sandros/insanelyBlog
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

New plugin loader, page features, API0.2b, Bugfixes

Browse Source
This commit is contained in:
2016-11-19 16:13:37 +01:00
parent 6d1eef25ca
commit b97faf21fd
230 changed files with 36532 additions and 36346 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
includes/admin/dashboard.php
View File

@ -1,7 +1,8 @@
<h1>{locale:dashboard}</h1>
<ul>
<li><a href='/admin/entry'>{locale:entry_editor}</a></li>
<li><a href='/admin/plugins'>{locale:plugin_manager}</a></li>
<li><a href='/admin/page'>{locale:page_editor}</a></li>
<h1>{locale:dashboard}</h1>
<ul>
<li><a href='/admin/entry'>{locale:entry_editor}</a></li>
<li><a href='/admin/plugins'>{locale:plugin_manager}</a></li>
<li><a href='/admin/page'>{locale:page_editor}</a></li>
<li><a href='/admin/settings'>{locale:site_settings}</a></li>
</ul>

298
includes/admin/entry.php
View File

@ -1,149 +1,149 @@
<?php
if (isset($_GET['status']))
switch ($_GET['status'])
{
case 'added':
array_push($info, $_locale['entry_added']);
break;
case 'updated':
array_push($info, $_locale['entry_updated']);
break;
}
if (isset($_POST['entryContent']) && $user['userLevel'] > 2)
{
if (isset($_POST['entryAdd']))
{
if (blog::add($_POST['entryHeader'], $_POST['entryTitle'], $_POST['entrySlug'], $_POST['entryContent'], $_POST['entryPublished'], (isset($_POST['entryHidden']) ? true : false), $_POST['entryPIN']))
redirect(get_entry_link($_POST['entrySlug']), 'added');
else
array_push($error, $_locale['entry_not_added']);
} elseif (isset($_POST['entryUpdate']))
{
if (blog::update($_POST['entryUpdate'], $_POST['entryHeader'], $_POST['entryTitle'], $_POST['entryContent'], $_POST['entryPublished'], (isset($_POST['entryHidden']) ? true : false), $_POST['entryPIN']))
redirect(get_current_link(), 'updated');
else
array_push($error, $_locale['entry_not_updated']);
}
}
if (isset($_POST['entryTag']) && $user['userLevel'] > 2)
{
if (isset($_POST['tagIdRemove']))
{
if (blog::tagRemove($_POST['tagIdRemove'], $_POST['entryId']))
array_push($info, $_locale['entry_tag_removed']);
else
array_push($error, $_locale['entry_tag_not_removed']);
} elseif (blog::tag($_POST['tagId'], $_POST['entryId']))
array_push($info, $_locale['entry_tag_added']);
else
array_push($error, $_locale['entry_tag_not_added']);
}
if (isset($seo[2]) && $user['userLevel'] > 2)
{
$entry = new blog($seo[2]);
if ($entry->entries)
{
$entryData = $entry->entry();
if (isset($seo[3]) && $user['userLevel'] > 3)
switch ($seo[3])
{
case 'delete':
if ($entry->delete($entryData['entryId']))
redirect('/admin/entry');
else
array_push($error, $_locale['entry_not_deleted']);
break;
case 'pin':
if ($entry->pin($entryData['entryId']))
redirect();
else
array_push($error, $_locale['entry_not_pinned']);
break;
case 'unpin':
if ($entry->unpin($entryData['entryId']))
redirect();
else
array_push($error, $_locale['entry_not_unpinned']);
break;
}
}
} else
{
$timedQuery = $_sql->query("SELECT entrySlug, entryTitle, entryCreated, entryPublished FROM entries WHERE entryPublished > ".time()."");
if ($timedQuery->num_rows)
{
echo "<h1>{locale:timed_entries}</h1>";
echo "<table class='designed timed'><tr><td>{locale:entry_title}</td><td>{locale:created_on}</td><td>{locale:timed_pub_date}</td></tr>";
while ($data = $timedQuery->fetch_assoc())
echo "<tr><td><a href='".get_entry_link($data['entrySlug'])."'>$data[entryTitle]</a></td><td>".show_date($data['entryCreated'])."</td><td>".show_date($data['entryPublished'])."</td></tr>";
echo "</table>";
}
$hiddenQuery = $_sql->query("SELECT entrySlug, entryTitle, entryCreated, entryPublished FROM entries WHERE entryHidden IS NOT NULL");
if ($hiddenQuery->num_rows)
{
echo "<h1>{locale:hidden_entries}</h1>";
echo "<table class='designed timed'><tr><td>{locale:entry_title}</td><td>{locale:created_on}</td><td>{locale:timed_pub_date}</td></tr>";
while ($data = $hiddenQuery->fetch_assoc())
echo "<tr><td><a href='".get_entry_link($data['entrySlug'], null, true)."'>$data[entryTitle]</a></td><td>".show_date($data['entryCreated'])."</td><td>".show_date($data['entryPublished'])."</td></tr>";
echo "</table>";
}
}
?>
<h1>{locale:entry_editor}</h1>
<form action="<?=get_current_link()?>" method="post" name="entry-edit">
<?php if (isset($entryData)) : addTitle($entryData['entryTitle']); headerImage($entryData['entryHeader']); ?>
<input type="text" name="entryHeader" value="<?=htmlentities($entryData['entryHeader'])?>" placeholder="{locale:entry_header}" maxlength="255" />
<input type="text" name="entryTitle" value="<?=htmlentities($entryData['entryTitle'])?>" placeholder="{locale:entry_title}" maxlength="250" />
<textarea id="entry-textarea" name="entryContent" rows="30"><?=htmlspecialchars($entryData['entryContent'])?></textarea>
<input id="entry-date" type="text" name="entryPublished" value="<?=date(DATE_FORMAT_DEFAULT, $entryData['entryPublished'])?>" placeholder="{locale:entry_pub_date}" maxlength="50" />
<label><input type="checkbox" name="entryHidden" value="1" <?=($entryData['entryHidden'] ? 'checked ' : '')?> /> {locale:entry_hide}</label>
<input type="text" name="entryPIN" value="<?=htmlentities($entryData['entryPIN'])?>" placeholder="{locale:entry_pin}" maxlength="6" />
<input type="hidden" name="entryUpdate" value="<?=$entryData['entryId']?>" />
<?php else: ?>
<input type="text" name="entryHeader" id="entryHeader" placeholder="{locale:entry_header}" maxlength="255" />
<input type="text" name="entryTitle" id="entryTitle" placeholder="{locale:entry_title}" maxlength="250" />
<textarea id="entry-textarea" name="entryContent" rows="30"></textarea>
<input id="entry-date" type="text" name="entryPublished" placeholder="{locale:entry_pub_date}" maxlength="50" />
<input type="text" name="entrySlug" id="entrySlug" placeholder="{locale:entry_slug}" maxlength="100" />
<label><input type="checkbox" name="entryHidden" value="1" /> {locale:entry_hide}</label>
<input type="text" name="entryPIN" placeholder="{locale:entry_pin}" maxlength="6" />
<input type="hidden" name="entryAdd" value="true" />
<?php endif ?>
<button type="submit">{locale:save}</button>
</form>
<?php
if (isset($entryData))
{
$tags = $_sql->query("SELECT * FROM tags");
if ($tags->num_rows)
{
echo "<h3>{locale:tags}</h3>";
echo "<table class='designed'><tr><td>{locale:tag_name}</td><td>{locale:add}</td></tr>"
."<form action='".get_current_link()."' method='post' name='tagentry'>"
."<input type='hidden' name='entryId' value='$entryData[entryId]' />"
."<input type='hidden' name='entryTag' value='true' />";
while ($tag = $tags->fetch_assoc())
echo "<tr><td>$tag[tagName]</td><td>".($_sql->query("SELECT taggedId FROM tagged WHERE taggedEntry = $entryData[entryId] AND taggedTag = $tag[tagId]")->num_rows ? "<button type='submit' name='tagIdRemove' value='$tag[tagId]'>{locale:remove}</button>":"<button type='submit' name='tagId' value='$tag[tagId]'>{locale:add}</button>")."</td></tr>";
echo "</form>"
."</table>";
}
}
?>
<script>$("#entry-date").datepicker({ minDate: 0, maxDate: "+48M" });</script>
<?php
if (isset($_GET['status']))
switch ($_GET['status'])
{
case 'added':
array_push($info, $_locale['entry_added']);
break;
case 'updated':
array_push($info, $_locale['entry_updated']);
break;
}
if (isset($_POST['entryContent']) && $user['userLevel'] > 2)
{
if (isset($_POST['entryAdd']))
{
if (blog::add($_POST['entryHeader'], $_POST['entryTitle'], $_POST['entrySlug'], $_POST['entryContent'], $_POST['entryPublished'], (isset($_POST['entryHidden']) ? true : false), $_POST['entryPIN']))
redirect(get_entry_link($_POST['entrySlug']), 'added');
else
array_push($error, $_locale['entry_not_added']);
} elseif (isset($_POST['entryUpdate']))
{
if (blog::update($_POST['entryUpdate'], $_POST['entryHeader'], $_POST['entryTitle'], $_POST['entryContent'], $_POST['entryPublished'], (isset($_POST['entryHidden']) ? true : false), $_POST['entryPIN']))
redirect(get_current_link(), 'updated');
else
array_push($error, $_locale['entry_not_updated']);
}
}
if (isset($_POST['entryTag']) && $user['userLevel'] > 2)
{
if (isset($_POST['tagIdRemove']))
{
if (blog::tagRemove($_POST['tagIdRemove'], $_POST['entryId']))
array_push($info, $_locale['entry_tag_removed']);
else
array_push($error, $_locale['entry_tag_not_removed']);
} elseif (blog::tag($_POST['tagId'], $_POST['entryId']))
array_push($info, $_locale['entry_tag_added']);
else
array_push($error, $_locale['entry_tag_not_added']);
}
if (isset($seo[2]) && $user['userLevel'] > 2)
{
$entry = new blog($seo[2]);
if ($entry->entries)
{
$entryData = $entry->entry();
if (isset($seo[3]) && $user['userLevel'] > 3)
switch ($seo[3])
{
case 'delete':
if ($entry->delete($entryData['entryId']))
redirect('/admin/entry');
else
array_push($error, $_locale['entry_not_deleted']);
break;
case 'pin':
if ($entry->pin($entryData['entryId']))
redirect();
else
array_push($error, $_locale['entry_not_pinned']);
break;
case 'unpin':
if ($entry->unpin($entryData['entryId']))
redirect();
else
array_push($error, $_locale['entry_not_unpinned']);
break;
}
}
} else
{
$timedQuery = $_sql->query("SELECT entrySlug, entryTitle, entryCreated, entryPublished FROM entries WHERE entryPublished > ".time()."");
if ($timedQuery->num_rows)
{
echo "<h1>{locale:timed_entries}</h1>";
echo "<table class='designed timed'><thead><tr><th>{locale:entry_title}</th><th>{locale:created_on}</th><th>{locale:timed_pub_date}</th></tr></thead><tbody>";
while ($data = $timedQuery->fetch_assoc())
echo "<tr><td><a href='".get_entry_link($data['entrySlug'])."'>$data[entryTitle]</a></td><td>".show_date($data['entryCreated'])."</td><td>".show_date($data['entryPublished'])."</td></tr>";
echo "</tbody></table>";
}
$hiddenQuery = $_sql->query("SELECT entrySlug, entryTitle, entryCreated, entryPublished FROM entries WHERE entryHidden IS NOT NULL");
if ($hiddenQuery->num_rows)
{
echo "<h1>{locale:hidden_entries}</h1>";
echo "<table class='designed timed'><thead><tr><th>{locale:entry_title}</th><th>{locale:created_on}</th><th>{locale:timed_pub_date}</th></tr></thead><tbody>";
while ($data = $hiddenQuery->fetch_assoc())
echo "<tr><td><a href='".get_entry_link($data['entrySlug'], null, true)."'>$data[entryTitle]</a></td><td>".show_date($data['entryCreated'])."</td><td>".show_date($data['entryPublished'])."</td></tr>";
echo "</tbody></table>";
}
}
?>
<h1>{locale:entry_editor}</h1>
<form action="<?=get_current_link()?>" method="post" name="entry-edit">
<?php if (isset($entryData)) : addTitle($entryData['entryTitle']); headerImage($entryData['entryHeader']); ?>
<input type="text" name="entryHeader" value="<?=htmlentities($entryData['entryHeader'])?>" placeholder="{locale:entry_header}" maxlength="255" />
<input type="text" name="entryTitle" value="<?=htmlentities($entryData['entryTitle'])?>" placeholder="{locale:entry_title}" maxlength="250" />
<textarea id="entry-textarea" name="entryContent" rows="30"><?=htmlspecialchars($entryData['entryContent'])?></textarea>
<input id="entry-date" type="text" name="entryPublished" value="<?=date(DATE_FORMAT_DEFAULT, $entryData['entryPublished'])?>" placeholder="{locale:entry_pub_date}" maxlength="50" />
<label><input type="checkbox" name="entryHidden" value="1" <?=($entryData['entryHidden'] ? 'checked ' : '')?> /> {locale:entry_hide}</label>
<input type="text" name="entryPIN" value="<?=htmlentities($entryData['entryPIN'])?>" placeholder="{locale:entry_pin}" maxlength="6" />
<input type="hidden" name="entryUpdate" value="<?=$entryData['entryId']?>" />
<?php else: ?>
<input type="text" name="entryHeader" id="entryHeader" placeholder="{locale:entry_header}" maxlength="255" />
<input type="text" name="entryTitle" id="entryTitle" placeholder="{locale:entry_title}" maxlength="250" />
<textarea id="entry-textarea" name="entryContent" rows="30"></textarea>
<input id="entry-date" type="text" name="entryPublished" placeholder="{locale:entry_pub_date}" maxlength="50" />
<input type="text" name="entrySlug" id="entrySlug" placeholder="{locale:entry_slug}" maxlength="100" />
<label><input type="checkbox" name="entryHidden" value="1" /> {locale:entry_hide}</label>
<input type="text" name="entryPIN" placeholder="{locale:entry_pin}" maxlength="6" />
<input type="hidden" name="entryAdd" value="true" />
<?php endif ?>
<button type="submit">{locale:save}</button>
</form>
<?php
if (isset($entryData))
{
$tags = $_sql->query("SELECT * FROM tags");
if ($tags->num_rows)
{
echo "<h3>{locale:tags}</h3>";
echo "<table class='designed'><thead><tr><th>{locale:tag_name}</th><th>{locale:add}</th></tr></thead><tbody>"
."<form action='".get_current_link()."' method='post' name='tagentry'>"
."<input type='hidden' name='entryId' value='$entryData[entryId]' />"
."<input type='hidden' name='entryTag' value='true' />";
while ($tag = $tags->fetch_assoc())
echo "<tr><td>$tag[tagName]</td><td>".($_sql->query("SELECT taggedId FROM tagged WHERE taggedEntry = $entryData[entryId] AND taggedTag = $tag[tagId]")->num_rows ? "<button type='submit' name='tagIdRemove' value='$tag[tagId]'>{locale:remove}</button>":"<button type='submit' name='tagId' value='$tag[tagId]'>{locale:add}</button>")."</td></tr>";
echo "</form>"
."</tbody></table>";
}
}
?>
<script>$("#entry-date").datepicker({ minDate: 0, maxDate: "+48M" });</script>

