gitphp 0.2.9.1 :: contractdashboard.git/commitdiff

file:b/bootstrap.min.css (new)

	html,body{margin:0;padding:0;}
	h1,h2,h3,h4,h5,h6,p,blockquote,pre,a,abbr,acronym,address,cite,code,del,dfn,em,img,q,s,samp,small,strike,strong,sub,sup,tt,var,dd,dl,dt,li,ol,ul,fieldset,form,label,legend,button,table,caption,tbody,tfoot,thead,tr,th,td{margin:0;padding:0;border:0;font-weight:normal;font-style:normal;font-size:100%;line-height:1;font-family:inherit;}
	table{border-collapse:collapse;border-spacing:0;}
	ol,ul{list-style:none;}
	q:before,q:after,blockquote:before,blockquote:after{content:"";}
	html{overflow-y:scroll;font-size:100%;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%;}
	a:focus{outline:thin dotted;}
	a:hover,a:active{outline:0;}
	article,aside,details,figcaption,figure,footer,header,hgroup,nav,section{display:block;}
	audio,canvas,video{display:inline-block;display:inline;zoom:1;}
	audio:not([controls]){display:none;}
	sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline;}
	sup{top:-0.5em;}
	sub{bottom:-0.25em;}
	img{border:0;-ms-interpolation-mode:bicubic;}
	button,input,select,textarea{font-size:100%;margin:0;vertical-align:baseline;*vertical-align:middle;}
	button,input{line-height:normal;*overflow:visible;}
	button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0;}
	button,input[type="button"],input[type="reset"],input[type="submit"]{cursor:pointer;-webkit-appearance:button;}
	input[type="search"]{-webkit-appearance:textfield;-webkit-box-sizing:content-box;-moz-box-sizing:content-box;box-sizing:content-box;}
	input[type="search"]::-webkit-search-decoration{-webkit-appearance:none;}
	textarea{overflow:auto;vertical-align:top;}
	body{background-color:#ffffff;margin:0;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:13px;font-weight:normal;line-height:18px;color:#404040;}
	.container{width:940px;margin-left:auto;margin-right:auto;zoom:1;}.container:before,.container:after{display:table;content:"";zoom:1;}
	.container:after{clear:both;}
	.container-fluid{position:relative;min-width:940px;padding-left:20px;padding-right:20px;zoom:1;}.container-fluid:before,.container-fluid:after{display:table;content:"";zoom:1;}
	.container-fluid:after{clear:both;}
	.container-fluid>.sidebar{position:absolute;top:0;left:20px;width:220px;}
	.container-fluid>.content{margin-left:240px;}
	a{color:#0069d6;text-decoration:none;line-height:inherit;font-weight:inherit;}a:hover{color:#00438a;text-decoration:underline;}
	.pull-right{float:right;}
	.pull-left{float:left;}
	.hide{display:none;}
	.show{display:block;}
	.row{zoom:1;margin-left:-20px;}.row:before,.row:after{display:table;content:"";zoom:1;}
	.row:after{clear:both;}
	.row>[class*="span"]{display:inline;float:left;margin-left:20px;}
	.span1{width:40px;}
	.span2{width:100px;}
	.span3{width:160px;}
	.span4{width:220px;}
	.span5{width:280px;}
	.span6{width:340px;}
	.span7{width:400px;}
	.span8{width:460px;}
	.span9{width:520px;}
	.span10{width:580px;}
	.span11{width:640px;}
	.span12{width:700px;}
	.span13{width:760px;}
	.span14{width:820px;}
	.span15{width:880px;}
	.span16{width:940px;}
	.span17{width:1000px;}
	.span18{width:1060px;}
	.span19{width:1120px;}
	.span20{width:1180px;}
	.span21{width:1240px;}
	.span22{width:1300px;}
	.span23{width:1360px;}
	.span24{width:1420px;}
	.row>.offset1{margin-left:80px;}
	.row>.offset2{margin-left:140px;}
	.row>.offset3{margin-left:200px;}
	.row>.offset4{margin-left:260px;}
	.row>.offset5{margin-left:320px;}
	.row>.offset6{margin-left:380px;}
	.row>.offset7{margin-left:440px;}
	.row>.offset8{margin-left:500px;}
	.row>.offset9{margin-left:560px;}
	.row>.offset10{margin-left:620px;}
	.row>.offset11{margin-left:680px;}
	.row>.offset12{margin-left:740px;}
	.span-one-third{width:300px;}
	.span-two-thirds{width:620px;}
	.row>.offset-one-third{margin-left:340px;}
	.row>.offset-two-thirds{margin-left:660px;}
	p{font-size:13px;font-weight:normal;line-height:18px;margin-bottom:9px;}p small{font-size:11px;color:#bfbfbf;}
	h1,h2,h3,h4,h5,h6{font-weight:bold;color:#404040;}h1 small,h2 small,h3 small,h4 small,h5 small,h6 small{color:#bfbfbf;}
	h1{margin-bottom:18px;font-size:30px;line-height:36px;}h1 small{font-size:18px;}
	h2{font-size:24px;line-height:36px;}h2 small{font-size:14px;}
	h3,h4,h5,h6{line-height:36px;}
	h3{font-size:18px;}h3 small{font-size:14px;}
	h4{font-size:16px;}h4 small{font-size:12px;}
	h5{font-size:14px;}
	h6{font-size:13px;color:#bfbfbf;text-transform:uppercase;}
	ul,ol{margin:0 0 18px 25px;}
	ul ul,ul ol,ol ol,ol ul{margin-bottom:0;}
	ul{list-style:disc;}
	ol{list-style:decimal;}
	li{line-height:18px;color:#808080;}
	ul.unstyled{list-style:none;margin-left:0;}
	dl{margin-bottom:18px;}dl dt,dl dd{line-height:18px;}
	dl dt{font-weight:bold;}
	dl dd{margin-left:9px;}
	hr{margin:20px 0 19px;border:0;border-bottom:1px solid #eee;}
	strong{font-style:inherit;font-weight:bold;}
	em{font-style:italic;font-weight:inherit;line-height:inherit;}
	.muted{color:#bfbfbf;}
	blockquote{margin-bottom:18px;border-left:5px solid #eee;padding-left:15px;}blockquote p{font-size:14px;font-weight:300;line-height:18px;margin-bottom:0;}
