Browse Source

New plugin loader, page features, API0.2b, Bugfixes

master
5 years ago
parent
commit
b97faf21fd
230 changed files with 36532 additions and 36346 deletions
  1. +13
    -0
      .htaccess
  2. +24
    -24
      api.php
  3. +313
    -305
      core.php
  4. +7
    -6
      includes/admin/dashboard.php
  5. +149
    -149
      includes/admin/entry.php
  6. +41
    -35
      includes/admin/main.php
  7. +63
    -54
      includes/admin/page.php
  8. +51
    -50
      includes/admin/plugins.php
  9. +47
    -0
      includes/admin/settings.php
  10. +131
    -124
      includes/blog.class.php
  11. +64
    -64
      includes/check.class.php
  12. +44
    -44
      includes/comment.class.php
  13. +6
    -6
      includes/css/ui-lightness/jquery-ui.custom.min.css
  14. +172
    -172
      includes/filtr.class.php
  15. +9
    -9
      includes/js/functions.js
  16. +6
    -6
      includes/js/jquery-ui.custom.min.js
  17. +9789
    -9789
      includes/js/jquery.js
  18. +32
    -0
      includes/locale/hu_HU.lng
  19. +28
    -28
      includes/main/entries.php
  20. +38
    -36
      includes/main/entry.php
  21. +37
    -37
      includes/main/login.php
  22. +15
    -15
      includes/main/page.php
  23. +125
    -125
      includes/main/profile.php
  24. +16
    -16
      includes/main/profile_edit.php
  25. +29
    -29
      includes/main/tag.php
  26. +91
    -91
      includes/page.class.php
  27. +27
    -27
      includes/rss.php
  28. +32
    -0
      includes/settings.class.php
  29. +8
    -8
      includes/sidebar/account.php
  30. +23
    -28
      includes/sidebar/sidebar.php
  31. +67
    -67
      includes/user.class.php
  32. +92
    -101
      index.php
  33. +4
    -4
      plugins/ckeditor/_plugin.php
  34. +9
    -9
      plugins/ckeditor/adapters/jquery.js
  35. +58
    -58
      plugins/ckeditor/build-config.js
  36. +732
    -732
      plugins/ckeditor/ckeditor.js
  37. +44
    -44
      plugins/ckeditor/config.js
  38. +38
    -38
      plugins/ckeditor/config.old.js
  39. +134
    -134
      plugins/ckeditor/contents.css
  40. +1
    -1
      plugins/ckeditor/info.json
  41. +4
    -4
      plugins/ckeditor/lang/en.js
  42. +4
    -4
      plugins/ckeditor/lang/hu.js
  43. +1
    -1
      plugins/ckeditor/plugins/autosave/css/autosave.min.css
  44. +212
    -212
      plugins/ckeditor/plugins/autosave/js/extensions.min.js
  45. +8
    -8
      plugins/ckeditor/plugins/button/lang/en.js
  46. +8
    -8
      plugins/ckeditor/plugins/button/lang/hu.js
  47. +379
    -379
      plugins/ckeditor/plugins/button/plugin.js
  48. +10
    -10
      plugins/ckeditor/plugins/clipboard/dialogs/paste.js
  49. +7
    -7
      plugins/ckeditor/plugins/contextmenu/lang/en.js
  50. +7
    -7
      plugins/ckeditor/plugins/contextmenu/lang/hu.js
  51. +143
    -143
      plugins/ckeditor/plugins/contextmenu/plugin.js
  52. +4
    -4
      plugins/ckeditor/plugins/dialog/dialogDefinition.js
  53. +501
    -501
      plugins/ckeditor/plugins/filebrowser/plugin.js
  54. +548
    -548
      plugins/ckeditor/plugins/floatpanel/plugin.js
  55. +18
    -18
      plugins/ckeditor/plugins/format/lang/en.js
  56. +18
    -18
      plugins/ckeditor/plugins/format/lang/hu.js
  57. +244
    -244
      plugins/ckeditor/plugins/format/plugin.js
  58. +70
    -70
      plugins/ckeditor/plugins/htmlbuttons/plugin.js
  59. +359
    -359
      plugins/ckeditor/plugins/htmlwriter/plugin.js
  60. +4
    -4
      plugins/ckeditor/plugins/htmlwriter/samples/assets/outputforflash/swfobject.js
  61. +280
    -280
      plugins/ckeditor/plugins/htmlwriter/samples/outputforflash.html
  62. +221
    -221
      plugins/ckeditor/plugins/htmlwriter/samples/outputhtml.html
  63. +1216
    -1216
      plugins/ckeditor/plugins/image/dialogs/image.js
  64. +26
    -26
      plugins/ckeditor/plugins/image/lang/en.js
  65. +26
    -26
      plugins/ckeditor/plugins/image/lang/hu.js
  66. +170
    -170
      plugins/ckeditor/plugins/image/plugin.js
  67. +62
    -62
      plugins/ckeditor/plugins/imagebrowser/browser/browser.css
  68. +25
    -25
      plugins/ckeditor/plugins/imagebrowser/browser/browser.html
  69. +5
    -5
      plugins/ckeditor/plugins/imagebrowser/browser/browser.js
  70. +180
    -180
      plugins/ckeditor/plugins/imagebrowser/browser/jquery-1.9.1.min.js
  71. +10
    -10
      plugins/ckeditor/plugins/justify/lang/en.js
  72. +10
    -10
      plugins/ckeditor/plugins/justify/lang/hu.js
  73. +241
    -241
      plugins/ckeditor/plugins/justify/plugin.js
  74. +6
    -6
      plugins/ckeditor/plugins/link/dialogs/anchor.js
  75. +25
    -25
      plugins/ckeditor/plugins/link/dialogs/link.js
  76. +240
    -240
      plugins/ckeditor/plugins/listblock/plugin.js
  77. +402
    -402
      plugins/ckeditor/plugins/panel/plugin.js
  78. +65
    -65
      plugins/ckeditor/plugins/popup/plugin.js
  79. +20
    -20
      plugins/ckeditor/plugins/readmorebtn/plugin.js
  80. +441
    -441
      plugins/ckeditor/plugins/richcombo/plugin.js
  81. +79
    -79
      plugins/ckeditor/plugins/sourcedialog/dialogs/sourcedialog.js
  82. +9
    -9
      plugins/ckeditor/plugins/sourcedialog/lang/en.js
  83. +9
    -9
      plugins/ckeditor/plugins/sourcedialog/lang/hu.js
  84. +27
    -27
      plugins/ckeditor/plugins/sourcedialog/plugin.js
  85. +118
    -118
      plugins/ckeditor/plugins/sourcedialog/samples/sourcedialog.html
  86. +555
    -555
      plugins/ckeditor/plugins/table/dialogs/table.js
  87. +74
    -74
      plugins/ckeditor/plugins/table/lang/en.js
  88. +74
    -74
      plugins/ckeditor/plugins/table/lang/hu.js
  89. +106
    -106
      plugins/ckeditor/plugins/table/plugin.js
  90. +493
    -493
      plugins/ckeditor/plugins/tabletools/dialogs/tableCell.js
  91. +1037
    -1037
      plugins/ckeditor/plugins/tabletools/plugin.js
  92. +4
    -4
      plugins/ckeditor/skins/moono/dialog.css
  93. +4
    -4
      plugins/ckeditor/skins/moono/dialog_ie.css
  94. +4
    -4
      plugins/ckeditor/skins/moono/dialog_ie7.css
  95. +4
    -4
      plugins/ckeditor/skins/moono/dialog_ie8.css
  96. +4
    -4
      plugins/ckeditor/skins/moono/dialog_iequirks.css
  97. +4
    -4
      plugins/ckeditor/skins/moono/editor.css
  98. +4
    -4
      plugins/ckeditor/skins/moono/editor_gecko.css
  99. +4
    -4
      plugins/ckeditor/skins/moono/editor_ie.css
  100. +4
    -4
      plugins/ckeditor/skins/moono/editor_ie7.css

+ 13
- 0
.htaccess View File

@ -0,0 +1,13 @@
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^(.*) index.php?pathsec=$1 [QSA]
php_value display_errors On
Options -Indexes
Redirect 301 /sitemap.xml /plugins/sitemap-xml/sitemap.php