76
includes/admin/main.php
View File

@ -1,36 +1,42 @@
<?php
addTitle($_locale['admin']);
if (!isset($seo[1])) $seo[1] = '';
switch ($seo[1])
{
case 'upload':
include 'data/upload.php';
exit;
break;
case 'plugins':
if ($user['userLevel'] < 3) redirect();
addTitle($_locale['plugin_manager']);
include 'includes/admin/plugins.php';
break;
case $_set['subEntry']:
if ($user['userLevel'] < 2) redirect();
addTitle($_locale['entry_editor']);
include 'includes/admin/entry.php';
break;
case $_set['subPage']:
if ($user['userLevel'] < 3) redirect();
addTitle($_locale['page_editor']);
include 'includes/admin/page.php';
break;
default:
include 'includes/admin/dashboard.php';
break;
<?php
addTitle($_locale['admin']);
if (!isset($seo[1])) $seo[1] = '';
switch ($seo[1])
{
case 'upload':
include 'data/upload.php';
exit;
break;
case 'settings':
if ($user['userLevel'] < 3) redirect();
addTitle($_locale['site_settings']);
include 'includes/admin/settings.php';
break;
case 'plugins':
if ($user['userLevel'] < 3) redirect();
addTitle($_locale['plugin_manager']);
include 'includes/admin/plugins.php';
break;
case $_set['subEntry']:
if ($user['userLevel'] < 2) redirect();
addTitle($_locale['entry_editor']);
include 'includes/admin/entry.php';
break;
case $_set['subPage']:
if ($user['userLevel'] < 3) redirect();
addTitle($_locale['page_editor']);
include 'includes/admin/page.php';
break;
default:
include 'includes/admin/dashboard.php';
break;
}

117
includes/admin/page.php
View File

@ -1,55 +1,64 @@
<?php
if (isset($_POST['pageContent']) && isset($_POST['pageSlug']) && $user['userLevel'] > 3)
{
$page = new page($_POST['pageSlug']);
if (isset($_POST['pageAdd']))
{
if ($page->create($_POST['pageTitle'], $_POST['pageContent']))
array_push($info, $_locale['page_added']);
else
array_push($error, $_locale['page_not_added']);
} elseif (isset($_POST['pageUpdate']))
{
if ($page->update($_POST['pageTitle'], $_POST['pageContent']))
array_push($info, $_locale['page_updated']);
else
array_push($error, $_locale['page_not_updated']);
}
}
if (isset($seo[2]))
$page = new page($seo[2]);
else
{
$pagesQuery = $_sql->query("SELECT pageSlug, pageTitle FROM pages");
if ($pagesQuery->num_rows)
{
echo "<h1>{locale:pages}</h1>";
echo "<table class='designed pages'><tr><td>{locale:page_title}</td></tr>";
while ($data = $pagesQuery->fetch_assoc())
echo "<tr><td><a href='/admin/page/$data[pageSlug]'>$data[pageTitle]</a></td></tr>";
echo "</table>";
}
}
?>
<h1>{locale:page_editor}</h1>
<form action="<?=get_current_link()?>" method="post" name="entry-edit">
<?php if (isset($page->data)) : addTitle($page->data['pageTitle']); ?>
<input type="text" name="pageTitle" value="<?=$page->data['pageTitle']?>" placeholder="{locale:page_title}" maxlength="250" />
<textarea name="pageContent"><?=htmlspecialchars($page->data['pageContent'])?></textarea>
<input type="hidden" name="pageSlug" value="<?=$page->data['pageSlug']?>" />
<input type="hidden" name="pageUpdate" value="true" />
<button type="button" onclick="window.location.href='/admin/page'">{locale:cancel}</button>
<?php else: ?>
<input type="text" id="pageTitle" name="pageTitle" value="" placeholder="{locale:page_title}" maxlength="250" />
<textarea name="pageContent"></textarea>
<input type="text" id="pageSlug" name="pageSlug" value="" placeholder="{locale:page_slug}" />
<input type="hidden" name="pageAdd" value="true" />
<?php endif ?>
<button type="submit">{locale:save}</button>
<?php
if (isset($_POST['pageContent']) && isset($_POST['pageSlug']) && $user['userLevel'] > 3)
{
$page = new page($_POST['pageSlug']);
if (isset($_POST['pageAdd']))
{
if ($page->create($_POST['pageTitle'], $_POST['pageContent']))
array_push($info, $_locale['page_added']);
else
array_push($error, $_locale['page_not_added']);
} elseif (isset($_POST['pageUpdate']))
{
if ($page->update($_POST['pageTitle'], $_POST['pageContent']))
array_push($info, $_locale['page_updated']);
else
array_push($error, $_locale['page_not_updated']);
}
}
if (isset($_POST['page_delete']))
{
$page = new page($_POST['page_delete']);
if ($page -> delete()) array_push($info, $_locale['page_deleted']);
else array_push($error, $_locale['page_delete_failed']);
}
if (isset($seo[2]))
$page = new page($seo[2]);
else
{
$pagesQuery = $_sql->query("SELECT pageSlug, pageTitle, pageCreated, pageModified, pageDeleted FROM pages ORDER BY pageDeleted ASC, pageTitle ASC");
if ($pagesQuery->num_rows)
{
echo "<h1>{locale:pages}</h1>";
echo "<form action='".get_current_link()."' method='post' name='page-delete'>";
echo "<table class='designed pages'><thead><tr><th>{locale:page_title}</th><th>{locale:page_modified}</th><th>{locale:page_delete}</th></tr></thead><tbody>";
while ($data = $pagesQuery->fetch_assoc())
echo "<tr><td><a href='/admin/page/$data[pageSlug]'>$data[pageTitle]</a></td><td>".date($_set['dateformat'], $data['pageModified'] > $data['pageCreated'] ? $data['pageModified'] : $data['pageCreated'])."</td><td>".($data['pageDeleted'] ? date($_set['dateformat'], $data['pageDeleted']) : "<button type='submit' name='page_delete' value='$data[pageSlug]'>{locale:delete}</button>")."</td></tr>";
echo "</tbody></table>";
echo "</form>";
}
}
?>
<h1>{locale:page_editor}</h1>
<form action="<?=get_current_link()?>" method="post" name="entry-edit">
<?php if (isset($page->data)) : addTitle($page->data['pageTitle']); ?>
<input type="text" name="pageTitle" value="<?=$page->data['pageTitle']?>" placeholder="{locale:page_title}" maxlength="250" />
<textarea name="pageContent"><?=htmlspecialchars($page->data['pageContent'])?></textarea>
<input type="hidden" name="pageSlug" value="<?=$page->data['pageSlug']?>" />
<input type="hidden" name="pageUpdate" value="true" />
<button type="button" onclick="window.location.href='/admin/page'">{locale:cancel}</button>
<?php else: ?>
<input type="text" id="pageTitle" name="pageTitle" value="" placeholder="{locale:page_title}" maxlength="250" />
<textarea name="pageContent"></textarea>
<input type="text" id="pageSlug" name="pageSlug" value="" placeholder="{locale:page_slug}" />
<input type="hidden" name="pageAdd" value="true" />
<?php endif ?>
<button type="submit">{locale:save}</button>
</form>

