jeena/jlog
1
0
Fork 0
Code Issues Pull requests Projects Packages Wiki Activity Actions

1st commit for syncing own Jlog developments with master

Browse source
This commit is contained in:
RobbBienert 2024-10-04 16:40:09 +02:00
parent 2ae67af572
commit 517c58344d
54 changed files with 1784 additions and 1062 deletions
Download patch file Download diff file Expand all files Collapse all files

5
admin/auth.php
View file

@ -1,12 +1,15 @@
<?php
ini_set("session.use_trans_sid", false);
require_once(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'proto.inc.php');
session_start();
$hostname = $_SERVER['HTTP_HOST'];
$path = dirname($_SERVER['SCRIPT_NAME']);
if (!isset($_SESSION['logged_in']) || !$_SESSION['logged_in']) {
header('Location: http://'.$hostname.($path == '/' ? '' : $path).'/login.php?url='.urlencode($_SERVER["REQUEST_URI"]));
header('Location: ' . proto() . "://$hostname" .
($path == '/' ? '' : $path) . '/login.php?url=' .
urlencode($_SERVER["REQUEST_URI"]));
exit;
}

147
admin/bbcode.php Normal file
View file

@ -0,0 +1,147 @@
<?php
include_once('.'.DIRECTORY_SEPARATOR.'auth.php');
define("JLOG_ADMIN", true);
require_once('..'.DIRECTORY_SEPARATOR.'personal'.DIRECTORY_SEPARATOR.'settings.inc.php');
$c['meta']['title'] .= "BBCode Anleitung";
$c['main'] .= output_admin_menu().'
<h2>BBCode Anleitung</h2>
<p><a href="#links">Links</a> | <a href="#betonung">Betonung</a> |
<a href="#bilder">Bilder</a> | <a href="#ueberschrift">Überschrift</a> |
<a href="#listen">Listen</a> | <a href="#zitate">Zitate</a> | <a href="#html">HTML</a>
</p>
<h3>Allgemein zu Zeilenumbrüchen, Absätzen und Leerzeichen</h3>
<p><kbd>[Enter]</kbd> im normalen Fließtext darf nur in Paaren vorkommen, wenn man
einen richtigen <em>Absatz</em> erzeugen will. Vor jedem
<abbr title="Elemente, die automatisch einen neue Zeile anfangen">block</abbr> Element
muss zwei mal <kbd>[Enter]</kbd> gedrückt werden, da dies so zu sagen einen neuen
Absatz einleitet.
</p>
<p>Man sollte <em>nie</em> nur einen
Enter einzeln setzen, um die Breite des Textes zu bestimmen. Das macht
die Auszeichnungssprache <abbr title="Xtensible Hypertext Markup Language">XHTML</abbr>
nämlich von ganz alleine, je nachdem wie viel Platz der Besucher auf seinem Bildschirm
hat. Auch brauchst du keine Angst haben dass der Platz im Eingabefensterchen
nicht ausreicht, wenn du einen langen URL schreibst, das bricht auch automatisch um.
Bitte also keinen [Enter] vor einen URL setzen nur damit das in der neuen Zeile Anfängt.
</p>
<p><strong>Leerzeichen</strong> müssen vor und hinter jedes <abbr title="Elemente die keinen neuen Absatz erzeugen">inline</abbr> Element.
Innerhalb von <abbr title="Elemente die keinen neuen Absatz erzeugen">inline</abbr> Elementen dürfen Leerzeichen nur zwischen zwei Wörtern
stehen, niemals aber direkt hinter dem einleitenden Tag, also <em>niemals</em> so:<br />
<code>[url=http://exapmle.tld]<a href="#">[Leerzeichen]Beispiel Link</a>[Leerzeichen][/url]</code><br />
sondern in etwa so: <code>[url=http://example.tld]<a href="#">Beispiel Link</a>[/url]</code>.
</p>
<p>Die einzige Ausnahme dieser Regel ist, wenn man nur einen Teil eines Wortes als
etwas besonderes auszeichnen will. Dann macht man es zum Beispiel so:<br />
<code>Inter[url=http://communication.tld]kommunikation[/url]smanagment</code><br />
welches ergibt: <code>Inter<a href="#">kommunikation</a>smanagment</code>
</p>
<p>Vor einem Punkt ».« kommt niemals ein Leerzeichen, sondern immer dahinter.
</p>
<h3 id="links">Links (<abbr title="Elemente die keinen neuen Absatz erzeugen">inline</abbr>)</h3>
<ul>
<li>[url]<a href="http://example.com">http://example.com</a>[/url]</li>
<li>[url=http://example.com]<a href="http://example.com">Linkbeschreibung</a>[/url]</li>
</ul>
<h3 id="betonung">Betonung (<abbr title="Elemente die keinen neuen Absatz erzeugen">inline</abbr>)</h3>
<ul>
<li>[b]<strong>stark betont</strong>[/b]</li>
<li>[i]<em>leicht betont</em>[/i]</li>
</ul>
<h3 id="bilder">Bilder ( <abbr title="Elemente die keinen neuen Absatz erzeugen">inline</abbr> /
<abbr title="Elemente, die automatisch einen neue Zeile anfangen">block</abbr> )</h3>
<p>Grundsätzlich wird ein Bild so eingefügt: <code>[img]1.jpg[/url]</code> und ist ein
<abbr title="Elemente die keinen neuen Absatz erzeugen">inline</abbr> Element. Bei dir macht
das ja sowieso das Script. Wenn du irgendwann ein Bild von einem anderen Server einfügen
möchtest dann musst du es so machen: <code>[url]http://example.tld/pfad/zum/Bild.jpg[/img]</code>
meistens ist das aber von anderen Webmastern nur sehr ungern gesehen. Bilder können noch drei
Attribute enthalten:</p>
<p><strong>Erstens:</strong>
<code>[img class="klassenname"]1.jpg[/img]</code> welches dem Bild eine Klasse mitgibt.
Man könnte z.B. eine Klasse <code>fr</code> in CSS so gestalten, dass Sie
das Bild rechts floaten lässt, oder eine Klasse <code>photo</code>, die allen
Photos einen Weißen Rahmen gibt usw. usf. Verschiedene Klassen sind durch Leerzeichen
zu trennen.</p>
<p><strong>Zweitens:</strong> <code>[img alt="Alternativ Text für das Bild"]1.jpg[/img]</code> welcher
eigentlich immer angegeben werden sollte. Er nutzt Suchmaschinen, die keine Bilder
sehen können und auch Menschen die keine Bilder sehen können, sei es dass sie
Blind sind, oder Bilder abschalten um schneller surfen zu können, oder dass Ihr
Browser keine Bilder anzeigen kann.</p>
<p><strong>Drittens:</strong> <code>[img caption="Eine Bildunterschrift"</code>]1.jpg[/img]
das Attribut <code>caption</code> ist anders als die anderen zwei. Es macht aus dem Bild
eine Definitionsliste und somit ein <abbr title="Elemente, die automatisch einen neue
Zeile anfangen">block</abbr> Element, der dann das <code>class</code> Attribut anstatt
dem Bild übergeben wird. Darüber Hinaus bekommt die Definitionsliste auch noch die Breite
des Bildes. Der ausgegebene HTML Code sieht dann in Etwa so aus:</p>
<p><code>
&nbsp;&lt;dl class="photo fr" style="width: 200px;"&gt;<br />
&nbsp;&nbsp;&lt;dt&gt;&lt;img alt="Ein Pferd" style="width: 200px; height: 150px;" /&gt;<br />
&nbsp;&nbsp;&nbsp;&lt;dd&gt;Eine Bildunterschrift&lt;/dd&gt;<br />
&nbsp;&lt;/dl&gt;</code></p>
<p>Dies funktioniert nur bei Bildern, die über das Jlog hochgeladen wurden.</p>
<h4>Vollständig könnte das zum Beispiel so aussehen:</h4>
<p><code>[img class="fr" alt="Ein sehr großer Pferdekopf" caption="Mein Pferd ist das
schönste"]http://jeenaparadies.net/img/weblog/pferd.jpg[/img]</code></p>
<p>Bilder sollten aber mit Rücksicht auf die Benutzer mit kleinem Bildschirm/Fenster
und die Modembenutzer nicht all zu groß sein. Alles was breiter als 500px
ist, fängt an gefährlich zu werden.
</p>
<h3 id="ueberschrift">Überschrift (<abbr title="Elemente, die automatisch einen neue Zeile anfangen">block</abbr>)</h3>
<div class="xmp">[headline]<h3>Überschrift erster Ordnung</h3>[/headline]</div>
<h3 id="listen">Listen (<abbr title="Elemente, die automatisch einen neue Zeile anfangen">block</abbr>)</h3>
<p>Hier auch wichtig davor und dahinter eine Leerzeile zu lassen, damit das auch als
richtiger Absatz gesehen wird. Aber bitte hier auch keine unnötigen Leerzeichen
reinmachen.
</p>
<h4>Ungeordnete Liste (<abbr title="Elemente, die automatisch einen neue Zeile anfangen">block</abbr>)</h4>
<p>[list]<br />
[*]erster Punkt<br />
[*]zweiter Punkt<br />
[*]dritter Punkt<br />
[/list]
</p>
<p>Ergibt:</p>
<ul class="xmp">
<li>erster Punkt</li>
<li>zweiter Punkt</li>
<li>dritter Punkt</li>
</ul>
<h4>Nummerierte Liste (<abbr title="Elemente, die automatisch einen neue Zeile anfangen">block</abbr>)</h4>
<p>Genau so wie bei der ungeordneten, mit der Ausnahme, dass anstatt [list], [#list]
verwendet wird. Das Ergebniss sieht dann so aus:
</p>
<ol class="xmp">
<li>erster Punkt</li>
<li>zweiter Punkt</li>
<li>dritter Punkt</li>
</ol>
<h3 id="zitate">Zitate (<abbr title="Elemente, die automatisch einen neue Zeile anfangen">block</abbr>)</h3>
<p>Bitte nach [quote] kein Leerzeichen und auch keinen Zeilenumbruch ein fügen. Genau so
bei [/quote] keinen davor.
</p>
<blockquote class="xmp">
<p>[quote]Ich bin ein Zitat welches nur dazu da ist um zu zeigen wie
das alles hier so geht. Und aber auch dazu um zu zeigen dass es mehrere Zeilen
sein können.</p>
<p>Oder auch mehrere Absätze wie jetzt zum Beispiel hier.[/quote]</p>
</blockquote>
<h3 id="html">HTML</h3>
<p>Um normalen HTML Quelltext eingeben zu können, der von BBCode nicht behandelt wird,
kann man [html] verwenden. Dann muss man sich allerdings um alles selbst kümmern,
auch um Absätze und Zeilenumbrüche.</p>
';
require(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'do_template.php');
echo $body;
?>

