;
+ $avatar_jpg_image_width = (int) ($avatar_jpg_image_width * $sizefactor);
+ $avatar_jpg_image_height = (int) ($avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$author/avatar.jpg border=0 width=";
+ echo $avatar_jpg_image_width;
+ echo " height=";
+ echo $avatar_jpg_image_height;
+ }
+ if (file_exists("images/members/$author/avatar.png")) {
+ $avatar_png_image_size = getimagesize("images/members/$author/avatar.png");
+ $avatar_png_image_width = $avatar_png_image_size[0];
+ $avatar_png_image_height = $avatar_png_image_size[1];
+
+ $max_avatar_png_image_width = 80;
+
+ if ($avatar_png_image_width > $max_avatar_png_image_width) {
+ $sizefactor = (double) ($max_avatar_png_image_width / $avatar_png_image_width) ;
+ $avatar_png_image_width = (int) ($avatar_png_image_width * $sizefactor);
+ $avatar_png_image_height = (int) ($avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$author/avatar.png border=0 width=";
+ echo $avatar_png_image_width;
+ echo " height=";
+ echo $avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ echo "$author</a><br>";
+ if ((file_get_contents("data/username.txt") == $author) and file_exists("data/rank.txt")) {
+ echo "administrator<br>";
+ }
+ elseif (file_exists("data/members/active/$author/rank.txt") and file_exists("data/rank.txt")) {
+ $rank = file_get_contents("data/members/active/$author/rank.txt");
+ echo "$rank<br>";
+ }
+ elseif (!file_exists("data/members/active/$author/rank.txt") and file_exists("data/rank.txt")) {
+ echo "member<br>";
+ }
+
+ if ($dh_posts = opendir("data/items")) {
+ while (($entry_posts = readdir($dh_posts)) !== false) {
+
+ if (file_exists("data/items/$entry_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$entry_posts/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $post_cat_dir = file_get_contents("data/items/$entry_posts/category.txt");
+
+ if (file_exists("data/categories/$post_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_posts/cat.txt")) {
+ continue;
+ }
+
+ if ($entry_posts != "." && $entry_posts != ".." && fnmatch("*", $entry_posts)) {
+ if (file_exists("data/members/active/$author") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$entry_posts/author.txt") and (file_get_contents("data/items/$entry_posts/author.txt") == $author)) {
+ $items_posts[] = $entry_posts;
+ }
+ }
+ elseif (!file_exists("data/members/active/$author") and (file_get_contents("data/username.txt") == $author) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$entry_posts/author.txt") and (file_get_contents("data/items/$entry_posts/author.txt") == $author)) {
+ $items_posts[] = $entry_posts;
+ }
+ }
+ }
+ }
+ closedir($dh_posts);
+ }
+ $posts = count($items_posts);
+ if ($posts == 1) {
+ echo "$posts post";
+ }
+ if ($posts > 1) {
+ echo "$posts posts";
+ }
+ unset($items_posts);
+
+ echo "</p></td><td width=513 valign=top>";
+
+ }
+ else {
+ echo "<td width=598 valign=top>";
+ }
if (file_exists("$dir/$d/passwd.txt")) {
$passwd = file_get_contents("$dir/$d/passwd.txt");
@@ -1064,6 +1541,10 @@ foreach ($disp as $d) {
}
echo '<font style="font-size: 10px; color: #999999;">';
+ if ((file_exists("$dir/$d/author.txt") and (file_exists("data/bb.txt") and !file_exists("data/avatar.txt")) or (file_exists("$dir/$d/author.txt") and (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and !file_exists("data/avatar.txt"))))) {
+ $xavatar_author = file_get_contents("$dir/$d/author.txt");
+ echo "<a href=member.php?id=$xavatar_author>$xavatar_author</a> - ";
+ }
readfile("$dir/$d/date.txt");
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
if (file_exists("$dir/$d/revisions.txt")) {
@@ -1090,10 +1571,31 @@ foreach ($disp as $d) {
echo "This entry is password protected. If you know the magic word, click <a href=passwd.php?entry=$d>here</a> to enter it.";
}
else {
- readfile("$dir/$d/body.txt");
+ $entry_body = file_get_contents("$dir/$d/body.txt");
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt") and (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))))) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $entry_body = preg_replace("/\b($badwords)\b/i",$censor,$entry_body);
+ }
+ echo $entry_body;
}
- echo '</div><div id=panel_footer>';
+
+ if ((file_get_contents("data/username.txt") == $author) and file_exists("data/sig.txt") and file_exists("data/bb.txt") and file_exists("data/bb-sig.txt")) {
+ $sig = file_get_contents("data/sig.txt");
+ echo "<br><br>--<br>$sig";
+ }
+ elseif (file_exists("data/members/active/$author/sig.txt") and file_exists("data/bb.txt") and file_exists("data/bb-sig.txt")) {
+ $sig = file_get_contents("data/members/active/$author/sig.txt");
+ echo "<br><br>--<br>$sig";
+ }
+
+ echo '</td></tr></table></div><div id=panel_footer>';
echo '<font style="font-size: 10px; color: ';
if (file_exists("data/colors/pf-font.txt")) {
readfile("data/colors/pf-font.txt");
@@ -1293,7 +1795,16 @@ else {
echo '</div></td></tr></table>';
if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and isset($_REQUEST['show']) and !empty($_REQUEST['show']) and ($_REQUEST['show'] == album) and file_exists("images/$d/album")) {
- echo '<table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
echo '<div id=panel_title>Album';
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
echo '<a href=del.php?entry=';
@@ -1419,7 +1930,16 @@ else {
}
if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and isset($_REQUEST['show']) and !empty($_REQUEST['show']) and ($_REQUEST['show'] == filedrop) and file_exists("$dir/$d/filedrop/files")) {
- echo '<table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
echo '<div id=panel_title>Filedrop';
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
echo '<a href=del.php?entry=';
@@ -1477,7 +1997,16 @@ else {
}
if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and isset($_REQUEST['show']) and !empty($_REQUEST['show']) and ($_REQUEST['show'] == pdf) and file_exists("data/items/$d/pdf/file")) {
- echo '<table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
echo '<div id=panel_title>PDF';
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
echo '<a href=del.php?entry=';
@@ -1531,7 +2060,16 @@ else {
if (file_exists("$dir/$d/passwd.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['passwd']) or ($crypt_passwd != $passwd))) {
}
else {
- echo '<table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
if ($dh_comments = opendir("$dir/$d/comments/live")) {
while (($entry_comments = readdir($dh_comments)) !== false) {
if ($entry_comments != "." && $entry_comments != ".." && fnmatch("*", $entry_comments)) { $show_comments[] = $entry_comments;
@@ -1566,12 +2104,193 @@ else {
}
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
- echo '<a href=del.php?entry=' . $d . '&comment=' . $comment . '&type=live><img src=images/widget.del.png width=10 height=10 border=0 align=right alt="delete comment"></a>';
+ echo '<a href=del.php?entry=' . $d . '&comment=' . $comment . '&type=live><img src=images/widget.del.png width=11 height=11 border=0 align=right alt="delete comment"></a>';
echo '<a href=edit.php?entry=' . $d . '&comment=' . $comment . '><img src=images/widget.edit.png width=11 height=11 border=0 align=right alt="edit comment"></a>';
}
- echo '</div>';
- echo '<div id=panel_body>';
- echo '<font style="font-size: 10px; color: #999999;">';
+ echo '</div><div id=panel_body><table border=0 cellspacing=0 cellpadding=0><tr>';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt") and file_exists("$dir/$d/comments/live/$comment/author.txt")) {
+ echo "<td width=85 valign=top><p>";
+ $c_author = file_get_contents("$dir/$d/comments/live/$comment/author.txt");
+ echo "<a href=member.php?id=$c_author>";
+ if ((file_get_contents("data/username.txt") == $c_author) and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
+ if (file_exists("images/avatar.gif")) {
+ $c_avatar_gif_image_size = getimagesize("images/avatar.gif");
+ $c_avatar_gif_image_width = $c_avatar_gif_image_size[0];
+ $c_avatar_gif_image_height = $c_avatar_gif_image_size[1];
+
+ $c_max_avatar_gif_image_width = 80;
+
+ if ($c_avatar_gif_image_width > $c_max_avatar_gif_image_width) {
+ $sizefactor = (double) ($c_max_avatar_gif_image_width / $c_avatar_gif_image_width) ;
+ $c_avatar_gif_image_width = (int) ($c_avatar_gif_image_width * $sizefactor);
+ $c_avatar_gif_image_height = (int) ($c_avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.gif border=0 width=";
+ echo $c_avatar_gif_image_width;
+ echo " height=";
+ echo $c_avatar_gif_image_height;
+ }
+ if (file_exists("images/avatar.jpg")) {
+ $c_avatar_jpg_image_size = getimagesize("images/avatar.jpg");
+ $c_avatar_jpg_image_width = $c_avatar_jpg_image_size[0];
+ $c_avatar_jpg_image_height = $c_avatar_jpg_image_size[1];
+
+ $c_max_avatar_jpg_image_width = 80;
+
+ if ($c_avatar_jpg_image_width > $c_max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($c_max_avatar_jpg_image_width / $c_avatar_jpg_image_width) ;
+ $c_avatar_jpg_image_width = (int) ($c_avatar_jpg_image_width * $sizefactor);
+ $c_avatar_jpg_image_height = (int) ($c_avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.jpg border=0 width=";
+ echo $c_avatar_jpg_image_width;
+ echo " height=";
+ echo $c_avatar_jpg_image_height;
+ }
+ if (file_exists("images/avatar.png")) {
+ $c_avatar_png_image_size = getimagesize("images/avatar.png");
+ $c_avatar_png_image_width = $c_avatar_png_image_size[0];
+ $c_avatar_png_image_height = $c_avatar_png_image_size[1];
+
+ $c_max_avatar_png_image_width = 80;
+
+ if ($c_avatar_png_image_width > $c_max_avatar_png_image_width) {
+ $sizefactor = (double) ($c_max_avatar_png_image_width / $c_avatar_png_image_width) ;
+ $c_avatar_png_image_width = (int) ($c_avatar_png_image_width * $sizefactor);
+ $c_avatar_png_image_height = (int) ($c_avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.png border=0 width=";
+ echo $c_avatar_png_image_width;
+ echo " height=";
+ echo $c_avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ elseif (file_exists("images/members/$c_author/avatar.jpg") or file_exists("images/members/$c_author/avatar.gif") or file_exists("images/members/$c_author/avatar.png")) {
+ if (file_exists("images/members/$c_author/avatar.gif")) {
+ $c_avatar_gif_image_size = getimagesize("images/members/$c_author/avatar.gif");
+ $c_avatar_gif_image_width = $c_avatar_gif_image_size[0];
+ $c_avatar_gif_image_height = $c_avatar_gif_image_size[1];
+
+ $c_max_avatar_gif_image_width = 80;
+
+ if ($c_avatar_gif_image_width > $c_max_avatar_gif_image_width) {
+ $sizefactor = (double) ($c_max_avatar_gif_image_width / $c_avatar_gif_image_width) ;
+ $c_avatar_gif_image_width = (int) ($c_avatar_gif_image_width * $sizefactor);
+ $c_avatar_gif_image_height = (int) ($c_avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$c_author/avatar.gif border=0 width=";
+ echo $c_avatar_gif_image_width;
+ echo " height=";
+ echo $c_avatar_gif_image_height;
+ }
+ if (file_exists("images/members/$c_author/avatar.jpg")) {
+ $c_avatar_jpg_image_size = getimagesize("images/members/$c_author/avatar.jpg");
+ $c_avatar_jpg_image_width = $c_avatar_jpg_image_size[0];
+ $c_avatar_jpg_image_height = $c_avatar_jpg_image_size[1];
+
+ $c_max_avatar_jpg_image_width = 80;
+
+ if ($c_avatar_jpg_image_width > $c_max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($c_max_avatar_jpg_image_width / $c_avatar_jpg_image_width) ;
+ $c_avatar_jpg_image_width = (int) ($c_avatar_jpg_image_width * $sizefactor);
+ $c_avatar_jpg_image_height = (int) ($c_avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$c_author/avatar.jpg border=0 width=";
+ echo $c_avatar_jpg_image_width;
+ echo " height=";
+ echo $c_avatar_jpg_image_height;
+ }
+ if (file_exists("images/members/$c_author/avatar.png")) {
+ $c_avatar_png_image_size = getimagesize("images/members/$c_author/avatar.png");
+ $c_avatar_png_image_width = $c_avatar_png_image_size[0];
+ $c_avatar_png_image_height = $c_avatar_png_image_size[1];
+
+ $c_max_avatar_png_image_width = 80;
+
+ if ($c_avatar_png_image_width > $c_max_avatar_png_image_width) {
+ $sizefactor = (double) ($c_max_avatar_png_image_width / $c_avatar_png_image_width) ;
+ $c_avatar_png_image_width = (int) ($c_avatar_png_image_width * $sizefactor);
+ $c_avatar_png_image_height = (int) ($c_avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$c_author/avatar.png border=0 width=";
+ echo $c_avatar_png_image_width;
+ echo " height=";
+ echo $c_avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ echo "$c_author</a><br>";
+ if ((file_get_contents("data/username.txt") == $c_author) and file_exists("data/rank.txt")) {
+ echo "administrator<br>";
+ }
+ elseif (file_exists("data/members/active/$c_author/rank.txt") and file_exists("data/rank.txt")) {
+ $c_rank = file_get_contents("data/members/active/$c_author/rank.txt");
+ echo "$c_rank<br>";
+ }
+ elseif (!file_exists("data/members/active/$c_author/rank.txt") and file_exists("data/rank.txt")) {
+ echo "member<br>";
+ }
+
+ if ($c_dh_posts = opendir("data/items")) {
+ while (($c_entry_posts = readdir($c_dh_posts)) !== false) {
+
+ if (file_exists("data/items/$c_entry_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$c_entry_posts/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $c_post_cat_dir = file_get_contents("data/items/$c_entry_posts/category.txt");
+
+ if (file_exists("data/categories/$c_post_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$c_entry_posts/cat.txt")) {
+ continue;
+ }
+
+ if ($c_entry_posts != "." && $c_entry_posts != ".." && fnmatch("*", $c_entry_posts)) {
+ if (file_exists("data/members/active/$c_author") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$c_entry_posts/author.txt") and (file_get_contents("data/items/$c_entry_posts/author.txt") == $c_author)) {
+ $c_items_posts[] = $c_entry_posts;
+ }
+ }
+ elseif (!file_exists("data/members/active/$c_author") and (file_get_contents("data/username.txt") == $c_author) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$c_entry_posts/author.txt") and (file_get_contents("data/items/$c_entry_posts/author.txt") == $c_author)) {
+ $c_items_posts[] = $c_entry_posts;
+ }
+ }
+ }
+ }
+ closedir($c_dh_posts);
+ }
+ $c_posts = count($c_items_posts);
+ if ($c_posts == 1) {
+ echo "$c_posts post";
+ }
+ if ($c_posts > 1) {
+ echo "$c_posts posts";
+ }
+ unset($c_items_posts);
+
+ echo "</p></td><td width=513 valign=top>";
+ }
+ else {
+ echo "<td width=598 valign=top>";
+ }
+
+ echo '<p><font style="font-size: 10px; color: #999999;">';
+ if ((file_exists("$dir/$d/comments/live/$comment/author.txt") and (file_exists("data/bb.txt") and !file_exists("data/avatar.txt")) or (file_exists("$dir/$d/comments/live/$comment/author.txt") and (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and !file_exists("data/avatar.txt"))))) {
+ $cxavatar_author = file_get_contents("$dir/$d/comments/live/$comment/author.txt");
+ echo "<a href=member.php?id=$cxavatar_author>$cxavatar_author</a> - ";
+ }
readfile("$dir/$d/comments/live/$comment/timestamp.txt");
if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
if (file_exists("$dir/$d/comments/live/$comment/revisions.txt")) {
@@ -1581,8 +2300,19 @@ else {
}
}
echo '</font><font style="font-size: 5px;"><br><br></font>';
- readfile("$dir/$d/comments/live/$comment/comment.txt");
- echo '</div>';
+ $entry_comment = file_get_contents("$dir/$d/comments/live/$comment/comment.txt");
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt") and (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))))) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $entry_comment = preg_replace("/\b($badwords)\b/i",$censor,$entry_comment);
+ }
+ echo $entry_comment;
+ echo '</p></tr></table></div>';
}
unset($show_comments);
echo '</td></tr></table>';
@@ -1590,7 +2320,16 @@ else {
if (!file_exists("data/nocomment.txt")) {
- echo '<p><table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<p><table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
echo '<p><font style="font-size: 12px;"><b>Add Comment</b></font></p>';
if (file_exists("$dir/$d/passwd.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and (!isset($_REQUEST['passwd']) or ($crypt_passwd != $passwd))) {
@@ -1598,25 +2337,64 @@ if (!file_exists("data/nocomment.txt")) {
}
else {
- $capcha_rand = str_rand(7);
+ $captcha_rand = str_rand(7);
- echo '<p>Fill out the form below and enter <b>' . $capcha_rand . '</b> in the anti-spam field to add your comment. Note that it will not be posted immediately, but will be ';
-
- if (file_exists("data/email.txt")) {
- echo "e-mailed";
- }
- else {
- echo "sent";
+ echo "<p>Fill out the form below";
+
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ echo " and enter <b>$captcha_rand</b> in the anti-spam field";
}
- echo ' to me first. Comments with bogus contact information will be discarded.</p>';
-
+ echo " to add your comment.";
+
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ echo " Note that it will not be posted immediately, but will be ";
+
+ if (file_exists("data/email.txt")) {
+ echo "e-mailed";
+ }
+ else {
+ echo "sent";
+ }
+
+ echo " to me first.";
+
+ if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and !file_exists("data/members/active/{$_SESSION['logged_in']}"))) {
+ echo " Comments with bogus contact information will be discarded.";
+ }
+ }
+ echo "</p>";
+
?>
<table border=0 cellspacing=2 cellpadding=0 width=500>
<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>?entry=<?php echo $d; ?>&show=comments" method="post">