101
includes/admin/plugins.php
View File

@ -1,51 +1,52 @@
<?php
if (isset($_POST['pluginId']) && isnum($_POST['pluginId']))
{
if ($_sql->query("UPDATE plugins SET pluginStatus = ".(isset($_POST['pluginEnable']) ? 1 : 0)." WHERE pluginId = $_POST[pluginId]"))
redirect(get_current_link());
else
array_push($error, $_locale['plugin_not_updated']);
}
echo "<h1>$_locale[plugins]</h1>";
$pluginsQuery = $_sql->query("SELECT * FROM plugins ORDER BY pluginStatus DESC");
$plugins = array();
if ($pluginsQuery->num_rows)
{
echo "<table class='designed plugins'>";
echo "<tr><td>{locale:plugin_name}</td><td>{locale:description}</td><td>{locale:scope}</td><td>{locale:status}</td></tr>";
while ($data = $pluginsQuery->fetch_assoc())
{
$pinfo = './plugins/'.$data['pluginLib'].'/info.json';
if (file_exists($pinfo))
{
$pinfo = (array)json_decode(file_get_contents($pinfo));
if ($data['pluginStatus'])
$button = "<button name='pluginDisable' class='orange'>{locale:disable}</button>";
else $button = "<button name='pluginEnable'>{locale:enable}</button>";
echo "<tr><td>$pinfo[name]</td><td>$pinfo[description]<td>$pinfo[paths]</td><td><form action='".get_current_link()."' method='post'><input type='hidden' name='pluginId' value='$data[pluginId]'/>$button</form></td></tr>";
}
array_push($plugins, $data['pluginLib']);
}
echo "</table>";
} else
echo "<p>$_locale[plugins_empty]</p>";
if ($handle = opendir('./plugins')) {
while (false !== ($entry = readdir($handle)))
{
if (!in_array($entry, $plugins) && file_exists('./plugins/'.$entry.'/info.json'))
if ($_sql->query("INSERT INTO plugins (pluginLib, pluginStatus) VALUES ('$entry', 0)"))
array_push($info, $_locale['plugin_added'].$entry);
else
array_push($error, $_locale['plugin_not_added'].$entry);
}
closedir($handle);
<?php
if (isset($_POST['pluginId']) && is_numeric($_POST['pluginId']))
{
if ($_sql->query("UPDATE plugins SET pluginStatus = ".(isset($_POST['pluginEnable']) ? 1 : 0)." WHERE pluginId = $_POST[pluginId]"))
redirect(get_current_link());
else
array_push($error, $_locale['plugin_not_updated']);
}
echo "<h1>$_locale[plugins]</h1>";
$pluginsQuery = $_sql->query("SELECT * FROM plugins ORDER BY pluginStatus DESC");
$plugins = array();
if ($pluginsQuery->num_rows)
{
echo "<table class='designed plugins'>";
echo "<thead><tr><th>{locale:plugin_name}</th><th>{locale:description}</th><th>{locale:scope}</th><th>{locale:status}</th></tr></thead><tbody>";
while ($data = $pluginsQuery->fetch_assoc())
{
$pinfo = './plugins/'.$data['pluginLib'].'/info.json';
if (file_exists($pinfo))
{
$pinfo = (array)json_decode(file_get_contents($pinfo));
if (!isset($pinfo['enabler']) || (isset($pinfo['enabler']) && in_array($pinfo['enabler'], ['true', '1', 'yes', 'y'])))
if ($data['pluginStatus']) $button = "<button name='pluginDisable' class='orange'>{locale:disable}</button>";
else $button = "<button name='pluginEnable'>{locale:enable}</button>";
else $button = "{locale:plugin_noenable}";
echo "<tr><td>$pinfo[name]</td><td>$pinfo[description]<td>$pinfo[paths]</td><td><form action='".get_current_link()."' method='post'><input type='hidden' name='pluginId' value='$data[pluginId]'/>$button</form></td></tr>";
}
array_push($plugins, $data['pluginLib']);
}
echo "</tbody></table>";
} else
echo "<p>$_locale[plugins_empty]</p>";
if ($handle = opendir('./plugins')) {
while (false !== ($entry = readdir($handle)))
{
if (!in_array($entry, $plugins) && file_exists('./plugins/'.$entry.'/info.json'))
if ($_sql->query("INSERT INTO plugins (pluginLib, pluginStatus) VALUES ('$entry', 0)"))
array_push($info, $_locale['plugin_added'].$entry);
else
array_push($error, $_locale['plugin_not_added'].$entry);
}
closedir($handle);
}

47
includes/admin/settings.php Normal file
View File

@ -0,0 +1,47 @@
<?php
if (isset($_POST['save_settings']))
{
$fail = false;
$settings = new settings();
foreach ($_POST AS $var => $val)
if (substr($var, 0, 13) == 'settings_var_')
{
$var = substr($var, 13, strlen($var) - 13);
if (isset($_set[$var]) && $_set[$var] != $val)
if (!$settings -> update($var, $val))
$fail = true;
}
if ($fail) array_push($error, $_locale['settings_update_failed']);
else array_push($info, $_locale['settings_updated']);
unset($fail);
unset($var);
unset($settings);
}
$_set_settings = settings::getdata();
?>
<h1>{locale:site_settings}</h1>
<form action="<?=get_current_link()?>" method="post" name="entry-edit">
<table class="designed settings">
<thead>
<tr>
<th>{locale:settings_variable}</th>
<th>{locale:settings_value}</th>
</tr>
</thead>
<tbody>
<?php foreach ($_set_settings AS $var => $val): ?>
<tr>
<td>{locale:settings_var_<?=$var?>}</td>
<td><input type="text" name="settings_var_<?=$var?>" value="<?=htmlentities($val)?>" /></td>
</tr>
<?php endforeach; unset($_set_settings); ?>
</tbody>
</table>
<button type="submit" name="save_settings" value="1">{locale:settings_save}</button>
</form>

255
includes/blog.class.php
View File

@ -1,124 +1,131 @@
<?php
class blog
{
private $entry;
private $query;
public $perpage = 10;
public $entries = 0;
public function __construct($entry = false, $page = 1)
{
global $_set, $_sql;
$this->perpage = $_set['entriesPerPage'];
if ($entry)
{
$this->query = $_sql->query("SELECT entries.*, users.userName AS userName, users.userPublicName AS publicName FROM entries INNER JOIN users ON userId = entryBy WHERE entrySlug = '".sqlprot($entry)."' LIMIT 1");
if ($this->query->num_rows)
{
$this->entries = 1;
}
} else
{
$this->query = $_sql->query("SELECT entries.*, users.userName AS userName, users.userPublicName AS publicName FROM entries INNER JOIN users ON userId = entryBy WHERE entryHidden IS NULL AND entryPublished <= ".time()." ORDER BY entryPinned DESC, entryPublished DESC, entryId DESC LIMIT ".$this->perpage." OFFSET ".(($page-1) * $this->perpage)."");
$this->entries = $this->query->num_rows;
}
}
public function entries()
{
if ($this->entries)
return $this->query->fetch_assoc();
return false;
}
public function entry()
{
if ($this->entries == 1)
return $this->query->fetch_assoc();
return false;
}
public static function update($id, $header, $title, $text, $pub, $hidden = false, $pin = false)
{
global $_sql;
$header = sqlprot($header);
$title = sqlprot($title);
$text = sqlprot($text);
$published = strtotime($pub); if (!$published) $published = time();
if (is_numeric($id) && Check::url($header, true) && Check::title($title) && $_sql->query("UPDATE entries SET entryHeader = '$header', entryTitle = '$title', entryContent = '$text', entryPublished = $published, entryUpdated = ".time().", entryHidden = ".($hidden ? '1' : 'NULL').", entryPIN = ".($pin && is_numeric($pin) ? $pin : 'NULL')." WHERE entryId = $id"))
return true;
return false;
}
public static function add($header, $title, $slug, $text, $pub, $hidden = false, $pin = false)
{
global $_sql, $user;
$header = sqlprot($header);
$title = sqlprot($title);
$text = sqlprot($text);
$slug = sqlprot($slug);
$published = strtotime($pub); if (!$published) $published = time();
if (Check::url($header, true) && Check::title($title) && Check::slug($slug) && $_sql->query("INSERT INTO entries (entryHeader, entryTitle, entrySlug, entryContent, entryBy, entryCreated, entryPublished, entryHidden, entryPIN) VALUES ('$header', '$title', '$slug', '$text', $user[userId], ".time().", $published, ".($hidden ? '1' : 'NULL').", ".($pin && is_numeric($pin) ? $pin : 'NULL').")"))
return true;
//die($text);
return false;
}
public static function delete($id)
{
global $_sql;
if (is_numeric($id) && $_sql->query("DELETE FROM entries WHERE entryId = $id"))
return true;
return false;
}
public static function pin($id)
{
global $_sql;
if (is_numeric($id) && $_sql->query("UPDATE entries SET entryPinned = 1 WHERE entryId = $id"))
return true;
return false;
}
public static function unpin($id)
{
global $_sql;
if (is_numeric($id) && $_sql->query("UPDATE entries SET entryPinned = NULL WHERE entryId = $id"))
return true;
return false;
}
public static function tag($cid, $id)
{
if (!is_numeric($cid) || !is_numeric($id)) return false;
global $_sql;
if (!$_sql->query("SELECT * FROM tags WHERE tagId = $cid")->num_rows) return false;
if ($_sql->query("SELECT * FROM tagged WHERE taggedTag = $cid AND taggedEntry = $id")->num_rows) return false;
if ($_sql->query("INSERT INTO tagged (taggedTag, taggedEntry) VALUES ($cid, $id)")) return true;
return false;
}
public static function tagRemove($cid, $id)
{
if (!is_numeric($cid) || !is_numeric($id)) return false;
global $_sql;
if ($_sql->query("DELETE FROM tagged WHERE taggedTag = $cid AND taggedEntry = $id")) return true;
return false;
}
}
<?php
class blog
{
private $entry;
private $query;
public $perpage = 10;
public $entries = 0;
public function __construct($entry = false, $page = 1, $getall = false, $limit = false)
{
global $_set, $_sql;
if (!$getall)
{
$this->perpage = $_set['entriesPerPage'];
if ($entry)
{
$this->query = $_sql->query("SELECT entries.*, users.userId AS userId, users.userName AS userName, users.userPublicName AS publicName FROM entries INNER JOIN users ON userId = entryBy WHERE entrySlug = '".sqlprot($entry)."' LIMIT 1");
if ($this->query->num_rows)
{
$this->entries = 1;
}
} else
{
$this->query = $_sql->query("SELECT entries.*, users.userId AS userId, users.userName AS userName, users.userPublicName AS publicName FROM entries INNER JOIN users ON userId = entryBy WHERE entryHidden IS NULL AND entryPublished <= ".time()." ORDER BY entryPinned DESC, entryPublished DESC, entryId DESC LIMIT ".$this->perpage." OFFSET ".(($page-1) * $this->perpage)."");
$this->entries = $this->query->num_rows;
}
} else
{
$this->query = $_sql->query("SELECT * FROM entries ORDER BY entryPublished DESC".($limit && is_numeric($limit) ? ' LIMIT '.$limit : null));
$this->entries = $this->query->num_rows;
}
}
public function entries()
{
if ($this->entries)
return $this->query->fetch_assoc();
return false;
}
public function entry()
{
if ($this->entries == 1)
return $this->query->fetch_assoc();
return false;
}
public static function update($id, $header, $title, $text, $pub, $hidden = false, $pin = false)
{
global $_sql;
$header = sqlprot($header);
$title = sqlprot($title);
$text = sqlprot($text);
$published = strtotime($pub); if (!$published) $published = time();
if (is_numeric($id) && Check::url($header, true) && Check::title($title) && $_sql->query("UPDATE entries SET entryHeader = '$header', entryTitle = '$title', entryContent = '$text', entryPublished = $published, entryUpdated = ".time().", entryHidden = ".($hidden ? '1' : 'NULL').", entryPIN = ".($pin && is_numeric($pin) ? $pin : 'NULL')." WHERE entryId = $id"))
return true;
return false;
}
public static function add($header, $title, $slug, $text, $pub, $hidden = false, $pin = false)
{
global $_sql, $user;
$header = sqlprot($header);
$title = sqlprot($title);
$text = sqlprot($text);
$slug = sqlprot($slug);
$published = strtotime($pub); if (!$published) $published = time();
if (Check::url($header, true) && Check::title($title) && Check::slug($slug) && $_sql->query("INSERT INTO entries (entryHeader, entryTitle, entrySlug, entryContent, entryBy, entryCreated, entryPublished, entryHidden, entryPIN) VALUES ('$header', '$title', '$slug', '$text', $user[userId], ".time().", $published, ".($hidden ? '1' : 'NULL').", ".($pin && is_numeric($pin) ? $pin : 'NULL').")"))
return true;
//die($text);
return false;
}
public static function delete($id)
{
global $_sql;
if (is_numeric($id) && $_sql->query("DELETE FROM entries WHERE entryId = $id"))
return true;
return false;
}
public static function pin($id)
{
global $_sql;
if (is_numeric($id) && $_sql->query("UPDATE entries SET entryPinned = 1 WHERE entryId = $id"))
return true;
return false;
}
public static function unpin($id)
{
global $_sql;
if (is_numeric($id) && $_sql->query("UPDATE entries SET entryPinned = NULL WHERE entryId = $id"))
return true;
return false;
}
public static function tag($cid, $id)
{
if (!is_numeric($cid) || !is_numeric($id)) return false;
global $_sql;
if (!$_sql->query("SELECT * FROM tags WHERE tagId = $cid")->num_rows) return false;
if ($_sql->query("SELECT * FROM tagged WHERE taggedTag = $cid AND taggedEntry = $id")->num_rows) return false;
if ($_sql->query("INSERT INTO tagged (taggedTag, taggedEntry) VALUES ($cid, $id)")) return true;
return false;
}
public static function tagRemove($cid, $id)
{
if (!is_numeric($cid) || !is_numeric($id)) return false;
global $_sql;
if ($_sql->query("DELETE FROM tagged WHERE taggedTag = $cid AND taggedEntry = $id")) return true;
return false;
}
}