69
admin/blog.func.php
View file

@ -2,6 +2,8 @@
// Untersuchen ob alles eingegeben wurde
function check_input($form_input) {
global $l;
$errors = array();
if(strlen(trim($form_input['topic'])) < 1) $errors[] = $l['admin']['no_headline'];
// checking URL
@ -29,8 +31,8 @@ global $l;
}
else {
$sql = "SELECT id FROM ".JLOG_DB_CONTENT." WHERE
YEAR(date) = ".date("Y", $f['date'])." AND
MONTH(date) = ".date("m", $f['date'])." AND
YEAR(date) = ".date("Y", strtotime($f['date']))." AND
MONTH(date) = ".date("m", strtotime($f['date']))." AND
url = '".$f['url']."';";
}
@ -54,7 +56,11 @@ global $l;
$errors[] = $l['admin']['false_teaserpic'];
}
if($form_input['teaserpiconblog'] == "1" AND strlen(trim($form_input['teaserpic'])) == 0) $errors[] = $l['admin']['no_teaserpic_uploaded'];
if(isset($form_input['teaserpiconblog']) && $form_input['teaserpiconblog'] == "1"
AND strlen(trim($form_input['teaserpic'])) == 0)
{
$errors[] = $l['admin']['no_teaserpic_uploaded'];
}
if(strlen(trim($form_input['teaser'])) < 1) $errors[] = $l['admin']['no_teaser'];
if(strlen(trim($form_input['content'])) < 1) $errors[] = $l['admin']['no_content'];
@ -64,17 +70,31 @@ global $l;
// Eingabeformular
function form_output($form_input) {
$form_input = array_htmlspecialchars($form_input);
global $l, $categories, $plugins;
$form_input = array_htmlspecialchars($form_input);
global $l, $categories, $plugins;
if($form_input['teaserpiconblog'] == 1) $form_input['teaserpiconblog_check'] = "checked='checked'";
if($form_input['section'] == 'page') $page = " checked='checked'";
else $weblog = " checked='checked'";
if($form_input['allowcomments'] === '0') $form_input['comments_check'] = "checked='checked'";
if($form_input['allowpingback'] === '0') $form_input['pingback_check'] = "checked='checked'";
if (isset($form_input['teaserpiconblog']) && $form_input['teaserpiconblog'] == 1)
$form_input['teaserpiconblog_check'] = "checked='checked'";
if (isset($form_input['section']) && $form_input['section'] == 'page') {
$page = " checked='checked'";
$weblog = '';
}
else {
$page = '';
$weblog = " checked='checked'";
}
if (isset($form_input['allowcomments']) && $form_input['allowcomments'] === '0')
$form_input['comments_check'] = "checked='checked'";
if (isset($form_input['allowpingback']) && $form_input['allowpingback'] === '0')
$form_input['pingback_check'] = "checked='checked'";
array_contains($form_input,
array('topic', 'url', 'teaser', 'keywords', 'categories',
'teaserpic', 'teaserpiconblog_check', 'comments_check',
'pingback_check', 'content', 'id', 'date'));
$o = "
<form method='post' id='entryform' action='".$_SERVER['SCRIPT_NAME']."' accept-charset='UTF-8'>
<form method='post' id='entryform' action='".htmlspecialchars($_SERVER['SCRIPT_NAME'])."' accept-charset='UTF-8'>
<fieldset><legend>".$l['admin']['metadata']."</legend>
<p><label>".$l['admin']['section']."</label><br />
<input id='weblog' name='section' type='radio' value='weblog'".$weblog." /><label for='weblog' class='nobreak'>".$l['admin']['section_weblog']."</label>&nbsp;
@ -141,16 +161,22 @@ global $l, $bbcode, $categories;
// get data from _post
if(empty($form_input['date'])) $form_input['date'] = time();
$output = "<h2 class='preview'>".$l['admin']['preview']."</h2>\n<div class='preview'>".do_entry($form_input, NULL, $section)."</div>";
$output = "<h2 class='preview'>".$l['admin']['preview']."</h2>\n<div class='preview'>".do_entry($form_input, NULL, $form_input['section'])."</div>";
return $output;
}
function insert_blog($form_input) {
global $l, $plugins;
global $l, $plugins, $connect;
if($form_input['allowcomments'] != "0") $form_input['allowcomments'] = "1";
if($form_input['allowpingback'] != "0") $form_input['allowpingback'] = "1";
$form_input['allowcomments'] =
isset($form_input['allowcomments']) && $form_input['allowcomments'] == "0" ?
"0" : "1";
$form_input['allowpingback'] =
isset($form_input['allowpingback']) && $form_input['allowpingback'] == "0" ?
"0" : "1";
array_contains($form_input, array('teaserpiconblog'));
$form_input = escape_for_mysql($form_input);
$sql = "INSERT INTO ".JLOG_DB_CONTENT." (
@ -179,7 +205,7 @@ global $l, $plugins;
'".$form_input['allowpingback']."' );";
$writeblog = new Query($sql);
$id = mysql_insert_id();
$id = $connect->insert_id;
if($writeblog->error()) {
echo "<pre>\n";
echo $writeblog->getError();
@ -190,6 +216,7 @@ global $l, $plugins;
if(is_array($form_input['categories']) AND $form_input['categories']['0'] != 'no_categories') {
$sql = "INSERT INTO ".JLOG_DB_CATASSIGN." ( cat_id, content_id )
VALUES \n";
$i = 0;
foreach($form_input['categories'] AS $category) {
if(++$i > 1) $sql .= ",\n";
$sql .= "( '".$category."', '".$id."')";
@ -236,10 +263,15 @@ global $l, $categories;
function update_blog($form_input) {
global $l, $plugins;
if($form_input['allowcomments'] != "0") $form_input['allowcomments'] = "1";
if($form_input['allowpingback'] != "0") $form_input['allowpingback'] = "1";
if(!isset($form_input['allowcomments']) || $form_input['allowcomments'] != "0")
$form_input['allowcomments'] = "1";
if(!isset($form_input['allowpingback']) || $form_input['allowpingback'] != "0")
$form_input['allowpingback'] = "1";
$form_input = escape_for_mysql($form_input);
array_contains($form_input,
['teaserpiconblog', 'allowcomments', 'allowpingback']);
$sql = "UPDATE ".JLOG_DB_CONTENT." SET
topic = '".$form_input['topic']."',
url = '".$form_input['url']."',
@ -275,6 +307,7 @@ global $l, $plugins;
if(is_array($form_input['categories']) AND $form_input['categories']['0'] != 'no_categories') {
$sql = "INSERT INTO ".JLOG_DB_CATASSIGN." ( cat_id, content_id )
VALUES \n";
$i = 0;
foreach($form_input['categories'] AS $category) {
if(++$i > 1) $sql .= ",\n";
$sql .= "( '".$category."', '".$form_input['id']."')";

5
admin/categories.php
View file

@ -10,6 +10,8 @@
$c['meta']['title'] = $l['admin']['cat_title'];
$c['main'] = output_admin_menu()."<h2>".$l['admin']['cat_title']."</h2>\n";
array_contains($get, array('action'));
switch ($get['action']) {
case 'new':
@ -25,7 +27,7 @@
$c['main'] .= $categories->output_form($form_input, 'new', $l['admin']['cat_new']);
}
}
else $c['main'] .= $categories->output_form(array('id' => NULL, 'name' => NULL, 'url' => NULL, 'description' => NULL), 'new', $l['admin']['cat_new']);
else $c['main'] .= $categories->output_form(array(), 'new', $l['admin']['cat_new']);
break;
case 'change':
@ -76,4 +78,3 @@
require(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'do_template.php');
echo $body;
?>

13
admin/change.php
View file

@ -11,6 +11,8 @@
$c['main'] = output_admin_menu();
$c['main'] .= "<h2>".$l['admin']['change_headline']."</h2>";
array_contains($get, array('action'));
if($get['action'] == "trash" AND $post['trash'] == $l['admin']['yes']) {
$c['main'] .= "<p>".trash_blog($get['id'])."</p>";
include_once(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'update.php');
@ -31,13 +33,17 @@ else {
if(isset($get['id'])) $form_input = get_blog($get['id']);
elseif (isset($_POST)) $form_input = $post;
else $c['main'] .= $l['admin']['error_occurred'];
if($post['form_submitted'] == $l['admin']['preview']) {
$formSubmitted = array_key_exists('form_submitted', $post);
if($formSubmitted && $post['form_submitted'] == $l['admin']['preview'])
{
$c['main'] .= error_output(check_input($form_input));
$c['main'] .= preview_output($form_input);
$c['main'] .= form_output($form_input);
}
elseif($post['form_submitted'] == $l['admin']['publish']) {
elseif($formSubmitted && $post['form_submitted'] == $l['admin']['publish'])
{
// Put data to database
if(!check_input($form_input)) {
$c['main'] .= "<p>".update_blog($form_input)."</p>";
@ -57,4 +63,3 @@ else {
require(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'do_template.php');
echo $body;
?>