	blockquote small{display:block;font-size:12px;font-weight:300;line-height:18px;color:#bfbfbf;}blockquote small:before{content:'\2014 \00A0';}
	address{display:block;line-height:18px;margin-bottom:18px;}
	code,pre{padding:0 3px 2px;font-family:Monaco, Andale Mono, Courier New, monospace;font-size:12px;-webkit-border-radius:3px;-moz-border-radius:3px;border-radius:3px;}
	code{background-color:#fee9cc;color:rgba(0, 0, 0, 0.75);padding:1px 3px;}
	pre{background-color:#f5f5f5;display:block;padding:8.5px;margin:0 0 18px;line-height:18px;font-size:12px;border:1px solid #ccc;border:1px solid rgba(0, 0, 0, 0.15);-webkit-border-radius:3px;-moz-border-radius:3px;border-radius:3px;white-space:pre;white-space:pre-wrap;word-wrap:break-word;}
	form{margin-bottom:18px;}
	fieldset{margin-bottom:18px;padding-top:18px;}fieldset legend{display:block;padding-left:150px;font-size:19.5px;line-height:1;color:#404040;padding:0 0 5px 145px;line-height:1.5;}
	form .clearfix{margin-bottom:18px;zoom:1;}form .clearfix:before,form .clearfix:after{display:table;content:"";zoom:1;}
	form .clearfix:after{clear:both;}
	label,input,select,textarea{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:13px;font-weight:normal;line-height:normal;}
	label{padding-top:6px;font-size:13px;line-height:18px;float:left;width:130px;text-align:right;color:#404040;}
	form .input{margin-left:150px;}
	input[type=checkbox],input[type=radio]{cursor:pointer;}
	input,textarea,select,.uneditable-input{display:inline-block;width:210px;height:18px;padding:4px;font-size:13px;line-height:18px;color:#808080;border:1px solid #ccc;-webkit-border-radius:3px;-moz-border-radius:3px;border-radius:3px;}
	select{padding:initial;}
	input[type=checkbox],input[type=radio]{width:auto;height:auto;padding:0;margin:3px 0;*margin-top:0;line-height:normal;border:none;}
	input[type=file]{background-color:#ffffff;padding:initial;border:initial;line-height:initial;-webkit-box-shadow:none;-moz-box-shadow:none;box-shadow:none;}
	input[type=button],input[type=reset],input[type=submit]{width:auto;height:auto;}
	select,input[type=file]{height:27px;height:auto;line-height:27px;margin-top:4px;}
	select[multiple]{height:inherit;background-color:#ffffff;}
	textarea{height:auto;}
	.uneditable-input{background-color:#ffffff;display:block;border-color:#eee;-webkit-box-shadow:inset 0 1px 2px rgba(0, 0, 0, 0.025);-moz-box-shadow:inset 0 1px 2px rgba(0, 0, 0, 0.025);box-shadow:inset 0 1px 2px rgba(0, 0, 0, 0.025);cursor:not-allowed;}
	:-moz-placeholder{color:#bfbfbf;}
	::-webkit-input-placeholder{color:#bfbfbf;}
	input,textarea{-webkit-transition:border linear 0.2s,box-shadow linear 0.2s;-moz-transition:border linear 0.2s,box-shadow linear 0.2s;-ms-transition:border linear 0.2s,box-shadow linear 0.2s;-o-transition:border linear 0.2s,box-shadow linear 0.2s;transition:border linear 0.2s,box-shadow linear 0.2s;-webkit-box-shadow:inset 0 1px 3px rgba(0, 0, 0, 0.1);-moz-box-shadow:inset 0 1px 3px rgba(0, 0, 0, 0.1);box-shadow:inset 0 1px 3px rgba(0, 0, 0, 0.1);}
	input:focus,textarea:focus{outline:0;border-color:rgba(82, 168, 236, 0.8);-webkit-box-shadow:inset 0 1px 3px rgba(0, 0, 0, 0.1),0 0 8px rgba(82, 168, 236, 0.6);-moz-box-shadow:inset 0 1px 3px rgba(0, 0, 0, 0.1),0 0 8px rgba(82, 168, 236, 0.6);box-shadow:inset 0 1px 3px rgba(0, 0, 0, 0.1),0 0 8px rgba(82, 168, 236, 0.6);}
	input[type=file]:focus,input[type=checkbox]:focus,select:focus{-webkit-box-shadow:none;-moz-box-shadow:none;box-shadow:none;outline:1px dotted #666;}
	form .clearfix.error>label,form .clearfix.error .help-block,form .clearfix.error .help-inline{color:#b94a48;}
	form .clearfix.error input,form .clearfix.error textarea{color:#b94a48;border-color:#ee5f5b;}form .clearfix.error input:focus,form .clearfix.error textarea:focus{border-color:#e9322d;-webkit-box-shadow:0 0 6px #f8b9b7;-moz-box-shadow:0 0 6px #f8b9b7;box-shadow:0 0 6px #f8b9b7;}
	form .clearfix.error .input-prepend .add-on,form .clearfix.error .input-append .add-on{color:#b94a48;background-color:#fce6e6;border-color:#b94a48;}
	form .clearfix.warning>label,form .clearfix.warning .help-block,form .clearfix.warning .help-inline{color:#c09853;}
	form .clearfix.warning input,form .clearfix.warning textarea{color:#c09853;border-color:#ccae64;}form .clearfix.warning input:focus,form .clearfix.warning textarea:focus{border-color:#be9a3f;-webkit-box-shadow:0 0 6px #e5d6b1;-moz-box-shadow:0 0 6px #e5d6b1;box-shadow:0 0 6px #e5d6b1;}
	form .clearfix.warning .input-prepend .add-on,form .clearfix.warning .input-append .add-on{color:#c09853;background-color:#d2b877;border-color:#c09853;}
	form .clearfix.success>label,form .clearfix.success .help-block,form .clearfix.success .help-inline{color:#468847;}
	form .clearfix.success input,form .clearfix.success textarea{color:#468847;border-color:#57a957;}form .clearfix.success input:focus,form .clearfix.success textarea:focus{border-color:#458845;-webkit-box-shadow:0 0 6px #9acc9a;-moz-box-shadow:0 0 6px #9acc9a;box-shadow:0 0 6px #9acc9a;}
	form .clearfix.success .input-prepend .add-on,form .clearfix.success .input-append .add-on{color:#468847;background-color:#bcddbc;border-color:#468847;}
	.input-mini,input.mini,textarea.mini,select.mini{width:60px;}