128
includes/check.class.php
View File

@ -1,65 +1,65 @@
<?php
Class Check
{
public static function name($str) {
if(preg_match('/^[a-zA-ZÖÜÓŐÚÉÁŰÍöüóőúéáűí\.\d_\- ]{3,20}$/i', $str))
return true;
return false;
}
public static function link($str) {
if(!preg_match('/^[a-z0-9\d_\-]{3,20}$/i', $str))
return true;
return false;
}
public static function email($str) {
if(preg_match('/^[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/',$str) && strlen($str)<51)
return true;
return false;
}
public static function password($str) {
if(strlen($str)<6 || strlen($str)>20)
return true;
return false;
}
public static function domain($str) {
if (filter_var(gethostbyname($str), FILTER_VALIDATE_IP))
return true;
return false;
}
public static function title($title) {
if (strlen($title) > 0 && strlen($title) < 250)
return true;
return false;
}
public static function slug($str) {
if(preg_match('/^[a-zA-Z\d_\- ]{1,100}$/i', $str))
return true;
return false;
}
public static function url($url, $lazy = false) {
if (($lazy && !$url) || !filter_var($url, FILTER_VALIDATE_URL) === false) return true;
return false;
}
<?php
Class Check
{
public static function name($str) {
if(preg_match('/^[a-zA-ZÖÜÓŐÚÉÁŰÍöüóőúéáűí\.\d_\- ]{3,20}$/i', $str))
return true;
return false;
}
public static function link($str) {
if(!preg_match('/^[a-z0-9\d_\-]{3,20}$/i', $str))
return true;
return false;
}
public static function email($str) {
if(preg_match('/^[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/',$str) && strlen($str)<51)
return true;
return false;
}
public static function password($str) {
if(strlen($str)<6 || strlen($str)>20)
return true;
return false;
}
public static function domain($str) {
if (filter_var(gethostbyname($str), FILTER_VALIDATE_IP))
return true;
return false;
}
public static function title($title) {
if (strlen($title) > 0 && strlen($title) < 250)
return true;
return false;
}
public static function slug($str) {
if(preg_match('/^[a-zA-Z\d_\- ]{1,100}$/i', $str))
return true;
return false;
}
public static function url($url, $lazy = false) {
if (($lazy && !$url) || !filter_var($url, FILTER_VALIDATE_URL) === false) return true;
return false;
}
}

88
includes/comment.class.php
View File

@ -1,45 +1,45 @@
<?php
class comments
{
private $id;
private $comments;
private $replies;
public function __construct($id)
{
if (!isnum($id)) return false;
$this->id = $id;
}
public function get_comments($check = false)
{
if (!$this->comments)
{
global $_sql;
$query = $_sql->query("SELECT `comments`.*, users.userName AS bySlug, users.userPublicName AS byName, users.userPic FROM `comments` INNER JOIN users ON commentBy = userId WHERE commentEntry = ".$this->id." AND commentReply = 0 ORDER BY commentTime DESC");
if ($check)
return $query->num_rows;
else
$this->comments = $query;
}
return $this->comments->fetch_assoc();
}
public function get_replies($check = false)
{
if (!$this->replies)
{
global $_sql;
$query = $_sql->query("SELECT `comments`.*, users.userName AS bySlug, users.userPublicName AS byName, users.userPic FROM `comments` INNER JOIN users ON commentBy = userId WHERE commentReply = ".$this->id." ORDER BY commentTime DESC");
if ($check)
return $query->num_rows;
$this->replies = $query;
}
return $this->replies->fetch_assoc();
}
<?php
class comments
{
private $id;
private $comments;
private $replies;
public function __construct($id)
{
if (!isnum($id)) return false;
$this->id = $id;
}
public function get_comments($check = false)
{
if (!$this->comments)
{
global $_sql;
$query = $_sql->query("SELECT `comments`.*, users.userName AS bySlug, users.userPublicName AS byName, users.userPic FROM `comments` INNER JOIN users ON commentBy = userId WHERE commentEntry = ".$this->id." AND commentReply = 0 ORDER BY commentTime DESC");
if ($check)
return $query->num_rows;
else
$this->comments = $query;
}
return $this->comments->fetch_assoc();
}
public function get_replies($check = false)
{
if (!$this->replies)
{
global $_sql;
$query = $_sql->query("SELECT `comments`.*, users.userName AS bySlug, users.userPublicName AS byName, users.userPic FROM `comments` INNER JOIN users ON commentBy = userId WHERE commentReply = ".$this->id." ORDER BY commentTime DESC");
if ($check)
return $query->num_rows;
$this->replies = $query;
}
return $this->replies->fetch_assoc();
}
}