+ 24
- 24
api.php View File

@ -1,25 +1,25 @@
<?php
require_once 'core.php';
header('Content-type: application/json');
$blog = new blog();
$entries = array();
if ($blog->entries)
{
while ($data = $blog->entries())
array_push($entries, array('entryTitle'=>$data['entryTitle'], 'entrySlug'=>$data['entrySlug'], 'entryPublished'=>show_date($data['entryPublished']), 'entryContent'=>entry_show_init($data['entryContent'], $data['entrySlug'], true)));
/*echo "<article>
<header>
<h2><a href='".get_entry_link($data['entrySlug'])."'>$data[entryTitle]</a></h2>
<p class='meta'><time class='date' title='{locale:published_on}'>".show_date($data['entryPublished'])."</time><a href='".get_profile_link($data['userName'])."' class='by' title='{locale:entry_by}'>$data[publicName]</a>".get_entry_admin($data)."</p>
</header>
<div class='content'>".entry_show_init($data['entryContent'], $data['entrySlug'])."</div>
</article>\n";*/
}
echo json_encode($entries);
<?php
require_once 'core.php';
header('Content-type: application/json');
$blog = new blog(false, 0, true, (isset($_GET['no']) ? $_GET['no'] : fasle));
$entries = array();
if ($blog->entries)
{
while ($data = $blog->entries())
array_push($entries, array('entryTitle'=>$data['entryTitle'], 'entrySlug'=>$data['entrySlug'], 'entryPublished'=>show_date($data['entryPublished']), 'entryContent'=>entry_show_init($data['entryContent'], $data['entrySlug'], true)));
/*echo "<article>
<header>
<h2><a href='".get_entry_link($data['entrySlug'])."'>$data[entryTitle]</a></h2>
<p class='meta'><time class='date' title='{locale:published_on}'>".show_date($data['entryPublished'])."</time><a href='".get_profile_link($data['userName'])."' class='by' title='{locale:entry_by}'>$data[publicName]</a>".get_entry_admin($data)."</p>
</header>
<div class='content'>".entry_show_init($data['entryContent'], $data['entrySlug'])."</div>
</article>\n";*/
}
echo json_encode($entries);
?>