- <input type=hidden name=capcha_get value="<?php echo $capcha_rand; ?>">
- <tr><td width=75><p>First Name*</p></td><td width=300><input class=input type=text autocomplete=off name=firstname maxlength=30></td><td rowspan=7 valign=top width=75 align=right>
+ <input type=hidden name=captcha_get value="<?php echo $captcha_rand; ?>">
+ <tr>
+
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+?>
+ <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php $logged_in_author = explode(" ", file_get_contents("data/author.txt")); echo trim(str_replace(",","",$logged_in_author[0])); ?>"></p></td>
+<?php
+}
+elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+?>
+ <td width=75><p></p></td><td><input type=hidden name=cauthor value="<?php echo $_SESSION['logged_in']; ?>"><input type=hidden name=firstname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/firstname.txt"); ?>"></p></td>
+<?php
+}
+else {
+
+?>
+
+<td width=75><p>First Name*</p></td><td width=300><input class=input type=text autocomplete=off name=firstname maxlength=30></td>
+
+<?php
+
+}
+
+?>
+ <td rowspan=7 valign=top width=75 align=right>
<table border=0 cellspacing=1 cellpadding=2>
<tr><td><img src=images/smileys/crying.png border=0></td><td><p>:((</p></td><td ><p>crying</p></td></tr>
<tr><td><img src=images/smileys/frown.png border=0></td><td><p>:(</p></td><td><p>frown</p></td></tr>
@@ -1630,11 +2408,91 @@ if (!file_exists("data/nocomment.txt")) {
<tr><td><img src=images/smileys/wink.png border=0></td><td><p>;)</p></td><td><p>wink</p></td></tr>
</td></tr>
</table>
+
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+?>
+ <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo trim(str_replace(",","",$logged_in_author[1])); ?>"></p></td>
+<?php
+}
+elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+?>
+ <td width=75><p></p></td><td><input type=hidden name=lastname value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/lastname.txt"); ?>"></p></td>
+<?php
+}
+else {
+
+?>
+
<tr><td><p>Last Name*</p></td><td><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
+
+<?php
+
+}
+
+?>
+
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ if (file_exists("data/email.txt")) {
+?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/email.txt"); ?>"></p></td>
+<?php
+ }
+ else {
+ echo "<tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>";
+ }
+}
+elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=email value="<?php echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt"); ?>"></p></td>
+<?php
+}
+else {
+
+?>
+
<tr><td><p>E-mail*</p></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
+
+<?php
+
+}
+
+?>
+
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php file_get_contents("data/url.txt"); ?>"></p></td>
+<?php
+}
+elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
+?>
+ <td width=75><p></p></td><td colspan=2><input type=hidden name=url value="<?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/url.txt")) { echo file_get_contents("data/members/active/{$_SESSION['logged_in']}/url.txt"); } ?>"></p></td>
+<?php
+}
+else {
+
+?>
+
<tr><td><p>Website</p></td><td colspan=2><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
- <tr><td ><p>Comment*</p></td><td ><textarea class=input name=new_comment rows=10></textarea></td></tr>
- <tr><td><p>Anti-Spam*</p></td><td><input class=input type=text autocomplete=off name=capcha_put maxlength=7></td></tr>
+
+<?php
+
+}
+
+?>
+
+ <tr><td><p>Comment*</p></td><td><textarea class=input name=new_comment rows=15></textarea></td></tr>
+ <?php
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ echo "<input type=hidden name=captcha_put value=\"$captcha_rand\">";
+ }
+ else {
+ echo "<tr><td><p>Anti-Spam*</p></td><td><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>";
+ }
+ ?>
+
<tr><td><p></p></td><td><input class=input type=submit value="click here to submit your comment"></td></tr>
</form>
</table>
@@ -1644,8 +2502,8 @@ if (!file_exists("data/nocomment.txt")) {
<?php
}
-if (!isset($_SESSION['logged_in'])) {
- if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_REQUEST['capcha_put']) and !empty($_REQUEST['capcha_get']) and isset($_REQUEST['firstname']) and !empty($_REQUEST['firstname']) and isset($_REQUEST['lastname']) and !empty($_REQUEST['lastname']) and isset($_REQUEST['email']) and !empty($_REQUEST['email']) and isset($_REQUEST['new_comment']) and !empty($_REQUEST['new_comment']) and isset($_REQUEST['capcha_put']) and !empty($_REQUEST['capcha_put']) and ($_REQUEST['capcha_get'] == $_REQUEST['capcha_put']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email']))) {
+if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt") and file_exists("data/members/active/{$_SESSION['logged_in']}")))) {
+ if (isset($_REQUEST['show']) and !empty($_REQUEST['show']) and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_REQUEST['firstname']) and !empty($_REQUEST['firstname']) and isset($_REQUEST['lastname']) and !empty($_REQUEST['lastname']) and isset($_REQUEST['email']) and !empty($_REQUEST['email']) and isset($_REQUEST['new_comment']) and !empty($_REQUEST['new_comment']) and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_put']) and ($_REQUEST['captcha_get'] == $_REQUEST['captcha_put']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email']))) {
echo '<p><table border=0 cellspacing=0 cellpadding=0><tr><td><p><font style="font-size: 12px;"><b>Thanks!</b></font></p><p>Your comment has been submitted for approval.<br>Please check back soon to see if it has been posted.</p></td></tr></table></p>';
}
}
@@ -1681,7 +2539,16 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo '<p><b>Pending Comments</b></p>';
}
foreach ($show_pending_comments as $pending_comment) {
- echo '<p><table border=0 cellspacing=0 cellpadding=0 width=525><tr><td>';
+ echo '<p><table border=0 cellspacing=0 cellpadding=0 width=';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt")) {
+ echo "610";
+ }
+ else {
+ echo "525";
+ }
+
+ echo '><tr><td>';
echo '<div id=panel_title>';
if (file_exists("$dir/$d/comments/pending/$pending_comment/url.txt")) {
@@ -1701,7 +2568,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo ' <';
readfile("$dir/$d/comments/pending/$pending_comment/email.txt");
echo '>';
- echo '<a href=del.php?entry=' . $d . '&comment=' . $pending_comment . '&type=pending><img src=images/widget.del.png width=10 height=10 border=0 align=right alt="delete comment"></a>';
+ echo '<a href=del.php?entry=' . $d . '&comment=' . $pending_comment . '&type=pending><img src=images/widget.del.png width=11 height=11 border=0 align=right alt="delete comment"></a>';
$pending_comment_key_file = "$dir/$d/comments/pending/$pending_comment/key.txt";
$open_pending_comment_key_file = fopen($pending_comment_key_file,"r");
@@ -1710,12 +2577,194 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
echo '<a href=' . $_SERVER['PHP_SELF'] . '?entry=' . $d . '&comment=' . $pending_comment . '&key=' . $pending_comment_login_key . '&action=approve><img src=images/widget.cat.png width=11 height=11 border=0 align=right alt="post comment"></a>';
echo '</div>';
- echo '<div id=panel_body>';
- echo '<font style="font-size: 10px; color: #999999;">';
+ echo '</div><div id=panel_body><table border=0 cellspacing=0 cellpadding=0><tr>';
+
+ if (file_exists("data/bb.txt") and file_exists("data/avatar.txt") and file_exists("$dir/$d/comments/pending/$pending_comment/author.txt")) {
+ echo "<td width=85 valign=top><p>";
+ $pc_author = file_get_contents("$dir/$d/comments/pending/$pending_comment/author.txt");
+ echo "<a href=member.php?id=$pc_author>";
+ if ((file_get_contents("data/username.txt") == $pc_author) and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
+ if (file_exists("images/avatar.gif")) {
+ $pc_avatar_gif_image_size = getimagesize("images/avatar.gif");
+ $pc_avatar_gif_image_width = $pc_avatar_gif_image_size[0];
+ $pc_avatar_gif_image_height = $pc_avatar_gif_image_size[1];
+
+ $pc_max_avatar_gif_image_width = 80;
+
+ if ($pc_avatar_gif_image_width > $pc_max_avatar_gif_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_gif_image_width / $pc_avatar_gif_image_width) ;
+ $pc_avatar_gif_image_width = (int) ($pc_avatar_gif_image_width * $sizefactor);
+ $pc_avatar_gif_image_height = (int) ($pc_avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.gif border=0 width=";
+ echo $pc_avatar_gif_image_width;
+ echo " height=";
+ echo $pc_avatar_gif_image_height;
+ }
+ if (file_exists("images/avatar.jpg")) {
+ $pc_avatar_jpg_image_size = getimagesize("images/avatar.jpg");
+ $pc_avatar_jpg_image_width = $pc_avatar_jpg_image_size[0];
+ $pc_avatar_jpg_image_height = $pc_avatar_jpg_image_size[1];
+
+ $pc_max_avatar_jpg_image_width = 80;
+
+ if ($pc_avatar_jpg_image_width > $pc_max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_jpg_image_width / $pc_avatar_jpg_image_width) ;
+ $pc_avatar_jpg_image_width = (int) ($pc_avatar_jpg_image_width * $sizefactor);
+ $pc_avatar_jpg_image_height = (int) ($pc_avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.jpg border=0 width=";
+ echo $pc_avatar_jpg_image_width;
+ echo " height=";
+ echo $pc_avatar_jpg_image_height;
+ }
+ if (file_exists("images/avatar.png")) {
+ $pc_avatar_png_image_size = getimagesize("images/avatar.png");
+ $pc_avatar_png_image_width = $pc_avatar_png_image_size[0];
+ $pc_avatar_png_image_height = $pc_avatar_png_image_size[1];
+
+ $pc_max_avatar_png_image_width = 80;
+
+ if ($pc_avatar_png_image_width > $pc_max_avatar_png_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_png_image_width / $pc_avatar_png_image_width) ;
+ $pc_avatar_png_image_width = (int) ($pc_avatar_png_image_width * $sizefactor);
+ $pc_avatar_png_image_height = (int) ($pc_avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.png border=0 width=";
+ echo $pc_avatar_png_image_width;
+ echo " height=";
+ echo $pc_avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ elseif (file_exists("images/members/$pc_author/avatar.jpg") or file_exists("images/members/$pc_author/avatar.gif") or file_exists("images/members/$pc_author/avatar.png")) {
+ if (file_exists("images/members/$pc_author/avatar.gif")) {
+ $pc_avatar_gif_image_size = getimagesize("images/members/$pc_author/avatar.gif");
+ $pc_avatar_gif_image_width = $pc_avatar_gif_image_size[0];
+ $pc_avatar_gif_image_height = $pc_avatar_gif_image_size[1];
+
+ $pc_max_avatar_gif_image_width = 80;
+
+ if ($pc_avatar_gif_image_width > $pc_max_avatar_gif_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_gif_image_width / $pc_avatar_gif_image_width) ;
+ $pc_avatar_gif_image_width = (int) ($pc_avatar_gif_image_width * $sizefactor);
+ $pc_avatar_gif_image_height = (int) ($pc_avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$pc_author/avatar.gif border=0 width=";
+ echo $pc_avatar_gif_image_width;
+ echo " height=";
+ echo $pc_avatar_gif_image_height;
+ }
+ if (file_exists("images/members/$pc_author/avatar.jpg")) {
+ $pc_avatar_jpg_image_size = getimagesize("images/members/$pc_author/avatar.jpg");
+ $pc_avatar_jpg_image_width = $pc_avatar_jpg_image_size[0];
+ $pc_avatar_jpg_image_height = $pc_avatar_jpg_image_size[1];
+
+ $pc_max_avatar_jpg_image_width = 80;
+
+ if ($pc_avatar_jpg_image_width > $pc_max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_jpg_image_width / $pc_avatar_jpg_image_width) ;
+ $pc_avatar_jpg_image_width = (int) ($pc_avatar_jpg_image_width * $sizefactor);
+ $pc_avatar_jpg_image_height = (int) ($pc_avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$pc_author/avatar.jpg border=0 width=";
+ echo $pc_avatar_jpg_image_width;
+ echo " height=";
+ echo $pc_avatar_jpg_image_height;
+ }
+ if (file_exists("images/members/$pc_author/avatar.png")) {
+ $pc_avatar_png_image_size = getimagesize("images/members/$pc_author/avatar.png");
+ $pc_avatar_png_image_width = $pc_avatar_png_image_size[0];
+ $pc_avatar_png_image_height = $pc_avatar_png_image_size[1];
+
+ $pc_max_avatar_png_image_width = 80;
+
+ if ($pc_avatar_png_image_width > $pc_max_avatar_png_image_width) {
+ $sizefactor = (double) ($pc_max_avatar_png_image_width / $pc_avatar_png_image_width) ;
+ $pc_avatar_png_image_width = (int) ($pc_avatar_png_image_width * $sizefactor);
+ $pc_avatar_png_image_height = (int) ($pc_avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$pc_author/avatar.png border=0 width=";
+ echo $pc_avatar_png_image_width;
+ echo " height=";
+ echo $pc_avatar_png_image_height;
+ }
+ echo "><br>";
+ }
+ echo "$pc_author</a><br>";
+ if ((file_get_contents("data/username.txt") == $pc_author) and file_exists("data/rank.txt")) {
+ echo "administrator<br>";
+ }
+ elseif (file_exists("data/members/active/$pc_author/rank.txt") and file_exists("data/rank.txt")) {
+ $pc_rank = file_get_contents("data/members/active/$pc_author/rank.txt");
+ echo "$pc_rank<br>";
+ }
+ elseif (!file_exists("data/members/active/$pc_author/rank.txt") and file_exists("data/rank.txt")) {
+ echo "member<br>";
+ }
+
+ if ($pc_dh_posts = opendir("data/items")) {
+ while (($pc_entry_posts = readdir($pc_dh_posts)) !== false) {
+
+ if (file_exists("data/items/$pc_entry_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$pc_entry_posts/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $pc_post_cat_dir = file_get_contents("data/items/$pc_entry_posts/category.txt");
+
+ if (file_exists("data/categories/$pc_post_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$pc_entry_posts/cat.txt")) {
+ continue;
+ }
+
+ if ($pc_entry_posts != "." && $pc_entry_posts != ".." && fnmatch("*", $pc_entry_posts)) {
+ if (file_exists("data/members/active/$pc_author") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$pc_entry_posts/author.txt") and (file_get_contents("data/items/$pc_entry_posts/author.txt") == $pc_author)) {
+ $pc_items_posts[] = $pc_entry_posts;
+ }
+ }
+ elseif (!file_exists("data/members/active/$pc_author") and (file_get_contents("data/username.txt") == $pc_author) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$pc_entry_posts/author.txt") and (file_get_contents("data/items/$pc_entry_posts/author.txt") == $pc_author)) {
+ $pc_items_posts[] = $pc_entry_posts;
+ }
+ }
+ }
+ }
+ closedir($pc_dh_posts);
+ }
+ $pc_posts = count($pc_items_posts);
+ if ($pc_posts == 1) {
+ echo "$pc_posts post";
+ }
+ if ($pc_posts > 1) {
+ echo "$pc_posts posts";
+ }
+ unset($pc_items_posts);
+
+ echo "</p></td><td width=513 valign=top>";
+ }
+ else {
+ echo "<td width=598 valign=top>";
+ }
+
+ echo '<p><font style="font-size: 10px; color: #999999;">';
+ if ((file_exists("$dir/$d/comments/pending/$pending_comment/author.txt") and (file_exists("data/bb.txt") and !file_exists("data/avatar.txt")) or (file_exists("$dir/$d/comments/pending/$pending_comment/author.txt") and (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and !file_exists("data/avatar.txt"))))) {
+ $pxavatar_author = file_get_contents("$dir/$d/comments/pending/$pending_comment/author.txt");
+ echo "<a href=member.php?id=$pxavatar_author>$pxavatar_author</a> - ";
+ }
readfile("$dir/$d/comments/pending/$pending_comment/timestamp.txt");
echo '</font><font style="font-size: 5px;"><br><br></font>';
readfile("$dir/$d/comments/pending/$pending_comment/comment.txt");
- echo '</div>';
+ echo '</p></tr></table></div>';
unset($show_pending_comments);
echo '</td></tr></table></p>';
}
@@ -1734,6 +2783,27 @@ if (($start >= $increase) and ($start != 0)) {
if (isset($_REQUEST['archive']) and !empty($_REQUEST['archive'])) {
echo "archive={$_REQUEST['archive']}&";
}
+ if (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and file_exists("data/members/active/{$_REQUEST['author']}") and file_exists("data/bb.txt")) {
+ echo "author={$_REQUEST['author']}&";
+ }
+ if (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and !file_exists("data/members/active/{$_REQUEST['author']}") and (file_get_contents("data/username.txt") == $_REQUEST['author']) and file_exists("data/bb.txt")) {
+ echo "author={$_REQUEST['author']}&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "private")) {
+ echo "find=private&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "member")) {
+ echo "find=member&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "passwd")) {
+ echo "find=passwd&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "album")) {
+ echo "find=album&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "filedrop")) {
+ echo "find=filedrop&";
+ }
echo "start=" . ($start-$increase) . "\">previous</a></p></td>";
}
@@ -1745,6 +2815,27 @@ if ($end < sizeof($items)) {
if (isset($_REQUEST['archive']) and !empty($_REQUEST['archive'])) {
echo "archive={$_REQUEST['archive']}&";
}
+ if (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and file_exists("data/members/active/{$_REQUEST['author']}") and file_exists("data/bb.txt")) {
+ echo "author={$_REQUEST['author']}&";
+ }
+ if (isset($_REQUEST['author']) and !empty($_REQUEST['author']) and !file_exists("data/members/active/{$_REQUEST['author']}") and (file_get_contents("data/username.txt") == $_REQUEST['author']) and file_exists("data/bb.txt")) {
+ echo "author={$_REQUEST['author']}&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "private")) {
+ echo "find=private&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "member")) {
+ echo "find=member&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "passwd")) {
+ echo "find=passwd&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "album")) {
+ echo "find=album&";
+ }
+ if (isset($_REQUEST['find']) and !empty($_REQUEST['find']) and ($_REQUEST['find'] == "filedrop")) {