12
includes/css/ui-lightness/jquery-ui.custom.min.css vendored
View File

File diff suppressed because one or more lines are too long

344
includes/filtr.class.php
View File

@ -1,173 +1,173 @@
<?php
/* ---------
Filtr. Class 4 your Entertainment
filtr.sandros.hu
Sandros Industries
2015. June 28.
Version: 2.2.1.00b <== If the last 2 numbers are equal, this version is untested!
Usage:
- Basic
$filtr = new filtrLogin( [ CUSTOM API URL / NULL ] );
$filtr->setAppid( [ APPLICATION IDENTIFIER ] );
$filtr->setApptoken( [ APPLICATION TOKEN HASH ] );
$filtr->setToken( [ USER'S TOKEN GENERATED BY FILTR. APL.REDIRECT ] );
- Advanced
$filtr->DataStorage( [ WAT TO DO (read, write, erase) ], [ KEY (only for writing) ], [ VALUE (only for writing) ]);
$filtr->cache = '/tmp/[ YOUR PROJECTS CODENAME ]/filtrd/';
Comments:
The Filtr. API has a geniune and valid SSL certificate, but it slows down the process.
Use it only if your connection is not trusted!
We're logging EVERY requests, so you will be able to monitor every access and you will be able to limit the APP's access by IP.
Public UNAME/PASSWD authentication NEVER GONNA HAPPEN!
The specified cache must end with '/'. Automatic detection just slows down the process and generates unnecessary load.
That's it! Have fun!
Don't forget to go out and become black. This is important! And cool! You'll be less awesome, but eh.
Just do it! Tomorrow.
--------- */
class filtrLogin
{
/* User authentication */
private $token;
/* Filtr. authentication */
private $appid;
private $apptoken;
private $apiurl = 'http://filtr.sandros.hu/api.php';
/* This holds the response from Filtr. */
private $apiResponse;
// Cache
public $cache;
public $cachetimeout = 60;
/* Hey! :) */
public function __construct($apiurl = false, $cache = false) {
if ($apiurl)
$this->apiurl = $apiurl; // Override the class-default API url with the given one
}
/* Data collectors */
public function setToken($token = 0) { $this->token = $token; }
public function setAppid($user = 0) { $this->appid = $user; }
public function setApptoken($key = 0) { $this->apptoken = $key; }
/* Data storage */
private $datastorage = array();
public function DataStorage($todo, $key = false, $value = false) {
switch($todo)
{
case 'read':
$this->datastorage = array('data_storage'=>'read');
break;
case 'write':
$this->datastorage = array('data_storage'=>'write', 'data_storage_key'=>$key, 'data_storage_value'=>$value);
break;
case 'erase':
$this->datastorage = array('data_storage'=>'erase');
break;
}
if ($this->status())
{
$this->Login();
return (isset($this->apiResponse->data_storage) ? true : false);
}
return true;
}
/* Nasty things */
public function Login($timeout = 6) {
// Caching
if ($this->cache && file_exists($this->cache.$this->token) && filemtime($this->cache.$this->token) > time()-$this->cachetimeout)
{
$this->apiResponse = json_decode(file_get_contents($this->cache.$this->token));
return true;
}
// Collect the auth infos
// ! This looks pretty bad. In the next release, there will be a JSON encoder.
$array = array_merge(array(
'appid' => $this->appid,
'apptoken' => $this->apptoken,
'token' => $this->token,
), $this->datastorage);
// Convert to GET like string
$fields = '';
foreach($array as $key=>$value)
$fields .= $key.'='.$value.'&';
$fields = rtrim($fields, '&');
// Connect options and set data
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->apiurl);
curl_setopt($ch, CURLOPT_POST, count($array));
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// Free up some memory
unset($fields);
unset($array);
$this->datastorage = false;
// Do what we need to
$rawResponse = curl_exec($ch);
$this->apiResponse = json_decode($rawResponse);
// Basic cache
if ($this->cache)
{
$cache = fopen($this->cache.$this->token, 'w');
fwrite($cache, $rawResponse);
fclose($cache);
unset($cache);
}
unset($rawResponse);
// Close the connection to the login server
curl_close($ch);
unset($ch);
// '1' means the response has came from the remote server
// Not relevant for this script, but you can build an advanced cache control for better performance.
return 1;
}
// Logged in?
public function status() {
if (isset($this->apiResponse->status) && $this->apiResponse->status == 'ok')
return true;
return false;
}
// Return user's data
// Array mode is the default, because this could cause serious problems if someone auto-updating this script.
public function getData($array = true) {
if ($array)
return (array)$this->apiResponse;
return $this->apiResponse;
}
}
<?php
/* ---------
Filtr. Class 4 your Entertainment
filtr.sandros.hu
Sandros Industries
2015. June 28.
Version: 2.2.1.00b <== If the last 2 numbers are equal, this version is untested!
Usage:
- Basic
$filtr = new filtrLogin( [ CUSTOM API URL / NULL ] );
$filtr->setAppid( [ APPLICATION IDENTIFIER ] );
$filtr->setApptoken( [ APPLICATION TOKEN HASH ] );
$filtr->setToken( [ USER'S TOKEN GENERATED BY FILTR. APL.REDIRECT ] );
- Advanced
$filtr->DataStorage( [ WAT TO DO (read, write, erase) ], [ KEY (only for writing) ], [ VALUE (only for writing) ]);
$filtr->cache = '/tmp/[ YOUR PROJECTS CODENAME ]/filtrd/';
Comments:
The Filtr. API has a geniune and valid SSL certificate, but it slows down the process.
Use it only if your connection is not trusted!
We're logging EVERY requests, so you will be able to monitor every access and you will be able to limit the APP's access by IP.
Public UNAME/PASSWD authentication NEVER GONNA HAPPEN!
The specified cache must end with '/'. Automatic detection just slows down the process and generates unnecessary load.
That's it! Have fun!
Don't forget to go out and become black. This is important! And cool! You'll be less awesome, but eh.
Just do it! Tomorrow.
--------- */
class filtrLogin
{
/* User authentication */
private $token;
/* Filtr. authentication */
private $appid;
private $apptoken;
private $apiurl = 'http://filtr.sandros.hu/api.php';
/* This holds the response from Filtr. */
private $apiResponse;
// Cache
public $cache;
public $cachetimeout = 60;
/* Hey! :) */
public function __construct($apiurl = false, $cache = false) {
if ($apiurl)
$this->apiurl = $apiurl; // Override the class-default API url with the given one
}
/* Data collectors */
public function setToken($token = 0) { $this->token = $token; }
public function setAppid($user = 0) { $this->appid = $user; }
public function setApptoken($key = 0) { $this->apptoken = $key; }
/* Data storage */
private $datastorage = array();
public function DataStorage($todo, $key = false, $value = false) {
switch($todo)
{
case 'read':
$this->datastorage = array('data_storage'=>'read');
break;
case 'write':
$this->datastorage = array('data_storage'=>'write', 'data_storage_key'=>$key, 'data_storage_value'=>$value);
break;
case 'erase':
$this->datastorage = array('data_storage'=>'erase');
break;
}
if ($this->status())
{
$this->Login();
return (isset($this->apiResponse->data_storage) ? true : false);
}
return true;
}
/* Nasty things */
public function Login($timeout = 6) {
// Caching
if ($this->cache && file_exists($this->cache.$this->token) && filemtime($this->cache.$this->token) > time()-$this->cachetimeout)
{
$this->apiResponse = json_decode(file_get_contents($this->cache.$this->token));
return true;
}
// Collect the auth infos
// ! This looks pretty bad. In the next release, there will be a JSON encoder.
$array = array_merge(array(
'appid' => $this->appid,
'apptoken' => $this->apptoken,
'token' => $this->token,
), $this->datastorage);
// Convert to GET like string
$fields = '';
foreach($array as $key=>$value)
$fields .= $key.'='.$value.'&';
$fields = rtrim($fields, '&');
// Connect options and set data
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->apiurl);
curl_setopt($ch, CURLOPT_POST, count($array));
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// Free up some memory
unset($fields);
unset($array);
$this->datastorage = false;
// Do what we need to
$rawResponse = curl_exec($ch);
$this->apiResponse = json_decode($rawResponse);
// Basic cache
if ($this->cache)
{
$cache = fopen($this->cache.$this->token, 'w');
fwrite($cache, $rawResponse);
fclose($cache);
unset($cache);
}
unset($rawResponse);
// Close the connection to the login server
curl_close($ch);
unset($ch);
// '1' means the response has came from the remote server
// Not relevant for this script, but you can build an advanced cache control for better performance.
return 1;
}
// Logged in?
public function status() {
if (isset($this->apiResponse->status) && $this->apiResponse->status == 'ok')
return true;
return false;
}
// Return user's data
// Array mode is the default, because this could cause serious problems if someone auto-updating this script.
public function getData($array = true) {
if ($array)
return (array)$this->apiResponse;
return $this->apiResponse;
}
}
?>

18
includes/js/functions.js
View File

@ -1,10 +1,10 @@
function set_comment_reply(cid)
{
$("form[name='new-comment'] input[name='entryReply']").val(cid);
$("#new-comment-reply span").html('Reply');
}
function spoilerToggle(selem)
{
selem.parent().children(".spoiler_c").stop().slideToggle();
function set_comment_reply(cid)
{
$("form[name='new-comment'] input[name='entryReply']").val(cid);
$("#new-comment-reply span").html('Reply');
}
function spoilerToggle(selem)
{
selem.parent().children(".spoiler_c").stop().slideToggle();
}

12
includes/js/jquery-ui.custom.min.js vendored
View File

File diff suppressed because one or more lines are too long

19578
includes/js/jquery.js vendored
View File

File diff suppressed because it is too large Load Diff

32
includes/locale/hu_HU.lng
View File

@ -84,6 +84,10 @@
"pages": "Oldalak",
"page_editor": "Oldal szerkesztése",
"page_delete": "Oldal törlése",
"page_delete_failed": "Az oldal törlése sikertelen.",
"page_deleted": "Az oldal sikeresen törölve.",
"page_modified": "Módosítva",
"page_title": "Az oldal címe",
"page_slug": "Az oldal linkje (example.org/page/ez-itt)",
"page_added": "Az oldal mentése sikeresen megtörtént.",
@ -116,11 +120,39 @@
"plugins": "Bővítmények",
"plugin_name": "Név",
"scope": "Hatáskör",
"plugin_noenable": "Static",
"plugins_empty": "Nincsenek elérhető bővítmények.",
"plugin_added": "Bővítmény sikeresen hozzáadva.",
"plugin_not_added": "A bővítmény nem lett hozzáadva.",
"plugin_not_updated": "A beállítást nem lehet elvégezni.",
"site_settings": "Oldal beállításai",
"settings": "Beállítások",
"settings_save": "Beállítások mentése",
"settings_update_failed": "Nem sikerült minden beállítást frissíteni.",
"settings_updated": "A beállítások frissítése sikeresen megtörtént.",
"settings_variable": "Beállítás",
"settings_value": "Érték",
"settings_var_allowedPicTypes": "Engedélyezett képek (mime)",
"settings_var_dateformat": "Dátum formátum",
"settings_var_dateformatShort": "Rövid dátum formátum",
"settings_var_defaultProfilePic": "Alap profilkép",
"settings_var_description": "Oldal leírása (meta)",
"settings_var_entriesPerPage": "Bejegyzések oldalanként",
"settings_var_filtr_appid": "Filtr. App ID",
"settings_var_filtr_apptoken": "Filtr. App Token",
"settings_var_keywords": "Oldal kulcsszavai (meta)",
"settings_var_mainTheme": "Megjelenés könyvtára",
"settings_var_seo": "SEO linkek",
"settings_var_subEntry": "Bejegyzések aloldala",
"settings_var_subPage": "Oldalak aloldala",
"settings_var_subProfile": "Porfilok aloldala",
"settings_var_tagline": "Megjelenítendő leírás",
"settings_var_title": "Oldal címe",
"settings_var_titleFormat": "Oldal címének formátuma",
"settings_var_twitter_site": "Twitter felhasználó",
"settings_var_url": "Oldal URL-je",
"comments": "Hozzászólások",
"post_reply": "Válasz",
"share_impressions": "Oszd meg a véleményed...",

56
includes/main/entries.php
View File

@ -1,29 +1,29 @@
<?php
addTitle($_locale['entries']);
if (isset($seo[1]) && isnum($seo[1]))
$blog = new blog(null, $seo[1]);
else
$blog = new blog();
if (theme_component('entries'))
include theme_component('entries');
else
{
if (LOGGEDIN && $user['userLevel'] > 2) echo "<a href='/admin/entry'><p class='phantom'>{locale:new_entry}</p></a>";
if ($blog->entries)
{
while ($data = $blog->entries())
echo "<article>
<header>
<h2><a href='".get_entry_link($data['entrySlug'])."'>".htmlspecialchars($data['entryTitle'])."</a></h2>
<p class='meta'><time class='date' title='{locale:published_on}'>".show_date($data['entryPublished'])."</time><a href='".get_profile_link($data['userName'])."' class='by' title='{locale:entry_by}'>$data[publicName]</a>".get_entry_admin($data)."</p>
</header>
<div class='content'>".entry_show_init($data['entryContent'], $data['entrySlug'])."</div>
</article>\n";
echo "<p class='paginator'>".(isset($seo[1]) && isnum($seo[1]) ? "<a href='/p/".($seo[1]+1)."'>{locale:next_page}</a><a href='/p/".($seo[1]-1)."'>{locale:prev_page}</a>" : "<a href='/p/2'>{locale:next_page}</a>")."</p>";
} else
echo "<h1>{locale:entry_not_found_title}</h1>"
."<p>{locale:entry_not_found}</p>\n";
<?php
addTitle($_locale['entries']);
if (isset($seo[1]) && isnum($seo[1]))
$blog = new blog(null, $seo[1]);
else
$blog = new blog();
if (theme_component('entries'))
include theme_component('entries');
else
{
if (LOGGEDIN && $user['userLevel'] > 2) echo "<a href='/admin/entry'><p class='phantom'>{locale:new_entry}</p></a>";
if ($blog->entries)
{
while ($data = $blog->entries())
echo "<article>
<header itemscope itemtype='http://schema.org/Article'>
<h2><a href='".get_entry_link($data['entrySlug'])."' itemprop='name'>".htmlspecialchars($data['entryTitle'])."</a></h2>
<p class='meta'><time class='date' title='{locale:published_on}' itemprop='datePublished' content='".date('Y-m-d', $data['entryPublished'])."'>".show_date($data['entryPublished'])."</time><span itemprop='author' itemscope itemtype='http://schema.org/Person'><a href='".get_profile_link($data['userName'])."' class='by' title='{locale:entry_by}' itemprop='url'><span itemprop='name'>$data[publicName]</span></a></span>".get_entry_admin($data)."</p>
</header>
<div class='content' itemprop='articleBody'>".entry_show_init($data['entryContent'], $data['entrySlug'])."</div>
</article>\n";
echo "<p class='paginator'>".(isset($seo[1]) && isnum($seo[1]) ? "<a href='/p/".($seo[1]+1)."'>{locale:next_page}</a><a href='/p/".($seo[1]-1)."'>{locale:prev_page}</a>" : "<a href='/p/2'>{locale:next_page}</a>")."</p>";
} else
echo "<h1>{locale:entry_not_found_title}</h1>"
."<p>{locale:entry_not_found}</p>\n";
}