233
admin/comments.php
View file

@ -5,14 +5,16 @@ define("JLOG_COMMENTS", true);
require_once('..'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'prepend.inc.php');
require(JLOG_BASEPATH.'admin'.DIRECTORY_SEPARATOR.'blog.func.php');
$get = strip($_GET);
$data = strip($_POST);
$mysql_id = escape_for_mysql($get['id']);
$get = strip($_GET);
$data = strip($_POST);
$mysql_id = isset($get['id']) ? escape_for_mysql($get['id']) : null;
$c['meta']['title'] = $l['admin']['kill_c_topic'];
$c['main'] = output_admin_menu();
$c['meta']['title'] = $l['admin']['kill_c_topic'];
$c['main'] = output_admin_menu();
if($get['action'] == 'trash' AND $data['trash'] == $l['admin']['yes']) {
array_contains($get, array('action'));
if($get['action'] == 'trash' AND $data['trash'] == $l['admin']['yes']) {
### Plugin Hook
$get['id'] = $plugins->callHook('deleteComment', $get['id']);
@ -80,138 +82,147 @@ elseif($get['action'] == 'change' AND !empty($get['id'])) {
$l["comments_plz_format_txt"] = $l['admin']["comments_plz_format_txt"];
$l["comments_url_href"] = $l['admin']["comments_url_href"];
$l["comments_url_node"] = $l['admin']["comments_url_node"];
if($data['form_submitted'] == $l['comments_preview']) {
$c['main'] .= "\n <h2>".$l['admin']['comments_change_h']."</h2>
<ul class='comments' id='preview'>
".do_comment($data, 1)."
</ul>".com_form_output($data).com_javascript_variables();
}
elseif($data['form_submitted'] == $l['comments_send']) {
if(count($errors = com_check_errors($data)) > 0) $c['main'] .= "\n <h2>".$l['admin']['comments_change_h']."</h2>\n".error_output($error).com_form_output($data).com_javascript_variables();
else {
$data = com_clean_data($data);
### Plugin Hook
$data = $plugins->callHook('updateComment', $data);
$data = escape_for_mysql($data);
$sql = "UPDATE ".JLOG_DB_COMMENTS."
SET
name = '".$data['name']."',
city = '".$data['city']."',
email = '".$data['email']."',
homepage = '".$data['homepage']."',
content = '".$data['content']."',
mail_by_comment = '".$data['mail_by_comment']."'
WHERE id = '".$data['id']."' LIMIT 1;";
$updatecomment = new Query($sql);
if($updatecomment->error()) {
echo "<pre>\n";
echo $updatecomment->getError();
echo "</pre>\n";
die();
}
$c['main'] .= "\n <h2>".$l['admin']['comments_change_h']."</h2>\n".$l['admin']['comments_updated']." <a href='".add_session_id_to_url("comments.php")."'>".$l['admin']['comments_admin']."</a>";
include_once(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'update.php');
}
}
else {
$form_submitted = false;
if (isset($data['form_submitted'])) {
if($data['form_submitted'] == $l['comments_preview']) {
$c['main'] .= "\n <h2>".$l['admin']['comments_change_h']."</h2>
<ul class='comments' id='preview'>
".do_comment($data, 1)."
</ul>".com_form_output($data).com_javascript_variables();
$form_submitted = true;
}
elseif($data['form_submitted'] == $l['comments_send']) {
if(count($errors = com_check_errors($data)) > 0) $c['main'] .= "\n <h2>".$l['admin']['comments_change_h']."</h2>\n".error_output($error).com_form_output($data).com_javascript_variables();
else {
$data = com_clean_data($data);
### Plugin Hook
$data = $plugins->callHook('updateComment', $data);
$data = escape_for_mysql($data);
$sql = "UPDATE ".JLOG_DB_COMMENTS."
SET
name = '".$data['name']."',
city = '".$data['city']."',
email = '".$data['email']."',
homepage = '".$data['homepage']."',
content = '".$data['content']."',
mail_by_comment = '".$data['mail_by_comment']."'
WHERE id = '".$data['id']."' LIMIT 1;";
$updatecomment = new Query($sql);
if($updatecomment->error()) {
echo "<pre>\n";
echo $updatecomment->getError();
echo "</pre>\n";
die();
}
$c['main'] .= "\n <h2>".$l['admin']['comments_change_h']."</h2>\n".$l['admin']['comments_updated']." <a href='".add_session_id_to_url("comments.php")."'>".$l['admin']['comments_admin']."</a>";
include_once(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'update.php');
}
$form_submitted = true;
}
}
if (!$form_submitted) {
$sql = 'SELECT id, sid, name, city, email, homepage, content, ' .
'UNIX_TIMESTAMP(date) AS date, reference, ' .
'mail_by_comment, type FROM '.JLOG_DB_COMMENTS."
WHERE id = ".$mysql_id."
ORDER BY id DESC LIMIT 1;";
'mail_by_comment, type FROM '.JLOG_DB_COMMENTS."
WHERE id = ".$mysql_id."
ORDER BY id DESC LIMIT 1;";
$comment = new Query($sql);
if($comment->error()) {
echo "<pre>\n";
echo $comment->getError();
echo "</pre>\n";
die();
$comment = new Query($sql);
if($comment->error()) {
echo "<pre>\n";
echo $comment->getError();
echo "</pre>\n";
die();
}
$data = $comment->fetch();
if(empty($data['name'])) $data['name'] = $l['comments_name'];
if(empty($data['city'])) $data['city'] = $l['comments_city'];
if(empty($data['email'])) $data['email'] = $l['comments_email'];
if(empty($data['homepage'])) $data['homepage'] = $l['comments_homepage'];
$data = $comment->fetch();