+ echo "find=filedrop&";
+ }
echo "start=" . ($start+$increase) . "\">next</a></p></td>";
}
?>
@@ -1764,6 +2855,10 @@ if ($dh_latest_items = opendir($dir)) {
continue;
}
+ if (file_exists("data/items/$entry_latest_items/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
$cat_dir = file_get_contents("data/items/$entry_latest_items/category.txt");
if (file_exists("data/categories/$cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_latest_items/cat.txt")) {
@@ -1811,6 +2906,71 @@ if ($count_latest_items > 0) {
echo '</div>';
?>
+<?php
+if (file_exists("data/bb.txt") and file_exists("data/bb-stats.txt")) {
+ echo "<div id=panel_title>Bulletin Board</div><div id=panel_body>";
+ if (file_exists("data/members/active") and file_exists("data/bb.txt")) {
+ if ($dh_active_list = opendir("data/members/active")) {
+ while (($entry_active_list = readdir($dh_active_list)) !== false) {
+ if ($entry_active_list != "." && $entry_active_list != ".." && fnmatch("*", $entry_active_list)) {
+ $show_active_list[] = $entry_active_list;
+ }
+ }
+ closedir($dh_active_list);
+ }
+
+ sort($show_active_list);
+ reset($show_active_list);
+ $count_active_list = count($show_active_list);
+ if ($count_active_list > 0) {
+ echo "Registered Members: $count_active_list";
+ }
+ }
+
+
+ if (file_exists("data/items")) {
+ if ($dh_mempost_list = opendir("data/items")) {
+ while (($entry_mempost_list = readdir($dh_mempost_list)) !== false) {
+
+ if (file_exists("data/items/$entry_mempost_list/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$entry_mempost_list/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $get_cat_dir = file_get_contents("data/items/$entry_mempost_list/category.txt");
+
+ if (file_exists("data/categories/$get_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_mempost_list/cat.txt")) {
+ continue;
+ }
+
+ if ($entry_mempost_list != "." && $entry_mempost_list != ".." && fnmatch("*", $entry_mempost_list)) {
+ $entry_mempost_list = substr("$entry_mempost_list",0,6);
+ $show_mempost_list[] = $entry_mempost_list;
+ }
+ }
+ closedir($dh_mempost_list);
+ }
+ rsort($show_mempost_list);
+ $count_mempost_list = count($show_mempost_list);
+ echo "<br>Total Posts: $count_mempost_list";
+ unset($show_mempost_list);
+ }
+
+ if (file_exists("data/bb-new.txt")) {
+ $bb_new = file_get_contents("data/bb-new.txt");
+ echo "<br>Newest User: <a href=member.php?id=$bb_new>$bb_new</a>";
+ }
+ if (file_exists("data/bb-last.txt")) {
+ $bb_last = file_get_contents("data/bb-last.txt");
+ echo "<br>Latest Login: <a href=member.php?id=$bb_last>$bb_last</a>";
+ }
+ echo "</div>";
+}
+?>
+
<form enctype="multipart/form-data" action="dig.php" method="post">
<div id=panel_title>Search</div>
<div id=panel_body>
@@ -1818,6 +2978,20 @@ if ($count_latest_items > 0) {
</div>
</form>
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
+ echo "<div id=panel_title>Find Entries</div><div id=panel_body>";
+ echo "<a href=index.php?find=private>Private</a>";
+ if (file_exists("data/bb.txt")) {
+ echo "<br><a href=index.php?find=member>Members-Only</a>";
+ }
+ echo "<br><a href=index.php?find=passwd>Password Protected</a>";
+ echo "<br><a href=index.php?find=filedrop>With Attached Files</a>";
+ echo "<br><a href=index.php?find=album>With Photo Album</a>";
+ echo "</div>";
+}
+?>
+
<?php
if (file_exists("data/categories")) {
if ($dh_categories = opendir("data/categories")) {
@@ -1851,7 +3025,7 @@ if ($count_latest_items > 0) {
$category_title = file_get_contents("data/categories/$category/title.txt");
}
else {
- $category_title = ucfirst($category);
+ $category_title = ucfirst(str_replace("_"," ",$category));
}
echo $category_title;
echo "</a><br />";
@@ -1887,6 +3061,7 @@ if ($count_latest_items > 0) {
echo '<br>Sitemap Requests: ';
readfile("data/sitemap.txt");
}
+
echo '</div>';
}
}
@@ -1941,7 +3116,72 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
}
?>
+<?php
+if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and file_exists("data/members/confirmed") and !file_exists("data/xapp.txt") and file_exists("data/bb.txt") and file_exists("data/reg.txt")) {
+ if ($dh_pending_list = opendir("data/members/confirmed")) {
+ while (($entry_pending_list = readdir($dh_pending_list)) !== false) {
+
+ if ($entry_pending_list != "." && $entry_pending_list != ".." && fnmatch("*", $entry_pending_list)) {
+ $show_pending_list[] = $entry_pending_list;
+ }
+ }
+ closedir($dh_pending_list);
+ }
+ sort($show_pending_list);
+ reset($show_pending_list);
+ $count_pending_list = count($show_pending_list);
+
+ if ($count_pending_list > 0) {
+ echo "<div id=panel_title>Pending Member";
+ if ($count_pending_list > 1) {
+ echo "s";
+ }
+ echo "</div><div id=panel_body>Please approve or deny $count_pending_list pending membership request";
+ if ($count_pending_list > 1) {
+ echo "s";
+ }
+ echo " below.</div>";
+ foreach ($show_pending_list as $pending_list_entry) {
+ echo "<div id=panel_title>$pending_list_entry";
+ echo '<a href=reg.php?username=';
+ echo $pending_list_entry;
+ echo '&key=';
+ readfile("data/members/confirmed/$pending_list_entry/key.txt");
+ echo '&action=deny><img src=images/widget.del.png border=0 width=11 height=11 align=right alt=deny></a><a href=reg.php?username=';
+ echo $pending_list_entry;
+ echo '&key=';
+ readfile("data/members/confirmed/$pending_list_entry/key.txt");
+ echo '&action=approve><img src=images/widget.cat.png border=0 width=11 height=11 align=right alt=approve></a></div>';
+ echo "<div id=panel_body>";
+ if (file_exists("data/members/confirmed/$pending_list_entry/url.txt")) {
+ echo "<a href=\"";
+ readfile("data/members/confirmed/$pending_list_entry/url.txt");
+ echo "\" target=_pending>";
+ }
+ readfile("data/members/confirmed/$pending_list_entry/firstname.txt");
+ echo " ";
+ readfile("data/members/confirmed/$pending_list_entry/lastname.txt");
+ if (file_exists("data/members/confirmed/$pending_list_entry/url.txt")) {
+ echo "</a>";
+ }
+ echo "<br>";
+ readfile("data/members/confirmed/$pending_list_entry/email.txt");
+ if (file_exists("data/members/confirmed/$pending_list_entry/timestamp.txt")) {
+ $confirmed = file_get_contents("data/members/confirmed/$pending_list_entry/timestamp.txt");
+ $confirmed_year = substr($confirmed,0,4);
+ $confirmed_month = substr($confirmed,4,2);
+ $confirmed_day = substr($confirmed,6,2);
+ $confirmed_hh = substr($confirmed,8,2);
+ $confirmed_mm = substr($confirmed,10,2);
+ $email_confirmed = date("d M Y H:i", mktime($confirmed_hh, $confirmed_mm, 0, $confirmed_month, $confirmed_day, $confirmed_year));
+ echo "<br>$email_confirmed";
+ }
+ echo "</div>";
+ }
+ }
+}
+?>
<?php
if (file_exists("data/albums")) {
@@ -1952,6 +3192,10 @@ if (file_exists("data/albums")) {
continue;
}
+ if (file_exists("data/items/$entry_album_list/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
$pull_cat_dir = file_get_contents("data/items/$entry_album_list/category.txt");
if (file_exists("data/categories/$pull_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_album_list/cat.txt")) {
@@ -1999,6 +3243,10 @@ if (file_exists("data/items")) {
continue;
}
+ if (file_exists("data/items/$entry_archive_list/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
$get_cat_dir = file_get_contents("data/items/$entry_archive_list/category.txt");
if (file_exists("data/categories/$get_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$entry_archive_list/cat.txt")) {
diff --git a/login.php b/login.php
index 0a1d2c6..b877dfe 100644
--- a/login.php
+++ b/login.php
@@ -5,6 +5,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
?>
<style>
@@ -60,8 +76,21 @@ a:active {
<?php
-$login_username = file_get_contents("data/username.txt");
-$login_password = file_get_contents("data/password.txt");
+if ($_REQUEST['username'] == file_get_contents("data/username.txt")) {
+ $login_username = file_get_contents("data/username.txt");
+ $login_password = file_get_contents("data/password.txt");
+ $last_login = "data/lastlog.txt";
+ $logins = "data/logins.txt";
+}
+
+if ($_REQUEST['username'] != file_get_contents("data/username.txt")) {
+ if (file_exists("data/members/active/{$_REQUEST['username']}") and file_exists("data/bb.txt")) {
+ $login_username = $_REQUEST['username'];
+ $login_password = file_get_contents("data/members/active/{$_REQUEST['username']}/password.txt");
+ $last_login = "data/members/active/{$_REQUEST['username']}/bb-last.txt";
+ $logins = "data/members/active/{$_REQUEST['username']}/bb-logins.txt";
+ }
+}
/* Fun with crypt! */
$crypt_password = sha1($_REQUEST['password']);
@@ -77,6 +106,23 @@ if ($login_username != $_REQUEST['username'] || $login_password != $crypt_passwo
$_SESSION['logged_in'] = $_REQUEST['username'];
+$lastlog = date("YmdHis", time() + $offset);
+$fp_lastlog_txt = fopen($last_login,"w");
+fwrite($fp_lastlog_txt,$lastlog);
+fclose($fp_lastlog_txt);
+
+if (file_exists("data/bb.txt") and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))) {
+ $fp_latest_login_txt = fopen("data/bb-last.txt","w");
+ fwrite($fp_latest_login_txt,$_SESSION['logged_in']);
+ fclose($fp_latest_login_txt);
+}
+
+$login_count = file_get_contents($logins);
+$login_count = $login_count + 1;
+$login_count_file = fopen($logins, "w");
+fwrite($login_count_file, $login_count);
+fclose($login_count_file);
+
if (isset($_SESSION['logged_in'])) {
echo '<p>You are now logged in as ' . $_SESSION['logged_in'] . '. Click <a href=index.php>here</a> to continue.</p>';
}
diff --git a/member.php b/member.php
new file mode 100644
index 0000000..ca1789b
--- /dev/null
+++ b/member.php
@@ -0,0 +1,785 @@
+<?php
+
+session_start();
+header("Cache-control: private");
+
+error_reporting(E_ERROR);
+
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
+if (file_exists("data/lite.txt")) {
+ exit();
+}
+
+if (!file_exists("data/bb.txt")) {
+ exit();
+}
+
+if (!isset($_REQUEST['id']) or empty($_REQUEST['id'])) {
+ exit();
+}
+
+if (isset($_REQUEST['id']) and ($_REQUEST['id'] != file_get_contents("data/username.txt")) and !file_exists("data/members/active/{$_REQUEST['id']}") and ($_REQUEST['id'] != "all")) {
+ exit();
+}
+
+$id = $_REQUEST['id'];
+
+$login_username = file_get_contents("data/username.txt");
+
+if (file_get_contents("data/username.txt") != $id) {
+ $member_firstname = file_get_contents("data/members/active/$id/firstname.txt");
+ $member_lastname = file_get_contents("data/members/active/$id/lastname.txt");
+}
+
+?>
+
+<style>
+
+body
+{
+ color: #666666;
+ margin: 0px 0px 10px 10px;
+ padding: 0px;
+ text-align: left;
+ font-family: verdana, helvetica, sans-serif;
+ background-color: #FFFFFF;
+ }
+
+p, td
+{
+ font-size: 11px;
+}
+
+a
+{
+ font-weight: bold;
+ text-decoration: none;
+}
+
+a:link
+{
+ color: #666666;
+}
+
+a:visited
+{
+ color: #666666;
+}
+
+a:hover
+{
+ color: #336699;
+}
+
+a:active {
+ color: #336699;
+}
+#panel_title
+{
+ font-family: verdana, helvetica, sans-serif;
+ font-size: 12px;
+ font-weight: bold;
+ color: #666666;
+ padding: 5px 5px 5px 5px;
+ background-color: transparent;
+ margin: 10px 0px 0px 0px;
+ border-color: #CCCCCC;
+ border-width: 1px 1px 0px 1px;
+ border-style: solid solid none solid;
+}
+#panel_body
+{
+ font-family: verdana, helvetica, sans-serif;
+ font-size: 11px;
+ color: #666666;
+ padding: 5px 5px 5px 5px;
+ background-color: transparent;
+ margin: 0px;
+ border-color: #CCCCCC;
+ border-width: 1px 1px 1px 1px;
+ border-style: solid solid solid solid;
+}
+#panel_footer
+{
+ font-family: verdana, helvetica, sans-serif;
+ font-size: 11px;
+ color: #666666;
+ padding: 5px 5px 5px 5px;
+ background-color: transparent;
+ margin: 0px;
+ border-color: #CCCCCC;
+ border-width: 0px 1px 1px 1px;
+ border-style: none solid solid solid;
+ text-align: right;
+}
+.submit {
+ color: #666666;
+ background: #ffffff;
+ border: #999999 solid 1px;
+ width: 100%;
+ font-family: verdana,helvetica,sans-serif;
+ font-size: 11px
+}
+</style>
+
+<?php if ($id == "all") {
+
+if (isset($_REQUEST['edit']) and !empty($_REQUEST['edit']) and ($_REQUEST['edit'] == "on") and isset($_REQUEST['username']) and !empty($_REQUEST['username']) and file_exists("data/members/active/{$_REQUEST['username']}") and isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+
+ if (isset($_REQUEST['rw']) and !empty($_REQUEST['rw']) and ($_REQUEST['rw'] == "on") and !file_exists("data/members/active/{$_REQUEST['username']}/rw.txt")) {
+ touch("data/members/active/{$_REQUEST['username']}/rw.txt");
+ }
+
+ if ((!isset($_REQUEST['rw']) or empty($_REQUEST['rw'])) and file_exists("data/members/active/{$_REQUEST['username']}/rw.txt")) {
+ unlink("data/members/active/{$_REQUEST['username']}/rw.txt");
+ }
+
+ if (isset($_REQUEST['ul']) and !empty($_REQUEST['ul']) and ($_REQUEST['ul'] == "on") and !file_exists("data/members/active/{$_REQUEST['username']}/ul.txt")) {
+ touch("data/members/active/{$_REQUEST['username']}/ul.txt");
+ }
+
+ if ((!isset($_REQUEST['ul']) or empty($_REQUEST['ul'])) and file_exists("data/members/active/{$_REQUEST['username']}/ul.txt")) {
+ unlink("data/members/active/{$_REQUEST['username']}/ul.txt");
+ }
+
+ if (isset($_REQUEST['noml']) and !empty($_REQUEST['noml']) and ($_REQUEST['noml'] == "on") and !file_exists("data/members/active/{$_REQUEST['username']}/noml.txt")) {
+ touch("data/members/active/{$_REQUEST['username']}/noml.txt");
+ }
+
+ if ((!isset($_REQUEST['noml']) or empty($_REQUEST['noml'])) and file_exists("data/members/active/{$_REQUEST['username']}/noml.txt")) {
+ unlink("data/members/active/{$_REQUEST['username']}/noml.txt");
+ }
+
+ if (isset($_REQUEST['rank']) and !empty($_REQUEST['rank']) and (strtolower($_REQUEST['rank']) != "member")) {
+ $rank_file = "data/members/active/{$_REQUEST['username']}/rank.txt";
+ $fp_rank_txt = fopen($rank_file,"w");
+ fwrite($fp_rank_txt,$_REQUEST['rank']);
+ fclose($fp_rank_txt);
+ }
+
+ if ((!isset($_REQUEST['rank']) or empty($_REQUEST['rank'])) and file_exists("data/members/active/{$_REQUEST['username']}/rank.txt")) {
+ unlink("data/members/active/{$_REQUEST['username']}/rank.txt");
+ }
+
+ if (isset($_REQUEST['del']) and !empty($_REQUEST['del']) and ($_REQUEST['del'] == "on")) {
+ function rmdirr($recurse_dirname)
+ {
+
+ if (!file_exists($recurse_dirname)) {
+ return false;
+ }
+
+ if (is_file($recurse_dirname)) {
+ return unlink($recurse_dirname);
+ }
+
+ $recurse_dir = dir($recurse_dirname);
+ while (false !== $recurse_entry = $recurse_dir->read()) {
+
+ if ($recurse_entry == '.' || $recurse_entry == '..') {
+ continue;
+ }
+
+ rmdirr("$recurse_dirname/$recurse_entry");
+ }
+
+ $recurse_dir->close();
+ return rmdir($recurse_dirname);
+ }
+ rmdirr("data/members/active/{$_REQUEST['username']}");
+ }
+}
+
+
+?>
+
+<table border=0 cellspacing=0 cellpadding=0 bgcolor=#CCCCCC style="background-color: transparent;" width=525><tr><td><div id=panel_title>Members</div><div id=panel_body><table border=0 cellspacing=1 cellpadding=2 bgcolor=#cccccc width=513>
+<tr><td bgcolor=#eeeeee align=center><p>status</p></td><td bgcolor=#eeeeee align=center><p>username</p></td><td bgcolor=#eeeeee align=center><p>member since</p></td><td bgcolor=#eeeeee align=center><p>logins</p></td><td bgcolor=#eeeeee align=center><p>posts</p></td><?php
+
+if (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+ echo "<td bgcolor=#eeeeee align=center><p>rw</p></td><td bgcolor=#eeeeee align=center><p>ul</p></td><td bgcolor=#eeeeee align=center><p>noml</p></td><td bgcolor=#eeeeee align=center><p>delete</p></td><td bgcolor=#eeeeee align=center><p>rank</p></td><td bgcolor=#eeeeee align=center><p>action</p></td>";
+}
+
+?></tr>
+
+<?php
+
+$show_member_list[] = file_get_contents("data/username.txt");
+
+if (file_exists("data/members/active")) {
+ if ($dh_member_list = opendir("data/members/active")) {
+ while (($entry_member_list = readdir($dh_member_list)) !== false) {
+ if ($entry_member_list != "." && $entry_member_list != ".." && fnmatch("*", $entry_member_list)) {
+ $show_member_list[] = $entry_member_list;
+ }
+ }
+ closedir($dh_member_list);
+ }
+
+ sort($show_member_list);
+ reset($show_member_list);
+ $count_member_list = count($show_member_list);
+
+ if ($count_member_list > 0) {
+
+ $sess_dir = session_save_path();
+
+ if (file_exists("data/bb-idle.txt")) {
+ $idle = file_get_contents("data/bb-idle.txt");
+ }
+ else {
+ $idle = 15;
+ }
+
+ foreach ($show_member_list as $member_list_entry) {
+ echo "<tr><td bgcolor=#ffffff align=center><p>";
+
+ $sess_count = 0;
+
+ if (is_dir($sess_dir)) {
+ if ($sess_dh = opendir($sess_dir)) {
+ while (($sess_file = readdir($sess_dh)) !== false) {
+ if ($sess_file != '.' && $sess_file != '..') {
+ if ((time() - fileatime("$sess_dir/$sess_file")) < ($idle * 60)) {
+
+ $sess_content = file_get_contents("$sess_dir/$sess_file");
+
+
+ if (preg_match("/logged_in/",$sess_content)) {
+ if (preg_match("/$member_list_entry/",$sess_content)) {
+ $sess_count++;
+ }
+ }
+ }
+ }
+ }
+ closedir($sess_dh);
+ }
+ }
+
+ if (($sess_count > 0) or (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $member_list_entry))) {
+ echo "<img src=images/smileys/smile.png>";
+ }
+ else {
+ echo "<img src=images/smileys/offline.png>";
+ }
+
+ echo "</p></td><td bgcolor=#ffffff><p><a href=member.php?id=$member_list_entry>$member_list_entry</a></p></td>";
+
+ if ($member_list_entry == file_get_contents("data/username.txt") or (file_exists("data/members/active/$member_list_entry") and !file_exists("data/members/active/$member_list_entry/timestamp.txt"))) {
+ echo "<td bgcolor=#ffffff align=center><p><nobr><code>-</code></nobr></p></td>";