74
includes/main/entry.php
View File

@ -1,37 +1,39 @@
<?php
if (!isset($seo[1])) redirect();
$blog = new blog($seo[1]);
if (theme_component('entry'))
include theme_component('entry');
else
if ($blog->entries)
while ($data = $blog->entry())
{
addTitle($data['entryTitle']);
if ($data['entryHidden']) echo "<p>{locale:hidden_content}</p>";
if ($data['entryPIN'] && get_pin() != $data['entryPIN'])
echo "<p>{locale:pin_protected_content}</p>
<form action='".get_entry_link($data['entrySlug'])."' method='post' name='entry-pin-input'>
<input type='text' name='read_entry_pin' placeholder='{locale:entry_pin}' />
<button type='submit'>{locale:unlock}</button>
</form>";
else
{
addDescription(entry_show_init($data['entryContent'], $data['entrySlug']));
addImage((preg_match('/< *img[^>]*src *= *["\']?([^"\']*)/i', $data['entryContent'], $images) ? $images[1] : 0));
headerImage($data['entryHeader']);
echo "<article class='full'>
<h2>".htmlspecialchars($data['entryTitle'])."</h2>
<div class='content'>".entry_show_all($data['entryContent'])."</div>
<p class='meta'><time class='date' title='{locale:published_on}'>".show_date($data['entryPublished'])."</time><a href='".get_profile_link($data['userName'])."' class='by' title='{locale:entry_by}'>$data[publicName]</a>".get_entry_admin($data)."</p>
</article>\n";
}
}
else
echo "<h1>{locale:entry_not_found_title}</h1>"
<?php
if (!isset($seo[1])) redirect();
$blog = new blog($seo[1]);
if (theme_component('entry'))
include theme_component('entry');
else
if ($blog->entries)
while ($data = $blog->entry())
{
addTitle($data['entryTitle']);
if ($data['entryHidden']) echo "<p>{locale:hidden_content}</p>";
if ($data['entryPIN'] && get_pin() != $data['entryPIN'])
echo "<p>{locale:pin_protected_content}</p>
<form action='".get_entry_link($data['entrySlug'])."' method='post' name='entry-pin-input'>
<input type='text' name='read_entry_pin' placeholder='{locale:entry_pin}' />
<button type='submit'>{locale:unlock}</button>
</form>";
else
{
addDescription(entry_show_init($data['entryContent'], $data['entrySlug']));
addImage($data['entryHeader']);
headerImage($data['entryHeader']);
echo "<article class='full' itemscope itemtype='http://schema.org/Article'>
<h2 itemprop='name'>".htmlspecialchars($data['entryTitle'])."</h2>
<div class='hidden' itemprop='headline'>".htmlspecialchars($data['entryTitle'])."</div>
".($data['entryHeader'] ? "<img class='hidden' itemprop='image' src='$data[entryHeader]' alt='Header image'/>" : null)."
<div class='content' itemprop='articleBody'>".entry_show_all($data['entryContent'])."</div>
<p class='meta'><time class='date' title='{locale:published_on}' itemprop='datePublished' content='".date('Y-m-d', $data['entryPublished'])."'>".show_date($data['entryPublished'])."</time><span itemprop='author' itemscope itemtype='http://schema.org/Person'><a href='".get_profile_link($data['userName'])."' class='by' title='{locale:entry_by}' itemprop='url'><span itemprop='name'>$data[publicName]</span></a></span>".get_entry_admin($data)."</p>
</article>\n";
}
}
else
echo "<h1>{locale:entry_not_found_title}</h1>"
."<p>{locale:entry_not_found}</p>\n";

74
includes/main/login.php
View File

@ -1,38 +1,38 @@
<?php
if (LOGGEDIN) redirect(get_profile_link());
addTitle($_locale['login']);
if (theme_component('login')) :
include theme_component('login');
else :
?>
<div style="float: left; width: 48%;">
<h1>{locale:login}</h1>
<form action="<?=get_current_link()?>" method="post" name="login-form">
<input type="text" name="login_name" value="" />
<input type="password" name="login_pass" value="" />
<button type="submit">{locale:login}</button>
</form>
</div>
<div style="float: right; width: 48%;">
<h1>{locale:registration}</h1>
<form action="<?=get_current_link()?>" method="post" name="registration-form">
<input type="text" name="reg_name" value="" placeholder="{locale:username}" autocomplete="off" />
<input type="password" name="reg_pass" value="" placeholder="{locale:password}" autocomplete="off" />
<input type="password" name="reg_pass2" value="" placeholder="{locale:password_again}" autocomplete="off" />
<input type="text" name="reg_email" value="" placeholder="{locale:email}" autocomplete="off" />
<button type="submit">{locale:registration}</button>
</form>
</div>
<div class="clear"></div>
<?php
if (LOGGEDIN) redirect(get_profile_link());
addTitle($_locale['login']);
if (theme_component('login')) :
include theme_component('login');
else :
?>
<div style="float: left; width: 48%;">
<h1>{locale:login}</h1>
<form action="<?=get_current_link()?>" method="post" name="login-form">
<input type="text" name="login_name" value="" />
<input type="password" name="login_pass" value="" />
<button type="submit">{locale:login}</button>
</form>
</div>
<div style="float: right; width: 48%;">
<h1>{locale:registration}</h1>
<form action="<?=get_current_link()?>" method="post" name="registration-form">
<input type="text" name="reg_name" value="" placeholder="{locale:username}" autocomplete="off" />
<input type="password" name="reg_pass" value="" placeholder="{locale:password}" autocomplete="off" />
<input type="password" name="reg_pass2" value="" placeholder="{locale:password_again}" autocomplete="off" />
<input type="text" name="reg_email" value="" placeholder="{locale:email}" autocomplete="off" />
<button type="submit">{locale:registration}</button>
</form>
</div>
<div class="clear"></div>
<?php endif ?>

30
includes/main/page.php
View File

@ -1,16 +1,16 @@
<?php
if (!isset($seo[1])) redirect();
$page = new page($seo[1]);
if (theme_component('page'))
include theme_component('page');
else
if ($page->readable())
{
addTitle($page->data['pageTitle']);
echo "<h1>".htmlspecialchars($page->data['pageTitle'])."</h1>";
echo entry_show_all($page->data['pageContent']);
<?php
if (!isset($seo[1])) redirect();
$page = new page($seo[1]);
if (theme_component('page'))
include theme_component('page');
else
if ($page->readable())
{
addTitle($page->data['pageTitle']);
echo "<h1>".htmlspecialchars($page->data['pageTitle'])."</h1>";
echo entry_show_all($page->data['pageContent']);
}