	.input-small,input.small,textarea.small,select.small{width:90px;}
	.input-medium,input.medium,textarea.medium,select.medium{width:150px;}
	.input-large,input.large,textarea.large,select.large{width:210px;}
	.input-xlarge,input.xlarge,textarea.xlarge,select.xlarge{width:270px;}
	.input-xxlarge,input.xxlarge,textarea.xxlarge,select.xxlarge{width:530px;}
	textarea.xxlarge{overflow-y:auto;}
	input.span1,textarea.span1{display:inline-block;float:none;width:30px;margin-left:0;}
	input.span2,textarea.span2{display:inline-block;float:none;width:90px;margin-left:0;}
	input.span3,textarea.span3{display:inline-block;float:none;width:150px;margin-left:0;}
	input.span4,textarea.span4{display:inline-block;float:none;width:210px;margin-left:0;}
	input.span5,textarea.span5{display:inline-block;float:none;width:270px;margin-left:0;}
	input.span6,textarea.span6{display:inline-block;float:none;width:330px;margin-left:0;}
	input.span7,textarea.span7{display:inline-block;float:none;width:390px;margin-left:0;}
	input.span8,textarea.span8{display:inline-block;float:none;width:450px;margin-left:0;}
	input.span9,textarea.span9{display:inline-block;float:none;width:510px;margin-left:0;}
	input.span10,textarea.span10{display:inline-block;float:none;width:570px;margin-left:0;}
	input.span11,textarea.span11{display:inline-block;float:none;width:630px;margin-left:0;}
	input.span12,textarea.span12{display:inline-block;float:none;width:690px;margin-left:0;}
	input.span13,textarea.span13{display:inline-block;float:none;width:750px;margin-left:0;}
	input.span14,textarea.span14{display:inline-block;float:none;width:810px;margin-left:0;}
	input.span15,textarea.span15{display:inline-block;float:none;width:870px;margin-left:0;}
	input.span16,textarea.span16{display:inline-block;float:none;width:930px;margin-left:0;}
	input[disabled],select[disabled],textarea[disabled],input[readonly],select[readonly],textarea[readonly]{background-color:#f5f5f5;border-color:#ddd;cursor:not-allowed;}
	.actions{background:#f5f5f5;margin-top:18px;margin-bottom:18px;padding:17px 20px 18px 150px;border-top:1px solid #ddd;-webkit-border-radius:0 0 3px 3px;-moz-border-radius:0 0 3px 3px;border-radius:0 0 3px 3px;}.actions .secondary-action{float:right;}.actions .secondary-action a{line-height:30px;}.actions .secondary-action a:hover{text-decoration:underline;}
	.help-inline,.help-block{font-size:13px;line-height:18px;color:#bfbfbf;}
	.help-inline{padding-left:5px;position:relative;top:-5px;}
	.help-block{display:block;max-width:600px;}
	.inline-inputs{color:#808080;}.inline-inputs span{padding:0 2px 0 1px;}
	.input-prepend input,.input-append input{-webkit-border-radius:0 3px 3px 0;-moz-border-radius:0 3px 3px 0;border-radius:0 3px 3px 0;}
	.input-prepend .add-on,.input-append .add-on{position:relative;background:#f5f5f5;border:1px solid #ccc;z-index:2;float:left;display:block;width:auto;min-width:16px;height:18px;padding:4px 4px 4px 5px;margin-right:-1px;font-weight:normal;line-height:18px;color:#bfbfbf;text-align:center;text-shadow:0 1px 0 #ffffff;-webkit-border-radius:3px 0 0 3px;-moz-border-radius:3px 0 0 3px;border-radius:3px 0 0 3px;}
	.input-prepend .active,.input-append .active{background:#a9dba9;border-color:#46a546;}
	.input-prepend .add-on{*margin-top:1px;}
	.input-append input{float:left;-webkit-border-radius:3px 0 0 3px;-moz-border-radius:3px 0 0 3px;border-radius:3px 0 0 3px;}
	.input-append .add-on{-webkit-border-radius:0 3px 3px 0;-moz-border-radius:0 3px 3px 0;border-radius:0 3px 3px 0;margin-right:0;margin-left:-1px;}
	.inputs-list{margin:0 0 5px;width:100%;}.inputs-list li{display:block;padding:0;width:100%;}
	.inputs-list label{display:block;float:none;width:auto;padding:0;margin-left:20px;line-height:18px;text-align:left;white-space:normal;}.inputs-list label strong{color:#808080;}
	.inputs-list label small{font-size:11px;font-weight:normal;}
	.inputs-list .inputs-list{margin-left:25px;margin-bottom:10px;padding-top:0;}
	.inputs-list:first-child{padding-top:6px;}
	.inputs-list li+li{padding-top:2px;}
	.inputs-list input[type=radio],.inputs-list input[type=checkbox]{margin-bottom:0;margin-left:-20px;float:left;}
	.form-stacked{padding-left:20px;}.form-stacked fieldset{padding-top:9px;}
	.form-stacked legend{padding-left:0;}
	.form-stacked label{display:block;float:none;width:auto;font-weight:bold;text-align:left;line-height:20px;padding-top:0;}
	.form-stacked .clearfix{margin-bottom:9px;}.form-stacked .clearfix div.input{margin-left:0;}
	.form-stacked .inputs-list{margin-bottom:0;}.form-stacked .inputs-list li{padding-top:0;}.form-stacked .inputs-list li label{font-weight:normal;padding-top:0;}
	.form-stacked div.clearfix.error{padding-top:10px;padding-bottom:10px;padding-left:10px;margin-top:0;margin-left:-10px;}
	.form-stacked .actions{margin-left:-20px;padding-left:20px;}
	table{width:100%;margin-bottom:18px;padding:0;font-size:13px;border-collapse:collapse;}table th,table td{padding:10px 10px 9px;line-height:18px;text-align:left;}
	table th{padding-top:9px;font-weight:bold;vertical-align:middle;}
	table td{vertical-align:top;border-top:1px solid #ddd;}