+ }
+
+ if (file_exists("data/members/active/$member_list_entry") and ($member_list_entry != file_get_contents("data/username.txt")) and file_exists("data/members/active/$member_list_entry/timestamp.txt")) {
+ $joined = file_get_contents("data/members/active/$member_list_entry/timestamp.txt");
+ $joined_year = substr($joined,0,4);
+ $joined_month = substr($joined,4,2);
+ $joined_day = substr($joined,6,2);
+ $member_since = date("d M Y", mktime(0, 0, 0, $joined_month, $joined_day, $joined_year));
+ echo "<td bgcolor=#ffffff align=center><p><nobr><code>$member_since</code></nobr></p></td>";
+ }
+
+ if ((file_get_contents("data/username.txt") == $member_list_entry) and file_exists("data/logins.txt")) {
+ $logins = file_get_contents("data/logins.txt");
+ echo "<td bgcolor=#ffffff align=right><p><code>$logins</code></p></td>";
+ }
+ elseif (file_exists("data/members/active/$member_list_entry") and file_exists("data/members/active/$member_list_entry/bb-logins.txt")) {
+ $logins = file_get_contents("data/members/active/$member_list_entry/bb-logins.txt");
+ echo "<td bgcolor=#ffffff align=right><p><code>$logins</code></p></td>";
+ }
+
+ if ((file_get_contents("data/username.txt") == $member_list_entry) and !file_exists("data/logins.txt")) {
+ echo "<td bgcolor=#ffffff align=right><p><code>0</code></p></td>";
+ }
+ elseif (file_exists("data/members/active/$member_list_entry") and !file_exists("data/members/active/$member_list_entry/bb-logins.txt")) {
+ echo "<td bgcolor=#ffffff align=right><p><code>0</code></p></td>";
+ }
+
+ if ($dh_posts = opendir("data/items")) {
+ while (($member_posts = readdir($dh_posts)) !== false) {
+
+ if (file_exists("data/items/$member_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$member_posts/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $post_cat_dir = file_get_contents("data/items/$member_posts/category.txt");
+
+ if (file_exists("data/categories/$post_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$member_posts/cat.txt")) {
+ continue;
+ }
+
+ if ($member_posts != "." && $member_posts != ".." && fnmatch("*", $member_posts)) {
+ if (file_exists("data/members/active/$member_list_entry") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$member_posts/author.txt") and (file_get_contents("data/items/$member_posts/author.txt") == $member_list_entry)) {
+ $items_posts[] = $member_posts;
+ }
+ }
+ elseif (!file_exists("data/members/active/$member_list_entry") and (file_get_contents("data/username.txt") == $member_list_entry) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$member_posts/author.txt") and (file_get_contents("data/items/$member_posts/author.txt") == $member_list_entry)) {
+ $items_posts[] = $member_posts;
+ }
+ }
+ }
+ }
+ closedir($dh_posts);
+ }
+
+ $posts = count($items_posts);
+ echo "<td bgcolor=#ffffff align=right><p><code>$posts</code></p></td>";
+ unset($items_posts);
+
+ if (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
+
+ if (($member_list_entry != file_get_contents("data/username.txt")) and file_exists("data/members/active/$member_list_entry")) {
+
+ echo "<form action=member.php method=post><input type=hidden name=id value=all><input type=hidden name=edit value=on><input type=hidden name=username value=$member_list_entry>";
+ echo "<td bgcolor=#ffffff align=center><p><input type=checkbox name=rw";
+ if (file_exists("data/members/active/$member_list_entry/rw.txt")) {
+ echo " checked";
+ }
+ echo "></p></td><td bgcolor=#ffffff align=center><p><input type=checkbox name=ul";
+ if (file_exists("data/members/active/$member_list_entry/ul.txt")) {
+ echo " checked";
+ }
+ echo "></p></td><td bgcolor=#ffffff align=center><p><input type=checkbox name=noml";
+ if (file_exists("data/members/active/$member_list_entry/noml.txt")) {
+ echo " checked";
+ }
+ echo "></p></td><td bgcolor=#ffffff align=center><p><input type=checkbox name=del></p></td><td bgcolor=#ffffff align=center><p><input class=submit type=text name=rank autocomplete=off value=\"";
+ if (file_exists("data/members/active/$member_list_entry/rank.txt")) {
+ readfile("data/members/active/$member_list_entry/rank.txt");
+ }
+ else {
+ echo member;
+ }
+ echo "\"></p></td><td bgcolor=#ffffff align=center><p><input class=submit type=submit value=submit></p></td></form>";
+ }
+ if ($member_list_entry == file_get_contents("data/username.txt")) {
+ echo "<td colspan=6 bgcolor=#ffffff align=center><p><a href=settings.php>administrator settings</a></p></td>";
+ }
+ }
+ }
+ }
+}
+?>
+
+</table></div><div id=panel_footer><font style="font-size: 10px; color: #999999;"><a href=index.php>home</a> | <a href=member.php?id=all>members</a> | <a href=login.php>
+<?php
+if (isset($_SESSION['logged_in'])) {
+ echo "logout";
+}
+else {
+ echo "login";
+}
+?>
+</a></font></div>
+</td></tr></table>
+
+<?php exit(); } ?>
+
+<table border=0 cellspacing=0 cellpadding=0 bgcolor=#CCCCCC style="background-color: transparent;"><tr><td width=525><div id=panel_title><?php
+
+if (file_get_contents("data/username.txt") == $id) {
+ readfile("data/author.txt");
+ if (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) and !file_exists("data/members/active/{$_SESSION['logged_in']}")) {
+ echo " <";
+ readfile("data/email.txt");
+ echo " >";
+ }
+}
+else {
+ echo "$member_firstname $member_lastname";
+
+ if (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) and !file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/members/active/$id/email.txt")) {
+ $email = file_get_contents("data/members/active/$id/email.txt");
+ $email = str_replace("@"," at ",$email);
+ echo " <$email>";
+ }
+
+}
+
+
+?></div><div id=panel_body><table border=0 cellspacing=0 cellpadding=0><tr><td width=90 valign=top><p>
+
+<?php
+
+
+if ((file_get_contents("data/username.txt") == $id) and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
+ if (file_exists("images/avatar.gif")) {
+ $avatar_gif_image_size = getimagesize("images/avatar.gif");
+ $avatar_gif_image_width = $avatar_gif_image_size[0];
+ $avatar_gif_image_height = $avatar_gif_image_size[1];
+
+ $max_avatar_gif_image_width = 80;
+
+ if ($avatar_gif_image_width > $max_avatar_gif_image_width) {
+ $sizefactor = (double) ($max_avatar_gif_image_width / $avatar_gif_image_width) ;
+ $avatar_gif_image_width = (int) ($avatar_gif_image_width * $sizefactor);
+ $avatar_gif_image_height = (int) ($avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.gif border=0 width=";
+ echo $avatar_gif_image_width;
+ echo " height=";
+ echo $avatar_gif_image_height;
+ }
+ if (file_exists("images/avatar.jpg")) {
+ $avatar_jpg_image_size = getimagesize("images/avatar.jpg");
+ $avatar_jpg_image_width = $avatar_jpg_image_size[0];
+ $avatar_jpg_image_height = $avatar_jpg_image_size[1];
+
+ $max_avatar_jpg_image_width = 80;
+
+ if ($avatar_jpg_image_width > $max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($max_avatar_jpg_image_width / $avatar_jpg_image_width) ;
+ $avatar_jpg_image_width = (int) ($avatar_jpg_image_width * $sizefactor);
+ $avatar_jpg_image_height = (int) ($avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.jpg border=0 width=";
+ echo $avatar_jpg_image_width;
+ echo " height=";
+ echo $avatar_jpg_image_height;
+ }
+ if (file_exists("images/avatar.png")) {
+ $avatar_png_image_size = getimagesize("images/avatar.png");
+ $avatar_png_image_width = $avatar_png_image_size[0];
+ $avatar_png_image_height = $avatar_png_image_size[1];
+
+ $max_avatar_png_image_width = 80;
+
+ if ($avatar_png_image_width > $max_avatar_png_image_width) {
+ $sizefactor = (double) ($max_avatar_png_image_width / $avatar_png_image_width) ;
+ $avatar_png_image_width = (int) ($avatar_png_image_width * $sizefactor);
+ $avatar_png_image_height = (int) ($avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/avatar.png border=0 width=";
+ echo $avatar_png_image_width;
+ echo " height=";
+ echo $avatar_png_image_height;
+ }
+echo "><br>";
+}
+elseif (file_exists("images/members/$id/avatar.jpg") or file_exists("images/members/$id/avatar.gif") or file_exists("images/members/$id/avatar.png")) {
+ if (file_exists("images/members/$id/avatar.gif")) {
+ $avatar_gif_image_size = getimagesize("images/members/$id/avatar.gif");
+ $avatar_gif_image_width = $avatar_gif_image_size[0];
+ $avatar_gif_image_height = $avatar_gif_image_size[1];
+
+ $max_avatar_gif_image_width = 80;
+
+ if ($avatar_gif_image_width > $max_avatar_gif_image_width) {
+ $sizefactor = (double) ($max_avatar_gif_image_width / $avatar_gif_image_width) ;
+ $avatar_gif_image_width = (int) ($avatar_gif_image_width * $sizefactor);
+ $avatar_gif_image_height = (int) ($avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$id/avatar.gif border=0 width=";
+ echo $avatar_gif_image_width;
+ echo " height=";
+ echo $avatar_gif_image_height;
+ }
+ if (file_exists("images/members/$id/avatar.jpg")) {
+ $avatar_jpg_image_size = getimagesize("images/members/$id/avatar.jpg");
+ $avatar_jpg_image_width = $avatar_jpg_image_size[0];
+ $avatar_jpg_image_height = $avatar_jpg_image_size[1];
+
+ $max_avatar_jpg_image_width = 80;
+
+ if ($avatar_jpg_image_width > $max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($max_avatar_jpg_image_width / $avatar_jpg_image_width) ;
+ $avatar_jpg_image_width = (int) ($avatar_jpg_image_width * $sizefactor);
+ $avatar_jpg_image_height = (int) ($avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$id/avatar.jpg border=0 width=";
+ echo $avatar_jpg_image_width;
+ echo " height=";
+ echo $avatar_jpg_image_height;
+ }
+ if (file_exists("images/members/$id/avatar.png")) {
+ $avatar_png_image_size = getimagesize("images/members/$id/avatar.png");
+ $avatar_png_image_width = $avatar_png_image_size[0];
+ $avatar_png_image_height = $avatar_png_image_size[1];
+
+ $max_avatar_png_image_width = 80;
+
+ if ($avatar_png_image_width > $max_avatar_png_image_width) {
+ $sizefactor = (double) ($max_avatar_png_image_width / $avatar_png_image_width) ;
+ $avatar_png_image_width = (int) ($avatar_png_image_width * $sizefactor);
+ $avatar_png_image_height = (int) ($avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/$id/avatar.png border=0 width=";
+ echo $avatar_png_image_width;
+ echo " height=";
+ echo $avatar_png_image_height;
+ }
+echo "><br>";
+}
+echo "<b>$id</b><br>";
+
+if ((file_get_contents("data/username.txt") == $id) and file_exists("data/rank.txt")) {
+ echo "administrator";
+}
+elseif (file_exists("data/members/active/$id/rank.txt") and file_exists("data/rank.txt")) {
+ $rank = file_get_contents("data/members/active/$id/rank.txt");
+ echo "$rank";
+}
+elseif (!file_exists("data/members/active/$id/rank.txt") and file_exists("data/rank.txt")) {
+ echo "member";
+}
+
+?>
+
+
+</p></td><td width=435 valign=top><table border=0 cellspacing=0 cellpadding=2>
+
+<?php
+if ((file_get_contents("data/username.txt") == $id) and file_exists("data/url.txt") and isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in'])) {
+ $member_url = file_get_contents("data/url.txt");
+ echo "<tr><td width=75><p>website</p></td><td><p><a href=$member_url target=_majbb><code>$member_url</code></a></p></td></tr>";
+}
+elseif (file_exists("data/members/active/$id/url.txt") and isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in'])) {
+ $member_url = file_get_contents("data/members/active/$id/url.txt");
+ echo "<tr><td width=75><p>website</p></td><td><p><a href=$member_url target=_majbb><code>$member_url</code></a></p></td></tr>";
+}
+
+if (file_exists("data/members/active/$id/timestamp.txt")) {
+ $joined = file_get_contents("data/members/active/$id/timestamp.txt");
+ $joined_year = substr($joined,0,4);
+ $joined_month = substr($joined,4,2);
+ $joined_day = substr($joined,6,2);
+ $joined_hh = substr($joined,8,2);
+ $joined_mm = substr($joined,10,2);
+ $member_since = date("d M Y H:i", mktime($joined_hh, $joined_mm, 0, $joined_month, $joined_day, $joined_year));
+ echo "<tr><td width=75><p>member since</p></td><td><p><code>$member_since</code></p></td></tr>";
+}
+
+if ((file_get_contents("data/username.txt") == $id) and file_exists("data/lastlog.txt")) {
+ $lastlog = file_get_contents("data/lastlog.txt");
+ $lastlog_year = substr($lastlog,0,4);
+ $lastlog_month = substr($lastlog,4,2);
+ $lastlog_day = substr($lastlog,6,2);
+ $lastlog_hh = substr($lastlog,8,2);
+ $lastlog_mm = substr($lastlog,10,2);
+ $last_login = date("d M Y H:i", mktime($lastlog_hh, $lastlog_mm, 0, $lastlog_month, $lastlog_day, $lastlog_year));
+ echo "<tr><td width=75><p>last login</p></td><td><p><code>$last_login</code></p></td></tr>";
+}
+elseif (file_exists("data/members/active/$id/bb-last.txt")) {
+ $lastlog = file_get_contents("data/members/active/$id/bb-last.txt");
+ $lastlog_year = substr($lastlog,0,4);
+ $lastlog_month = substr($lastlog,4,2);
+ $lastlog_day = substr($lastlog,6,2);
+ $lastlog_hh = substr($lastlog,8,2);
+ $lastlog_mm = substr($lastlog,10,2);
+ $last_login = date("d M Y H:i", mktime($lastlog_hh, $lastlog_mm, 0, $lastlog_month, $lastlog_day, $lastlog_year));
+ echo "<tr><td width=75><p>last login</p></td><td><p><code>$last_login</code></p></td></tr>";
+}
+
+if ((file_get_contents("data/username.txt") == $id) and file_exists("data/lastpost.txt")) {
+ $lastpost = file_get_contents("data/lastpost.txt");
+ $lastpost_year = substr($lastpost,0,4);
+ $lastpost_month = substr($lastpost,4,2);
+ $lastpost_day = substr($lastpost,6,2);
+ $lastpost_hh = substr($lastpost,8,2);
+ $lastpost_mm = substr($lastpost,10,2);
+ $last_post = date("d M Y H:i", mktime($lastpost_hh, $lastpost_mm, 0, $lastpost_month, $lastpost_day, $lastpost_year));
+ echo "<tr><td width=75><p>last post</p></td><td><p><code>$last_post</code></p></td></tr>";
+}
+elseif (file_exists("data/members/active/$id/bb-post.txt")) {
+ $lastpost = file_get_contents("data/members/active/$id/bb-post.txt");
+ $lastpost_year = substr($lastpost,0,4);
+ $lastpost_month = substr($lastpost,4,2);
+ $lastpost_day = substr($lastpost,6,2);
+ $lastpost_hh = substr($lastpost,8,2);
+ $lastpost_mm = substr($lastpost,10,2);
+ $last_post = date("d M Y H:i", mktime($lastpost_hh, $lastpost_mm, 0, $lastpost_month, $lastpost_day, $lastpost_year));
+ echo "<tr><td width=75><p>last post</p></td><td><p><code>$last_post</code></p></td></tr>";
+}
+
+if (file_get_contents("data/username.txt") == $id) {
+ if (!file_exists("data/bb-views.txt")) {
+ $views = 0;
+ }
+ else {
+ $views = file_get_contents("data/bb-views.txt");
+ }
+ if (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ $views = $views + 1;
+ $views_file = fopen("data/bb-views.txt", "w");
+ fwrite($views_file, $views);
+ fclose($views_file);
+ }
+ echo "<tr><td width=75><p>profile views</p></td><td><p><code>$views</code></p></td></tr>";
+}
+elseif (file_exists("data/members/active/$id")) {
+ if (!file_exists("data/members/active/$id/bb-views.txt")) {
+ $views = 0;
+ }
+ else {
+ $views = file_get_contents("data/members/active/$id/bb-views.txt");
+ }
+ if (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != $id))) {
+ if (!isset($_SESSION['logged_in']) or empty($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
+ $views = $views + 1;
+ $views_file = fopen("data/members/active/$id/bb-views.txt", "w");
+ fwrite($views_file, $views);
+ fclose($views_file);
+ }
+ }
+ echo "<tr><td width=75><p>profile views</p></td><td><p><code>$views</code></p></td></tr>";
+}
+
+if ((file_get_contents("data/username.txt") == $id) and file_exists("data/logins.txt")) {
+ $logins = file_get_contents("data/logins.txt");
+ echo "<tr><td width=75><p>total logins</p></td><td><p><code>$logins</code></p></td></tr>";
+}
+elseif (file_exists("data/members/active/$id") and file_exists("data/members/active/$id/bb-logins.txt")) {
+ $logins = file_get_contents("data/members/active/$id/bb-logins.txt");
+ echo "<tr><td width=75><p>total logins</p></td><td><p><code>$logins</code></p></td></tr>";
+}
+
+if ($dh_posts = opendir("data/items")) {
+ while (($member_posts = readdir($dh_posts)) !== false) {
+
+ $total_posts[] = $member_posts;
+
+ if (file_exists("data/items/$member_posts/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+ continue;
+ }
+
+ if (file_exists("data/items/$member_posts/member.txt") and (!isset($_SESSION['logged_in']))) {
+ continue;
+ }
+
+ $post_cat_dir = file_get_contents("data/items/$member_posts/category.txt");
+
+ if (file_exists("data/categories/$post_cat_dir/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) and !file_exists("data/items/$member_posts/cat.txt")) {
+ continue;
+ }
+
+ if ($member_posts != "." && $member_posts != ".." && fnmatch("*", $member_posts)) {
+ if (file_exists("data/members/active/$id") and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$member_posts/author.txt") and (file_get_contents("data/items/$member_posts/author.txt") == $id)) {
+ $items_posts[] = $member_posts;
+ }
+ }
+ elseif (!file_exists("data/members/active/$id") and (file_get_contents("data/username.txt") == $id) and file_exists("data/bb.txt")) {
+ if (file_exists("data/items/$member_posts/author.txt") and (file_get_contents("data/items/$member_posts/author.txt") == $id)) {
+ $items_posts[] = $member_posts;
+ }
+ }
+ }
+ }
+ closedir($dh_posts);
+}
+
+$posts = count($items_posts);
+$all_posts = count($total_posts);
+$ratio_posts = (($posts/$all_posts) * 90);
+$ratio_posts = number_format($ratio_posts,2);
+echo "<tr><td width=75><p>total posts</p></td><td><p><code>$posts</code></p></td></tr>";
+echo "<tr><td width=75><p> </p></td><td><p><code>{$ratio_posts}% of total</code></p></td></tr>";