250
includes/main/profile.php
View File

@ -1,126 +1,126 @@
<?php
$profile = new user($seo[1], null, null, true);
if ($profile) :
$userData = $profile->get_data();
$me = (LOGGEDIN && $user['userId'] == $userData['userId'] ? true : false);
endif;
if ($me)
{
if (isset($_POST["userEdit"]))
{
$name = $_POST['userPublicName']; if (!Check::name($name)) array_push($error, $_locale['edit_wrong_public_name']);
$rname = $_POST['userRealName']; if (!Check::name($rname)) array_push($error, $_locale['edit_wrong_real_name']);
$email = $_POST['userEmail']; if (strlen($email) && !Check::email($email)) array_push($error, $_locale['edit_wrong_email']);
$web = $_POST['userWeb']; if (!Check::domain($web)) array_push($error, $_locale['edit_wrong_web']);
$bio = htmlspecialchars($_POST['userIntroduction']); if (strlen($bio) > 200) array_push($error, $_locale['edit_wrong_introduction']);
$bio = sqlprot($bio);
if (empty($error))
if ($_sql->query("UPDATE users SET userPublicName = '$name',userRealName = '$rname',userEmail = '$email',userWeb = '$web',userIntroduction = '$bio' WHERE userId = $user[userId]"))
redirect(get_profile_link());
else
array_push($error, $_locale['profile_not_updated']);
}
if (isset($_FILES["userPic"]))
{
$file = 'data/profile_pics/'.$user['userId'].'.jpg';
if (file_exists($file)) unlink($file);
if ($_FILES["userPic"]["error"] < 1 && in_array($_FILES["userPic"]["type"], explode(',', $_set['allowedPicTypes'])))
{
clear_cache();
$thumb = new Imagick($_FILES["userPic"]["tmp_name"]);
//$thumb->resizeImage(500, 500, Imagick::FILTER_POINT, 1, true);
$thumb->cropThumbnailImage(500, 500);
$thumb->setImageFormat('jpg');
$thumb->writeImage($file);
$thumb->destroy();
$profile->setPic(true);
redirect(get_current_link());
} else
{
$profile->setPic(false);
}
} else
{
//$profile->setPic(false);
//redirect(get_current_link());
}
}
if (isset($seo[2]) && $seo[2] == 'edit')
{
addTitle($_locale['profile_edit']);
if (theme_component('profile_edit'))
include theme_component('profile_edit');
else
include 'includes/main/profile_edit.php';
}
else
{
addTitle($userData['userPublicName'].$_locale['s_profile']);
if (theme_component('profile')) :
include theme_component('profile');
else :
if ($profile) :
?>
<div class="profile pic">
<div id="profile_pic" style="background-image: url('<?=get_profile_picture($userData)?>')">
<?php if ($me) : ?>
<form action="<?=get_current_link()?>" method="post" name="userpic-upload" enctype="multipart/form-data">
<input type="file" name="userPic" id="userPicInput" style="display: none" />
<button type="button" onclick="$('#userPicInput').focus().click()">{locale:browse}</button><button type="submit" id="userPicSaveBtn" class="orange">{locale:delete}</button>
</form>
<script>
$("#userPicInput").change(function() {
$("#userPicSaveBtn").html('{locale:save}').removeClass('orange');
});
</script>
<?php endif ?>
</div>
</div>
<div class="profile details">
<h1><?=$userData['userPublicName'].$_locale['s_profile']?></h1>
<h3><?=$userData['userName'].($me ? ' <a href="'.get_current_link().'/edit" class="edit">{locale:profile_edit}</a>' : '')?></h3>
<?php if (LOGGEDIN) : ?>
<div class='box contact'>
<p><strong>{locale:name}:</strong> <?=$userData['userRealName']?></p>
<p><strong>{locale:email}:</strong> <?=$userData['userEmail']?></p>
<p><strong>{locale:web}:</strong> <?=$userData['userWeb']?></p>
</div>
<div class='spacer'></div>
<?php endif ?>
<?php
$recent = $_sql->query("SELECT entrySlug, entryTitle FROM entries WHERE entryBy = $userData[userId] AND entryPublished <= ".time()." ORDER BY entryPublished DESC LIMIT 5");
if ($recent->num_rows) : ?>
<div class='box recent'>
<?php
while ($data = $recent->fetch_assoc())
echo "<p><a href='".get_entry_link($data['entrySlug'])."'>".trimlink($data['entryTitle'], 42)."</a></p>\n";
?>
</div>
<?php endif; unset($recent); ?>
<?php if ($userData['userIntroduction']) : ?>
<div class='box introduction'>
<p><?=$userData['userIntroduction']?></p>
</div>
<?php endif ?>
<div class="clear"></div>
</div>
<div class="clear"></div>
<?php else : ?>
<h1>{locale:profile}</h1>
<p>{locale:profile_not_found}</p>
<?php
$profile = new user($seo[1], null, null, true);
if ($profile) :
$userData = $profile->get_data();
$me = (LOGGEDIN && $user['userId'] == $userData['userId'] ? true : false);
endif;
if ($me)
{
if (isset($_POST["userEdit"]))
{
$name = $_POST['userPublicName']; if (!Check::name($name)) array_push($error, $_locale['edit_wrong_public_name']);
$rname = $_POST['userRealName']; if (!Check::name($rname)) array_push($error, $_locale['edit_wrong_real_name']);
$email = $_POST['userEmail']; if (strlen($email) && !Check::email($email)) array_push($error, $_locale['edit_wrong_email']);
$web = $_POST['userWeb']; if (!Check::domain($web)) array_push($error, $_locale['edit_wrong_web']);
$bio = htmlspecialchars($_POST['userIntroduction']); if (strlen($bio) > 200) array_push($error, $_locale['edit_wrong_introduction']);
$bio = sqlprot($bio);
if (empty($error))
if ($_sql->query("UPDATE users SET userPublicName = '$name',userRealName = '$rname',userEmail = '$email',userWeb = '$web',userIntroduction = '$bio' WHERE userId = $user[userId]"))
redirect(get_profile_link());
else
array_push($error, $_locale['profile_not_updated']);
}
if (isset($_FILES["userPic"]))
{
$file = 'data/profile_pics/'.$user['userId'].'.jpg';
if (file_exists($file)) unlink($file);
if ($_FILES["userPic"]["error"] < 1 && in_array($_FILES["userPic"]["type"], explode(',', $_set['allowedPicTypes'])))
{
clear_cache();
$thumb = new Imagick($_FILES["userPic"]["tmp_name"]);
//$thumb->resizeImage(500, 500, Imagick::FILTER_POINT, 1, true);
$thumb->cropThumbnailImage(500, 500);
$thumb->setImageFormat('jpg');
$thumb->writeImage($file);
$thumb->destroy();
$profile->setPic(true);
redirect(get_current_link());
} else
{
$profile->setPic(false);
}
} else
{
//$profile->setPic(false);
//redirect(get_current_link());
}
}
if (isset($seo[2]) && $seo[2] == 'edit')
{
addTitle($_locale['profile_edit']);
if (theme_component('profile_edit'))
include theme_component('profile_edit');
else
include 'includes/main/profile_edit.php';
}
else
{
addTitle($userData['userPublicName'].$_locale['s_profile']);
if (theme_component('profile')) :
include theme_component('profile');
else :
if ($profile) :
?>
<div class="profile pic">
<div id="profile_pic" style="background-image: url('<?=get_profile_picture($userData)?>')">
<?php if ($me) : ?>
<form action="<?=get_current_link()?>" method="post" name="userpic-upload" enctype="multipart/form-data">
<input type="file" name="userPic" id="userPicInput" style="display: none" />
<button type="button" onclick="$('#userPicInput').focus().click()">{locale:browse}</button><button type="submit" id="userPicSaveBtn" class="orange">{locale:delete}</button>
</form>
<script>
$("#userPicInput").change(function() {
$("#userPicSaveBtn").html('{locale:save}').removeClass('orange');
});
</script>
<?php endif ?>
</div>
</div>
<div class="profile details">
<h1><?=$userData['userPublicName'].$_locale['s_profile']?></h1>
<h3><?=$userData['userName'].($me ? ' <a href="'.get_current_link().'/edit" class="edit">{locale:profile_edit}</a>' : '')?></h3>
<?php if (LOGGEDIN) : ?>
<div class='box contact'>
<p><strong>{locale:name}:</strong> <?=$userData['userRealName']?></p>
<p><strong>{locale:email}:</strong> <?=$userData['userEmail']?></p>
<p><strong>{locale:web}:</strong> <?=$userData['userWeb']?></p>
</div>
<div class='spacer'></div>
<?php endif ?>
<?php
$recent = $_sql->query("SELECT entrySlug, entryTitle FROM entries WHERE entryBy = $userData[userId] AND entryPublished <= ".time()." ORDER BY entryPublished DESC LIMIT 5");
if ($recent->num_rows) : ?>
<div class='box recent'>
<?php
while ($data = $recent->fetch_assoc())
echo "<p><a href='".get_entry_link($data['entrySlug'])."'>".trimlink($data['entryTitle'], 42)."</a></p>\n";
?>
</div>
<?php endif; unset($recent); ?>
<?php if ($userData['userIntroduction']) : ?>
<div class='box introduction'>
<p><?=$userData['userIntroduction']?></p>
</div>
<?php endif ?>
<div class="clear"></div>
</div>
<div class="clear"></div>
<?php else : ?>
<h1>{locale:profile}</h1>
<p>{locale:profile_not_found}</p>
<?php endif; endif; } ?>

32
includes/main/profile_edit.php
View File

@ -1,17 +1,17 @@
<h1>{locale:profile_edit}: <?=$userData['userPublicName']?></h1>
<form action="<?=get_current_link()?>" method="post" name="edit-profile">
<h3>{locale:contact}</h3>
<input type="text" name="userPublicName" value="<?=$userData['userPublicName']?>" placeholder="{locale:public_name}" maxlength="50" />
<input type="text" name="userRealName" value="<?=$userData['userRealName']?>" placeholder="{locale:name}" maxlength="50" />
<input type="text" name="userEmail" value="<?=$userData['userEmail']?>" placeholder="{locale:email}" maxlength="50" />
<input type="text" name="userWeb" value="<?=$userData['userWeb']?>" placeholder="{locale:web}" maxlength="50" />
<h3>{locale:introduction}</h3>
<textarea name="userIntroduction" maxlength="320"><?=htmlentities($userData['userIntroduction'])?></textarea>
<button type="submit" name="userEdit">{locale:save}</button>
<h1>{locale:profile_edit}: <?=$userData['userPublicName']?></h1>
<form action="<?=get_current_link()?>" method="post" name="edit-profile">
<h3>{locale:contact}</h3>
<input type="text" name="userPublicName" value="<?=$userData['userPublicName']?>" placeholder="{locale:public_name}" maxlength="50" />
<input type="text" name="userRealName" value="<?=$userData['userRealName']?>" placeholder="{locale:name}" maxlength="50" />
<input type="text" name="userEmail" value="<?=$userData['userEmail']?>" placeholder="{locale:email}" maxlength="50" />
<input type="text" name="userWeb" value="<?=$userData['userWeb']?>" placeholder="{locale:web}" maxlength="50" />
<h3>{locale:introduction}</h3>
<textarea name="userIntroduction" maxlength="320"><?=htmlentities($userData['userIntroduction'])?></textarea>
<button type="submit" name="userEdit">{locale:save}</button>
</form>

58
includes/main/tag.php
View File

@ -1,29 +1,29 @@
<?php
if (!isset($seo[1]) || !is_numeric($seo[1])) redirect();
$tagged = $_sql->query("SELECT tagName FROM tags WHERE tagId = $seo[1]");
$entries = $_sql->query("SELECT entrySlug, entryTitle, entryPublished, entryBy FROM entries INNER JOIN tagged ON taggedEntry = entryId WHERE taggedTag = $seo[1] AND entryHidden IS NULL ORDER BY entryPublished DESC");
if (theme_component('tag'))
include theme_component('tag');
else
{
if ($tagged->num_rows)
{
$tag = $tagged->fetch_assoc();
addTitle($tag['tagName']);
echo "<h1>$tag[tagName]</h1>";
if ($entries->num_rows)
{
echo "<ul>";
while ($data = $entries->fetch_assoc())
echo "<li><a href='".get_entry_link($data['entrySlug'])."'>$data[entryTitle]</a></li>";
echo "</ul>";
}
}
}
unset($tag);
unset($tagged);
unset($entries);
<?php
if (!isset($seo[1]) || !is_numeric($seo[1])) redirect();
$tagged = $_sql->query("SELECT tagName FROM tags WHERE tagId = $seo[1]");
$entries = $_sql->query("SELECT entrySlug, entryTitle, entryPublished, entryBy FROM entries INNER JOIN tagged ON taggedEntry = entryId WHERE taggedTag = $seo[1] AND entryHidden IS NULL ORDER BY entryPublished DESC");
if (theme_component('tag'))
include theme_component('tag');
else
{
if ($tagged->num_rows)
{
$tag = $tagged->fetch_assoc();
addTitle($tag['tagName']);
echo "<h1>$tag[tagName]</h1>";
if ($entries->num_rows)
{
echo "<ul>";
while ($data = $entries->fetch_assoc())
echo "<li><a href='".get_entry_link($data['entrySlug'])."'>$data[entryTitle]</a></li>";
echo "</ul>";
}
}
}
unset($tag);
unset($tagged);
unset($entries);