if(empty($data['name'])) $data['name'] = $l['comments_name'];
if(empty($data['city'])) $data['city'] = $l['comments_city'];
if(empty($data['email'])) $data['email'] = $l['comments_email'];
if(empty($data['homepage'])) $data['homepage'] = $l['comments_homepage'];
$c['main'] .= "\n <h2>".$l['admin']['comments_change_h']."</h2>
<ul class='comments' id='preview'>
".do_comment($data, 1)."
</ul>".com_form_output($data).com_javascript_variables();
$c['main'] .= "\n <h2>".$l['admin']['comments_change_h']."</h2>
<ul class='comments' id='preview'>
".do_comment($data, 1)."
</ul>".com_form_output($data).com_javascript_variables();
}
}
else {
$yl = new Year_Links($get['y'], JLOG_START_YEAR, add_session_id_to_url(JLOG_PATH."/admin/comments.php"), $l['admin']);
else {
$yl = new Year_Links($get['y'] ?? null, JLOG_START_YEAR,
add_session_id_to_url(JLOG_PATH."/admin/comments.php"),
$l['admin']);
$c['main'] .= "
<h2>".$l['admin']['kill_c_topic']."</h2>
<p>".$l['admin']['kill_c_description']."</p>
<p>".$yl->get_admin_linklist()."</p>
<table>
<tr>
<th>".$l['admin']['change']."</th><th>".$l['admin']['delete']."</th><th>ID</th><th>".$l['comments_name']."</th><th>".$l['comments_posted']."</th><th>".$l['admin']['kill_c_entry']."</th>
</tr>";
$c['main'] .= "
<h2>".$l['admin']['kill_c_topic']."</h2>
<p>".$l['admin']['kill_c_description']."</p>
<p>".$yl->get_admin_linklist()."</p>
<table>
<tr>
<th>".$l['admin']['change']."</th><th>".$l['admin']['delete']."</th><th>ID</th><th>".$l['comments_name']."</th><th>".$l['comments_posted']."</th><th>".$l['admin']['kill_c_entry']."</th>
</tr>";
$sql = "SELECT
".JLOG_DB_COMMENTS.".id AS id,
".JLOG_DB_CONTENT.".url AS url,
UNIX_TIMESTAMP(".JLOG_DB_CONTENT.".date) AS reference_date,
UNIX_TIMESTAMP(".JLOG_DB_COMMENTS.".date) AS date,
".JLOG_DB_COMMENTS.".name AS name,
".JLOG_DB_CONTENT.".topic AS topic,
$sql = "SELECT
".JLOG_DB_COMMENTS.".id AS id,
".JLOG_DB_CONTENT.".url AS url,
UNIX_TIMESTAMP(".JLOG_DB_CONTENT.".date) AS reference_date,
UNIX_TIMESTAMP(".JLOG_DB_COMMENTS.".date) AS date,
".JLOG_DB_COMMENTS.".name AS name,
".JLOG_DB_CONTENT.".topic AS topic,
".JLOG_DB_COMMENTS.".email AS email,
".JLOG_DB_COMMENTS.".type AS type
FROM ".JLOG_DB_COMMENTS.", ".JLOG_DB_CONTENT."
WHERE ".JLOG_DB_COMMENTS.".reference = ".JLOG_DB_CONTENT.".id
AND YEAR(".JLOG_DB_COMMENTS.".date) = '".$yl->get_selected_year()."'
ORDER BY id DESC;";
FROM ".JLOG_DB_COMMENTS.", ".JLOG_DB_CONTENT."
WHERE ".JLOG_DB_COMMENTS.".reference = ".JLOG_DB_CONTENT.".id
AND YEAR(".JLOG_DB_COMMENTS.".date) = '".$yl->get_selected_year()."'
ORDER BY id DESC;";
$comments = new Query($sql);
if($comments->error()) {
echo "<pre>\n";
echo $comments->getError();
echo "</pre>\n";
die();
$comments = new Query($sql);
if($comments->error()) {
echo "<pre>\n";
echo $comments->getError();
echo "</pre>\n";
die();
}
while ($daten = $comments->fetch()) {
if(empty($daten['name'])) $daten['name'] = $l['comments_anonym'];
elseif($daten['type'] != 'pingback') $daten['name'] = htmlspecialchars($daten['name'], ENT_QUOTES);
if(!empty($daten['email'])) {
$email_a = "<a href='mailto:".$daten['email']."'>";
$email_b = "</a>";
if(!empty($daten['email'])) {
$email_a = "<a href='mailto:".$daten['email']."'>";
$email_b = "</a>";
}
else {
$email_a = "";
$email_b = "";
else {
$email_a = "";
$email_b = "";
}
$comment = "
$comment = "
<tr>
<td><a href='".add_session_id_to_url("?id=".$daten['id']."&amp;action=change")."'><img src='".JLOG_PATH."/img/JLOG_edit.png' alt='".$l['admin']['change']."' /></a></td>
<td><a href='".add_session_id_to_url("?id=".$daten['id']."&amp;action=trash")."'><img src='".JLOG_PATH."/img/JLOG_trash.png' alt='".$l['admin']['delete']."' /></a></td>
<td><a href='".blog($daten['reference_date'], $daten['url'])."#c".$daten['id']."'>".$daten['id']."</a></td>
<td>".$email_a.$daten['name'].$email_b."</td>
<td>".strftime(JLOG_DATE_COMMENT, $daten['date'])."</td>
<td>".$daten['topic']."</td>
</tr>";
<td><a href='".add_session_id_to_url("?id=".$daten['id']."&amp;action=change")."'><img src='".JLOG_PATH."/img/JLOG_edit.png' alt='".$l['admin']['change']."' /></a></td>
<td><a href='".add_session_id_to_url("?id=".$daten['id']."&amp;action=trash")."'><img src='".JLOG_PATH."/img/JLOG_trash.png' alt='".$l['admin']['delete']."' /></a></td>
<td><a href='".blog($daten['reference_date'], $daten['url'])."#c".$daten['id']."'>".$daten['id']."</a></td>
<td>".$email_a.$daten['name'].$email_b."</td>
<td>".strftime(JLOG_DATE_COMMENT, $daten['date'])."</td>
<td>".$daten['topic']."</td>
</tr>";
### Plugin Hook
$c['main'] .= $plugins->callHook('commentAdminList', $comment, $daten);
}
$c['main'] .= "
</table>";
$c['main'] .= "
</table>";
}
require(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'do_template.php');
echo $body;
?>
require(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'do_template.php');
echo $body;