	table tbody th{border-top:1px solid #ddd;vertical-align:top;}
	.condensed-table th,.condensed-table td{padding:5px 5px 4px;}
	.bordered-table{border:1px solid #ddd;border-collapse:separate;*border-collapse:collapse;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;}.bordered-table th+th,.bordered-table td+td,.bordered-table th+td{border-left:1px solid #ddd;}
	.bordered-table thead tr:first-child th:first-child,.bordered-table tbody tr:first-child td:first-child{-webkit-border-radius:4px 0 0 0;-moz-border-radius:4px 0 0 0;border-radius:4px 0 0 0;}
	.bordered-table thead tr:first-child th:last-child,.bordered-table tbody tr:first-child td:last-child{-webkit-border-radius:0 4px 0 0;-moz-border-radius:0 4px 0 0;border-radius:0 4px 0 0;}
	.bordered-table tbody tr:last-child td:first-child{-webkit-border-radius:0 0 0 4px;-moz-border-radius:0 0 0 4px;border-radius:0 0 0 4px;}
	.bordered-table tbody tr:last-child td:last-child{-webkit-border-radius:0 0 4px 0;-moz-border-radius:0 0 4px 0;border-radius:0 0 4px 0;}
	table .span1{width:20px;}
	table .span2{width:60px;}
	table .span3{width:100px;}
	table .span4{width:140px;}
	table .span5{width:180px;}
	table .span6{width:220px;}
	table .span7{width:260px;}
	table .span8{width:300px;}
	table .span9{width:340px;}
	table .span10{width:380px;}
	table .span11{width:420px;}
	table .span12{width:460px;}
	table .span13{width:500px;}
	table .span14{width:540px;}
	table .span15{width:580px;}
	table .span16{width:620px;}
	.zebra-striped tbody tr:nth-child(odd) td,.zebra-striped tbody tr:nth-child(odd) th{background-color:#f9f9f9;}
	.zebra-striped tbody tr:hover td,.zebra-striped tbody tr:hover th{background-color:#f5f5f5;}
	table .header{cursor:pointer;}table .header:after{content:"";float:right;margin-top:7px;border-width:0 4px 4px;border-style:solid;border-color:#000 transparent;visibility:hidden;}
	table .headerSortUp,table .headerSortDown{background-color:rgba(141, 192, 219, 0.25);text-shadow:0 1px 1px rgba(255, 255, 255, 0.75);}
	table .header:hover:after{visibility:visible;}
	table .headerSortDown:after,table .headerSortDown:hover:after{visibility:visible;filter:alpha(opacity=60);-khtml-opacity:0.6;-moz-opacity:0.6;opacity:0.6;}
	table .headerSortUp:after{border-bottom:none;border-left:4px solid transparent;border-right:4px solid transparent;border-top:4px solid #000;visibility:visible;-webkit-box-shadow:none;-moz-box-shadow:none;box-shadow:none;filter:alpha(opacity=60);-khtml-opacity:0.6;-moz-opacity:0.6;opacity:0.6;}
	table .blue{color:#049cdb;border-bottom-color:#049cdb;}
	table .headerSortUp.blue,table .headerSortDown.blue{background-color:#ade6fe;}
	table .green{color:#46a546;border-bottom-color:#46a546;}
	table .headerSortUp.green,table .headerSortDown.green{background-color:#cdeacd;}
	table .red{color:#9d261d;border-bottom-color:#9d261d;}
	table .headerSortUp.red,table .headerSortDown.red{background-color:#f4c8c5;}
	table .yellow{color:#ffc40d;border-bottom-color:#ffc40d;}
	table .headerSortUp.yellow,table .headerSortDown.yellow{background-color:#fff6d9;}
	table .orange{color:#f89406;border-bottom-color:#f89406;}
	table .headerSortUp.orange,table .headerSortDown.orange{background-color:#fee9cc;}
	table .purple{color:#7a43b6;border-bottom-color:#7a43b6;}
	table .headerSortUp.purple,table .headerSortDown.purple{background-color:#e2d5f0;}
	.topbar{height:40px;position:fixed;top:0;left:0;right:0;z-index:10000;overflow:visible;}.topbar a{color:#bfbfbf;text-shadow:0 -1px 0 rgba(0, 0, 0, 0.25);}
	.topbar h3 a:hover,.topbar .brand:hover,.topbar ul .active>a{background-color:#333;background-color:rgba(255, 255, 255, 0.05);color:#ffffff;text-decoration:none;}
	.topbar h3{position:relative;}
	.topbar h3 a,.topbar .brand{float:left;display:block;padding:8px 20px 12px;margin-left:-20px;color:#ffffff;font-size:20px;font-weight:200;line-height:1;}
	.topbar p{margin:0;line-height:40px;}.topbar p a:hover{background-color:transparent;color:#ffffff;}
	.topbar form{float:left;margin:5px 0 0 0;position:relative;filter:alpha(opacity=100);-khtml-opacity:1;-moz-opacity:1;opacity:1;}
	.topbar form.pull-right{float:right;}
	.topbar input{background-color:#444;background-color:rgba(255, 255, 255, 0.3);font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:normal;font-weight:13px;line-height:1;padding:4px 9px;color:#ffffff;color:rgba(255, 255, 255, 0.75);border:1px solid #111;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:inset 0 1px 2px rgba(0, 0, 0, 0.1),0 1px 0px rgba(255, 255, 255, 0.25);-moz-box-shadow:inset 0 1px 2px rgba(0, 0, 0, 0.1),0 1px 0px rgba(255, 255, 255, 0.25);box-shadow:inset 0 1px 2px rgba(0, 0, 0, 0.1),0 1px 0px rgba(255, 255, 255, 0.25);-webkit-transition:none;-moz-transition:none;-ms-transition:none;-o-transition:none;transition:none;}.topbar input:-moz-placeholder{color:#e6e6e6;}
	.topbar input::-webkit-input-placeholder{color:#e6e6e6;}
	.topbar input:hover{background-color:#bfbfbf;background-color:rgba(255, 255, 255, 0.5);color:#ffffff;}
	.topbar input:focus,.topbar input.focused{outline:0;background-color:#ffffff;color:#404040;text-shadow:0 1px 0 #ffffff;border:0;padding:5px 10px;-webkit-box-shadow:0 0 3px rgba(0, 0, 0, 0.15);-moz-box-shadow:0 0 3px rgba(0, 0, 0, 0.15);box-shadow:0 0 3px rgba(0, 0, 0, 0.15);}