+if ($posts > 0) {
+ echo "<tr><td width=75><p> </p></td><td><p><a href=index.php?author=$id><code>find all posts by $id</code></a></p></td></tr>";
+}
+unset($items_posts);
+unset($total_posts);
+
+?>
+
+<tr><td><p>permissions</p></td><td><p><code>
+<?php
+if ($id == file_get_contents("data/username.txt")) {
+ echo "rw";
+}
+if (($id != file_get_contents("data/username.txt")) and file_exists("data/members/active/$id")) {
+ if (file_exists("data/members/active/$id/rw.txt")) {
+ echo "rw";
+ }
+ else {
+ echo "ro";
+ }
+}
+if (($id != file_get_contents("data/username.txt")) and file_exists("data/members/active/$id")) {
+ if (file_exists("data/members/active/$id/ul.txt")) {
+ echo " upload";
+ }
+}
+?>
+</code></p></td></tr>
+<tr><td><p>status</p></td><td><p><code>
+<?php
+$sess_dir = session_save_path();
+
+if (file_exists("data/bb-idle.txt")) {
+ $idle = file_get_contents("data/bb-idle.txt");
+}
+else {
+ $idle = 15;
+}
+
+$sess_count = 0;
+
+if (is_dir($sess_dir)) {
+ if ($sess_dh = opendir($sess_dir)) {
+ while (($sess_file = readdir($sess_dh)) !== false) {
+ if ($sess_file != '.' && $sess_file != '..') {
+ if ((time() - fileatime("$sess_dir/$sess_file")) < ($idle * 60)) {
+
+ $sess_content = file_get_contents("$sess_dir/$sess_file");
+
+ if (preg_match("/logged_in/",$sess_content)) {
+ if (preg_match("/$id/",$sess_content)) {
+ $sess_count++;
+ }
+ }
+ }
+ }
+ }
+ closedir($sess_dh);
+ }
+}
+
+if (($sess_count > 0) or (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $id))) {
+ echo "online";
+}
+else {
+ echo "offline";
+}
+?>
+</code></p></td></tr>
+
+</table></td></tr></table></div>
+<div id=panel_footer><font style="font-size: 10px; color: #999999;"><a href=index.php>home</a> | <a href=member.php?id=all>members</a> | <a href=login.php>
+<?php
+if (isset($_SESSION['logged_in'])) {
+ echo "logout";
+}
+else {
+ echo "login";
+}
+?>
+</a></font></div>
+</td></tr></table>
diff --git a/options.php b/options.php
new file mode 100644
index 0000000..d38b7a5
--- /dev/null
+++ b/options.php
@@ -0,0 +1,482 @@
+<?php
+
+session_start();
+header("Cache-control: private");
+
+error_reporting(E_ERROR);
+
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
+if (file_exists("data/lite.txt")) {
+ exit();
+}
+
+if (!file_exists("data/bb.txt")) {
+ exit();
+}
+
+?>
+
+<style>
+body
+{
+ color: #666666;
+ margin: 10px;
+ padding: 0px;
+ text-align: left;
+ font-family: verdana, helvetica, sans-serif;
+ background-color: #FFFFFF;
+}
+p
+{
+ font-size: 11px;
+}
+a
+{
+ font-weight: bold;
+ text-decoration: none;
+}
+a:link, a:visited
+{
+ color: #666666;
+}
+a:hover
+{
+ color: #336699;
+}
+a:active {
+ color: #336699;
+}
+.input {
+ color: #666666;
+ background: #ffffff;
+ border: #999999 solid 1px;
+ width: 300px;
+ font-family: verdana,helvetica,sans-serif;
+ font-size: 11px;
+ font-weight: normal;
+}
+</style>
+
+<?php
+
+if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and isset($_REQUEST['key']) and !empty($_REQUEST['key'])) {
+
+ $username = $_REQUEST['username'];
+
+ if (file_exists("data/members/active/$username") and ($_REQUEST['key'] == file_get_contents("data/members/active/$username/key.txt"))) {
+ unlink("data/members/active/$username/key.txt");
+ unlink("data/members/active/$username/vacation.txt");
+ unlink("data/members/active/$username/email.txt");
+ rename("data/members/active/$username/new-email.txt","data/members/active/$username/email.txt");
+ echo "<p><font style=\"font-size: 12px;\"><b>Thanks!</b></font></p><p>You have successfully verified your new e-mail address.<br>Click <a href=index.php>here</a> to go to the index page.</p>";
+ }
+ exit();
+}
+
+if (!isset($_SESSION['logged_in'])) {
+ exit();
+}
+
+if ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) {
+ exit();
+}
+
+if (!file_exists("data/members/active/{$_SESSION['logged_in']}")) {
+ exit();
+}
+
+if (isset($_REQUEST['email']) and !empty($_REQUEST['email']) and (file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt") != $_REQUEST['email']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email']))) {
+ $email_write_content = strtolower($_REQUEST['email']);
+ $email_write_content = trim($email_write_content);
+ $email_write_content = htmlentities($email_write_content, ENT_NOQUOTES);
+ $fp_email_txt = fopen("data/members/active/{$_SESSION['logged_in']}/new-email.txt","w");
+ fwrite($fp_email_txt,$email_write_content);
+ fclose($fp_email_txt);
+
+ function str_rand($length = 8, $seeds = 'abcdefghijklmnopqrstuvwxyz0123456789') {
+ $str = '';
+ $seeds_count = strlen($seeds);
+
+ list($usec, $sec) = explode(' ', microtime());
+ $seed = (float) $sec + ((float) $usec * 100000);
+ mt_srand($seed);
+
+ for ($i = 0; $length > $i; $i++) {
+ $str .= $seeds{mt_rand(0, $seeds_count - 1)};
+ }
+
+ return $str;
+ }
+
+ $key_email = str_rand(40);
+
+ $fp_key_txt = fopen("data/members/active/{$_SESSION['logged_in']}/key.txt","w");
+ fwrite($fp_key_txt,$key_email);
+ fclose($fp_key_txt);
+
+ $firstname = file_get_contents("data/members/active/{$_SESSION['logged_in']}/firstname.txt");
+
+ $old_email = file_get_contents("data/members/active/{$_SESSION['logged_in']}/email.txt");
+
+ $mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+
+ $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $sig_url = str_replace('//', '/', $sig_url);
+ $sig_url = "http://" . $sig_url;
+
+ $sig_author = file_get_contents("data/author.txt");
+ $from_email = file_get_contents("data/email.txt");
+
+ $confirm_change = "Hi $firstname,\n\nWe have received an e-mail address modification request ($old_email to $email_write_content) at $sig_url. To confirm this, simply visit this link:\n\n{$sig_url}options.php?username={$_SESSION['logged_in']}&key=$key_email\n\nIf you have any questions, send them to $from_email.\n\nThanks!\n\n--\n$sig_author\n$sig_url\n";
+
+ $confirm_change = wordwrap($confirm_change);
+
+ mail($email_write_content, "confirm $key_email", $confirm_change,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ echo "<p>Confirmation request sent. Check your $email_write_content inbox for details.</p>";
+}
+
+if ((!isset($_REQUEST['url']) or empty($_REQUEST['url'])) and isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ unlink("data/members/active/{$_SESSION['logged_in']}/url.txt");
+}
+
+if (isset($_REQUEST['url']) and !empty($_REQUEST['url']) and (ereg("\.", $_REQUEST['url']))) {
+ $url = str_replace('http://', '', $_REQUEST['url']);
+ $url = strtolower($url);
+ $url = trim($url);
+ $url = 'http://' . $url;
+ $url = htmlentities($url, ENT_NOQUOTES);
+ $fp_url_txt = fopen("data/members/active/{$_SESSION['logged_in']}/url.txt","w");
+ fwrite($fp_url_txt,$url);
+ fclose($fp_url_txt);
+}
+
+if ((!isset($_REQUEST['sig']) or empty($_REQUEST['sig'])) and isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ unlink("data/members/active/{$_SESSION['logged_in']}/sig.txt");
+}
+
+if (isset($_REQUEST['sig']) and !empty($_REQUEST['sig'])) {
+ $sig = strip_tags($_REQUEST['sig']);
+ $sig = str_replace("[b]","<b>",$sig);
+ $sig = str_replace("[/b]","</b>",$sig);
+ $sig = str_replace("[i]","<i>",$sig);
+ $sig = str_replace("[/i]","</i>",$sig);
+ $sig = str_replace("[u]","<u>",$sig);
+ $sig = str_replace("[/u]","</u>",$sig);
+ $sig = str_replace("[sup]","<sup>",$sig);
+ $sig = str_replace("[/sup]","</sup>",$sig);
+ $sig = str_replace("[sub]","<sub>",$sig);
+ $sig = str_replace("[/sub]","</sub>",$sig);
+ $sig = str_replace("[strike]","<strike>",$sig);
+ $sig = str_replace("[/strike]","</strike>",$sig);
+ $sig = str_replace("\n","<br>", $sig);
+ $sig = ucfirst($sig);
+ $sig = trim($sig);
+ $fp_sig_txt = fopen("data/members/active/{$_SESSION['logged_in']}/sig.txt","w");
+ fwrite($fp_sig_txt,$sig);
+ fclose($fp_sig_txt);
+}
+
+if (isset($_REQUEST['del_avatar']) and !empty($_REQUEST['del_avatar']) and ($_REQUEST['del_avatar'] == "on")) {
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.gif");
+ }
+
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.jpg");
+ }
+
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.png");
+ }
+}
+
+if (isset($_FILES['avatar']) and !empty($_FILES['avatar'])) {
+
+$max_image_size = 1000000;
+
+ if (is_uploaded_file($_FILES['avatar']['tmp_name'])) {
+
+ if ($_FILES['avatar']['size']<=$max_image_size) {
+
+ if (($_FILES['avatar']['type']=="image/gif") || ($_FILES['avatar']['type']=="image/pjpeg") || ($_FILES['avatar']['type']=="image/jpeg") || ($_FILES['avatar']['type']=="image/png")) {
+
+ if (!file_exists("images/members")) {
+ mkdir("images/members");
+ }
+
+ if (!file_exists("images/members/{$_SESSION['logged_in']}")) {
+ mkdir("images/members/{$_SESSION['logged_in']}");
+ }
+
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.gif");
+ }
+
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.jpg");
+ }
+
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) {
+ unlink("images/members/{$_SESSION['logged_in']}/avatar.png");
+ }
+
+ if ($_FILES['avatar']['type']=="image/gif") {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/members/{$_SESSION['logged_in']}/avatar.gif");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+
+ if (($_FILES['avatar']['type']=="image/jpeg") or ($_FILES['avatar']['type']=="image/pjpeg")) {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/members/{$_SESSION['logged_in']}/avatar.jpg");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+
+ if ($_FILES['avatar']['type']=="image/png") {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/members/{$_SESSION['logged_in']}/avatar.png");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+}
+
+if (isset($_REQUEST['vacation']) and !empty($_REQUEST['vacation']) and ($_REQUEST['vacation'] == "on") and !file_exists("data/members/active/{$_SESSION['logged_in']}/vacation.txt")) {
+ touch("data/members/active/{$_SESSION['logged_in']}/vacation.txt");
+}
+
+if (!isset($_REQUEST['vacation']) or empty($_REQUEST['vacation'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/members/active/{$_SESSION['logged_in']}/vacation.txt")) {
+ unlink("data/members/active/{$_SESSION['logged_in']}/vacation.txt");
+ }
+ }
+}
+
+if (file_exists("data/members/active/{$_SESSION['logged_in']}/key.txt") and !file_exists("data/members/active/{$_SESSION['logged_in']}/vacation.txt")) {
+ touch("data/members/active/{$_SESSION['logged_in']}/vacation.txt");
+}
+
+if (isset($_REQUEST['current_passwd']) and !empty($_REQUEST['current_passwd']) and isset($_REQUEST['new_passwd']) and !empty($_REQUEST['new_passwd']) and isset($_REQUEST['confirm_passwd']) and !empty($_REQUEST['confirm_passwd'])) {
+
+ if (file_exists("data/bb-passlen.txt")) {
+ $pass_len = file_get_contents("data/bb-passlen.txt");
+ }
+ else {
+ $pass_len = 8;
+ }
+
+ $current_passwd = trim($_REQUEST['current_passwd']);
+ $new_passwd = trim($_REQUEST['new_passwd']);
+ $confirm_passwd = trim($_REQUEST['confirm_passwd']);
+
+ if ((strlen($new_passwd) < $pass_len) or (strlen($confirm_passwd) < $pass_len)) {
+ echo "<p>Passwords must be composed of at least $pass_len characters.</p>";
+ }
+ else {
+ /* Fun with crypt! */
+ $current_passwd = sha1($current_passwd);
+ $current_passwd = md5($current_passwd);
+ $current_passwd = crypt($current_passwd, $current_passwd);
+ $new_passwd = sha1($new_passwd);
+ $new_passwd = md5($new_passwd);
+ $new_passwd = crypt($new_passwd, $new_passwd);
+ $confirm_passwd = sha1($confirm_passwd);
+ $confirm_passwd = md5($confirm_passwd);
+ $confirm_passwd = crypt($confirm_passwd, $confirm_passwd);
+
+ if (($current_passwd != file_get_contents("data/members/active/{$_SESSION['logged_in']}/password.txt")) or ($new_passwd != $confirm_passwd)) {
+ echo "<p>Passwords do not match.</p>";
+ }
+ else {
+ $fp_passwd_txt = fopen("data/members/active/{$_SESSION['logged_in']}/password.txt","w");
+ fwrite($fp_passwd_txt,$new_passwd);
+ fclose($fp_passwd_txt);
+ $login_url = "http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/login.php";
+ $login_url = str_replace("//login.php", "/login.php", $login_url);
+ echo "<p>Password successfully changed and encrypted on record.</p>";
+ }
+ }
+}
+
+?>
+
+<table border=0 cellspacing=1 cellpadding=2 bgcolor=#cccccc>
+<tr><td bgcolor=#ffffff colspan=2 align=right><p>you are logged in as <b><?php echo "<b>{$_SESSION['logged_in']}</b>"; ?> </b></p></td></tr>
+<tr><td bgcolor=#ffffff><?php
+if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) {
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif")) {
+ $avatar_gif_image_size = getimagesize("images/members/{$_SESSION['logged_in']}/avatar.gif");
+ $avatar_gif_image_width = $avatar_gif_image_size[0];
+ $avatar_gif_image_height = $avatar_gif_image_size[1];
+
+ $max_avatar_gif_image_width = 80;
+
+ if ($avatar_gif_image_width > $max_avatar_gif_image_width) {
+ $sizefactor = (double) ($max_avatar_gif_image_width / $avatar_gif_image_width) ;
+ $avatar_gif_image_width = (int) ($avatar_gif_image_width * $sizefactor);
+ $avatar_gif_image_height = (int) ($avatar_gif_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/{$_SESSION['logged_in']}/avatar.gif border=0 width=";
+ echo $avatar_gif_image_width;
+ echo " height=";
+ echo $avatar_gif_image_height;
+ }
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg")) {
+ $avatar_jpg_image_size = getimagesize("images/members/{$_SESSION['logged_in']}/avatar.jpg");
+ $avatar_jpg_image_width = $avatar_jpg_image_size[0];
+ $avatar_jpg_image_height = $avatar_jpg_image_size[1];
+
+ $max_avatar_jpg_image_width = 80;
+
+ if ($avatar_jpg_image_width > $max_avatar_jpg_image_width) {
+ $sizefactor = (double) ($max_avatar_jpg_image_width / $avatar_jpg_image_width) ;
+ $avatar_jpg_image_width = (int) ($avatar_jpg_image_width * $sizefactor);
+ $avatar_jpg_image_height = (int) ($avatar_jpg_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/{$_SESSION['logged_in']}/avatar.jpg border=0 width=";
+ echo $avatar_jpg_image_width;
+ echo " height=";
+ echo $avatar_jpg_image_height;
+ }
+ if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) {
+ $avatar_png_image_size = getimagesize("images/members/{$_SESSION['logged_in']}/avatar.png");
+ $avatar_png_image_width = $avatar_png_image_size[0];
+ $avatar_png_image_height = $avatar_png_image_size[1];
+
+ $max_avatar_png_image_width = 80;
+
+ if ($avatar_png_image_width > $max_avatar_png_image_width) {
+ $sizefactor = (double) ($max_avatar_png_image_width / $avatar_png_image_width) ;
+ $avatar_png_image_width = (int) ($avatar_png_image_width * $sizefactor);
+ $avatar_png_image_height = (int) ($avatar_png_image_height * $sizefactor);
+ }
+
+ echo "<img src=images/members/{$_SESSION['logged_in']}/avatar.png border=0 width=";
+ echo $avatar_png_image_width;
+ echo " height=";
+ echo $avatar_png_image_height;
+ }
+ echo ">";
+}
+?></p></td><td bgcolor=#ffffff><p>
+
+<?php
+
+echo "<b>";
+readfile("data/members/active/{$_SESSION['logged_in']}/firstname.txt");
+echo " ";
+readfile("data/members/active/{$_SESSION['logged_in']}/lastname.txt");
+echo "</b>";
+
+if (file_exists("data/members/active/{$_SESSION['logged_in']}/rank.txt") and file_exists("data/rank.txt")) {
+ $rank = file_get_contents("data/members/active/{$_SESSION['logged_in']}/rank.txt");
+ echo "<br>$rank";
+}
+elseif (!file_exists("data/members/active/{$_SESSION['logged_in']}/rank.txt") and file_exists("data/rank.txt")) {
+ echo "<br>member";
+}
+
+if (file_exists("data/members/active/{$_SESSION['logged_in']}/timestamp.txt")) {
+ $joined = file_get_contents("data/members/active/{$_SESSION['logged_in']}/timestamp.txt");
+ $joined_year = substr($joined,0,4);
+ $joined_month = substr($joined,4,2);
+ $joined_day = substr($joined,6,2);
+ $joined_hh = substr($joined,8,2);
+ $joined_mm = substr($joined,10,2);
+ $member_since = date("d M Y H:i", mktime($joined_hh, $joined_mm, 0, $joined_month, $joined_day, $joined_year));
+ echo "<p align=right>member since<code> $member_since </code>";
+}
+
+if (file_exists("data/members/active/{$_SESSION['logged_in']}/bb-last.txt")) {
+ $lastlog = file_get_contents("data/members/active/{$_SESSION['logged_in']}/bb-last.txt");
+ $lastlog_year = substr($lastlog,0,4);
+ $lastlog_month = substr($lastlog,4,2);
+ $lastlog_day = substr($lastlog,6,2);
+ $lastlog_hh = substr($lastlog,8,2);
+ $lastlog_mm = substr($lastlog,10,2);
+ $last_login = date("d M Y H:i", mktime($lastlog_hh, $lastlog_mm, 0, $lastlog_month, $lastlog_day, $lastlog_year));
+ echo "<br>last login<code> $last_login </code>";
+}
+
+?>
+
+</p></td></tr>
+
+<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
+<input type=hidden name=edit value=on>
+
+<?php if (!file_exists("data/members/active/{$_SESSION['logged_in']}/key.txt")) { ?>
+<tr><td bgcolor=#ffffff><p>e-mail address*</p></td><td bgcolor=#ffffff colspan=2><input class=input type=text autocomplete=off name=email maxlength=60 value=<?php readfile("data/members/active/{$_SESSION['logged_in']}/email.txt"); ?>></td></tr>
+<?php } ?>
+
+<tr><td bgcolor=#ffffff><p>website</p></td><td bgcolor=#ffffff colspan=2><input class=input type=text autocomplete=off name=url maxlength=300 <?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/url.txt")) { echo "value=";readfile("data/members/active/{$_SESSION['logged_in']}/url.txt"); } ?>></td></tr>
+
+<?php if (file_exists("data/bb.txt") and file_exists("data/bb-sig.txt")) { ?>
+
+<tr><td bgcolor=#ffffff><p>signature</p></td><td bgcolor=#ffffff colspan=2><textarea class=input name=sig><?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/sig.txt")) {
+