7
admin/index.php
View file

@ -5,11 +5,12 @@
require(JLOG_BASEPATH.'admin'.DIRECTORY_SEPARATOR.'blog.func.php');
$get = strip($_GET);
$yl = new Year_Links($get['y'], JLOG_START_YEAR, add_session_id_to_url(JLOG_PATH."/admin/"), $l['admin']);
$yl = new Year_Links($get['y'] ?? null, JLOG_START_YEAR, add_session_id_to_url(JLOG_PATH."/admin/"), $l['admin']);
if(isset($get['show']) AND $get['show'] == 'page') {
$show_section = "<a href='".add_session_id_to_url("?show=weblog")."'>".$l['admin']['section_weblog']."</a> | <strong>".$l['admin']['section_page']."</strong>";
$where = "section = 'page'";
$year_menu = '';
}
else {
$show_section = "<strong>".$l['admin']['section_weblog']."</strong> | <a href='".add_session_id_to_url("?show=page")."'>".$l['admin']['section_page']."</a>";
@ -23,6 +24,8 @@
$c['meta']['title'] = $l['admin']['index_headline'];
if (!isset($c['main'])) $c['main'] = '';
$c['main'] .= output_admin_menu()."
<h2>".$l['admin']['admin_headline']."</h2>
<p><strong>&raquo;&raquo;</strong> <a href='".add_session_id_to_url("new.php")."'>".$l['admin']['new_post']."</a></p>
@ -72,4 +75,4 @@
require(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'do_template.php');
echo $body;
// eof
// eof

15
admin/login.php
View file

@ -6,11 +6,12 @@
###
### adapted for Jlog by Jeena Paradies
ini_set("session.use_trans_sid", false);
ini_set('session.use_trans_sid', false);
define("JLOG_ADMIN", true);
define("JLOG_LOGIN", true);
define('JLOG_ADMIN', true);
define('JLOG_LOGIN', true);
require_once('..'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'prepend.inc.php');
require_once('..'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'proto.inc.php');
require(JLOG_BASEPATH.'admin'.DIRECTORY_SEPARATOR.'blog.func.php');
$false_password = "";
@ -43,7 +44,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' AND $dispatch_login) {
if ($path == $url) $url = $path . 'new.php';
if (!empty($url)) $path = $url;
header('Location: ' . add_session_id_to_url("http://".$hostname.$path));
header('Location: ' . add_session_id_to_url(proto().'://'.$hostname.$path));
exit;
}
else {
@ -55,15 +56,16 @@ else {
}
$c['meta']['title'] = $l['admin']['login_headline'];
$btnValue = htmlspecialchars($l['admin']['login_send']);
$c['main'] = '
<h2>'.$l['admin']['login_headline'].'</h2>
' . $false_password . '
<form action="login.php" method="post" accept-charset="UTF-8">
<p><label for="password">' . $l['admin']['login_password'] . '</label>
<input class="userdata" id="password" type="password" name="password" />
<input class="userdata" id="password" type="password" name="password" autocomplete="off" spellcheck="false" writingsuggestions="false"/>
<input style="display: none;" name="username" type="text" value="do-not-change" /></p>
<p><input type="hidden" name="url" value="' . htmlspecialchars(!empty($get['url']) ? $get['url'] : '') . '" />
<button value="' . $l['admin']['login_send'] . '">' . htmlspecialchars($l['admin']['login_send']) . '</button></p>
<button value="' . $btnValue . '">' . $btnValue . '</button></p>
</form>
';
@ -73,4 +75,3 @@ $c["main"] = $plugins->callHook('loginForm', $c["main"]);
require_once(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'do_template.php');
echo $body;