	.topbar-inner,.topbar .fill{background-color:#222;background-color:#222222;background-repeat:repeat-x;background-image:-khtml-gradient(linear, left top, left bottom, from(#333333), to(#222222));background-image:-moz-linear-gradient(top, #333333, #222222);background-image:-ms-linear-gradient(top, #333333, #222222);background-image:-webkit-gradient(linear, left top, left bottom, color-stop(0%, #333333), color-stop(100%, #222222));background-image:-webkit-linear-gradient(top, #333333, #222222);background-image:-o-linear-gradient(top, #333333, #222222);background-image:linear-gradient(top, #333333, #222222);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#333333', endColorstr='#222222', GradientType=0);-webkit-box-shadow:0 1px 3px rgba(0, 0, 0, 0.25),inset 0 -1px 0 rgba(0, 0, 0, 0.1);-moz-box-shadow:0 1px 3px rgba(0, 0, 0, 0.25),inset 0 -1px 0 rgba(0, 0, 0, 0.1);box-shadow:0 1px 3px rgba(0, 0, 0, 0.25),inset 0 -1px 0 rgba(0, 0, 0, 0.1);}
	.topbar div>ul,.nav{display:block;float:left;margin:0 10px 0 0;position:relative;left:0;}.topbar div>ul>li,.nav>li{display:block;float:left;}
	.topbar div>ul a,.nav a{display:block;float:none;padding:10px 10px 11px;line-height:19px;text-decoration:none;}.topbar div>ul a:hover,.nav a:hover{color:#ffffff;text-decoration:none;}
	.topbar div>ul .active>a,.nav .active>a{background-color:#222;background-color:rgba(0, 0, 0, 0.5);}
	.topbar div>ul.secondary-nav,.nav.secondary-nav{float:right;margin-left:10px;margin-right:0;}.topbar div>ul.secondary-nav .menu-dropdown,.nav.secondary-nav .menu-dropdown,.topbar div>ul.secondary-nav .dropdown-menu,.nav.secondary-nav .dropdown-menu{right:0;border:0;}
	.topbar div>ul a.menu:hover,.nav a.menu:hover,.topbar div>ul li.open .menu,.nav li.open .menu,.topbar div>ul .dropdown-toggle:hover,.nav .dropdown-toggle:hover,.topbar div>ul .dropdown.open .dropdown-toggle,.nav .dropdown.open .dropdown-toggle{background:#444;background:rgba(255, 255, 255, 0.05);}
	.topbar div>ul .menu-dropdown,.nav .menu-dropdown,.topbar div>ul .dropdown-menu,.nav .dropdown-menu{background-color:#333;}.topbar div>ul .menu-dropdown a.menu,.nav .menu-dropdown a.menu,.topbar div>ul .dropdown-menu a.menu,.nav .dropdown-menu a.menu,.topbar div>ul .menu-dropdown .dropdown-toggle,.nav .menu-dropdown .dropdown-toggle,.topbar div>ul .dropdown-menu .dropdown-toggle,.nav .dropdown-menu .dropdown-toggle{color:#ffffff;}.topbar div>ul .menu-dropdown a.menu.open,.nav .menu-dropdown a.menu.open,.topbar div>ul .dropdown-menu a.menu.open,.nav .dropdown-menu a.menu.open,.topbar div>ul .menu-dropdown .dropdown-toggle.open,.nav .menu-dropdown .dropdown-toggle.open,.topbar div>ul .dropdown-menu .dropdown-toggle.open,.nav .dropdown-menu .dropdown-toggle.open{background:#444;background:rgba(255, 255, 255, 0.05);}
	.topbar div>ul .menu-dropdown li a,.nav .menu-dropdown li a,.topbar div>ul .dropdown-menu li a,.nav .dropdown-menu li a{color:#999;text-shadow:0 1px 0 rgba(0, 0, 0, 0.5);}.topbar div>ul .menu-dropdown li a:hover,.nav .menu-dropdown li a:hover,.topbar div>ul .dropdown-menu li a:hover,.nav .dropdown-menu li a:hover{background-color:#191919;background-repeat:repeat-x;background-image:-khtml-gradient(linear, left top, left bottom, from(#292929), to(#191919));background-image:-moz-linear-gradient(top, #292929, #191919);background-image:-ms-linear-gradient(top, #292929, #191919);background-image:-webkit-gradient(linear, left top, left bottom, color-stop(0%, #292929), color-stop(100%, #191919));background-image:-webkit-linear-gradient(top, #292929, #191919);background-image:-o-linear-gradient(top, #292929, #191919);background-image:linear-gradient(top, #292929, #191919);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#292929', endColorstr='#191919', GradientType=0);color:#ffffff;}
	.topbar div>ul .menu-dropdown .active a,.nav .menu-dropdown .active a,.topbar div>ul .dropdown-menu .active a,.nav .dropdown-menu .active a{color:#ffffff;}
	.topbar div>ul .menu-dropdown .divider,.nav .menu-dropdown .divider,.topbar div>ul .dropdown-menu .divider,.nav .dropdown-menu .divider{background-color:#222;border-color:#444;}
	.topbar ul .menu-dropdown li a,.topbar ul .dropdown-menu li a{padding:4px 15px;}
	li.menu,.dropdown{position:relative;}
	a.menu:after,.dropdown-toggle:after{width:0;height:0;display:inline-block;content:"↓";text-indent:-99999px;vertical-align:top;margin-top:8px;margin-left:4px;border-left:4px solid transparent;border-right:4px solid transparent;border-top:4px solid #ffffff;filter:alpha(opacity=50);-khtml-opacity:0.5;-moz-opacity:0.5;opacity:0.5;}
	.menu-dropdown,.dropdown-menu{background-color:#ffffff;float:left;display:none;position:absolute;top:40px;z-index:900;min-width:160px;max-width:220px;_width:160px;margin-left:0;margin-right:0;padding:6px 0;zoom:1;border-color:#999;border-color:rgba(0, 0, 0, 0.2);border-style:solid;border-width:0 1px 1px;-webkit-border-radius:0 0 6px 6px;-moz-border-radius:0 0 6px 6px;border-radius:0 0 6px 6px;-webkit-box-shadow:0 2px 4px rgba(0, 0, 0, 0.2);-moz-box-shadow:0 2px 4px rgba(0, 0, 0, 0.2);box-shadow:0 2px 4px rgba(0, 0, 0, 0.2);-webkit-background-clip:padding-box;-moz-background-clip:padding-box;background-clip:padding-box;}.menu-dropdown li,.dropdown-menu li{float:none;display:block;background-color:none;}