+ $get_sig = file_get_contents("data/members/active/{$_SESSION['logged_in']}/sig.txt");
+ $get_sig = str_replace("<b>","[b]",$get_sig);
+ $get_sig = str_replace("</b>","[/b]",$get_sig);
+ $get_sig = str_replace("<i>","[i]",$get_sig);
+ $get_sig = str_replace("</i>","[/i]",$get_sig);
+ $get_sig = str_replace("<u>","[u]",$get_sig);
+ $get_sig = str_replace("</u>","[/u]",$get_sig);
+ $get_sig = str_replace("<sup>","[sup]",$get_sig);
+ $get_sig = str_replace("</sup>","[/sup]",$get_sig);
+ $get_sig = str_replace("<sub>","[sub]",$get_sig);
+ $get_sig = str_replace("</sub>","[/sub]",$get_sig);
+ $get_sig = str_replace("<strike>","[strike]",$get_sig);
+ $get_sig = str_replace("</strike>","[/strike]",$get_sig);
+ $get_sig = str_replace("<br>","\n",$get_sig);
+ echo $get_sig;
+
+} ?></textarea></td></tr>
+
+<?php } ?>
+
+<tr><td bgcolor=#ffffff><p>upload avatar</p></td><td bgcolor=#ffffff colspan=2><input type=file autocomplete=off name=avatar></td></tr>
+<?php
+if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) { ?>
+<tr><td bgcolor=#ffffff><p></p></td><td bgcolor=#ffffff colspan=2><p><input type=checkbox name=del_avatar>delete existing avatar</p></td></tr>
+<?php } if (file_exists("data/ml.txt") and !file_exists("data/members/active/{$_SESSION['logged_in']}/key.txt")) { ?>
+<tr><td bgcolor=#ffffff><p></p></td><td bgcolor=#ffffff colspan=2><p><input type=checkbox name=vacation <?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/vacation.txt")) { echo checked; } ?>>temporarily disable mailing list subscription</p></td></tr>
+<?php } ?>
+<tr><td bgcolor=#ffffff><p>current password</p></td><td bgcolor=#ffffff colspan=2><input class=input type=password autocomplete=off name=current_passwd maxlength=30></td></tr>
+<tr><td bgcolor=#ffffff><p>new password</p></td><td bgcolor=#ffffff width=300><input class=input type=password autocomplete=off name=new_passwd maxlength=30></td></tr>
+<tr><td bgcolor=#ffffff><p>confirm password</p></td><td bgcolor=#ffffff><input class=input type=password autocomplete=off name=confirm_passwd maxlength=30></td></tr>
+<tr><td bgcolor=#ffffff><p></p></td><td bgcolor=#ffffff><input class=input type=submit value="click here to activate new settings"></td></tr>
+</form>
+<form enctype="multipart/form-data" action="<?php echo 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); ?>" method="post">
+<tr><td bgcolor=#ffffff><p></p></td><td bgcolor=#ffffff><input class=input type=submit value="click here to go to the index page"></td></tr>
+</form>
+</table>
diff --git a/panels.php b/panels.php
index 2fbc6b5..b6bc790 100644
--- a/panels.php
+++ b/panels.php
@@ -5,6 +5,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
diff --git a/passwd.php b/passwd.php
index 7002d77..fe098bb 100644
--- a/passwd.php
+++ b/passwd.php
@@ -47,6 +47,22 @@ a:active {
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
$dir = "data/items/" . $_REQUEST['entry'];
diff --git a/reg.php b/reg.php
new file mode 100644
index 0000000..f6f6653
--- /dev/null
+++ b/reg.php
@@ -0,0 +1,460 @@
+<?php
+
+if (file_exists("data/lite.txt")) {
+ exit();
+}
+
+if (!file_exists("data/reg.txt")) {
+ exit();
+}
+
+error_reporting(E_ERROR);
+
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
+if (file_exists("data/offset.txt")) {
+ $offset = file_get_contents("data/offset.txt");
+}
+else {
+ $offset = 0;
+}
+
+if (file_exists("data/bb-min-age.txt")) {
+ $minage = file_get_contents("data/bb-min-age.txt");
+}
+else {
+ $minage = 5;
+}
+
+if (file_exists("data/bb-max-age.txt")) {
+ $maxage = file_get_contents("data/bb-max-age.txt");
+}
+else {
+ $maxage = 125;
+}
+
+?>
+
+<style>
+body
+{
+ color: #666666;
+ margin: 10px;
+ padding: 0px;
+ text-align: left;
+ font-family: verdana, helvetica, sans-serif;
+ background-color: #FFFFFF;
+}
+p
+{
+ font-size: 11px;
+}
+a
+{
+ font-weight: bold;
+ text-decoration: none;
+}
+a:link, a:visited
+{
+ color: #666666;
+}
+a:hover
+{
+ color: #336699;
+}
+a:active {
+ color: #336699;
+}
+.input {
+ color: #666666;
+ background: #ffffff;
+ border: #999999 solid 1px;
+ width: 300px;
+ font-family: verdana,helvetica,sans-serif;
+ font-size: 11px;
+ font-weight: normal;
+}
+.bd {
+ color: #666666;
+ background: #ffffff;
+ border: #999999 solid 1px;
+ width: 98px;
+ font-family: verdana,helvetica,sans-serif;
+ font-size: 11px;
+ font-weight: normal;
+}
+</style>
+
+<?php
+
+// 20061014 - reg.php
+
+function str_rand($length = 8, $seeds = 'abcdefghijklmnopqrstuvwxyz0123456789') {
+ $str = '';
+ $seeds_count = strlen($seeds);
+
+ list($usec, $sec) = explode(' ', microtime());
+ $seed = (float) $sec + ((float) $usec * 100000);
+ mt_srand($seed);
+
+ for ($i = 0; $length > $i; $i++) {
+ $str .= $seeds{mt_rand(0, $seeds_count - 1)};
+ }
+
+ return $str;
+}
+
+function rmdirr($recurse_dirname)
+{
+
+ if (!file_exists($recurse_dirname)) {
+ return false;
+ }
+
+ if (is_file($recurse_dirname)) {
+ return unlink($recurse_dirname);
+ }
+
+ $recurse_dir = dir($recurse_dirname);
+ while (false !== $recurse_entry = $recurse_dir->read()) {
+
+ if ($recurse_entry == '.' || $recurse_entry == '..') {
+ continue;
+ }
+
+ rmdirr("$recurse_dirname/$recurse_entry");
+ }
+
+ $recurse_dir->close();
+ return rmdir($recurse_dirname);
+}
+
+if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and isset($_REQUEST['key']) and !empty($_REQUEST['key']) and isset($_REQUEST['action']) and !empty($_REQUEST['action'])) {
+
+ $username = $_REQUEST['username'];
+
+ if (file_exists("data/members/confirmed/$username") and ($_REQUEST['key'] == file_get_contents("data/members/confirmed/$username/key.txt"))) {
+ if ($_REQUEST['action'] == "approve") {
+ unlink("data/members/confirmed/$username/key.txt");
+ $timestamp = date("YmdHis", time() + $offset);
+ $fp_timestamp_txt = fopen("data/members/confirmed/$username/timestamp.txt","w");
+ fwrite($fp_timestamp_txt,$timestamp);
+ fclose($fp_timestamp_txt);
+ if (!file_exists("data/members/active")) {
+ mkdir("data/members/active");
+ }
+ rename("data/members/confirmed/$username","data/members/active/$username");
+
+ $password = str_rand(16);
+
+ /* Fun with crypt! */
+ $passwd = sha1($password);
+ $passwd = md5($passwd);
+ $passwd = crypt($passwd, $passwd);
+
+ $fp_passwd_txt = fopen("data/members/active/$username/password.txt","w");
+ fwrite($fp_passwd_txt,$passwd);
+ fclose($fp_passwd_txt);
+
+ $firstname = file_get_contents("data/members/active/$username/firstname.txt");
+ $lastname = file_get_contents("data/members/active/$username/lastname.txt");
+ $email = file_get_contents("data/members/active/$username/email.txt");
+ $from_email = file_get_contents("data/email.txt");
+
+ $mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+
+ $sig_author = file_get_contents("data/author.txt");
+
+ $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $sig_url = str_replace('//', '/', $sig_url);
+ $sig_url = "http://" . $sig_url;
+
+ $registered_notice = "$firstname $lastname ($email), AKA $username, has been successfully registered at {$sig_url}.";
+ $registered_notice = wordwrap($registered_notice);
+
+ $password_notice = "Hi $firstname,\n\nYour membership at $sig_url has been activated.\n\nThe initial password for \"$username\" is \"$password\" (case-sensitive). Please change this as soon as possible. For security reasons, your password on record is encrypted - you're the only one who knows what it is.\n\nIf you need further assistance, please send email to $from_email.\n\nThanks!\n\n--\n$sig_author\n$sig_url\n";
+
+ $password_notice = wordwrap($password_notice);
+
+ mail($from_email, "registration notice ($email)", $registered_notice,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ mail($email, "password notice ($username)", $password_notice,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ $fp_new_txt = fopen("data/bb-new.txt","w");
+ fwrite($fp_new_txt,$username);
+ fclose($fp_new_txt);
+
+ echo "<p><font style=\"font-size: 12px;\"><b>Approved</b></font></p><p>The e-mail address ";
+ readfile("data/members/active/$username/email.txt");
+ echo " has been registered.<br>Click <a href=index.php>here</a> to go to the index page.</p>";
+ }
+
+ if ($_REQUEST['action'] == "deny") {
+ rmdirr("data/members/confirmed/$username");
+ echo "<p><font style=\"font-size: 12px;\"><b>Denied</b></font></p><p>The e-mail address ";
+ readfile("data/members/active/$username/email.txt");
+ echo " will not be registered.<br>Registration request deleted.<br>Click <a href=index.php>here</a> to go to the index page.</p>";
+ }
+
+ }
+ exit();
+}
+
+if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and isset($_REQUEST['key']) and !empty($_REQUEST['key'])) {
+
+ $username = $_REQUEST['username'];
+
+ if (file_exists("data/members/pending/$username") and ($_REQUEST['key'] == file_get_contents("data/members/pending/$username/key.txt"))) {
+
+ $firstname = file_get_contents("data/members/pending/$username/firstname.txt");
+ $lastname = file_get_contents("data/members/pending/$username/lastname.txt");
+ $email = file_get_contents("data/members/pending/$username/email.txt");
+ $from_email = file_get_contents("data/email.txt");
+
+ $mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+
+ $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $sig_url = str_replace('//', '/', $sig_url);
+ $sig_url = "http://" . $sig_url;
+
+ $sig_author = file_get_contents("data/author.txt");
+
+ unlink("data/members/pending/$username/key.txt");
+
+ $timestamp = date("YmdHis", time() + $offset);
+
+ $fp_timestamp_txt = fopen("data/members/pending/$username/timestamp.txt","w");
+ fwrite($fp_timestamp_txt,$timestamp);
+ fclose($fp_timestamp_txt);
+
+ if (!file_exists("data/xapp.txt")) {
+ if (!file_exists("data/members/confirmed")) {
+ mkdir("data/members/confirmed");
+ }
+ rename("data/members/pending/$username","data/members/confirmed/$username");
+
+ $key = str_rand(40);
+
+ $fp_key_txt = fopen("data/members/confirmed/$username/key.txt","w");
+ fwrite($fp_key_txt,$key);
+ fclose($fp_key_txt);
+
+ $confirmation_notice = "$firstname $lastname, AKA $username, successfully confirmed the e-mail address $email for registration at {$sig_url}.\n\nVisit the link below to approve this registration:\n\n{$sig_url}reg.php?username=$username&key=$key&action=approve\n\nVisit the link below to deny this registration:\n\n{$sig_url}reg.php?username=$username&key=$key&action=deny\n\nYou can also approve or deny pending registration requests at a later time by logging on to your blog.";
+ $confirmation_notice = wordwrap($confirmation_notice);
+
+ mail($from_email, "confirmation notice ($email)", $confirmation_notice,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+ }
+ else {
+ if (!file_exists("data/members/active")) {
+ mkdir("data/members/active");
+ }
+ rename("data/members/pending/$username","data/members/active/$username");
+ $registered_notice = "$firstname $lastname ($email), AKA $username, has been successfully registered at {$sig_url}.";
+ $registered_notice = wordwrap($registered_notice);
+
+ mail($from_email, "registration notice ($email)", $registered_notice,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ $password = str_rand(16);
+
+ /* Fun with crypt! */
+ $passwd = sha1($password);
+ $passwd = md5($passwd);
+ $passwd = crypt($passwd, $passwd);
+
+ $fp_passwd_txt = fopen("data/members/active/$username/password.txt","w");
+ fwrite($fp_passwd_txt,$passwd);
+ fclose($fp_passwd_txt);
+
+ $firstname = file_get_contents("data/members/active/$username/firstname.txt");
+ $lastname = file_get_contents("data/members/active/$username/lastname.txt");
+ $email = file_get_contents("data/members/active/$username/email.txt");
+ $from_email = file_get_contents("data/email.txt");
+
+ $mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+
+ $sig_author = file_get_contents("data/author.txt");
+
+ $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $sig_url = str_replace('//', '/', $sig_url);
+ $sig_url = "http://" . $sig_url;
+
+ $password_notice = "Hi $firstname,\n\nYour membership at $sig_url has been activated.\n\nThe initial password for \"$username\" is \"$password\" (case-sensitive). Please change this as soon as possible. For security reasons, your password on record is encrypted - you're the only one who knows what it is.\n\nIf you need further assistance, please send email to $from_email.\n\nThanks!\n\n--\n$sig_author\n$sig_url\n";
+
+ $password_notice = wordwrap($password_notice);
+
+ mail($email, "password notice ($username)", $password_notice,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ $fp_new_txt = fopen("data/bb-new.txt","w");
+ fwrite($fp_new_txt,$username);
+ fclose($fp_new_txt);
+
+ }
+
+ echo "<p><font style=\"font-size: 12px;\"><b>Thanks!</b></font></p><p>You have successfully verified your e-mail address.<br>";
+
+ if (file_exists("data/xapp.txt")) {
+ echo "You are now a registered member on this site.";
+ }
+ else {
+ echo "Your membership will be activated as soon as your registration is approved.";
+ }
+
+ echo "<br>Click <a href=index.php>here</a> to go to the index page.</p>";
+
+ }
+
+ exit();
+}
+
+if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and ($_REQUEST['username'] != "all") and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_REQUEST['firstname']) and !empty($_REQUEST['firstname']) and isset($_REQUEST['lastname']) and !empty($_REQUEST['lastname']) and isset($_REQUEST['email']) and !empty($_REQUEST['email']) and isset($_REQUEST['captcha_put']) and !empty($_REQUEST['captcha_put']) and ($_REQUEST['captcha_get'] == $_REQUEST['captcha_put']) and (ereg("@", $_REQUEST['email'])) and (ereg("\.", $_REQUEST['email'])) and (strpos(file_get_contents("data/bb-reserved.txt"), $_REQUEST['username']) === false) and isset($_REQUEST['bd_year']) and !empty($_REQUEST['bd_year']) and isset($_REQUEST['bd_month']) and !empty($_REQUEST['bd_month']) and isset($_REQUEST['bd_day']) and !empty($_REQUEST['bd_day']) and (strlen($_REQUEST['bd_year']) == "4") and (strlen($_REQUEST['bd_month']) == "2") and (strlen($_REQUEST['bd_day']) == "2") and is_numeric($_REQUEST['bd_year']) and is_numeric($_REQUEST['bd_month']) and is_numeric($_REQUEST['bd_day']) and ((date("Y", time() + $offset) - $_REQUEST['bd_year']) <= $maxage) and ((date("Y", time() + $offset) - $_REQUEST['bd_year']) >= $minage) and ($_REQUEST['bd_month'] >= 1) and ($_REQUEST['bd_month'] <= 12) and ($_REQUEST['bd_day'] >= 1) and ($_REQUEST['bd_day'] <= 31)) {
+
+ $username = strtolower($_REQUEST['username']);
+ $username = str_replace(" ","_",$username);
+ $username = trim($username);
+ $username = htmlentities($username, ENT_NOQUOTES);
+
+ $firstname = strtolower($_REQUEST['firstname']);
+ $firstname = ucwords($firstname);
+ $firstname = trim($firstname);
+ $firstname = htmlentities($firstname, ENT_NOQUOTES);
+
+ $lastname = strtolower($_REQUEST['lastname']);
+ $lastname = ucwords($lastname);
+ $lastname = trim($lastname);
+ $lastname = htmlentities($lastname, ENT_NOQUOTES);
+
+ $email = strtolower($_REQUEST['email']);
+ $email = trim($email);
+ $email = htmlentities($email, ENT_NOQUOTES);
+
+ if (!file_exists("data/members")) {
+ mkdir("data/members");
+ }
+
+ if (!file_exists("data/members/pending")) {
+ mkdir("data/members/pending");
+ }
+
+ if (!file_exists("data/members/pending/$username") and !file_exists("data/members/confirmed/$username") and !file_exists("data/members/active/$username") and ($username != file_get_contents("data/username.txt"))) {
+ mkdir("data/members/pending/$username");
+
+ $fp_firstname_txt = fopen("data/members/pending/$username/firstname.txt","w");
+ fwrite($fp_firstname_txt,$firstname);
+ fclose($fp_firstname_txt);
+
+ $fp_lastname_txt = fopen("data/members/pending/$username/lastname.txt","w");
+ fwrite($fp_lastname_txt,$lastname);
+ fclose($fp_lastname_txt);
+
+ $fp_email_txt = fopen("data/members/pending/$username/email.txt","w");
+ fwrite($fp_email_txt,$email);
+ fclose($fp_email_txt);
+
+ $bday = $_REQUEST['bd_year'] . $_REQUEST['bd_month'] . $_REQUEST['bd_day'];
+ $fp_bday_txt = fopen("data/members/pending/$username/bday.txt","w");
+ fwrite($fp_bday_txt,$bday);
+ fclose($fp_bday_txt);
+
+ if (isset($_REQUEST['url']) and !empty($_REQUEST['url']) and (ereg("\.", $_REQUEST['url']))) {
+ $url = str_replace('http://', '', $_REQUEST['url']);
+ $url = strtolower($url);
+ $url = trim($url);
+ $url = 'http://' . $url;
+ $url = htmlentities($url, ENT_NOQUOTES);
+ $fp_url_txt = fopen("data/members/pending/$username/url.txt","w");
+ fwrite($fp_url_txt,$url);
+ fclose($fp_url_txt);
+ }
+
+ $key = str_rand(40);
+
+ $fp_key_txt = fopen("data/members/pending/$username/key.txt","w");
+ fwrite($fp_key_txt,$key);
+ fclose($fp_key_txt);
+
+ $mailer = 'MAJ/0.14 (PHP/' . phpversion() . ')';
+
+ $sig_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
+ $sig_url = str_replace('//', '/', $sig_url);
+ $sig_url = "http://" . $sig_url;
+
+ $sig_author = file_get_contents("data/author.txt");
+ $from_email = file_get_contents("data/email.txt");
+
+ $confirm_thanks = "Hi $firstname,\n\nWe have received a registration request for $email to $sig_url. To confirm this, simply visit this link:\n\n{$sig_url}reg.php?username=$username&key=$key\n\nIf you do not wish to be a member, please disregard this message. If you think you are being maliciously registered, or have any other questions, send them to $from_email.\n\nThanks!\n\n--\n$sig_author\n$sig_url\n";
+
+ $confirm_thanks = wordwrap($confirm_thanks);
+
+ mail($email, "confirm $key", $confirm_thanks,
+ "From: $from_email\r\n" .