+ 313
- 305
core.php View File

@ -1,305 +1,313 @@
<?php
// Start session
session_start();
// REALLY NICE ERROR PAGE KINDA THING
function nice_error($err, $errstr = false)
{
if ($errstr) { $errno = $err; $err = $errstr; }
if (($errstr && $errno != 2048) || !$errstr)
die('<!doctype html><html><head><title>Insanely</title><meta charset="utf-8" /></head><body><h1>So bad...</h1><p><img style="width: 260px" src="/data/imgs/coding_in_progress.jpg" alt=""/></p><p>'.$err.(isset($errno) ? ' ('.$errno.')' : '').'</p></body></html>');
}
set_error_handler('nice_error');
// LOAD CONFIG
require_once 'config.php';
// FEEDBACK
$info = array();
$error = array();
// SEO
if (isset($_GET['pathsec']))
{
$seo = explode('/', $_GET['pathsec']);
foreach ($seo AS $a=>$b)
$seo[$a] = htmlspecialchars($b);
} else
$seo = array('');
// DATABASE
$_sql = new mysqli(DBHOST, DBUSER, DBPASS, DBNAME) or nice_error('Sorry, but we cant connect to the database server right now.');
$_sql->query("SET NAMES ".DBCHAR);
$_sql->query("SET CHARACTER SET ".DBCHAR);
// LANGUAGE
$_locale = (array)json_decode(file_get_contents('includes/locale/hu_HU.lng'));
// OTHER CLEVER STUFFS
function clear_cache() { header("Cache-Control: no-cache, must-revalidate"); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); }
function redirect($url = '/', $status = false) { header('Location: '.$url.($status ? '?status='.$status : '')); exit; }
function isnum($in) { return is_numeric($in); }
function sqlprot($in) { global $_sql; return $_sql->real_escape_string($in); }
function trimlink($in, $length = 140) { $in = html_entity_decode(strip_tags($in)); if (strlen($in) > $length) return substr($in, 0, $length-3).'...'; return $in; }
$set = $_sql->query("SELECT * FROM settings");
while ($data = $set->fetch_assoc())
$_set[$data['variable']] = $data['value'];
// CLASSES
require_once 'includes/user.class.php';
require_once 'includes/blog.class.php';
require_once 'includes/page.class.php';
require_once 'includes/check.class.php';
require_once 'includes/comment.class.php';
// FUNCTIONS
function get_page_link($slug, $p = false) { global $_set; $prefix = ($p ? $_set['url'] : ''); if ($_set['seo']) return $prefix."/$_set[subPage]/$slug"; return $prefix."/?pathsec=$_set[subPage]/$slug"; }
function get_entry_link($slug, $p = false, $admin = false) { global $_set; $prefix = ($p ? $_set['url'] : '').($admin ? '/admin' : null); if ($_set['seo']) return $prefix."/$_set[subEntry]/$slug"; return $prefix."/?pathsec=$_set[subEntry]/$slug"; }
function get_profile_link($slug = false, $p = false) { global $_set; $prefix = ($p ? $_set['url'] : ''); if (!$slug) { global $user; if (LOGGEDIN) $slug = $user['userName']; else $slug = ''; } if ($_set['seo']) return $prefix."/$_set[subProfile]/$slug"; return $prefix."/?pathsec=$_set[subProfile]/$slug"; }
function get_profile_picture($userData = false, $p = false) { global $_set; $prefix = ($p ? $_set['url'] : ''); if (!$userData) if (LOGGEDIN) { global $user; $userData = $user;} else $userData = array('userPic'=>0); return $prefix.($userData['userPic'] ? "/data/profile_pics/$userData[userId].jpg" : '/data/imgs/'.$_set['defaultProfilePic']); }
function get_current_link($p = false) { global $_set, $seo; $prefix = ($p ? $_set['url'] : ''); $link = ''; for ($i = 0; $i < sizeof($seo); $i++) $link .= '/'.$seo[$i]; return $prefix.($_set['seo'] ? $link : '/?pathsec='.$link); }
function get_theme_lib() { global $_set; if (file_exists('themes/'.$_set['mainTheme'])) return 'themes/'.$_set['mainTheme']; return false; }
function get_theme()
{
global $_set;
if (file_exists('themes/'.$_set['mainTheme'].'/template.php'))
return 'themes/'.$_set['mainTheme'].'/template.php';
return false;
}
function get_site_link() { global $_set; return $_set['url']; }
function get_site_body() { global $output; return output_replacer($output); }
function get_navigation($append = '')
{
global $_locale, $_sql, $seo, $_title;
$navLinks = array();
if ($seo[0] && isset($_title[0])) array_push($navLinks, array('link' => '/', 'title' => $_locale['home']));
$navQuery = $_sql->query("SELECT pageSlug, pageTitle FROM pages ORDER BY pageTitle ASC");
while ($navData = $navQuery->fetch_assoc())
array_push($navLinks, array('link' => get_page_link($navData['pageSlug']), 'title' => $navData['pageTitle']));
for ($i = 0; $i < sizeof($navLinks); $i++)
{
$link = explode('/', $navLinks[$i]['link']);
for ($b = 1; $b < sizeof($link); $b++)
{
$active = true;
if (isset($seo[$b-1]) && $seo[$b-1] == $link[$b] && $active)
$active = true; else $active = false;
}
echo "<li><a href='".$navLinks[$i]['link'].$append."'".($active ? " class='active'":'').">".$navLinks[$i]['title']."</a></li>";
}
}
function get_tags($append = '')
{
global $_sql;
$tags = $_sql->query("SELECT tagId, tagName, COUNT(taggedId) AS taggedposts FROM tagged INNER JOIN tags ON tagId = taggedTag GROUP BY tagId ORDER BY tagName ASC");
if ($tags->num_rows)
{
while ($data = $tags->fetch_assoc())
echo "<li><a href='/tag/$data[tagId]$append'>$data[tagName]</a> <span>$data[taggedposts]</span></li>";
}
}
function get_entry_admin($d)
{
global $user;
if (!LOGGEDIN) return '';
if ($user['userLevel'] > 3) return "<span class='admin'>".($d['entryPinned'] ? "<a href='/admin/entry/$d[entrySlug]/unpin' class='pin unpin'>{locale:unpin}</a>":"<a href='/admin/entry/$d[entrySlug]/pin' class='pin'>{locale:pin}</a>")."<a href='/admin/entry/$d[entrySlug]' class='edit'>{locale:edit}</a><a href='/admin/entry/$d[entrySlug]/delete' class='delete' onclick='return confirm(\"{locale:delete_confirm}\")'>{locale:delete}</a></span>";
if ($user['userLevel'] > 2 && $d['entryBy'] == $user['userId']) return "<span class='admin'><a href='/admin/entry/$d[entrySlug]' class='edit'>{locale:edit}</a></span>";
}
function get_page_title()
{
global $_title, $_set;
if (!empty($_title))
{
$title2 = '';
for ($i=sizeof($_title)-1; $i>=0; $i--)
$title2 .= $_title[$i].', ';
$trepf = array('{title}', '{page}');
$trept = array($_set['title'], rtrim($title2, ', '));
echo str_replace($trepf, $trept, ($_set['titleFormat'] ? $_set['titleFormat'] : '{page} | {title}'));
} else
echo $_set['title'];
}
function get_page_extra_head()
{
global $_head, $metaimage, $_set;
if (!empty($_head))
{
for ($i=0; $i<sizeof($_head); $i++)
echo $_head[$i]."\n";
}
echo '<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="'.$_set['url'].'/rss" />'."\n";
if ($metaimage)
{
if (!strpos($metaimage, 'http')) $metaimage = $_set['url'].$metaimage;
echo '<link rel="image_src" href="'.$metaimage.'" />'."\n";
echo '<meta property="og:image" content="'.$metaimage.'" />';
}
}
function get_page_extra_body()
{
global $_body, $_set;
if (!empty($_body))
for ($i=0; $i<sizeof($_body); $i++)
echo $_body[$i]."\n";
}
function get_errors()
{
global $error;
if (!empty($error))
{
echo "<div id='errors'>";
for($i=0; $i<sizeof($error); $i++)
echo "<li>$error[$i]</li>";
echo "</ul></div>";
}
}
function get_infos()
{
global $info;
if (!empty($info))
{
echo "<div id='infos'>";
for($i=0; $i<sizeof($info); $i++)
echo "<li>$info[$i]</li>";
echo "</ul></div>";
}
}
function set_pin($pin) { global $_SESSION; $_SESSION['entry_pin'] = $pin; }
function get_pin() { global $_SESSION; return isset($_SESSION['entry_pin']) ? $_SESSION['entry_pin'] : false; }
function theme_component($comp) {
$cf = get_theme_lib().'/components/'.$comp.'.php';
if (file_exists($cf))
return $cf;
return false;
}
function show_date($ts) { global $_set; return (!(int)date('Hi', $ts) ? date($_set['dateformatShort'], $ts) : date($_set['dateformat'], $ts)); }
$_title = array();
function addTitle($add) { global $_title; array_push($_title, htmlentities($add)); }
$_head = array();
$head_registered = array();
function addHead($add, $register = false) { global $_head, $head_registered; if (($register && !in_array($register, $head_registered)) || !$register) array_push($_head, $add); }
$_body = array();
$body_registered = array();
function addBody($add, $register = false) { global $_body, $body_registered; if (($register && !in_array($register, $body_registered)) || !$register) array_push($_body, $add); }
$description = false;
function addDescription($add) { global $description; if (!$description) $description = ''; $description .= str_replace(array('"', '\'', "\n", "\r\n", '&lt;', '&gt;'), '', strip_tags($add)).' '; }
function keywords() { global $description, $_set; $keywords = explode(' ', str_replace(array(',','?','.','!'), ' ', ($description ? $description : $_set['description']))); foreach($keywords AS $a => $b) { $val = trim($b); if (strlen($val) > 3) $keywords[$a] = $val; else unset($keywords[$a]); } return implode(',', array_unique($keywords)); }
$metaimage = false;
function addImage($add) { global $metaimage; $metaimage = $add; }
$headerimg = false;
function headerImage($url) { global $headerimg; if (strlen($url) > 3) $headerimg = $url; }
/* POST FUCKER */
function entry_replacer($in)
{
global $_locale;
$pattern[] = '#\[music=(.*?)\]#';
$replace[] = '<iframe style="width: 100%; height: 10em; border: 0; padding: 0; margin: 0;" class="music" src="http://music.sandros.hu/shared/$1?volume=50"></iframe>';
$pattern[] = '#\[youtube=(.*?)\]#';
$replace[] = '<iframe style="width: 100%; height: 600px; border: 0; padding: 0; margin: 0;" class="youtube" src="http://www.youtube-nocookie.com/embed/$1"></iframe>';
$pattern[] = '#\[spoiler\](.*?)\[/spoiler\]#';
$replace[] = '<div class="spoiler"><div class="spoiler_b"><button onclick="spoilerToggle($(this))">'.$_locale['show_hidden_content'].'</button><div style="display:none" class="spoiler_c">$1</div></div>';
$pattern[] = '#\[spoiler=(.*?)\](.*?)\[/spoiler\]#';
$replace[] = '<div class="spoiler"><div class="spoiler_b"><button onclick="spoilerToggle($(this))">$1</button><div style="display:none" class="spoiler_c">$2</div></div>';
return preg_replace($pattern, $replace, $in);
}
function entry_show_init($in, $slug, $flink = false)
{
global $_locale;
$in = entry_replacer($in);
$search = array('@<script[^>]*?>.*?</script>@si', // Strip out javascript
'@<style[^>]*?>.*?</style>@siU', // Strip style tags properly
'@<![\s\S]*?--[ \t\n\r]*>@' // Strip multi-line comments including CDATA
);
$in = preg_replace($search, '', $in);
$in2 = explode('[[MORE]]', $in);
if (isset($in2[1]) && strlen(trim($in2[1])))
return $in2[0]."\n<p class='readmore'><a href='".get_entry_link($slug, $flink)."#readmore'>$_locale[entry_read_more]</a></p>\n";
return $in;
}
function entry_show_all($in) { return str_replace('[[MORE]]', '<a name="readmore"></a>', entry_replacer($in)); }
/* OUTPUT FUCKER */
function regexp_locale($a)
{
global $_locale;
if (isset($_locale[$a[1]]))
return $_locale[$a[1]];
return $a[0];
}
function output_replacer($in)
{
return preg_replace_callback('#\{locale:([a-zA-Z\-\_]+?)\}#', 'regexp_locale', $in);
}
/* LOGIN SYSTEM */
if (isset($_COOKIE['filtr_token']))
{
require_once 'includes/filtr.class.php';
$filtr = new filtrLogin();
$filtr->cache = '/tmp/';
$filtr->setAppid($_set['filtr_appid']);
$filtr->setApptoken($_set['filtr_apptoken']);
$filtr->setToken($_COOKIE['filtr_token']);
$filtr->Login();
if ($filtr->status())
{
$filtr = $filtr->getData();
$user = new user($filtr['link'], $filtr);
if ($user)
{
$user = $user->data;
define('LOGGEDIN', true);
}
unset($filtr);
}
}
if (isset($_GET['logout']))
{
setcookie('filtr_token', '', null, '/');
redirect();
}
if (!defined('LOGGEDIN'))
define('LOGGEDIN', false);
<?php