26
admin/media/select-picture.php
View file

@ -3,14 +3,14 @@
define("JLOG_ADMIN", true);
require_once('..'.DIRECTORY_SEPARATOR.'..'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'prepend.inc.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!DOCTYPE html>
<html>
<head>
<title><?php echo $l['admin']['pic_choose_old'] ?></title>
<meta charset="UTF-8" />
<link rel="stylesheet" href="<?php echo JLOG_PATH ?>/personal/css/popup.css" type="text/css" media="screen" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<script type="text/javascript" src="<?php echo JLOG_PATH ?>/scripts/javascripts.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1"/>
</head>
<body>
<h1><?php echo $l['admin']['pic_choose_old'] ?></h1>
@ -18,14 +18,17 @@
// Bildernamen für blog in ein Array schreiben
$dir = JLOG_BASEPATH.'img'.DIRECTORY_SEPARATOR;
if($_GET['p']) { ?>
<p><img src="<?php echo JLOG_PATH ?>/img/<?php echo $_GET['p']; ?>" alt="" border="1" height="100"></p>
<form onSubmit="jlog_bbcode_img('<?php echo htmlspecialchars($_GET['p']); ?>'); return false;" accept-charset="UTF-8">
if(isset($_GET['p'])) {
$p = htmlspecialchars($_GET['p']);
$btnSubmit = htmlspecialchars($l['admin']['pic_insert']);
?>
<p><img src="<?= JLOG_PATH ?>/img/<?= $p ?>" alt="" border="1" height="100"></p>
<form onSubmit="jlog_bbcode_img('<?= $p ?>'); return false;" accept-charset="UTF-8">
<p><?php echo $l['admin']['pic_class'] ?><br />
<input id="class" type="text" size="20"></p>
<p><?php echo $l['admin']['pic_alt'] ?><br />
<input id="alt" type="text" size="20"></p>
<p><button value="<?php echo $l['admin']['pic_insert'] ?>"><?php echo htmlspecialchars($l['admin']['pic_insert']) ?></button></p>
<p><button value="<?= $btnSubmit ?>"><?= $btnSubmit ?></button></p>
</form>
<?php
}
@ -43,9 +46,12 @@ else {
asort($file);
reset($file);
while ( list($filename, $ctime) = each($file)) {
echo "<a href='?p=".$filename."' ><img height=\"50\" src=\"".JLOG_PATH."/img/".$filename."\"></a>\n";
foreach ($file as $filename => $ctime) {
$filename = htmlspecialchars($filename);
?><a href='?p=<?= $filename ?>'>
<img height="50" src="<?= JLOG_PATH ?>/img/<?= $filename ?>">
</a><?php
}
}
}

31
admin/media/select-teaser.php
View file

@ -3,13 +3,26 @@
define("JLOG_ADMIN", true);
require_once('..'.DIRECTORY_SEPARATOR.'..'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'prepend.inc.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!DOCTYPE html>
<html>
<head>
<title><?php echo $l['admin']['pic_choose_old_teaser'] ?></title>
<meta charset="UTF-8" />
<link rel="stylesheet" href="<?php echo JLOG_PATH ?>/personal/css/popup.css" type="text/css" media="screen" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="viewport" content="width=device-width,initial-scale=1"/>
<script>
function selectImg(evt) {
opener.document.forms['entryform'].elements['teaserpic'].value = this.dataset.img;
window.close();
}
document.addEventListener('DOMContentLoaded', () => {
const btn = document.getElementsByTagName('button');
for (let i = 0; i < btn.length; ++i) {
btn[i].addEventListener('click', selectImg);
}
});
</script>
</head>
<body>
<h1><?php echo $l['admin']['pic_choose_old_teaser'] ?></h1>
@ -26,18 +39,16 @@ while (false !== ($filename = readdir ($handle))) {
closedir($handle);
if(is_array($file)) {
asort($file);
reset($file);
while ( list($filename, $ctime) = each($file)) {
echo "<a href=\"#\"
onclick=\"opener.document.forms['entryform'].elements['teaserpic'].value='';
opener.document.forms['entryform'].elements['teaserpic'].value+='".substr($filename, 2, strlen($filename))."';
window.close();\"><img height=\"50\" src=\"".JLOG_PATH."/img/".$filename."\"></a> ";
foreach($file as $filename => $ctime) {
$filename = htmlspecialchars($filename);
?><button type="button" data-img="<?= substr($filename, 2) ?>">
<img height="50" src="<?= JLOG_PATH ?>/img/<?= $filename ?>">
</button><?php
}
}
?>
</body>
</html>