+ "Reply-To: $from_email\r\n" .
+ "X-Mailer: $mailer");
+
+ echo "<p><font style=\"font-size: 12px;\"><b>Thanks!</b></font></p><p>Your registration request was successfully submitted. Check your $email inbox for details.<br>You can register another e-mail address below or click <a href=index.php>here</a> to go to the index page.</p>";
+
+ }
+ else {
+ echo "<p><font style=\"font-size: 12px;\"><b>Oops!</b></font></p><p>Sorry, the username $username is already taken. Please try another one.</p>";
+ }
+}
+
+?>
+
+<p><b>Register</b></p>
+
+<p>Fill out the form below and enter <b><?php $captcha_rand = str_rand(7); echo $captcha_rand; ?></b> as your registration code.</p>
+
+<?php
+
+if (file_exists("data/bb-disclaimer.txt")) {
+ echo "<table border=0 cellspacing=0 cellpadding=0 width=400><tr><td><p>";
+ readfile("data/bb-disclaimer.txt");
+ echo "</p></td></tr><tr><td><p> </p></td></tr></table>";
+}
+
+?>
+
+<table border=0 cellspacing=2 cellpadding=0>
+<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
+<input type=hidden name=captcha_get value="<?php echo $captcha_rand; ?>">
+<tr><td width=100><p>Username</p></td><td colspan=3><input class=input type=text autocomplete=off name=username maxlength=30></td></tr>
+<tr><td width=100><p>First Name</p></td><td width=300 colspan=3><input class=input type=text autocomplete=off name=firstname maxlength=30></td></tr>
+<tr><td width=100><p>Last Name</p></td><td colspan=3><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
+<tr><td width=100><p>E-mail Address</p></td><td colspan=3><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
+<tr><td width=100><p>Birthdate</p></td><td><input class=bd type=text autocomplete=off name=bd_year maxlength=4 value=<?php echo date("Y", time() + $offset); ?>></td><td><input class=bd type=text autocomplete=off name=bd_month maxlength=2 value=<?php echo date("m", time() + $offset); ?>></td><td><input class=bd type=text autocomplete=off name=bd_day maxlength=2 value=<?php echo date("d", time() + $offset); ?>></td></tr>
+<tr><td width=100><p>Website</p></td><td colspan=3><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
+<tr><td width=100><p>Registration Code</p></td><td colspan=3><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>
+<tr><td><p></p></td><td colspan=3><input class=input type=submit value="click here to submit your registration"></td></tr>
+</form>
+<form enctype="multipart/form-data" action="<?php echo 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); ?>" method="post">
+<tr><td><p></p></td><td colspan=3><input class=input type=submit value="click here to go to the index page"></td></tr>
+</for
diff --git a/rss.php b/rss.php
index 66cbeb5..4d5e61f 100644
--- a/rss.php
+++ b/rss.php
@@ -2,6 +2,22 @@
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
if (isset($_REQUEST['ver']) and !empty($_REQUEST['ver'])) {
$title_file = "data/title.txt";
$fp_title = fopen($title_file, "r");
@@ -47,6 +63,10 @@ if (isset($_REQUEST['ver']) and !empty($_REQUEST['ver'])) {
continue;
}
+ if (file_exists("data/items/$entry_rss_items/member.txt")) {
+ continue;
+ }
+
if ($entry_rss_items != "." && $entry_rss_items != ".." && fnmatch("*", $entry_rss_items) && !file_exists("data/items/$entry_rss_items/private.txt")) {
$show_rss_items[] = $entry_rss_items;
}
@@ -98,6 +118,16 @@ if (isset($_REQUEST['ver']) and !empty($_REQUEST['ver'])) {
$description = strip_tags($description);
$description = htmlentities($description, ENT_NOQUOTES);
$description = str_replace("&","&",$description);
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt")) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $description = preg_replace("/\b($badwords)\b/i",$censor,$description);
+ }
echo $description;
echo "</description>\n";
echo "</item>\n";
@@ -155,6 +185,16 @@ if (isset($_REQUEST['ver']) and !empty($_REQUEST['ver'])) {
$description = strip_tags($description);
$description = htmlentities($description, ENT_NOQUOTES);
$description = str_replace("&","&",$description);
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt")) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $description = preg_replace("/\b($badwords)\b/i",$censor,$description);
+ }
echo $description;
echo "</description>\n";
echo "<dc:creator>$author</dc:creator>\n";
@@ -201,6 +241,16 @@ if (isset($_REQUEST['ver']) and !empty($_REQUEST['ver'])) {
$description = strip_tags($description);
$description = htmlentities($description, ENT_NOQUOTES);
$description = str_replace("&","&",$description);
+ if (file_exists("data/pf.txt") and file_exists("data/pf-badwords.txt")) {
+ $badwords = file_get_contents("data/pf-badwords.txt");
+ if (file_exists("data/pf-censor.txt")) {
+ $censor = file_get_contents("data/pf-censor.txt");
+ }
+ else {
+ $censor = "[expletive]";
+ }
+ $description = preg_replace("/\b($badwords)\b/i",$censor,$description);
+ }
echo $description;
echo "</description>\n";
echo "<dc:creator>$author</dc:creator>";
diff --git a/settings.php b/settings.php
index d094484..00822f5 100644
--- a/settings.php
+++ b/settings.php
@@ -4,6 +4,22 @@ header("Cache-control: private");
error_reporting(E_ERROR);
+if (get_magic_quotes_gpc()) {
+ function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+ }
+
+ $_REQUEST = stripslashes_array($_REQUEST);
+}
+
$login_username = file_get_contents("data/username.txt");
if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
@@ -185,6 +201,356 @@ if (!isset($_REQUEST['old']) or empty($_REQUEST['old'])) {
}
}
+if (isset($_REQUEST['pf']) and !empty($_REQUEST['pf']) and ($_REQUEST['pf'] == "on") and !file_exists("data/pf.txt")) {
+ touch("data/pf.txt");
+}
+
+if (!isset($_REQUEST['pf']) or empty($_REQUEST['pf'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/pf.txt")) {
+ unlink("data/pf.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['pf_badwords']) and !empty($_REQUEST['pf_badwords']) and (file_get_contents("data/pf-badwords.txt") != $_REQUEST['pf_badwords'])) {
+ $pf_badwords_write_content = strtolower($_REQUEST['pf_badwords']);
+ $pf_badwords_write_content = str_replace("\n","|",$pf_badwords_write_content);
+ $pf_badwords_write_content = str_replace("\r","|",$pf_badwords_write_content);
+ $pf_badwords_write_content = str_replace("||","|",$pf_badwords_write_content);
+ $pf_badwords_write_content = trim($pf_badwords_write_content);
+ $fp_pf_badwords_txt = fopen("data/pf-badwords.txt","w");
+ fwrite($fp_pf_badwords_txt,$pf_badwords_write_content);
+ fclose($fp_pf_badwords_txt);
+}
+
+if (!isset($_REQUEST['pf_badwords']) or empty($_REQUEST['pf_badwords'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/pf-badwords.txt")) {
+ unlink("data/pf-badwords.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['pf_censor']) and !empty($_REQUEST['pf_censor']) and (file_get_contents("data/pf-censor.txt") != $_REQUEST['pf_censor'])) {
+ $pf_censor_write_content = strtolower($_REQUEST['pf_censor']);
+ $pf_censor_write_content = trim($pf_censor_write_content);
+ $fp_pf_censor_txt = fopen("data/pf-censor.txt","w");
+ fwrite($fp_pf_censor_txt,$pf_censor_write_content);
+ fclose($fp_pf_censor_txt);
+}
+
+if (!isset($_REQUEST['pf_censor']) or empty($_REQUEST['pf_censor'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/pf-censor.txt")) {
+ unlink("data/pf-censor.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['bb']) and !empty($_REQUEST['bb']) and ($_REQUEST['bb'] == "on") and !file_exists("data/bb.txt")) {
+ touch("data/bb.txt");
+}
+
+if (!isset($_REQUEST['bb']) or empty($_REQUEST['bb'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb.txt")) {
+ unlink("data/bb.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['reg']) and !empty($_REQUEST['reg']) and ($_REQUEST['reg'] == "on") and !file_exists("data/reg.txt")) {
+ touch("data/reg.txt");
+}
+
+if (!isset($_REQUEST['reg']) or empty($_REQUEST['reg'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/reg.txt")) {
+ unlink("data/reg.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['xapp']) and !empty($_REQUEST['xapp']) and ($_REQUEST['xapp'] == "on") and !file_exists("data/xapp.txt")) {
+ touch("data/xapp.txt");
+}
+
+if (!isset($_REQUEST['xapp']) or empty($_REQUEST['xapp'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/xapp.txt")) {
+ unlink("data/xapp.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['member']) and !empty($_REQUEST['member']) and ($_REQUEST['member'] == "on") and !file_exists("data/member.txt")) {
+ touch("data/member.txt");
+}
+
+if (!isset($_REQUEST['member']) or empty($_REQUEST['member'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/member.txt")) {
+ unlink("data/member.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['ml']) and !empty($_REQUEST['ml']) and ($_REQUEST['ml'] == "on") and !file_exists("data/ml.txt")) {
+ touch("data/ml.txt");
+}
+
+if (!isset($_REQUEST['ml']) or empty($_REQUEST['ml'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/ml.txt")) {
+ unlink("data/ml.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['stats']) and !empty($_REQUEST['stats']) and ($_REQUEST['stats'] == "on") and !file_exists("data/bb-stats.txt")) {
+ touch("data/bb-stats.txt");
+}
+
+if (!isset($_REQUEST['stats']) or empty($_REQUEST['stats'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-stats.txt")) {
+ unlink("data/bb-stats.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['summary']) and !empty($_REQUEST['summary']) and ($_REQUEST['summary'] == "on") and !file_exists("data/bb-summary.txt")) {
+ touch("data/bb-summary.txt");
+}
+
+if (!isset($_REQUEST['summary']) or empty($_REQUEST['summary'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-summary.txt")) {
+ unlink("data/bb-summary.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['rank']) and !empty($_REQUEST['rank']) and ($_REQUEST['rank'] == "on") and !file_exists("data/rank.txt")) {
+ touch("data/rank.txt");
+}
+
+if (!isset($_REQUEST['rank']) or empty($_REQUEST['rank'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/rank.txt")) {
+ unlink("data/rank.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['sigs']) and !empty($_REQUEST['sigs']) and ($_REQUEST['sigs'] == "on") and !file_exists("data/bb-sig.txt")) {
+ touch("data/bb-sig.txt");
+}
+
+if (!isset($_REQUEST['sigs']) or empty($_REQUEST['sigs'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-sig.txt")) {
+ unlink("data/bb-sig.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['avatars']) and !empty($_REQUEST['avatars']) and ($_REQUEST['avatars'] == "on") and !file_exists("data/avatar.txt")) {
+ touch("data/avatar.txt");
+}
+
+if (!isset($_REQUEST['avatars']) or empty($_REQUEST['avatars'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/avatar.txt")) {
+ unlink("data/avatar.txt");
+ }
+ }
+}
+
+if ((!isset($_REQUEST['sig']) or empty($_REQUEST['sig'])) and isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ unlink("data/sig.txt");
+}
+
+if (isset($_REQUEST['sig']) and !empty($_REQUEST['sig'])) {
+ $sig = str_replace("[b]","<b>",$_REQUEST['sig']);
+ $sig = str_replace("[/b]","</b>",$sig);
+ $sig = str_replace("[i]","<i>",$sig);
+ $sig = str_replace("[/i]","</i>",$sig);
+ $sig = str_replace("[u]","<u>",$sig);
+ $sig = str_replace("[/u]","</u>",$sig);
+ $sig = str_replace("[sup]","<sup>",$sig);
+ $sig = str_replace("[/sup]","</sup>",$sig);
+ $sig = str_replace("[sub]","<sub>",$sig);
+ $sig = str_replace("[/sub]","</sub>",$sig);
+ $sig = str_replace("[strike]","<strike>",$sig);
+ $sig = str_replace("[/strike]","</strike>",$sig);
+ $sig = str_replace("\n","<br>", $sig);
+ $sig = ucfirst($sig);
+ $sig = trim($sig);
+ $fp_sig_txt = fopen("data/sig.txt","w");
+ fwrite($fp_sig_txt,$sig);
+ fclose($fp_sig_txt);
+}
+
+if (isset($_REQUEST['pass_len']) and !empty($_REQUEST['pass_len']) and is_numeric($_REQUEST['pass_len']) and ($_REQUEST['pass_len'] > 0) and (file_get_contents("data/bb-passlen.txt") != $_REQUEST['pass_len'])) {
+ $pass_len_write_content = number_format($_REQUEST['pass_len'],0,'.','');
+ $fp_pass_len_txt = fopen("data/bb-passlen.txt","w");
+ fwrite($fp_pass_len_txt,$pass_len_write_content);
+ fclose($fp_pass_len_txt);
+}
+
+if (!isset($_REQUEST['pass_len']) or empty($_REQUEST['pass_len']) or !is_numeric($_REQUEST['pass_len']) or ($_REQUEST['pass_len'] <= 0)) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-passlen.txt")) {
+ unlink("data/bb-passlen.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['min_age']) and !empty($_REQUEST['min_age']) and is_numeric($_REQUEST['min_age']) and ($_REQUEST['min_age'] > 0) and (file_get_contents("data/bb-min-age.txt") != $_REQUEST['min_age'])) {
+ $min_age_write_content = number_format($_REQUEST['min_age'],0,'.','');
+ $fp_min_age_txt = fopen("data/bb-min-age.txt","w");
+ fwrite($fp_min_age_txt,$min_age_write_content);
+ fclose($fp_min_age_txt);
+}
+
+if (!isset($_REQUEST['min_age']) or empty($_REQUEST['min_age']) or !is_numeric($_REQUEST['min_age']) or ($_REQUEST['min_age'] <= 0)) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-min-age.txt")) {
+ unlink("data/bb-min-age.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['max_age']) and !empty($_REQUEST['max_age']) and is_numeric($_REQUEST['max_age']) and ($_REQUEST['max_age'] > 0) and (file_get_contents("data/bb-max-age.txt") != $_REQUEST['max_age'])) {
+ $max_age_write_content = number_format($_REQUEST['max_age'],0,'.','');
+ $fp_max_age_txt = fopen("data/bb-max-age.txt","w");
+ fwrite($fp_max_age_txt,$max_age_write_content);
+ fclose($fp_max_age_txt);
+}
+
+if (!isset($_REQUEST['max_age']) or empty($_REQUEST['max_age']) or !is_numeric($_REQUEST['max_age']) or ($_REQUEST['max_age'] <= 0)) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-max-age.txt")) {
+ unlink("data/bb-max-age.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['bb_idle']) and !empty($_REQUEST['bb_idle']) and is_numeric($_REQUEST['bb_idle']) and ($_REQUEST['bb_idle'] > 0) and (file_get_contents("data/bb-idle.txt") != $_REQUEST['bb_idle'])) {
+ $bb_idle_write_content = number_format($_REQUEST['bb_idle'],0,'.','');
+ $fp_bb_idle_txt = fopen("data/bb-idle.txt","w");
+ fwrite($fp_bb_idle_txt,$bb_idle_write_content);
+ fclose($fp_bb_idle_txt);
+}
+
+if (!isset($_REQUEST['bb_idle']) or empty($_REQUEST['bb_idle']) or !is_numeric($_REQUEST['bb_idle']) or ($_REQUEST['bb_idle'] <= 0)) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-idle.txt")) {
+ unlink("data/bb-idle.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['bb_reserved']) and !empty($_REQUEST['bb_reserved']) and (file_get_contents("data/bb-reserved.txt") != $_REQUEST['bb_reserved'])) {
+ $bb_reserved_write_content = strtolower($_REQUEST['bb_reserved']);
+ $bb_reserved_write_content = trim($bb_reserved_write_content);