// Start session
session_start();
// REALLY NICE ERROR PAGE KINDA THING
function nice_error($err, $errstr = false, $file, $line)
{
if ($errstr) { $errno = $err; $err = $errstr; }
if (($errstr && $errno != 2048) || !$errstr)
{
ob_end_clean();
header('Content-type: text/plain');
die($err.(isset($errno) ? ' ('.$errno.')' : '')." [$file] <$line>");
}
}
set_error_handler('nice_error');
// LOAD CONFIG
define('_FS_PATH', dirname(__FILE__).'/');
require_once _FS_PATH.'config.php';
// FEEDBACK
$info = array();
$error = array();
// SEO
if (isset($_GET['pathsec']))
{
$seo = explode('/', $_GET['pathsec']);
foreach ($seo AS $a=>$b)
$seo[$a] = htmlspecialchars($b);
} else
$seo = array('');
// DATABASE
$_sql = new mysqli(DBHOST, DBUSER, DBPASS, DBNAME) or nice_error('Sorry, but we cant connect to the database server right now.');
$_sql->query("SET NAMES ".DBCHAR);
$_sql->query("SET CHARACTER SET ".DBCHAR);
// LANGUAGE
$_locale = (array)json_decode(file_get_contents(_FS_PATH.'includes/locale/hu_HU.lng'));
// OTHER CLEVER STUFFS
function clear_cache() { header("Cache-Control: no-cache, must-revalidate"); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); }
function redirect($url = '/', $status = false) { header('Location: '.$url.($status ? '?status='.$status : '')); exit; }
function isnum($in) { return is_numeric($in); }
function sqlprot($in) { global $_sql; return $_sql->real_escape_string($in); }
function trimlink($in, $length = 140) { $in = html_entity_decode(strip_tags($in)); if (strlen($in) > $length) return substr($in, 0, $length-3).'...'; return $in; }
// SETTINGS
require_once _FS_PATH.'includes/settings.class.php';
$_set = settings::getdata();
// CLASSES
require_once _FS_PATH.'includes/user.class.php';
require_once _FS_PATH.'includes/blog.class.php';
require_once _FS_PATH.'includes/page.class.php';
require_once _FS_PATH.'includes/check.class.php';
require_once _FS_PATH.'includes/comment.class.php';
// FUNCTIONS
function get_page_link($slug, $p = false) { global $_set; $prefix = ($p ? $_set['url'] : ''); if ($_set['seo']) return $prefix."/$_set[subPage]/$slug"; return $prefix."/?pathsec=$_set[subPage]/$slug"; }
function get_entry_link($slug, $p = false, $admin = false) { global $_set; $prefix = ($p ? $_set['url'] : '').($admin ? '/admin' : null); if ($_set['seo']) return $prefix."/$_set[subEntry]/$slug"; return $prefix."/?pathsec=$_set[subEntry]/$slug"; }
function get_profile_link($slug = false, $p = false) { global $_set; $prefix = ($p ? $_set['url'] : ''); if (!$slug) { global $user; if (LOGGEDIN) $slug = $user['userName']; else $slug = ''; } if ($_set['seo']) return $prefix."/$_set[subProfile]/$slug"; return $prefix."/?pathsec=$_set[subProfile]/$slug"; }
function get_profile_picture($userData = false, $p = false) { global $_set; $prefix = ($p ? $_set['url'] : ''); if (!$userData) if (LOGGEDIN) { global $user; $userData = $user;} else $userData = array('userPic'=>0); return $prefix.($userData['userPic'] ? "/data/profile_pics/$userData[userId].jpg" : '/data/imgs/'.$_set['defaultProfilePic']); }
function get_current_link($p = false) { global $_set, $seo; $prefix = ($p ? $_set['url'] : ''); $link = ''; for ($i = 0; $i < sizeof($seo); $i++) $link .= '/'.$seo[$i]; return $prefix.($_set['seo'] ? $link : '/?pathsec='.$link); }
function get_theme_lib() { global $_set; if (file_exists(_FS_PATH.'themes/'.$_set['mainTheme'])) return 'themes/'.$_set['mainTheme']; return false; }
function get_theme()
{
global $_set;
if (file_exists(_FS_PATH.'themes/'.$_set['mainTheme'].'/template.php'))
return _FS_PATH.'themes/'.$_set['mainTheme'].'/template.php';
return false;
}
function get_site_link() { global $_set; return $_set['url']; }
function get_site_body() { global $output; return output_replacer($output); }
function get_navigation($append = '', $returnarray = false)
{
global $_locale, $_sql, $seo, $_title;
$navLinks = array();
if ($seo[0] && isset($_title[0])) array_push($navLinks, array('link' => '/', 'title' => $_locale['home']));
$navQuery = $_sql->query("SELECT pageSlug, pageTitle FROM pages WHERE pageDeleted IS NULL ORDER BY pageTitle ASC");
while ($navData = $navQuery->fetch_assoc())
array_push($navLinks, array('link' => get_page_link($navData['pageSlug']), 'title' => $navData['pageTitle']));
if ($returnarray)
return $navLinks;
for ($i = 0; $i < sizeof($navLinks); $i++)
{
$link = explode('/', $navLinks[$i]['link']);
for ($b = 1; $b < sizeof($link); $b++)
{
$active = true;
if (isset($seo[$b-1]) && $seo[$b-1] == $link[$b] && $active)
$active = true; else $active = false;
}
echo "<li><a href='".$navLinks[$i]['link'].$append."'".($active ? " class='active'":'').">".$navLinks[$i]['title']."</a></li>";
}
}
function get_tags($append = '')
{
global $_sql;
$tags = $_sql->query("SELECT tagId, tagName, COUNT(taggedId) AS taggedposts FROM tagged INNER JOIN tags ON tagId = taggedTag GROUP BY tagId ORDER BY tagName ASC");
if ($tags->num_rows)
{
while ($data = $tags->fetch_assoc())
echo "<li><a href='/tag/$data[tagId]$append'>$data[tagName]</a> <span>$data[taggedposts]</span></li>";
}
}
function get_entry_admin($d)
{
global $user;
if (!LOGGEDIN) return '';
if ($user['userLevel'] > 3) return "<span class='admin'>".($d['entryPinned'] ? "<a href='/admin/entry/$d[entrySlug]/unpin' class='pin unpin'>{locale:unpin}</a>":"<a href='/admin/entry/$d[entrySlug]/pin' class='pin'>{locale:pin}</a>")."<a href='/admin/entry/$d[entrySlug]' class='edit'>{locale:edit}</a><a href='/admin/entry/$d[entrySlug]/delete' class='delete' onclick='return confirm(\"{locale:delete_confirm}\")'>{locale:delete}</a></span>";
if ($user['userLevel'] > 2 && $d['entryBy'] == $user['userId']) return "<span class='admin'><a href='/admin/entry/$d[entrySlug]' class='edit'>{locale:edit}</a></span>";
}
function get_page_title()
{
global $_title, $_set;
if (!empty($_title))
{
$title2 = '';
for ($i=sizeof($_title)-1; $i>=0; $i--)
$title2 .= $_title[$i].', ';
$trepf = array('{title}', '{page}');
$trept = array($_set['title'], rtrim($title2, ', '));
echo str_replace($trepf, $trept, ($_set['titleFormat'] ? $_set['titleFormat'] : '{page} | {title}'));
} else
echo $_set['title'];
}
function get_page_extra_head()
{
global $_head, $metaimage, $_set;
if (!empty($_head))
{
for ($i=0; $i<sizeof($_head); $i++)
echo $_head[$i]."\n";
}
echo '<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="'.$_set['url'].'/rss" />'."\n";
if ($metaimage)
{
if (!strpos($metaimage, 'http')) $metaimage = $_set['url'].$metaimage;
echo '<link rel="image_src" href="'.$metaimage.'" />'."\n";
echo '<meta property="og:image" content="'.$metaimage.'" />';
}
}
function get_page_extra_body()
{
global $_body, $_set;
if (!empty($_body))
for ($i=0; $i<sizeof($_body); $i++)
echo $_body[$i]."\n";
}
function get_errors()
{
global $error;
if (!empty($error))
{
echo "<div id='errors'>";
for($i=0; $i<sizeof($error); $i++)
echo "<li>$error[$i]</li>";
echo "</ul></div>";
}
}
function get_infos()
{
global $info;
if (!empty($info))
{
echo "<div id='infos'>";
for($i=0; $i<sizeof($info); $i++)
echo "<li>$info[$i]</li>";
echo "</ul></div>";
}
}
function set_pin($pin) { global $_SESSION; $_SESSION['entry_pin'] = $pin; }
function get_pin() { global $_SESSION; return isset($_SESSION['entry_pin']) ? $_SESSION['entry_pin'] : false; }
function theme_component($comp) {
$cf = get_theme_lib().'/components/'.$comp.'.php';
if (file_exists($cf))
return $cf;
return false;
}
function show_date($ts) { global $_set; return (!(int)date('Hi', $ts) ? date($_set['dateformatShort'], $ts) : date($_set['dateformat'], $ts)); }
$_title = array();
function addTitle($add) { global $_title; array_push($_title, htmlentities($add)); }
$_head = array();
$head_registered = array();
function addHead($add, $register = false) { global $_head, $head_registered; if (($register && !in_array($register, $head_registered)) || !$register) array_push($_head, $add); }
$_body = array();
$body_registered = array();
function addBody($add, $register = false) { global $_body, $body_registered; if (($register && !in_array($register, $body_registered)) || !$register) array_push($_body, $add); }
$description = false;
function addDescription($add) { global $description; if (!$description) $description = ''; $description .= str_replace(array('"', '\'', "\n", "\r\n", '&lt;', '&gt;'), '', strip_tags($add)).' '; }
function keywords() { global $description, $_set; $keywords = explode(' ', str_replace(array(',','?','.','!'), ' ', ($description ? $description : $_set['description']))); foreach($keywords AS $a => $b) { $val = trim($b); if (strlen($val) > 3) $keywords[$a] = $val; else unset($keywords[$a]); } return implode(',', array_unique($keywords)); }
$metaimage = false;
function addImage($add) { global $metaimage; $metaimage = $add; }
$headerimg = false;
function headerImage($url) { global $headerimg; if (strlen($url) > 3) $headerimg = $url; }
/* POST FUCKER */
function entry_replacer($in)
{
global $_locale;
$pattern[] = '#\[music=(.*?)\]#';
$replace[] = '<iframe style="width: 100%; height: 10em; border: 0; padding: 0; margin: 0;" class="music" src="http://music.sandros.hu/shared/$1?volume=50"></iframe>';
$pattern[] = '#\[youtube=(.*?)\]#';
$replace[] = '<iframe style="width: 100%; height: 600px; border: 0; padding: 0; margin: 0;" class="youtube" src="http://www.youtube.com/embed/$1"></iframe>';
$pattern[] = '#\[spoiler\](.*?)\[/spoiler\]#';
$replace[] = '<div class="spoiler"><div class="spoiler_b"><button onclick="spoilerToggle($(this))">'.$_locale['show_hidden_content'].'</button><div style="display:none" class="spoiler_c">$1</div></div>';
$pattern[] = '#\[spoiler=(.*?)\](.*?)\[/spoiler\]#';
$replace[] = '<div class="spoiler"><div class="spoiler_b"><button onclick="spoilerToggle($(this))">$1</button><div style="display:none" class="spoiler_c">$2</div></div>';
return preg_replace($pattern, $replace, $in);
}
function entry_show_init($in, $slug, $flink = false)
{
global $_locale;
$in = entry_replacer($in);
$search = array('@<script[^>]*?>.*?</script>@si', // Strip out javascript
'@<style[^>]*?>.*?</style>@siU', // Strip style tags properly
'@<![\s\S]*?--[ \t\n\r]*>@' // Strip multi-line comments including CDATA
);
$in = preg_replace($search, '', $in);
$in2 = explode('[[MORE]]', $in);
if (isset($in2[1]) && strlen(trim($in2[1])))
return $in2[0]."\n<p class='readmore'><a href='".get_entry_link($slug, $flink)."#readmore'>$_locale[entry_read_more]</a></p>\n";
return $in;
}
function entry_show_all($in) { return str_replace('[[MORE]]', '<a name="readmore"></a>', entry_replacer($in)); }
/* OUTPUT FUCKER */
function regexp_locale($a)
{
global $_locale;
if (isset($_locale[$a[1]]))
return $_locale[$a[1]];
return $a[0];
}
function output_replacer($in)
{
return preg_replace_callback('#\{locale:([a-zA-Z\-\_]+?)\}#', 'regexp_locale', $in);
}
/* LOGIN SYSTEM */
if (isset($_COOKIE['filtr_token']))
{
require_once _FS_PATH.'includes/filtr.class.php';
$filtr = new filtrLogin();
$filtr->cache = '/tmp/';
$filtr->setAppid($_set['filtr_appid']);
$filtr->setApptoken($_set['filtr_apptoken']);
$filtr->setToken($_COOKIE['filtr_token']);
$filtr->Login();
if ($filtr->status())
{
$filtr = $filtr->getData();
$user = new user($filtr['link'], $filtr);
if ($user)
{
$user = $user->data;
define('LOGGEDIN', true);
}
unset($filtr);
}
}
if (isset($_GET['logout']))
{
setcookie('filtr_token', '', null, '/');
redirect();
}
if (!defined('LOGGEDIN'))
define('LOGGEDIN', false);