101
admin/media/upload-picture.php
View file

@ -9,77 +9,82 @@
$up_dir_img = JLOG_PATH."/img/";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!DOCTYPE html>
<html>
<head>
<title><?php echo $l['admin']['pic_upload_header'] ?></title>
<meta charset="UTF-8" />
<link rel="stylesheet" href="<?php echo JLOG_PATH ?>/personal/css/popup.css" type="text/css" media="screen" />
<script type="text/javascript" src="<?php echo JLOG_PATH ?>/scripts/javascripts.js"></script>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="viewport" content="width=device-width,initial-scale=1"/>
</head>
<body>
<h1><?php echo $l['admin']['pic_upload_header'] ?></h1>
<?php
if (isset($_FILES['probe']) && ! $_FILES['probe']['error']) // Alternativ: and $_FILES['probe']['size']
{
// Überprüfungen:
unset($errors);
$e = substr($_FILES['probe']['name'], -4);
if(!preg_match('~.jpg|jpeg|.gif|.png~i', $e)) $errors[] = $l['admin']['pic_bad_type']." (".$_FILES['probe']['type'].")";
if (isset($_FILES['probe'])) {
if ($_FILES['probe']['error']) // Alternativ: and $_FILES['probe']['size']
{
// Überprüfungen:
unset($errors);
$e = substr($_FILES['probe']['name'], -4);
if(!preg_match('~.jpg|jpeg|.gif|.png~i', $e)) $errors[] = $l['admin']['pic_bad_type']." (".$_FILES['probe']['type'].")";
if ($_FILES['probe']['size'] > $max_file_size) $errors[] = $l['admin']['pic_to_big']." (".number_format($_FILES['probe']['size']/1000,0,",","")." KB)";
if ($_FILES['probe']['size'] > $max_file_size) $errors[] = $l['admin']['pic_to_big']." (".number_format($_FILES['probe']['size']/1000,0,",","")." KB)";
if(empty($errors)) {
$nr = 0;
switch(true)
{
case preg_match('~.jpg|jpeg~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir.$nr.".jpg")) break; }
$filename = $nr.".jpg";
break;
case preg_match('~.gif~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir.$nr.".gif")) break; }
$filename = $nr.".gif";
break;
case preg_match('~.png~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir.$nr.".png")) break; }
$filename = $nr.".png";
break;
}
if(empty($errors)) {
$nr = 0;
switch(true)
{
case preg_match('~.jpg|jpeg~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir.$nr.".jpg")) break; }
$filename = $nr.".jpg";
break;
case preg_match('~.gif~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir.$nr.".gif")) break; }
$filename = $nr.".gif";
break;
case preg_match('~.png~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir.$nr.".png")) break; }
$filename = $nr.".png";
break;
}
if(empty($errors)) {
if(!move_uploaded_file($_FILES['probe']['tmp_name'], $up_dir.$filename)) $errors[] = $l['admin']['pic_error'];
else chmod($up_dir.$filename, 0664);
}
}
if (empty($errors)) {
$btnSubmit = htmlspecialchars($l['admin']['pic_insert']);
?>
<p><?php echo $l['admin']['pic_uploaded'] ?></p>
<p><img src="<?php echo $up_dir_img.$filename; ?>" alt="" border="1" height="100"></p>
<form onSubmit="jlog_bbcode_img('<?php echo $filename; ?>'); return false;">
<p><?php echo $l['admin']['pic_class'] ?><br />
<input id="class" type="text" size="20"></p>
<p><?php echo $l['admin']['pic_alt'] ?><br />
<input id="alt" type="text" size="20"></p>
<p><button value="<?= $btnSubmit ?>"><?= $btnSubmit ?></button></p>
</form>
<?php
}
}
elseif($_FILES['probe']['error'] === 2) $errors[] = $l['admin']['pic_to_big'];
}
if(empty($errors)) {
if(!move_uploaded_file($_FILES['probe']['tmp_name'], $up_dir.$filename)) $errors[] = $l['admin']['pic_error'];
else chmod($up_dir.$filename, 0664);
}
}
if (empty($errors)) {
?>
<p><?php echo $l['admin']['pic_uploaded'] ?></p>
<p><img src="<?php echo $up_dir_img.$filename; ?>" alt="" border="1" height="100"></p>
<form onSubmit="jlog_bbcode_img('<?php echo $filename; ?>'); return false;">
<p><?php echo $l['admin']['pic_class'] ?><br />
<input id="class" type="text" size="20"></p>
<p><?php echo $l['admin']['pic_alt'] ?><br />
<input id="alt" type="text" size="20"></p>
<p><button value="<?php echo $l['admin']['pic_insert'] ?>"><?php echo htmlspecialchars($l['admin']['pic_insert']) ?></button></p>
</form>
<?php
}
}
elseif($_FILES['probe']['error'] === 2) $errors[] = $l['admin']['pic_to_big'];
if(isset($errors)) echo error_output($errors);
if (empty($_FILES['probe']) or isset($errors))
{
$btnSubmit = htmlspecialchars($l['admin']['pic_upload']);
?>
<p><?php echo $l['admin']['pic_instructions'] ?></p>
<form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post" enctype="multipart/form-data" accept-charset="UTF-8">
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size ?>">
<?php echo add_session_id_input_tag() ?>
<input type="file" name="probe" /><br><br>
<button value="<?php echo $l['admin']['pic_upload'] ?>"><?php echo htmlspecialchars($l['admin']['pic_upload']) ?></button>
<button value="<?= $btnSubmit ?>"><?= $btnSubmit ?></button>
</form>
<?php
}