+ $fp_bb_reserved_txt = fopen("data/bb-reserved.txt","w");
+ fwrite($fp_bb_reserved_txt,$bb_reserved_write_content);
+ fclose($fp_bb_reserved_txt);
+}
+
+if (!isset($_REQUEST['bb_reserved']) or empty($_REQUEST['bb_reserved'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-reserved.txt")) {
+ unlink("data/bb-reserved.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['bb_disclaimer']) and !empty($_REQUEST['bb_disclaimer']) and (file_get_contents("data/bb-disclaimer.txt") != $_REQUEST['bb_disclaimer'])) {
+ $bb_disclaimer_write_content = ucfirst($_REQUEST['bb_disclaimer']);
+ $bb_disclaimer_write_content = str_replace("\n","<br>",$bb_disclaimer_write_content);
+ $bb_disclaimer_write_content = trim($bb_disclaimer_write_content);
+ $fp_bb_disclaimer_txt = fopen("data/bb-disclaimer.txt","w");
+ fwrite($fp_bb_disclaimer_txt,$bb_disclaimer_write_content);
+ fclose($fp_bb_disclaimer_txt);
+}
+
+if (!isset($_REQUEST['bb_disclaimer']) or empty($_REQUEST['bb_disclaimer'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/bb-disclaimer.txt")) {
+ unlink("data/bb-disclaimer.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['ml_reply2']) and !empty($_REQUEST['ml_reply2']) and (file_get_contents("data/ml-reply2.txt") != $_REQUEST['ml_reply2']) and (ereg("@", $_REQUEST['ml_reply2'])) and (ereg("\.", $_REQUEST['ml_reply2']))) {
+ $ml_reply2_write_content = strtolower($_REQUEST['ml_reply2']);
+ $ml_reply2_write_content = trim($ml_reply2_write_content);
+ $ml_reply2_write_content = htmlentities($ml_reply2_write_content, ENT_NOQUOTES);
+ $fp_ml_reply2_txt = fopen("data/ml-reply2.txt","w");
+ fwrite($fp_ml_reply2_txt,$ml_reply2_write_content);
+ fclose($fp_ml_reply2_txt);
+}
+
+if (!isset($_REQUEST['ml_reply2']) or empty($_REQUEST['ml_reply2'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/ml-reply2.txt")) {
+ unlink("data/ml-reply2.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['ml_prepend']) and !empty($_REQUEST['ml_prepend']) and (file_get_contents("data/ml-prepend.txt") != $_REQUEST['ml_prepend'])) {
+ $ml_prepend_write_content = ucfirst($_REQUEST['ml_prepend']);
+ $ml_prepend_write_content = trim($ml_prepend_write_content);
+ $fp_ml_prepend_txt = fopen("data/ml-prepend.txt","w");
+ fwrite($fp_ml_prepend_txt,$ml_prepend_write_content);
+ fclose($fp_ml_prepend_txt);
+}
+
+if (!isset($_REQUEST['ml_prepend']) or empty($_REQUEST['ml_prepend'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/ml-prepend.txt")) {
+ unlink("data/ml-prepend.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['ml_header']) and !empty($_REQUEST['ml_header']) and (file_get_contents("data/ml-header.txt") != $_REQUEST['ml_header'])) {
+ $ml_header_write_content = ucfirst($_REQUEST['ml_header']);
+ $ml_header_write_content = trim($ml_header_write_content);
+ $fp_ml_header_txt = fopen("data/ml-header.txt","w");
+ fwrite($fp_ml_header_txt,$ml_header_write_content);
+ fclose($fp_ml_header_txt);
+}
+
+if (!isset($_REQUEST['ml_header']) or empty($_REQUEST['ml_header'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/ml-header.txt")) {
+ unlink("data/ml-header.txt");
+ }
+ }
+}
+
+if (isset($_REQUEST['ml_footer']) and !empty($_REQUEST['ml_footer']) and (file_get_contents("data/ml-footer.txt") != $_REQUEST['ml_footer'])) {
+ $ml_footer_write_content = ucfirst($_REQUEST['ml_footer']);
+ $ml_footer_write_content = trim($ml_footer_write_content);
+ $fp_ml_footer_txt = fopen("data/ml-footer.txt","w");
+ fwrite($fp_ml_footer_txt,$ml_footer_write_content);
+ fclose($fp_ml_footer_txt);
+}
+
+if (!isset($_REQUEST['ml_footer']) or empty($_REQUEST['ml_footer'])) {
+ if (isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+ if (file_exists("data/ml-footer.txt")) {
+ unlink("data/ml-footer.txt");
+ }
+ }
+}
+
if (isset($_REQUEST['del_favicon']) and !empty($_REQUEST['del_favicon']) and ($_REQUEST['del_favicon'] == "on")) {
if (file_exists("favicon.ico")) {
unlink("favicon.ico");
@@ -205,6 +571,20 @@ if (isset($_REQUEST['del_picture']) and !empty($_REQUEST['del_picture']) and ($_
}
}
+if (isset($_REQUEST['del_avatar']) and !empty($_REQUEST['del_avatar']) and ($_REQUEST['del_avatar'] == "on")) {
+ if (file_exists("images/avatar.gif")) {
+ unlink("images/avatar.gif");
+ }
+
+ if (file_exists("images/avatar.jpg")) {
+ unlink("images/avatar.jpg");
+ }
+
+ if (file_exists("images/avatar.png")) {
+ unlink("images/avatar.png");
+ }
+}
+
if (isset($_REQUEST['bg_scroll']) and !empty($_REQUEST['bg_scroll']) and ($_REQUEST['bg_scroll'] == "on") and !file_exists("data/bg-scroll.txt")) {
touch("data/bg-scroll.txt");
}
@@ -345,6 +725,58 @@ if (isset($_FILES['picture']) and !empty($_FILES['picture'])) {
}
}
+if (isset($_FILES['avatar']) and !empty($_FILES['avatar'])) {
+
+ if (is_uploaded_file($_FILES['avatar']['tmp_name'])) {
+
+ if ($_FILES['avatar']['size']<=$max_image_size) {
+
+ if (($_FILES['avatar']['type']=="image/gif") || ($_FILES['avatar']['type']=="image/pjpeg") || ($_FILES['avatar']['type']=="image/jpeg") || ($_FILES['avatar']['type']=="image/png")) {
+
+ if (!file_exists("images")) {
+ mkdir("images");
+ }
+
+ if (file_exists("images/avatar.gif")) {
+ unlink("images/avatar.gif");
+ }
+
+ if (file_exists("images/avatar.jpg")) {
+ unlink("images/avatar.jpg");
+ }
+
+ if (file_exists("images/avatar.png")) {
+ unlink("images/avatar.png");
+ }
+
+ if ($_FILES['avatar']['type']=="image/gif") {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/avatar.gif");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+
+ if (($_FILES['avatar']['type']=="image/jpeg") or ($_FILES['avatar']['type']=="image/pjpeg")) {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/avatar.jpg");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+
+ if ($_FILES['avatar']['type']=="image/png") {
+ $res = copy($_FILES['avatar']['tmp_name'], "images/avatar.png");
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+ }
+ else {
+ unlink($_FILES['avatar']['tmp_name']);
+ }
+}
+
if (isset($_FILES['background']) and !empty($_FILES['background'])) {
if (is_uploaded_file($_FILES['background']['tmp_name'])) {
@@ -485,7 +917,7 @@ a:active {
<tr><td><p><input type=checkbox name=old <?php if (file_exists("data/old.txt")) { echo checked; } ?>> Display entries from oldest to newest.</p></td></tr>
<?php
if (file_exists("favicon.ico")) {
- echo '<tr><td></td><td><p><input type=checkbox name=del_favicon> Delete existing <i>favicon.ico</i>.</p></td></tr>';
+ echo '<tr><td></td><td><p><input type=checkbox name=del_favicon> Delete existing favicon.ico.</p></td></tr>';
}
if (file_exists("images/profile.gif") or file_exists("images/profile.jpg") or file_exists("images/profile.png")) {
echo '<tr><td></td><td><p><input type=checkbox name=del_picture> Delete existing profile picture.</p></td></tr>';
@@ -586,13 +1018,122 @@ if (file_exists("images/background.gif") or file_exists("images/background.jpg")
}
}
?>
-<tr><td><p>upload <a href=http://www.chami.com/html-kit/services/favicon/ target=_maj>favicon.ico</a></p></td><td><input autocomplete=off type=file name=favicon></td></tr>
+<tr><td><p>upload <a href=http://tools.dynamicdrive.com/favicon/ target=_maj>favicon.ico</a></p></td><td><input autocomplete=off type=file name=favicon></td></tr>
<tr><td><p>upload profile picture</p></td><td><input autocomplete=off type=file name=picture></td></tr>
<tr><td><p>upload background image</p></td><td><input autocomplete=off type=file name=background></td></tr>
<tr><td><p>profile*</p></td><td><textarea class=input name=profile rows=10><?php readfile("data/profile.php"); ?></textarea></td></tr>
<tr><td><p>current password</p></td><td><input autocomplete=off class=input type=password name=passwd_cur></td></tr>
<tr><td><p>new password</p></td><td><input autocomplete=off class=input type=password name=passwd_new></td></tr>
<tr><td><p>confirm new password</p></td><td><input autocomplete=off class=input type=password name=passwd_conf></td></tr>
+
+<?php if (!file_exists("data/lite.txt")) { ?>
+
+<tr><td><p>profanity filter</p></td><td><p><input type=checkbox name=pf <?php if (file_exists("data/pf.txt")) { echo checked; } ?>> Enable profanity filter.</p></td></tr>
+
+<?php if (file_exists("data/pf.txt")) { ?>
+
+<tr><td><p>badwords</p></td><td><p><textarea class=input name=pf_badwords><?php if (file_exists("data/pf-badwords.txt")) { echo str_replace("|","\n",file_get_contents("data/pf-badwords.txt")); } ?></textarea></p></td></tr>
+<tr><td><p>censor mark</p></td><td><p><input class=input autocomplete=off type=text name=pf_censor <?php
+if (file_exists("data/pf-censor.txt")) {
+ echo "value=";
+ readfile("data/pf-censor.txt");
+}
+
+?>></p></td></tr>
+
+<?php } ?>
+
+<tr><td <?php if (file_exists("data/bb.txt") and !file_exists("images/avatar.jpg") and !file_exists("images/avatar.gif") and !file_exists("images/avatar.png")) { echo "rowspan=8"; } if (file_exists("data/bb.txt") and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) { echo "rowspan=9"; } ?>><p>bulletin board</p></td><td><p><input type=checkbox name=bb <?php if (file_exists("data/bb.txt")) { echo checked; } ?>> Enable simple bulletin board.</p></td></tr>
+<?php if (file_exists("data/bb.txt")) { ?>
+<tr><td><p><input type=checkbox name=reg <?php if (file_exists("data/reg.txt")) { echo checked; } ?>> Enable new user registration.</p></td></tr>
+<tr><td><p><input type=checkbox name=xapp <?php if (file_exists("data/xapp.txt")) { echo checked; } ?>> Enable automatic activation of confirmed users.</p></td></tr>
+<tr><td><p><input type=checkbox name=member <?php if (file_exists("data/member.txt")) { echo checked; } ?>> Only members can view posts of other members.</p></td></tr>
+<tr><td><p><input type=checkbox name=stats <?php if (file_exists("data/bb-stats.txt")) { echo checked; } ?>> Enable statistics panel.</p></td></tr>
+<tr><td><p><input type=checkbox name=summary <?php if (file_exists("data/bb-summary.txt")) { echo checked; } ?>> Enable summary panel.</p></td></tr>
+<tr><td><p><input type=checkbox name=rank <?php if (file_exists("data/rank.txt")) { echo checked; } ?>> Enable ranks.</p></td></tr>
+<tr><td><p><input type=checkbox name=sigs <?php if (file_exists("data/bb-sig.txt")) { echo checked; } ?>> Enable signatures.</p></td></tr>
+<tr><td><p><input type=checkbox name=avatars <?php if (file_exists("data/avatar.txt")) { echo checked; } ?>> Enable avatars.</p></td></tr>
+
+<?php
+if (file_exists("images/avatar.gif") or file_exists("images/avatar.jpg") or file_exists("images/avatar.png")) {
+ echo '<tr><td><p><input type=checkbox name=del_avatar> Delete existing avatar.</p></td></tr>';
+}
+?>
+
+<tr><td><p>upload avatar</p></td><td><input autocomplete=off type=file name=avatar></td></tr>
+
+<?php if (file_exists("data/bb.txt") and file_exists("data/bb-sig.txt")) { ?>
+<tr><td><p>signature</p></td><td><textarea class=input name=sig><?php if (file_exists("data/sig.txt")) {
+
+ $get_sig = file_get_contents("data/sig.txt");
+ $get_sig = str_replace("<b>","[b]",$get_sig);
+ $get_sig = str_replace("</b>","[/b]",$get_sig);
+ $get_sig = str_replace("<i>","[i]",$get_sig);
+ $get_sig = str_replace("</i>","[/i]",$get_sig);
+ $get_sig = str_replace("<u>","[u]",$get_sig);
+ $get_sig = str_replace("</u>","[/u]",$get_sig);
+ $get_sig = str_replace("<sup>","[sup]",$get_sig);
+ $get_sig = str_replace("</sup>","[/sup]",$get_sig);
+ $get_sig = str_replace("<sub>","[sub]",$get_sig);
+ $get_sig = str_replace("</sub>","[/sub]",$get_sig);
+ $get_sig = str_replace("<strike>","[strike]",$get_sig);
+ $get_sig = str_replace("</strike>","[/strike]",$get_sig);
+ $get_sig = str_replace("<br>","\n",$get_sig);
+ echo $get_sig;
+
+} ?></textarea></td></tr>
+<?php } ?>
+
+<tr><td><p>minimum password length</p></td><td><input class=input autocomplete=off type=text name=pass_len <?php
+if (file_exists("data/bb-passlen.txt")) {
+ echo "value=";
+ readfile("data/bb-passlen.txt");
+}
+
+?>></td></tr>
+
+<tr><td><p>minimum age to register</p></td><td><input class=input autocomplete=off type=text name=min_age <?php
+if (file_exists("data/bb-min-age.txt")) {
+ echo "value=";
+ readfile("data/bb-min-age.txt");
+}
+
+?>></td></tr>
+
+<tr><td><p>maximum age to register</p></td><td><input class=input autocomplete=off type=text name=max_age <?php
+if (file_exists("data/bb-max-age.txt")) {
+ echo "value=";
+ readfile("data/bb-max-age.txt");
+}
+
+?>></td></tr>
+
+<tr><td><p>maximum idle time in minutes</p></td><td><input class=input autocomplete=off type=text name=bb_idle <?php
+if (file_exists("data/bb-idle.txt")) {
+ echo "value=";
+ readfile("data/bb-idle.txt");
+}
+?>></td></tr>
+
+<tr><td><p>reserved usernames</p></td><td><textarea class=input name=bb_reserved><?php if (file_exists("data/bb-reserved.txt")) { readfile("data/bb-reserved.txt"); } ?></textarea></td></tr>
+
+<tr><td><p>disclaimer</p></td><td><textarea class=input name=bb_disclaimer><?php if (file_exists("data/bb-disclaimer.txt")) { echo str_replace("<br>","\n",file_get_contents("data/bb-disclaimer.txt")); } ?></textarea></td></tr>
+
+<?php } ?>
+
+
+<tr><td><p>mailing list</p></td><td><p><input type=checkbox name=ml <?php if (file_exists("data/ml.txt")) { echo checked; } ?>> Enable simple mailing list.</p></td></tr>
+
+<?php if (file_exists("data/ml.txt")) { ?>
+
+<tr><td><p>reply-to</p></td><td><input class=input autocomplete=off type=text name=ml_reply2 <?php if (file_exists("data/ml-reply2.txt")) { echo "value=\""; readfile("data/ml-reply2.txt"); echo "\""; } ?>></td></tr>
+<tr><td><p>prepend to subject</p></td><td><input class=input autocomplete=off type=text name=ml_prepend <?php if (file_exists("data/ml-prepend.txt")) { echo "value=\""; readfile("data/ml-prepend.txt"); echo "\""; } ?>></td></tr>
+<tr><td><p>header</p></td><td><textarea class=input name=ml_header><?php if (file_exists("data/ml-header.txt")) { readfile("data/ml-header.txt"); } ?></textarea></td></tr>
+<tr><td><p>footer</p></td><td><textarea class=input name=ml_footer><?php if (file_exists("data/ml-footer.txt")) { readfile("data/ml-footer.txt"); } ?></textarea></td></tr>
+
+<?php } } ?>
+
+
<tr><td></td><td><input class=input type=submit value="click here to activate new settings"></td></tr>
<?php
diff --git a/sitemap.php b/sitemap.php
index 160448a..483017e 100644
--- a/sitemap.php
+++ b/sitemap.php
@@ -2,6 +2,20 @@
error_reporting(E_ERROR);
+function stripslashes_array($data) {
+ if (is_array($data)){
+ foreach ($data as $key => $value){
+ $data[$key] = stripslashes_array($value);
+ }
+ return $data;
+ }
+ else{
+ return stripslashes($data);
+ }
+}
+
+$_REQUEST = stripslashes_array($_REQUEST);
+
$dir = "data/items";
if ($dh_sitemap_items = opendir($dir)) {