+ 7
- 6
includes/admin/dashboard.php View File

@ -1,7 +1,8 @@
<h1>{locale:dashboard}</h1>
<ul>
<li><a href='/admin/entry'>{locale:entry_editor}</a></li>
<li><a href='/admin/plugins'>{locale:plugin_manager}</a></li>
<li><a href='/admin/page'>{locale:page_editor}</a></li>
<h1>{locale:dashboard}</h1>
<ul>
<li><a href='/admin/entry'>{locale:entry_editor}</a></li>
<li><a href='/admin/plugins'>{locale:plugin_manager}</a></li>
<li><a href='/admin/page'>{locale:page_editor}</a></li>
<li><a href='/admin/settings'>{locale:site_settings}</a></li>
</ul>

+ 149
- 149
includes/admin/entry.php View File

@ -1,149 +1,149 @@
<?php
if (isset($_GET['status']))
switch ($_GET['status'])
{
case 'added':
array_push($info, $_locale['entry_added']);
break;
case 'updated':
array_push($info, $_locale['entry_updated']);
break;
}
if (isset($_POST['entryContent']) && $user['userLevel'] > 2)
{
if (isset($_POST['entryAdd']))
{
if (blog::add($_POST['entryHeader'], $_POST['entryTitle'], $_POST['entrySlug'], $_POST['entryContent'], $_POST['entryPublished'], (isset($_POST['entryHidden']) ? true : false), $_POST['entryPIN']))
redirect(get_entry_link($_POST['entrySlug']), 'added');
else
array_push($error, $_locale['entry_not_added']);
} elseif (isset($_POST['entryUpdate']))
{
if (blog::update($_POST['entryUpdate'], $_POST['entryHeader'], $_POST['entryTitle'], $_POST['entryContent'], $_POST['entryPublished'], (isset($_POST['entryHidden']) ? true : false), $_POST['entryPIN']))
redirect(get_current_link(), 'updated');
else
array_push($error, $_locale['entry_not_updated']);
}
}
if (isset($_POST['entryTag']) && $user['userLevel'] > 2)
{
if (isset($_POST['tagIdRemove']))
{
if (blog::tagRemove($_POST['tagIdRemove'], $_POST['entryId']))
array_push($info, $_locale['entry_tag_removed']);
else
array_push($error, $_locale['entry_tag_not_removed']);
} elseif (blog::tag($_POST['tagId'], $_POST['entryId']))
array_push($info, $_locale['entry_tag_added']);
else
array_push($error, $_locale['entry_tag_not_added']);
}
if (isset($seo[2]) && $user['userLevel'] > 2)
{
$entry = new blog($seo[2]);
if ($entry->entries)
{
$entryData = $entry->entry();
if (isset($seo[3]) && $user['userLevel'] > 3)
switch ($seo[3])
{
case 'delete':
if ($entry->delete($entryData['entryId']))
redirect('/admin/entry');
else
array_push($error, $_locale['entry_not_deleted']);
break;
case 'pin':
if ($entry->pin($entryData['entryId']))
redirect();
else
array_push($error, $_locale['entry_not_pinned']);
break;
case 'unpin':
if ($entry->unpin($entryData['entryId']))
redirect();
else
array_push($error, $_locale['entry_not_unpinned']);
break;
}
}
} else
{
$timedQuery = $_sql->query("SELECT entrySlug, entryTitle, entryCreated, entryPublished FROM entries WHERE entryPublished > ".time()."");
if ($timedQuery->num_rows)
{
echo "<h1>{locale:timed_entries}</h1>";
echo "<table class='designed timed'><tr><td>{locale:entry_title}</td><td>{locale:created_on}</td><td>{locale:timed_pub_date}</td></tr>";
while ($data = $timedQuery->fetch_assoc())
echo "<tr><td><a href='".get_entry_link($data['entrySlug'])."'>$data[entryTitle]</a></td><td>".show_date($data['entryCreated'])."</td><td>".show_date($data['entryPublished'])."</td></tr>";
echo "</table>";
}
$hiddenQuery = $_sql->query("SELECT entrySlug, entryTitle, entryCreated, entryPublished FROM entries WHERE entryHidden IS NOT NULL");
if ($hiddenQuery->num_rows)
{
echo "<h1>{locale:hidden_entries}</h1>";
echo "<table class='designed timed'><tr><td>{locale:entry_title}</td><td>{locale:created_on}</td><td>{locale:timed_pub_date}</td></tr>";
while ($data = $hiddenQuery->fetch_assoc())
echo "<tr><td><a href='".get_entry_link($data['entrySlug'], null, true)."'>$data[entryTitle]</a></td><td>".show_date($data['entryCreated'])."</td><td>".show_date($data['entryPublished'])."</td></tr>";
echo "</table>";
}
}
?>
<h1>{locale:entry_editor}</h1>
<form action="<?=get_current_link()?>" method="post" name="entry-edit">
<?php if (isset($entryData)) : addTitle($entryData['entryTitle']); headerImage($entryData['entryHeader']); ?>
<input type="text" name="entryHeader" value="<?=htmlentities($entryData['entryHeader'])?>" placeholder="{locale:entry_header}" maxlength="255" />
<input type="text" name="entryTitle" value="<?=htmlentities($entryData['entryTitle'])?>" placeholder="{locale:entry_title}" maxlength="250" />
<textarea id="entry-textarea" name="entryContent" rows="30"><?=htmlspecialchars($entryData['entryContent'])?></textarea>
<input id="entry-date" type="text" name="entryPublished" value="<?=date(DATE_FORMAT_DEFAULT, $entryData['entryPublished'])?>" placeholder="{locale:entry_pub_date}" maxlength="50" />
<label><input type="checkbox" name="entryHidden" value="1" <?=($entryData['entryHidden'] ? 'checked ' : '')?> /> {locale:entry_hide}</label>
<input type="text" name="entryPIN" value="<?=htmlentities($entryData['entryPIN'])?>" placeholder="{locale:entry_pin}" maxlength="6" />
<input type="hidden" name="entryUpdate" value="<?=$entryData['entryId']?>" />
<?php else: ?>
<input type="text" name="entryHeader" id="entryHeader" placeholder="{locale:entry_header}" maxlength="255" />
<input type="text" name="entryTitle" id="entryTitle" placeholder="{locale:entry_title}" maxlength="250" />
<textarea id="entry-textarea" name="entryContent" rows="30"></textarea>
<input id="entry-date" type="text" name="entryPublished" placeholder="{locale:entry_pub_date}" maxlength="50" />
<input type="text" name="entrySlug" id="entrySlug" placeholder="{locale:entry_slug}" maxlength="100" />
<label><input type="checkbox" name="entryHidden" value="1" /> {locale:entry_hide}</label>
<input type="text" name="entryPIN" placeholder="{locale:entry_pin}" maxlength="6" />
<input type="hidden" name="entryAdd" value="true" />
<?php endif ?>
<button type="submit">{locale:save}</button>
</form>
<?php
if (isset($entryData))
{
$tags = $_sql->query("SELECT * FROM tags");
if ($tags->num_rows)
{
echo "<h3>{locale:tags}</h3>";
echo "<table class='designed'><tr><td>{locale:tag_name}</td><td>{locale:add}</td></tr>"
."<form action='".get_current_link()."' method='post' name='tagentry'>"
."<input type='hidden' name='entryId' value='$entryData[entryId]' />"
."<input type='hidden' name='entryTag' value='true' />";
while ($tag = $tags->fetch_assoc())
echo "<tr><td>$tag[tagName]</td><td>".($_sql->query("SELECT taggedId FROM tagged WHERE taggedEntry = $entryData[entryId] AND taggedTag = $tag[tagId]")->num_rows ? "<button type='submit' name='tagIdRemove' value='$tag[tagId]'>{locale:remove}</button>":"<button type='submit' name='tagId' value='$tag[tagId]'>{locale:add}</button>")."</td></tr>";
echo "</form>"
."</table>";
}
}
?>
<script>$("#entry-date").datepicker({ minDate: 0, maxDate: "+48M" });</script>
<?php
if (isset($_GET['status']))
switch ($_GET['status'])
{
case 'added':
array_push($info, $_locale['entry_added']);
break;
case 'updated':
array_push($info, $_locale['entry_updated']);
break;
}
if (isset($_POST['entryContent']) && $user['userLevel'] > 2)
{
if (isset($_POST['entryAdd']))
{
if (blog::add($_POST['entryHeader'], $_POST['entryTitle'], $_POST['entrySlug'], $_POST['entryContent'], $_POST['entryPublished'], (isset($_POST['entryHidden']) ? true : false), $_POST['entryPIN']))
redirect(get_entry_link($_POST['entrySlug']), 'added');
else
array_push($error, $_locale['entry_not_added']);
} elseif (isset($_POST['entryUpdate']))
{
if (blog::update($_POST['entryUpdate'], $_POST['entryHeader'], $_POST['entryTitle'], $_POST['entryContent'], $_POST['entryPublished'], (isset($_POST['entryHidden']) ? true : false), $_POST['entryPIN']))
redirect(get_current_link(), 'updated');
else
array_push($error, $_locale['entry_not_updated']);
}
}
if (isset($_POST['entryTag']) && $user['userLevel'] > 2)
{
if (isset($_POST['tagIdRemove']))
{
if (blog::tagRemove($_POST['tagIdRemove'], $_POST['entryId']))
array_push($info, $_locale['entry_tag_removed']);
else
array_push($error, $_locale['entry_tag_not_removed']);
} elseif (blog::tag($_POST['tagId'], $_POST['entryId']))
array_push($info, $_locale['entry_tag_added']);
else
array_push($error, $_locale['entry_tag_not_added']);
}
if (isset($seo[2]) && $user['userLevel'] > 2)
{
$entry = new blog($seo[2]);
if ($entry->entries)
{
$entryData = $entry->entry();
if (isset($seo[3]) && $user['userLevel'] > 3)
switch ($seo[3])
{
case 'delete':
if ($entry->delete($entryData['entryId']))
redirect('/admin/entry');
else
array_push($error, $_locale['entry_not_deleted']);
break;
case 'pin':
if ($entry->pin($entryData['entryId']))
redirect();
else
array_push($error, $_locale['entry_not_pinned']);
break;
case 'unpin':
if ($entry->unpin($entryData['entryId']))
redirect();
else
array_push($error, $_locale['entry_not_unpinned']);
break;
}
}
} else
{
$timedQuery = $_sql->query("SELECT entrySlug, entryTitle, entryCreated, entryPublished FROM entries WHERE entryPublished > ".time()."");
if ($timedQuery->num_rows)
{
echo "<h1>{locale:timed_entries}</h1>";
echo "<table class='designed timed'><thead><tr><th>{locale:entry_title}</th><th>{locale:created_on}</th><th>{locale:timed_pub_date}</th></tr></thead><tbody>";
while ($data = $timedQuery->fetch_assoc())
echo "<tr><td><a href='".get_entry_link($data['entrySlug'])."'>$data[entryTitle]</a></td><td>".show_date($data['entryCreated'])."</td><td>".show_date($data['entryPublished'])."</td></tr>";
echo "</tbody></table>";
}
$hiddenQuery = $_sql->query("SELECT entrySlug, entryTitle, entryCreated, entryPublished FROM entries WHERE entryHidden IS NOT NULL");
if ($hiddenQuery->num_rows)
{
echo "<h1>{locale:hidden_entries}</h1>";
echo "<table class='designed timed'><thead><tr><th>{locale:entry_title}</th><th>{locale:created_on}</th><th>{locale:timed_pub_date}</th></tr></thead><tbody>";
while ($data = $hiddenQuery->fetch_assoc())
echo "<tr><td><a href='".get_entry_link($data['entrySlug'], null, true)."'>$data[entryTitle]</a></td><td>".show_date($data['entryCreated'])."</td><td>".show_date($data['entryPublished'])."</td></tr>";
echo "</tbody></table>";
}
}
?>
<h1>{locale:entry_editor}</h1>
<form action="<?=get_current_link()?>" method="post" name="entry-edit">
<?php if (isset($entryData)) : addTitle($entryData['entryTitle']); headerImage($entryData['entryHeader']); ?>
<input type="text" name="entryHeader" value="<?=htmlentities($entryData['entryHeader'])?>" placeholder="{locale:entry_header}" maxlength="255" />
<input type="text" name="entryTitle" value="<?=htmlentities($entryData['entryTitle'])?>" placeholder="{locale:entry_title}" maxlength="250" />
<textarea id="entry-textarea" name="entryContent" rows="30"><?=htmlspecialchars($entryData['entryContent'])?></textarea>
<input id="entry-date" type="text" name="entryPublished" value="<?=date(DATE_FORMAT_DEFAULT, $entryData['entryPublished'])?>" placeholder="{locale:entry_pub_date}" maxlength="50" />
<label><input type="checkbox" name="entryHidden" value="1" <?=($entryData['entryHidden'] ? 'checked ' : '')?> /> {locale:entry_hide}</label>
<input type="text" name="entryPIN" value="<?=htmlentities($entryData['entryPIN'])?>" placeholder="{locale:entry_pin}" maxlength="6" />
<input type="hidden" name="entryUpdate" value="<?=$entryData['entryId']?>" />
<?php else: ?>
<input type="text" name="entryHeader" id="entryHeader" placeholder="{locale:entry_header}" maxlength="255" />
<input type="text" name="entryTitle" id="entryTitle" placeholder="{locale:entry_title}" maxlength="250" />
<textarea id="entry-textarea" name="entryContent" rows="30"></textarea>
<input id="entry-date" type="text" name="entryPublished" placeholder="{locale:entry_pub_date}" maxlength="50" />
<input type="text" name="entrySlug" id="entrySlug" placeholder="{locale:entry_slug}" maxlength="100" />
<label><input type="checkbox" name="entryHidden" value="1" /> {locale:entry_hide}</label>
<input type="text" name="entryPIN" placeholder="{locale:entry_pin}" maxlength="6" />
<input type="hidden" name="entryAdd" value="true" />
<?php endif ?>
<button type="submit">{locale:save}</button>
</form>
<?php
if (isset($entryData))
{
$tags = $_sql->query("SELECT * FROM tags");
if ($tags->num_rows)
{
echo "<h3>{locale:tags}</h3>";
echo "<table class='designed'><thead><tr><th>{locale:tag_name}</th><th>{locale:add}</th></tr></thead><tbody>"
."<form action='".get_current_link()."' method='post' name='tagentry'>"
."<input type='hidden' name='entryId' value='$entryData[entryId]' />"
."<input type='hidden' name='entryTag' value='true' />";
while ($tag = $tags->fetch_assoc())
echo "<tr><td>$tag[tagName]</td><td>".($_sql->query("SELECT taggedId FROM tagged WHERE taggedEntry = $entryData[entryId] AND taggedTag = $tag[tagId]")->num_rows ? "<button type='submit' name='tagIdRemove' value='$tag[tagId]'>{locale:remove}</button>":"<button type='submit' name='tagId' value='$tag[tagId]'>{locale:add}</button>")."</td></tr>";
echo "</form>"
."</tbody></table>";
}
}
?>
<script>$("#entry-date").datepicker({ minDate: 0, maxDate: "+48M" });</script>