	.menu-dropdown .divider,.dropdown-menu .divider{height:1px;margin:5px 0;overflow:hidden;background-color:#eee;border-bottom:1px solid #ffffff;}
	.topbar .dropdown-menu a,.dropdown-menu a{display:block;padding:4px 15px;clear:both;font-weight:normal;line-height:18px;color:#808080;text-shadow:0 1px 0 #ffffff;}.topbar .dropdown-menu a:hover,.dropdown-menu a:hover,.topbar .dropdown-menu a.hover,.dropdown-menu a.hover{background-color:#dddddd;background-repeat:repeat-x;background-image:-khtml-gradient(linear, left top, left bottom, from(#eeeeee), to(#dddddd));background-image:-moz-linear-gradient(top, #eeeeee, #dddddd);background-image:-ms-linear-gradient(top, #eeeeee, #dddddd);background-image:-webkit-gradient(linear, left top, left bottom, color-stop(0%, #eeeeee), color-stop(100%, #dddddd));background-image:-webkit-linear-gradient(top, #eeeeee, #dddddd);background-image:-o-linear-gradient(top, #eeeeee, #dddddd);background-image:linear-gradient(top, #eeeeee, #dddddd);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#eeeeee', endColorstr='#dddddd', GradientType=0);color:#404040;text-decoration:none;-webkit-box-shadow:inset 0 1px 0 rgba(0, 0, 0, 0.025),inset 0 -1px rgba(0, 0, 0, 0.025);-moz-box-shadow:inset 0 1px 0 rgba(0, 0, 0, 0.025),inset 0 -1px rgba(0, 0, 0, 0.025);box-shadow:inset 0 1px 0 rgba(0, 0, 0, 0.025),inset 0 -1px rgba(0, 0, 0, 0.025);}
	.open .menu,.dropdown.open .menu,.open .dropdown-toggle,.dropdown.open .dropdown-toggle{color:#ffffff;background:#ccc;background:rgba(0, 0, 0, 0.3);}
	.open .menu-dropdown,.dropdown.open .menu-dropdown,.open .dropdown-menu,.dropdown.open .dropdown-menu{display:block;}
	.tabs,.pills{margin:0 0 18px;padding:0;list-style:none;zoom:1;}.tabs:before,.pills:before,.tabs:after,.pills:after{display:table;content:"";zoom:1;}
	.tabs:after,.pills:after{clear:both;}
	.tabs>li,.pills>li{float:left;}.tabs>li>a,.pills>li>a{display:block;}
	.tabs{border-color:#ddd;border-style:solid;border-width:0 0 1px;}.tabs>li{position:relative;margin-bottom:-1px;}.tabs>li>a{padding:0 15px;margin-right:2px;line-height:34px;border:1px solid transparent;-webkit-border-radius:4px 4px 0 0;-moz-border-radius:4px 4px 0 0;border-radius:4px 4px 0 0;}.tabs>li>a:hover{text-decoration:none;background-color:#eee;border-color:#eee #eee #ddd;}
	.tabs .active>a,.tabs .active>a:hover{color:#808080;background-color:#ffffff;border:1px solid #ddd;border-bottom-color:transparent;cursor:default;}
	.tabs .menu-dropdown,.tabs .dropdown-menu{top:35px;border-width:1px;-webkit-border-radius:0 6px 6px 6px;-moz-border-radius:0 6px 6px 6px;border-radius:0 6px 6px 6px;}
	.tabs a.menu:after,.tabs .dropdown-toggle:after{border-top-color:#999;margin-top:15px;margin-left:5px;}
	.tabs li.open.menu .menu,.tabs .open.dropdown .dropdown-toggle{border-color:#999;}
	.tabs li.open a.menu:after,.tabs .dropdown.open .dropdown-toggle:after{border-top-color:#555;}
	.pills a{margin:5px 3px 5px 0;padding:0 15px;line-height:30px;text-shadow:0 1px 1px #ffffff;-webkit-border-radius:15px;-moz-border-radius:15px;border-radius:15px;}.pills a:hover{color:#ffffff;text-decoration:none;text-shadow:0 1px 1px rgba(0, 0, 0, 0.25);background-color:#00438a;}
	.pills .active a{color:#ffffff;text-shadow:0 1px 1px rgba(0, 0, 0, 0.25);background-color:#0069d6;}
	.pills-vertical>li{float:none;}
	.tab-content>.tab-pane,.pill-content>.pill-pane,.tab-content>div,.pill-content>div{display:none;}
	.tab-content>.active,.pill-content>.active{display:block;}
	.breadcrumb{padding:7px 14px;margin:0 0 18px;background-color:#f5f5f5;background-repeat:repeat-x;background-image:-khtml-gradient(linear, left top, left bottom, from(#ffffff), to(#f5f5f5));background-image:-moz-linear-gradient(top, #ffffff, #f5f5f5);background-image:-ms-linear-gradient(top, #ffffff, #f5f5f5);background-image:-webkit-gradient(linear, left top, left bottom, color-stop(0%, #ffffff), color-stop(100%, #f5f5f5));background-image:-webkit-linear-gradient(top, #ffffff, #f5f5f5);background-image:-o-linear-gradient(top, #ffffff, #f5f5f5);background-image:linear-gradient(top, #ffffff, #f5f5f5);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffff', endColorstr='#f5f5f5', GradientType=0);border:1px solid #ddd;-webkit-border-radius:3px;-moz-border-radius:3px;border-radius:3px;-webkit-box-shadow:inset 0 1px 0 #ffffff;-moz-box-shadow:inset 0 1px 0 #ffffff;box-shadow:inset 0 1px 0 #ffffff;}.breadcrumb li{display:inline;text-shadow:0 1px 0 #ffffff;}
	.breadcrumb .divider{padding:0 5px;color:#bfbfbf;}
	.breadcrumb .active a{color:#404040;}
	.hero-unit{background-color:#f5f5f5;margin-bottom:30px;padding:60px;-webkit-border-radius:6px;-moz-border-radius:6px;border-radius:6px;}.hero-unit h1{margin-bottom:0;font-size:60px;line-height:1;letter-spacing:-1px;}
	.hero-unit p{font-size:18px;font-weight:200;line-height:27px;}
	footer{margin-top:17px;padding-top:17px;border-top:1px solid #eee;}