182
includes/page.class.php
View File

@ -1,92 +1,92 @@
<?php
class page
{
private $query;
public $exists;
public $data;
public $slug;
public function __construct($slug = false)
{
global $_sql;
if ($slug)
{
$slug = sqlprot($slug);
$this->slug = $slug;
$this->query = $_sql->query("SELECT * FROM pages WHERE pageSlug = '$slug'");
$this->exists = ($this->query->num_rows ? true : false);
if ($this->exists)
$this->data = $this->query->fetch_assoc();
} else
{
$this->query = $_sql->query("SELECT * FROM pages".($trash ? ' WHERE pageDeleted = 1' : ''));
$this->exists = ($this->query->num_rows ? true : false);
}
}
public function status()
{
if ($this->exists)
return true;
return false;
}
public function readable()
{
if ($this->exists && !$this->data['pageDeleted'])
return true;
return false;
}
public function get_list()
{
$pages = array();
while ($data = $this->query->fetch_assoc())
array_push($pages, $data);
}
public function update($title, $content)
{
global $_sql;
$title = sqlprot($title);
$content = sqlprot($content);
if (Check::title($title) && $this->data)
if ($_sql->query("UPDATE pages SET pageTitle = '$title', pageContent = '$content' WHERE pageSlug = '".$this->data['pageSlug']."'"))
return true;
return false;
}
public function create($title, $content)
{
global $_sql;
$slug = sqlprot($this->slug);
$title = sqlprot($title);
$content = sqlprot($content);
if (Check::title($title) && Check::slug($slug) && !$this->data)
if ($_sql->query("INSERT INTO pages (pageSlug, pageTitle, pageContent) VALUES ('$slug', '$title', '$content')"))
return true;
return false;
}
public function delete()
{
global $_sql;
if ($this->data)
if ($_sql->query("UPDATE pages SET pageDeleted = 1 WHERE pageSlug = '".$this->data['pageSlug']."'"))
return true;
return false;
}
<?php
class page
{
private $query;
public $exists;
public $data;
public $slug;
public function __construct($slug = false)
{
global $_sql;
if ($slug)
{
$slug = sqlprot($slug);
$this->slug = $slug;
$this->query = $_sql->query("SELECT * FROM pages WHERE pageSlug = '$slug'");
$this->exists = ($this->query->num_rows ? true : false);
if ($this->exists)
$this->data = $this->query->fetch_assoc();
} else
{
$this->query = $_sql->query("SELECT * FROM pages".($trash ? ' WHERE pageDeleted = 1' : ''));
$this->exists = ($this->query->num_rows ? true : false);
}
}
public function status()
{
if ($this->exists)
return true;
return false;
}
public function readable()
{
if ($this->exists && !$this->data['pageDeleted'])
return true;
return false;
}
public function get_list()
{
$pages = array();
while ($data = $this->query->fetch_assoc())
array_push($pages, $data);
}
public function update($title, $content)
{
global $_sql;
$title = sqlprot($title);
$content = sqlprot($content);
if (Check::title($title) && $this->data)
if ($_sql->query("UPDATE pages SET pageTitle = '$title', pageContent = '$content', pageModified = ".time()." WHERE pageSlug = '".$this->data['pageSlug']."' AND pageDeleted IS NULL"))
return true;
return false;
}
public function create($title, $content)
{
global $_sql;
$slug = sqlprot($this->slug);
$title = sqlprot($title);
$content = sqlprot($content);
if (Check::title($title) && Check::slug($slug) && !$this->data)
if ($_sql->query("INSERT INTO pages (pageSlug, pageTitle, pageContent, pageCreated) VALUES ('$slug', '$title', '$content', ".time().")"))
return true;
return false;
}
public function delete()
{
global $_sql;
if ($this->data)
if ($_sql->query("UPDATE pages SET pageDeleted = ".time()." WHERE pageSlug = '".$this->data['pageSlug']."'"))
return true;
return false;
}
}

54
includes/rss.php
View File

@ -1,28 +1,28 @@
<?php
header("Content-Type: application/xml");
echo '<?xml version="1.0" encoding="UTF-8" ?>'."\n";
?>
<rss version="2.0">
<channel>
<title><?=$_set['title']?></title>
<link><?=$_set['url']?></link>
<description><?=$_set['description']?></description>
<language>hu-hu</language>
<?php
$blog = new blog();
while ($data = $blog->entries())
{
$image = preg_match('/< *img[^>]*src *= *["\']?([^"\']*)/i', $data['entryContent'], $images);
echo " <item>\n"
." <title>".htmlspecialchars($data['entryTitle'])."</title>\n"
." <pubDate>".show_date($data['entryPublished'])."</pubDate>\n"
." <link>".$_set['url'].get_entry_link($data['entrySlug'])."</link>\n"
." <description>".strip_tags(nl2br(explode('[[MORE]]', $data['entryContent'])[0]))."</description>\n"
.($image ? " <media:thumbnail url='".$_set['url'].$images[1]."' />\n" : null)
." </item>\n";
}
?>
</channel>
<?php
header("Content-Type: application/xml");
echo '<?xml version="1.0" encoding="UTF-8" ?>'."\n";
?>
<rss version="2.0">
<channel>
<title><?=$_set['title']?></title>
<link><?=$_set['url']?></link>
<description><?=$_set['description']?></description>
<language>hu-hu</language>
<?php
$blog = new blog();
while ($data = $blog->entries())
{
$image = preg_match('/< *img[^>]*src *= *["\']?([^"\']*)/i', $data['entryContent'], $images);
echo " <item>\n"
." <title>".htmlspecialchars($data['entryTitle'])."</title>\n"
." <pubDate>".show_date($data['entryPublished'])."</pubDate>\n"
." <link>".$_set['url'].get_entry_link($data['entrySlug'])."</link>\n"
." <description>".strip_tags(nl2br(explode('[[MORE]]', $data['entryContent'])[0]))."</description>\n"
.($image ? " <media:thumbnail url='".$_set['url'].$images[1]."' />\n" : null)
." </item>\n";
}
?>
</channel>
</rss>

32
includes/settings.class.php Normal file
View File

@ -0,0 +1,32 @@
<?php
class settings
{
public function __construct() {}
public static function getdata()
{
global $_sql;
$_set = array();
$set = $_sql->query("SELECT * FROM settings");
while ($data = $set->fetch_assoc())
$_set[$data['variable']] = $data['value'];
return $_set;
}
public function update($var, $val)
{
global $_sql, $_set;
if (isset($_set[$var]) && $_sql->query("UPDATE `settings` SET `value` = '".sqlprot($val)."' WHERE `variable` = '".$var."'"))
return true;
return false;
}
}

16
includes/sidebar/account.php
View File

@ -1,9 +1,9 @@
<?php
echo "<ul>";
echo "<li><a href='".get_profile_link()."'>$user[userName]$_locale[s_profile]</a></li>";
if ($user['userLevel'] > 1) echo "<li><a href='".get_site_link()."/admin'>$_locale[admin]</a></li>";
if ($user['userLevel'] > 2) echo "<li><a href='".get_site_link()."/admin/entry'>$_locale[new_entry]</a></li>";
echo "<li><a href='?logout'>$_locale[logout]</a></li>";
<?php
echo "<ul>";
echo "<li><a href='".get_profile_link()."'>$user[userName]$_locale[s_profile]</a></li>";
if ($user['userLevel'] > 1) echo "<li><a href='".get_site_link()."/admin'>$_locale[admin]</a></li>";
if ($user['userLevel'] > 2) echo "<li><a href='".get_site_link()."/admin/entry'>$_locale[new_entry]</a></li>";
echo "<li><a href='?logout'>$_locale[logout]</a></li>";
echo "</ul>";

51
includes/sidebar/sidebar.php
View File

@ -1,29 +1,24 @@
<?php
if (LOGGEDIN) :
echo "<li>";
echo "<h2>$user[userName]</h2>";
echo "<a href='".get_profile_link()."'><img src='".get_profile_picture()."' alt='' style='width: 120px' /></a>";
include 'includes/sidebar/account.php';
echo "</li>";
else :
?>
<li>
<h2><?=$_locale['login']?></h2>
<form action="<?=get_current_link()?>" method="post" name="login-form">
<input type="text" name="login_name" value="" placeholder="<?=$_locale['username']?>" />
<input type="password" name="login_pass" value="" placeholder="<?=$_locale['password']?>" />
<button type="submit"><?=$_locale['login']?></button>
</form>
</li>
<?php endif;
echo "<li><h2>$_locale[tags]</h2><ul class='tags'>";
get_tags();
echo "</ul></li>";
<?php
if (LOGGEDIN) :
echo "<li>";
echo "<h2>$user[userName]</h2>";
echo "<a href='".get_profile_link()."'><img src='".get_profile_picture()."' alt='' style='width: 120px' /></a>";
include 'includes/sidebar/account.php';
echo "</li>";
else :
?>
<li>
<h2><?=$_locale['login']?></h2>
<form action="//filtr.sandros.hu/app_login/<?=$_set['filtr_appid']?>&amp;ret" method="get" name="login-form" id="footer-account">
<input type="submit" name="login" value="<?=$_locale['login']?>" />
</form>
</li>
<?php endif;
echo "<li><h2>$_locale[tags]</h2><ul class='tags'>";
get_tags();
echo "</ul></li>";
?>

134
includes/user.class.php
View File

@ -1,68 +1,68 @@
<?php
class user
{
private $id = 0;
private $name;
public $data;
private $udata = array();
private $counter = 0;
public function __construct($name = false, $data = false)
{
if ($this->counter > 2) return false;
$this->counter++;
global $_sql;
$query = $_sql->query("SELECT * FROM users WHERE userName = '$name'");
if ($query->num_rows)
{
$this->data = $query->fetch_assoc();
$this->id = $this->data['userId'];
return true;
} else
{
if ($data && $_sql->query("INSERT INTO users (userFiltrId, userName, userPublicName, userEmail, userRegistered, userRealName) VALUES ('$data[id]', '".$_sql->real_escape_string($name)."', '".$_sql->real_escape_string($data['name'])."', '".$_sql->real_escape_string($data['email'])."', '".time()."', '".$_sql->real_escape_string($data['name'])."')"))
return $this->__construct($name, $data);
}
return false;
}
public function get_data()
{
if ($this->data)
return $this->data;
global $_sql;
$query = $_sql->query("SELECT * FROM users WHERE ".($this->name ? "userName = '".$this->name."'" : "userId = ".$this->id));
if ($query->num_rows)
return $query->fetch_assoc();
return false;
}
public function setPic($status = false)
{
global $_sql;
$this->get_data();
if ($_sql->query("UPDATE users SET userPic = ".($status ? 1 : 0)." WHERE userId = ".$this->data['userId']))
return true;
return false;
}
public function setData($field, $value)
{
global $_sql;
$this->get_data();
if ($_sql->query("UPDATE users SET `$field` = '".sqlprot($value)."' WHERE userId = ".$this->data['userId']))
return true;
return false;
}
<?php
class user
{
private $id = 0;
private $name;
public $data;
private $udata = array();
private $counter = 0;
public function __construct($name = false, $data = false)
{
if ($this->counter > 2) return false;
$this->counter++;
global $_sql;
$query = $_sql->query("SELECT * FROM users WHERE userName = '$name'");
if ($query->num_rows)
{
$this->data = $query->fetch_assoc();
$this->id = $this->data['userId'];
return true;
} else
{
if ($data && $_sql->query("INSERT INTO users (userFiltrId, userName, userPublicName, userEmail, userRegistered, userRealName) VALUES ('$data[id]', '".$_sql->real_escape_string($name)."', '".$_sql->real_escape_string($data['name'])."', '".$_sql->real_escape_string($data['email'])."', '".time()."', '".$_sql->real_escape_string($data['name'])."')"))
return $this->__construct($name, $data);
}
return false;
}
public function get_data()
{
if ($this->data)
return $this->data;
global $_sql;
$query = $_sql->query("SELECT * FROM users WHERE ".($this->name ? "userName = '".$this->name."'" : "userId = ".$this->id));
if ($query->num_rows)
return $query->fetch_assoc();
return false;
}
public function setPic($status = false)
{
global $_sql;
$this->get_data();
if ($_sql->query("UPDATE users SET userPic = ".($status ? 1 : 0)." WHERE userId = ".$this->data['userId']))
return true;
return false;
}
public function setData($field, $value)
{
global $_sql;
$this->get_data();
if ($_sql->query("UPDATE users SET `$field` = '".sqlprot($value)."' WHERE userId = ".$this->data['userId']))
return true;
return false;
}
}