+ 41
- 35
includes/admin/main.php View File

@ -1,36 +1,42 @@
<?php
addTitle($_locale['admin']);
if (!isset($seo[1])) $seo[1] = '';
switch ($seo[1])
{
case 'upload':
include 'data/upload.php';
exit;
break;
case 'plugins':
if ($user['userLevel'] < 3) redirect();
addTitle($_locale['plugin_manager']);
include 'includes/admin/plugins.php';
break;
case $_set['subEntry']:
if ($user['userLevel'] < 2) redirect();
addTitle($_locale['entry_editor']);
include 'includes/admin/entry.php';
break;
case $_set['subPage']:
if ($user['userLevel'] < 3) redirect();
addTitle($_locale['page_editor']);
include 'includes/admin/page.php';
break;
default:
include 'includes/admin/dashboard.php';
break;
<?php
addTitle($_locale['admin']);
if (!isset($seo[1])) $seo[1] = '';
switch ($seo[1])
{
case 'upload':
include 'data/upload.php';
exit;
break;
case 'settings':
if ($user['userLevel'] < 3) redirect();
addTitle($_locale['site_settings']);
include 'includes/admin/settings.php';
break;
case 'plugins':
if ($user['userLevel'] < 3) redirect();
addTitle($_locale['plugin_manager']);
include 'includes/admin/plugins.php';
break;
case $_set['subEntry']:
if ($user['userLevel'] < 2) redirect();
addTitle($_locale['entry_editor']);
include 'includes/admin/entry.php';
break;
case $_set['subPage']:
if ($user['userLevel'] < 3) redirect();
addTitle($_locale['page_editor']);
include 'includes/admin/page.php';
break;
default:
include 'includes/admin/dashboard.php';
break;
}