	.page-header{margin-bottom:17px;border-bottom:1px solid #ddd;-webkit-box-shadow:0 1px 0 rgba(255, 255, 255, 0.5);-moz-box-shadow:0 1px 0 rgba(255, 255, 255, 0.5);box-shadow:0 1px 0 rgba(255, 255, 255, 0.5);}.page-header h1{margin-bottom:8px;}
	.btn.danger,.alert-message.danger,.btn.danger:hover,.alert-message.danger:hover,.btn.error,.alert-message.error,.btn.error:hover,.alert-message.error:hover,.btn.success,.alert-message.success,.btn.success:hover,.alert-message.success:hover,.btn.info,.alert-message.info,.btn.info:hover,.alert-message.info:hover{color:#ffffff;}
	.btn .close,.alert-message .close{font-family:Arial,sans-serif;line-height:18px;}
	.btn.danger,.alert-message.danger,.btn.error,.alert-message.error{background-color:#c43c35;background-repeat:repeat-x;background-image:-khtml-gradient(linear, left top, left bottom, from(#ee5f5b), to(#c43c35));background-image:-moz-linear-gradient(top, #ee5f5b, #c43c35);background-image:-ms-linear-gradient(top, #ee5f5b, #c43c35);background-image:-webkit-gradient(linear, left top, left bottom, color-stop(0%, #ee5f5b), color-stop(100%, #c43c35));background-image:-webkit-linear-gradient(top, #ee5f5b, #c43c35);background-image:-o-linear-gradient(top, #ee5f5b, #c43c35);background-image:linear-gradient(top, #ee5f5b, #c43c35);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ee5f5b', endColorstr='#c43c35', GradientType=0);text-shadow:0 -1px 0 rgba(0, 0, 0, 0.25);border-color:#c43c35 #c43c35 #882a25;border-color:rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);}
	.btn.success,.alert-message.success{background-color:#57a957;background-repeat:repeat-x;background-image:-khtml-gradient(linear, left top, left bottom, from(#62c462), to(#57a957));background-image:-moz-linear-gradient(top, #62c462, #57a957);background-image:-ms-linear-gradient(top, #62c462, #57a957);background-image:-webkit-gradient(linear, left top, left bottom, color-stop(0%, #62c462), color-stop(100%, #57a957));background-image:-webkit-linear-gradient(top, #62c462, #57a957);background-image:-o-linear-gradient(top, #62c462, #57a957);background-image:linear-gradient(top, #62c462, #57a957);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#62c462', endColorstr='#57a957', GradientType=0);text-shadow:0 -1px 0 rgba(0, 0, 0, 0.25);border-color:#57a957 #57a957 #3d773d;border-color:rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);}
	.btn.info,.alert-message.info{background-color:#339bb9;background-repeat:repeat-x;background-image:-khtml-gradient(linear, left top, left bottom, from(#5bc0de), to(#339bb9));background-image:-moz-linear-gradient(top, #5bc0de, #339bb9);background-image:-ms-linear-gradient(top, #5bc0de, #339bb9);background-image:-webkit-gradient(linear, left top, left bottom, color-stop(0%, #5bc0de), color-stop(100%, #339bb9));background-image:-webkit-linear-gradient(top, #5bc0de, #339bb9);background-image:-o-linear-gradient(top, #5bc0de, #339bb9);background-image:linear-gradient(top, #5bc0de, #339bb9);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#5bc0de', endColorstr='#339bb9', GradientType=0);text-shadow:0 -1px 0 rgba(0, 0, 0, 0.25);border-color:#339bb9 #339bb9 #22697d;border-color:rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);}
	.btn{cursor:pointer;display:inline-block;background-color:#e6e6e6;background-repeat:no-repeat;background-image:-webkit-gradient(linear, 0 0, 0 100%, from(#ffffff), color-stop(25%, #ffffff), to(#e6e6e6));background-image:-webkit-linear-gradient(#ffffff, #ffffff 25%, #e6e6e6);background-image:-moz-linear-gradient(top, #ffffff, #ffffff 25%, #e6e6e6);background-image:-ms-linear-gradient(#ffffff, #ffffff 25%, #e6e6e6);background-image:-o-linear-gradient(#ffffff, #ffffff 25%, #e6e6e6);background-image:linear-gradient(#ffffff, #ffffff 25%, #e6e6e6);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffff', endColorstr='#e6e6e6', GradientType=0);padding:5px 14px 6px;text-shadow:0 1px 1px rgba(255, 255, 255, 0.75);color:#333;font-size:13px;line-height:normal;border:1px solid #ccc;border-bottom-color:#bbb;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:inset 0 1px 0 rgba(255, 255, 255, 0.2),0 1px 2px rgba(0, 0, 0, 0.05);-moz-box-shadow:inset 0 1px 0 rgba(255, 255, 255, 0.2),0 1px 2px rgba(0, 0, 0, 0.05);box-shadow:inset 0 1px 0 rgba(255, 255, 255, 0.2),0 1px 2px rgba(0, 0, 0, 0.05);-webkit-transition:0.1s linear all;-moz-transition:0.1s linear all;-ms-transition:0.1s linear all;-o-transition:0.1s linear all;transition:0.1s linear all;}.btn:hover{background-position:0 -15px;color:#333;text-decoration:none;}
	.btn:focus{outline:1px dotted #666;}
	.btn.primary{color:#ffffff;background-color:#0064cd;background-repeat:repeat-x;background-image:-khtml-gradient(linear, left top, left bottom, from(#049cdb), to(#0064cd));background-image:-moz-linear-gradient(top, #049cdb, #0064cd);background-image:-ms-linear-gradient(top, #049cdb, #0064cd);background-image:-webkit-gradient(linear, left top, left bottom, color-stop(0%, #049cdb), color-stop(100%, #0064cd));background-image:-webkit-linear-gradient(top, #049cdb, #0064cd);background-image:-o-linear-gradient(top, #049cdb, #0064cd);background-image:linear-gradient(top, #049cdb, #0064cd);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#049cdb', endColorstr='#0064cd', GradientType=0);text-shadow:0 -1px 0 rgba(0, 0, 0, 0.25);border-color:#0064cd #0064cd #003f81;border-color:rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);}