107
admin/media/upload-teaser.php
View file

@ -9,81 +9,84 @@
$up_dir_img = JLOG_PATH."/img/";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!DOCTYPE html>
<html>
<head>
<title><?php echo $l['admin']['pic_upload_teaser'] ?></title>
<meta charset="UTF-8" />
<link rel="stylesheet" href="<?php echo JLOG_PATH ?>/personal/css/popup.css" type="text/css" media="screen" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="viewport" content="width=device-width,initial-scale=1"/>
</head>
<body>
<h1><?php echo $l['admin']['pic_upload_teaser'] ?></h1>
<?php
if (isset($_FILES['probe']) && ! $_FILES['probe']['error']) // Alternativ: and $_FILES['probe']['size']
{
// Überprüfungen:
unset($errors);
$e = substr($_FILES['probe']['name'], -4);
if(!preg_match('~.jpg|jpeg|.gif|.png~i', substr($_FILES['probe']['name'],-4))) $errors[] = $l['admin']['pic_bad_type']." (".$e.")";
if (isset($_FILES['probe'])) {
if ($_FILES['probe']['error']) // Alternativ: and $_FILES['probe']['size']
{
// Überprüfungen:
unset($errors);
$e = substr($_FILES['probe']['name'], -4);
if(!preg_match('~.jpg|jpeg|.gif|.png~i', substr($_FILES['probe']['name'],-4))) $errors[] = $l['admin']['pic_bad_type']." (".$e.")";
if ($_FILES['probe']['size'] > $max_file_size) $errors[] = $l['admin']['pic_to_big']." (".number_format($_FILES['probe']['size']/1000,0,",","")." KB)";
if ($_FILES['probe']['size'] > $max_file_size) $errors[] = $l['admin']['pic_to_big']." (".number_format($_FILES['probe']['size']/1000,0,",","")." KB)";
if(empty($errors)) {
$nr = 0;
switch(true)
{
case preg_match('~.jpg|jpeg~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir."t_".$nr.".jpg")) break; }
$filename = "t_".$nr.".jpg";
break;
case preg_match('~.gif~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir."t_".$nr.".gif")) break; }
$filename = "t_".$nr.".gif";
break;
case preg_match('~.png~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir."t_".$nr.".png")) break; }
$filename = "t_".$nr.".png";
break;
}
if(empty($errors)) {
$nr = 0;
switch(true)
{
case preg_match('~.jpg|jpeg~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir."t_".$nr.".jpg")) break; }
$filename = "t_".$nr.".jpg";
break;
case preg_match('~.gif~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir."t_".$nr.".gif")) break; }
$filename = "t_".$nr.".gif";
break;
case preg_match('~.png~i', $e):
for(;;) { $nr++; if (!file_exists($up_dir."t_".$nr.".png")) break; }
$filename = "t_".$nr.".png";
break;
}
$imginfo = getimagesize($_FILES['probe']['tmp_name']);
$imginfo = getimagesize($_FILES['probe']['tmp_name']);
if($imginfo[1] > 150 AND $imginfo[0] > 150 ) {
$errors[] = $l['admin']['pic_height_widht'];
}
elseif($imginfo[0] > 150 ) {
$errors[] = $l['admin']['pic_width'];
}
elseif($imginfo[1] > 150 ) {
$errors[] = $l['admin']['pic_height'];
}
if(empty($errors)) {
if(!move_uploaded_file($_FILES['probe']['tmp_name'], $up_dir.$filename)) $errors[] = $l['admin']['pic_error'];
else chmod($up_dir.$filename, 0664);
}
}
if (empty($errors)) {
?>
<p><?php echo $l['admin']['pic_uploaded'] ?></p>
<img src="<?php echo $up_dir_img.$filename; ?>" alt="" border="1" height="100">
<p><a href="#" onclick="opener.document.forms['entryform'].elements['teaserpic'].value='<?php echo str_replace('t_', '', $filename); ?>';window.close();"><em><?php echo $l['admin']['pic_insert'] ?></em></a></p>
<?php
}
}
elseif($_FILES['probe']['error'] === 2) $errors[] = $l['admin']['pic_to_big'];
if($imginfo[1] > 150 AND $imginfo[0] > 150 ) {
$errors[] = $l['admin']['pic_height_widht'];
}
elseif($imginfo[0] > 150 ) {
$errors[] = $l['admin']['pic_width'];
}
elseif($imginfo[1] > 150 ) {
$errors[] = $l['admin']['pic_height'];
}
if(empty($errors)) {
if(!move_uploaded_file($_FILES['probe']['tmp_name'], $up_dir.$filename)) $errors[] = $l['admin']['pic_error'];
else chmod($up_dir.$filename, 0664);
}
}
if (empty($errors)) {
?>
<p><?php echo $l['admin']['pic_uploaded'] ?></p>
<img src="<?php echo $up_dir_img.$filename; ?>" alt="" border="1" height="100">
<p><a href="#" onclick="opener.document.forms['entryform'].elements['teaserpic'].value='<?php echo str_replace('t_', '', $filename); ?>';window.close();"><em><?php echo $l['admin']['pic_insert'] ?></em></a></p>
<?php
}
}
elseif($_FILES['probe']['error'] === 2) $errors[] = $l['admin']['pic_to_big'];
}
if(isset($errors)) echo error_output($errors);
if (empty($_FILES['probe']) or isset($errors))
{
$btnSubmit = htmlspecialchars($l['admin']['pic_upload']);
?>
<p><?php echo $l['admin']['pic_instr_teaser'] ?></p>
<form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post" enctype="multipart/form-data" accept-charset="UTF-8">
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size ?>">
<?php echo add_session_id_input_tag() ?>
<input type="file" name="probe" /><br><br>
<button value="<?php echo $l['admin']['pic_upload'] ?>"><?php echo htmlspecialchars($l['admin']['pic_upload']) ?></button>
<button value="<?= $btnSubmit ?>"><?= $btnSubmit ?></button>
</form>
<?php
}

16
admin/new.php
View file

@ -4,14 +4,22 @@
require_once('..'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'prepend.inc.php');
require(JLOG_BASEPATH.'admin'.DIRECTORY_SEPARATOR.'blog.func.php');
if (!isset($c))
$c = array('meta' => array('title' => ''));
$c['meta']['title'] .= $l['admin']['new_post'];
$c['main'] = output_admin_menu();
$c['main'] .= "<h2>".$l['admin']['new_post']."</h2>";
$form_input = strip($_POST);
$form_input['date'] = strftime("%Y-%m-%d %H:%M:%s");
if($_POST['form_submitted'] == $l['admin']['preview']) {
if (!isset($_POST['form_submitted'])) {
// show form
$c['main'] .= form_output($form_input);
}
elseif($_POST['form_submitted'] == $l['admin']['preview']) {
$c['main'] .= error_output(check_input($form_input));
$form_input['date'] = time();
$c['main'] .= preview_output($form_input);
$c['main'] .= form_output($form_input);
}
@ -30,7 +38,7 @@ elseif($_POST['form_submitted'] == $l['admin']['publish']) {
}
// if(is_array($pingresult)) $c['main'] .= "\n<ul>".join($pingresult)."\n</ul>";
if($form_input['allowpingback'] != '0') {
if(isset($form_input['allowpingback']) && $form_input['allowpingback'] != '0') {
$blogentryForURL = get_blog($id);
require_once(JLOG_BASEPATH.'xmlrpc.php');
$pingback = new Jlog_SendPingback($bbcode->parse($form_input['content']), blog($blogentryForURL['date'], $blogentryForURL['url']), " -- Jlog v".JLOG_SOFTWARE_VERSION);
@ -76,7 +84,7 @@ function doPing($url) {
$url = parse_url($url);
$fp = @fsockopen($url['host'], 80, $errno, $errstr, $timeout);
if(!$fp) {
if(!$fp || preg_match('/\\s/', $url['host'])) {
$response = 'Fehler: '.$errstr.' ('.$errno.')<br />Es konnte keine Verbindung hergestellt werden';
} else {
$data_string = '<?xml version="1.0" encoding="iso-8859-1"?'.'>
@ -88,7 +96,7 @@ function doPing($url) {
</params>
</methodCall>';
$data_header = "POST ".$url['path']." HTTP/1.0\r\n".
"Host: $host\r\n".
"Host: {$url['host']}\r\n".
"Content-Type: text/xml\r\n".
"User-Agent: qxm XML-RPC Client\r\n".
"Content-Length: ".strlen($data_string)."\r\n\r\n";

6
admin/plugin.php
View file

@ -12,18 +12,19 @@
$handle = "";
$file = "";
$plugindirectory = JLOG_BASEPATH.DIRECTORY_SEPARATOR.'plugins'.DIRECTORY_SEPARATOR;
$availablePlugins = '';
if(is_dir($plugindirectory)) {
$handle = opendir($plugindirectory);
while( false !== ( $file = readdir ($handle) ) ) {
if(substr($file, -10) === '.jplug.php') {
$pluginName = substr($file, 0, -10);
$pluginName = htmlspecialchars(substr($file, 0, -10));
$availablePlugins .= " <li><a href='".add_session_id_to_url("?jplug=".$pluginName)."'>".$pluginName."</a></li>\n";
}
}
closedir($handle);
if(!empty($availablePlugins)) {
if(strlen($availablePlugins) > 0) {
$availablePlugins = " <ul>\n".$availablePlugins." </ul>\n";
$title = $l['admin']['plugins_headline'];
}
@ -50,4 +51,3 @@
require(JLOG_BASEPATH.'scripts'.DIRECTORY_SEPARATOR.'do_template.php');
echo $body;
?>