+ 63
- 54
includes/admin/page.php View File

@ -1,55 +1,64 @@
<?php
if (isset($_POST['pageContent']) && isset($_POST['pageSlug']) && $user['userLevel'] > 3)
{
$page = new page($_POST['pageSlug']);
if (isset($_POST['pageAdd']))
{
if ($page->create($_POST['pageTitle'], $_POST['pageContent']))
array_push($info, $_locale['page_added']);
else
array_push($error, $_locale['page_not_added']);
} elseif (isset($_POST['pageUpdate']))
{
if ($page->update($_POST['pageTitle'], $_POST['pageContent']))
array_push($info, $_locale['page_updated']);
else
array_push($error, $_locale['page_not_updated']);
}
}
if (isset($seo[2]))
$page = new page($seo[2]);
else
{
$pagesQuery = $_sql->query("SELECT pageSlug, pageTitle FROM pages");
if ($pagesQuery->num_rows)
{
echo "<h1>{locale:pages}</h1>";
echo "<table class='designed pages'><tr><td>{locale:page_title}</td></tr>";
while ($data = $pagesQuery->fetch_assoc())
echo "<tr><td><a href='/admin/page/$data[pageSlug]'>$data[pageTitle]</a></td></tr>";
echo "</table>";
}
}
?>
<h1>{locale:page_editor}</h1>
<form action="<?=get_current_link()?>" method="post" name="entry-edit">
<?php if (isset($page->data)) : addTitle($page->data['pageTitle']); ?>
<input type="text" name="pageTitle" value="<?=$page->data['pageTitle']?>" placeholder="{locale:page_title}" maxlength="250" />
<textarea name="pageContent"><?=htmlspecialchars($page->data['pageContent'])?></textarea>
<input type="hidden" name="pageSlug" value="<?=$page->data['pageSlug']?>" />
<input type="hidden" name="pageUpdate" value="true" />
<button type="button" onclick="window.location.href='/admin/page'">{locale:cancel}</button>
<?php else: ?>
<input type="text" id="pageTitle" name="pageTitle" value="" placeholder="{locale:page_title}" maxlength="250" />
<textarea name="pageContent"></textarea>
<input type="text" id="pageSlug" name="pageSlug" value="" placeholder="{locale:page_slug}" />
<input type="hidden" name="pageAdd" value="true" />
<?php endif ?>
<button type="submit">{locale:save}</button>
<?php
if (isset($_POST['pageContent']) && isset($_POST['pageSlug']) && $user['userLevel'] > 3)
{
$page = new page($_POST['pageSlug']);
if (isset($_POST['pageAdd']))
{
if ($page->create($_POST['pageTitle'], $_POST['pageContent']))
array_push($info, $_locale['page_added']);
else
array_push($error, $_locale['page_not_added']);
} elseif (isset($_POST['pageUpdate']))
{
if ($page->update($_POST['pageTitle'], $_POST['pageContent']))
array_push($info, $_locale['page_updated']);
else
array_push($error, $_locale['page_not_updated']);
}
}
if (isset($_POST['page_delete']))
{
$page = new page($_POST['page_delete']);
if ($page -> delete()) array_push($info, $_locale['page_deleted']);
else array_push($error, $_locale['page_delete_failed']);
}
if (isset($seo[2]))
$page = new page($seo[2]);
else
{
$pagesQuery = $_sql->query("SELECT pageSlug, pageTitle, pageCreated, pageModified, pageDeleted FROM pages ORDER BY pageDeleted ASC, pageTitle ASC");
if ($pagesQuery->num_rows)
{
echo "<h1>{locale:pages}</h1>";
echo "<form action='".get_current_link()."' method='post' name='page-delete'>";
echo "<table class='designed pages'><thead><tr><th>{locale:page_title}</th><th>{locale:page_modified}</th><th>{locale:page_delete}</th></tr></thead><tbody>";
while ($data = $pagesQuery->fetch_assoc())
echo "<tr><td><a href='/admin/page/$data[pageSlug]'>$data[pageTitle]</a></td><td>".date($_set['dateformat'], $data['pageModified'] > $data['pageCreated'] ? $data['pageModified'] : $data['pageCreated'])."</td><td>".($data['pageDeleted'] ? date($_set['dateformat'], $data['pageDeleted']) : "<button type='submit' name='page_delete' value='$data[pageSlug]'>{locale:delete}</button>")."</td></tr>";
echo "</tbody></table>";
echo "</form>";
}
}
?>
<h1>{locale:page_editor}</h1>
<form action="<?=get_current_link()?>" method="post" name="entry-edit">
<?php if (isset($page->data)) : addTitle($page->data['pageTitle']); ?>
<input type="text" name="pageTitle" value="<?=$page->data['pageTitle']?>" placeholder="{locale:page_title}" maxlength="250" />
<textarea name="pageContent"><?=htmlspecialchars($page->data['pageContent'])?></textarea>
<input type="hidden" name="pageSlug" value="<?=$page->data['pageSlug']?>" />
<input type="hidden" name="pageUpdate" value="true" />
<button type="button" onclick="window.location.href='/admin/page'">{locale:cancel}</button>
<?php else: ?>
<input type="text" id="pageTitle" name="pageTitle" value="" placeholder="{locale:page_title}" maxlength="250" />
<textarea name="pageContent"></textarea>
<input type="text" id="pageSlug" name="pageSlug" value="" placeholder="{locale:page_slug}" />
<input type="hidden" name="pageAdd" value="true" />
<?php endif ?>
<button type="submit">{locale:save}</button>
</form>

+ 51
- 50
includes/admin/plugins.php View File

@ -1,51 +1,52 @@
<?php
if (isset($_POST['pluginId']) && isnum($_POST['pluginId']))
{
if ($_sql->query("UPDATE plugins SET pluginStatus = ".(isset($_POST['pluginEnable']) ? 1 : 0)." WHERE pluginId = $_POST[pluginId]"))
redirect(get_current_link());
else
array_push($error, $_locale['plugin_not_updated']);
}
echo "<h1>$_locale[plugins]</h1>";
$pluginsQuery = $_sql->query("SELECT * FROM plugins ORDER BY pluginStatus DESC");
$plugins = array();
if ($pluginsQuery->num_rows)
{
echo "<table class='designed plugins'>";
echo "<tr><td>{locale:plugin_name}</td><td>{locale:description}</td><td>{locale:scope}</td><td>{locale:status}</td></tr>";
while ($data = $pluginsQuery->fetch_assoc())
{
$pinfo = './plugins/'.$data['pluginLib'].'/info.json';
if (file_exists($pinfo))
{
$pinfo = (array)json_decode(file_get_contents($pinfo));
if ($data['pluginStatus'])
$button = "<button name='pluginDisable' class='orange'>{locale:disable}</button>";
else $button = "<button name='pluginEnable'>{locale:enable}</button>";
echo "<tr><td>$pinfo[name]</td><td>$pinfo[description]<td>$pinfo[paths]</td><td><form action='".get_current_link()."' method='post'><input type='hidden' name='pluginId' value='$data[pluginId]'/>$button</form></td></tr>";
}
array_push($plugins, $data['pluginLib']);
}
echo "</table>";
} else
echo "<p>$_locale[plugins_empty]</p>";
if ($handle = opendir('./plugins')) {
while (false !== ($entry = readdir($handle)))
{
if (!in_array($entry, $plugins) && file_exists('./plugins/'.$entry.'/info.json'))
if ($_sql->query("INSERT INTO plugins (pluginLib, pluginStatus) VALUES ('$entry', 0)"))
array_push($info, $_locale['plugin_added'].$entry);
else
array_push($error, $_locale['plugin_not_added'].$entry);
}
closedir($handle);
<?php
if (isset($_POST['pluginId']) && is_numeric($_POST['pluginId']))
{
if ($_sql->query("UPDATE plugins SET pluginStatus = ".(isset($_POST['pluginEnable']) ? 1 : 0)." WHERE pluginId = $_POST[pluginId]"))
redirect(get_current_link());
else
array_push($error, $_locale['plugin_not_updated']);
}
echo "<h1>$_locale[plugins]</h1>";
$pluginsQuery = $_sql->query("SELECT * FROM plugins ORDER BY pluginStatus DESC");
$plugins = array();
if ($pluginsQuery->num_rows)
{
echo "<table class='designed plugins'>";
echo "<thead><tr><th>{locale:plugin_name}</th><th>{locale:description}</th><th>{locale:scope}</th><th>{locale:status}</th></tr></thead><tbody>";
while ($data = $pluginsQuery->fetch_assoc())
{
$pinfo = './plugins/'.$data['pluginLib'].'/info.json';
if (file_exists($pinfo))
{
$pinfo = (array)json_decode(file_get_contents($pinfo));
if (!isset($pinfo['enabler']) || (isset($pinfo['enabler']) && in_array($pinfo['enabler'], ['true', '1', 'yes', 'y'])))
if ($data['pluginStatus']) $button = "<button name='pluginDisable' class='orange'>{locale:disable}</button>";
else $button = "<button name='pluginEnable'>{locale:enable}</button>";
else $button = "{locale:plugin_noenable}";
echo "<tr><td>$pinfo[name]</td><td>$pinfo[description]<td>$pinfo[paths]</td><td><form action='".get_current_link()."' method='post'><input type='hidden' name='pluginId' value='$data[pluginId]'/>$button</form></td></tr>";
}
array_push($plugins, $data['pluginLib']);
}
echo "</tbody></table>";
} else
echo "<p>$_locale[plugins_empty]</p>";
if ($handle = opendir('./plugins')) {
while (false !== ($entry = readdir($handle)))
{
if (!in_array($entry, $plugins) && file_exists('./plugins/'.$entry.'/info.json'))
if ($_sql->query("INSERT INTO plugins (pluginLib, pluginStatus) VALUES ('$entry', 0)"))
array_push($info, $_locale['plugin_added'].$entry);
else
array_push($error, $_locale['plugin_not_added'].$entry);
}
closedir($handle);
}

+ 47
- 0
includes/admin/settings.php View File

@ -0,0 +1,47 @@
<?php
if (isset($_POST['save_settings']))
{
$fail = false;
$settings = new settings();
foreach ($_POST AS $var => $val)
if (substr($var, 0, 13) == 'settings_var_')
{
$var = substr($var, 13, strlen($var) - 13);
if (isset($_set[$var]) && $_set[$var] != $val)
if (!$settings -> update($var, $val))
$fail = true;
}
if ($fail) array_push($error, $_locale['settings_update_failed']);
else array_push($info, $_locale['settings_updated']);
unset($fail);
unset($var);
unset($settings);
}
$_set_settings = settings::getdata();
?>
<h1>{locale:site_settings}</h1>
<form action="<?=get_current_link()?>" method="post" name="entry-edit">
<table class="designed settings">
<thead>
<tr>
<th>{locale:settings_variable}</th>
<th>{locale:settings_value}</th>
</tr>
</thead>
<tbody>
<?php foreach ($_set_settings AS $var => $val): ?>
<tr>
<td>{locale:settings_var_<?=$var?>}</td>
<td><input type="text" name="settings_var_<?=$var?>" value="<?=htmlentities($val)?>" /></td>
</tr>
<?php endforeach; unset($_set_settings); ?>
</tbody>
</table>
<button type="submit" name="save_settings" value="1">{locale:settings_save}</button>
</form>

+ 131
- 124
includes/blog.class.php View File

@ -1,124 +1,131 @@
<?php
class blog
{
private $entry;
private $query;
public $perpage = 10;
public $entries = 0;
public function __construct($entry = false, $page = 1)
{
global $_set, $_sql;
$this->perpage = $_set['entriesPerPage'];
if ($entry)
{
$this->query = $_sql->query("SELECT entries.*, users.userName AS userName, users.userPublicName AS publicName FROM entries INNER JOIN users ON userId = entryBy WHERE entrySlug = '".sqlprot($entry)."' LIMIT 1");
if ($this->query->num_rows)
{
$this->entries = 1;
}
} else
{
$this->query = $_sql->query("SELECT entries.*, users.userName AS userName, users.userPublicName AS publicName FROM entries INNER JOIN users ON userId = entryBy WHERE entryHidden IS NULL AND entryPublished <= ".time()." ORDER BY entryPinned DESC, entryPublished DESC, entryId DESC LIMIT ".$this->perpage." OFFSET ".(($page-1) * $this->perpage)."");
$this->entries = $this->query->num_rows;
}
}
public function entries()
{
if ($this->entries)
return $this->query->fetch_assoc();
return false;
}
public function entry()
{
if ($this->entries == 1)
return $this->query->fetch_assoc();
return false;
}
public static function update($id, $header, $title, $text, $pub, $hidden = false, $pin = false)
{
global $_sql;
$header = sqlprot($header);
$title = sqlprot($title);
$text = sqlprot($text);
$published = strtotime($pub); if (!$published) $published = time();
if (is_numeric($id) && Check::url($header, true) && Check::title($title) && $_sql->query("UPDATE entries SET entryHeader = '$header', entryTitle = '$title', entryContent = '$text', entryPublished = $published, entryUpdated = ".time().", entryHidden = ".($hidden ? '1' : 'NULL').", entryPIN = ".($pin && is_numeric($pin) ? $pin : 'NULL')." WHERE entryId = $id"))
return true;
return false;
}
public static function add($header, $title, $slug, $text, $pub, $hidden = false, $pin = false)
{
global $_sql, $user;
$header = sqlprot($header);
$title = sqlprot($title);
$text = sqlprot($text);
$slug = sqlprot($slug);
$published = strtotime($pub); if (!$published) $published = time();
if (Check::url($header, true) && Check::title($title) && Check::slug($slug) && $_sql->query("INSERT INTO entries (entryHeader, entryTitle, entrySlug, entryContent, entryBy, entryCreated, entryPublished, entryHidden, entryPIN) VALUES ('$header', '$title', '$slug', '$text', $user[userId], ".time().", $published, ".($hidden ? '1' : 'NULL').", ".($pin && is_numeric($pin) ? $pin : 'NULL').")"))
return true;
//die($text);
return false;
}
public static function delete($id)
{
global $_sql;
if (is_numeric($id) && $_sql->query("DELETE FROM entries WHERE entryId = $id"))
return true;
return false;
}
public static function pin($id)
{
global $_sql;
if (is_numeric($id) && $_sql->query("UPDATE entries SET entryPinned = 1 WHERE entryId = $id"))
return true;
return false;
}
public static function unpin($id)
{
global $_sql;
if (is_numeric($id) && $_sql->query("UPDATE entries SET entryPinned = NULL WHERE entryId = $id"))
return true;
return false;
}
public static function tag($cid, $id)
{
if (!is_numeric($cid) || !is_numeric($id)) return false;
global $_sql;
if (!$_sql->query("SELECT * FROM tags WHERE tagId = $cid")->num_rows) return false;
if ($_sql->query("SELECT * FROM tagged WHERE taggedTag = $cid AND taggedEntry = $id")->num_rows) return false;
if ($_sql->query("INSERT INTO tagged (taggedTag, taggedEntry) VALUES ($cid, $id)")) return true;
return false;
}
public static function tagRemove($cid, $id)
{
if (!is_numeric($cid) || !is_numeric($id)) return false;
global $_sql;
if ($_sql->query("DELETE FROM tagged WHERE taggedTag = $cid AND taggedEntry = $id")) return true;
return false;
}
}
<?php
class blog
{
private $entry;
private $query;
public $perpage = 10;
public $entries = 0;
public function __construct($entry = false, $page = 1, $getall = false, $limit = false)
{
global $_set, $_sql;
if (!$getall)
{
$this->perpage = $_set['entriesPerPage'];
if ($entry)
{
$this->query = $_sql->query("SELECT entries.*, users.userId AS userId, users.userName AS userName, users.userPublicName AS publicName FROM entries INNER JOIN users ON userId = entryBy WHERE entrySlug = '".sqlprot($entry)."' LIMIT 1");
if ($this->query->num_rows)
{
$this->entries = 1;
}
} else
{
$this->query = $_sql->query("SELECT entries.*, users.userId AS userId, users.userName AS userName, users.userPublicName AS publicName FROM entries INNER JOIN users ON userId = entryBy WHERE entryHidden IS NULL AND entryPublished <= ".time()." ORDER BY entryPinned DESC, entryPublished DESC, entryId DESC LIMIT ".$this->perpage." OFFSET ".(($page-1) * $this->perpage)."");
$this->entries = $this->query->num_rows;
}
} else
{
$this->query = $_sql->query("SELECT * FROM entries ORDER BY entryPublished DESC".($limit && is_numeric($limit) ? ' LIMIT '.$limit : null));
$this->entries = $this->query->num_rows;
}
}
public function entries()
{
if ($this->entries)
return $this->query->fetch_assoc();
return false;
}
public function entry()
{
if ($this->entries == 1)
return $this->query->fetch_assoc();
return false;
}
public static function update($id, $header, $title, $text, $pub, $hidden = false, $pin = false)
{
global $_sql;
$header = sqlprot($header);
$title = sqlprot($title);
$text = sqlprot($text);
$published = strtotime($pub); if (!$published) $published = time();
if (is_numeric($id) && Check::url($header, true) && Check::title($title) && $_sql->query("UPDATE entries SET entryHeader = '$header', entryTitle = '$title', entryContent = '$text', entryPublished = $published, entryUpdated = ".time().", entryHidden = ".($hidden ? '1' : 'NULL').", entryPIN = ".($pin && is_numeric($pin) ? $pin : 'NULL')." WHERE entryId = $id"))
return true;
return false;
}
public static function add($header, $title, $slug, $text, $pub, $hidden = false, $pin = false)
{
global $_sql, $user;
$header = sqlprot($header);
$title = sqlprot($title);
$text = sqlprot($text);
$slug = sqlprot($slug);
$published = strtotime($pub); if (!$published) $published = time();
if (Check::url($header, true) && Check::title($title) && Check::slug($slug) && $_sql->query("INSERT INTO entries (entryHeader, entryTitle, entrySlug, entryContent, entryBy, entryCreated, entryPublished, entryHidden, entryPIN) VALUES ('$header', '$title', '$slug', '$text', $user[userId], ".time().", $published, ".($hidden ? '1' : 'NULL').", ".($pin && is_numeric($pin) ? $pin : 'NULL').")"))
return true;
//die($text);
return false;
}
public static function delete($id)
{
global $_sql;
if (is_numeric($id) && $_sql->query("DELETE FROM entries WHERE entryId = $id"))
return true;
return false;
}
public static function pin($id)
{
global $_sql;
if (is_numeric($id) && $_sql->query("UPDATE entries SET entryPinned = 1 WHERE entryId = $id"))
return true;
return false;
}