	.btn.active,.btn:active{-webkit-box-shadow:inset 0 2px 4px rgba(0, 0, 0, 0.25),0 1px 2px rgba(0, 0, 0, 0.05);-moz-box-shadow:inset 0 2px 4px rgba(0, 0, 0, 0.25),0 1px 2px rgba(0, 0, 0, 0.05);box-shadow:inset 0 2px 4px rgba(0, 0, 0, 0.25),0 1px 2px rgba(0, 0, 0, 0.05);}
	.btn.disabled{cursor:default;background-image:none;filter:progid:DXImageTransform.Microsoft.gradient(enabled = false);filter:alpha(opacity=65);-khtml-opacity:0.65;-moz-opacity:0.65;opacity:0.65;-webkit-box-shadow:none;-moz-box-shadow:none;box-shadow:none;}
	.btn[disabled]{cursor:default;background-image:none;filter:progid:DXImageTransform.Microsoft.gradient(enabled = false);filter:alpha(opacity=65);-khtml-opacity:0.65;-moz-opacity:0.65;opacity:0.65;-webkit-box-shadow:none;-moz-box-shadow:none;box-shadow:none;}
	.btn.large{font-size:15px;line-height:normal;padding:9px 14px 9px;-webkit-border-radius:6px;-moz-border-radius:6px;border-radius:6px;}
	.btn.small{padding:7px 9px 7px;font-size:11px;}
	:root .alert-message,:root .btn{border-radius:0 \0;}
	button.btn::-moz-focus-inner,input[type=submit].btn::-moz-focus-inner{padding:0;border:0;}
	.close{float:right;color:#000000;font-size:20px;font-weight:bold;line-height:13.5px;text-shadow:0 1px 0 #ffffff;filter:alpha(opacity=25);-khtml-opacity:0.25;-moz-opacity:0.25;opacity:0.25;}.close:hover{color:#000000;text-decoration:none;filter:alpha(opacity=40);-khtml-opacity:0.4;-moz-opacity:0.4;opacity:0.4;}
	.alert-message{position:relative;padding:7px 15px;margin-bottom:18px;color:#404040;background-color:#eedc94;background-repeat:repeat-x;background-image:-khtml-gradient(linear, left top, left bottom, from(#fceec1), to(#eedc94));background-image:-moz-linear-gradient(top, #fceec1, #eedc94);background-image:-ms-linear-gradient(top, #fceec1, #eedc94);background-image:-webkit-gradient(linear, left top, left bottom, color-stop(0%, #fceec1), color-stop(100%, #eedc94));background-image:-webkit-linear-gradient(top, #fceec1, #eedc94);background-image:-o-linear-gradient(top, #fceec1, #eedc94);background-image:linear-gradient(top, #fceec1, #eedc94);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fceec1', endColorstr='#eedc94', GradientType=0);text-shadow:0 -1px 0 rgba(0, 0, 0, 0.25);border-color:#eedc94 #eedc94 #e4c652;border-color:rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);text-shadow:0 1px 0 rgba(255, 255, 255, 0.5);border-width:1px;border-style:solid;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:inset 0 1px 0 rgba(255, 255, 255, 0.25);-moz-box-shadow:inset 0 1px 0 rgba(255, 255, 255, 0.25);box-shadow:inset 0 1px 0 rgba(255, 255, 255, 0.25);}.alert-message .close{margin-top:1px;*margin-top:0;}
	.alert-message a{font-weight:bold;color:#404040;}
	.alert-message.danger p a,.alert-message.error p a,.alert-message.success p a,.alert-message.info p a{color:#ffffff;}
	.alert-message h5{line-height:18px;}
	.alert-message p{margin-bottom:0;}
	.alert-message div{margin-top:5px;margin-bottom:2px;line-height:28px;}
	.alert-message .btn{-webkit-box-shadow:0 1px 0 rgba(255, 255, 255, 0.25);-moz-box-shadow:0 1px 0 rgba(255, 255, 255, 0.25);box-shadow:0 1px 0 rgba(255, 255, 255, 0.25);}
	.alert-message.block-message{background-image:none;background-color:#fdf5d9;filter:progid:DXImageTransform.Microsoft.gradient(enabled = false);padding:14px;border-color:#fceec1;-webkit-box-shadow:none;-moz-box-shadow:none;box-shadow:none;}.alert-message.block-message ul,.alert-message.block-message p{margin-right:30px;}
	.alert-message.block-message ul{margin-bottom:0;}
	.alert-message.block-message li{color:#404040;}
	.alert-message.block-message .alert-actions{margin-top:5px;}
	.alert-message.block-message.error,.alert-message.block-message.success,.alert-message.block-message.info{color:#404040;text-shadow:0 1px 0 rgba(255, 255, 255, 0.5);}
	.alert-message.block-message.error{background-color:#fddfde;border-color:#fbc7c6;}
	.alert-message.block-message.success{background-color:#d1eed1;border-color:#bfe7bf;}
	.alert-message.block-message.info{background-color:#ddf4fb;border-color:#c6edf9;}
	.alert-message.block-message.danger p a,.alert-message.block-message.error p a,.alert-message.block-message.success p a,.alert-message.block-message.info p a{color:#404040;}
	.pagination{height:36px;margin:18px 0;}.pagination ul{float:left;margin:0;border:1px solid #ddd;border:1px solid rgba(0, 0, 0, 0.15);-webkit-border-radius:3px;-moz-border-radius:3px;border-radius:3px;-webkit-box-shadow:0 1px 2px rgba(0, 0, 0, 0.05);-moz-box-shadow:0 1px 2px rgba(0, 0, 0, 0.05);box-shadow:0 1px 2px rgba(0, 0, 0, 0.05);}
	.pagination li{display:inline;}
	.pagination a{float:left;padding:0 14px;line-height:34px;border-right:1px solid;border-right-color:#ddd;border-right-color:rgba(0, 0, 0, 0.15);*border-right-color:#ddd;text-decoration:none;}
	.pagination a:hover,.pagination .active a{background-color:#c7eefe;}
	.pagination .disabled a,.pagination .disabled a:hover{background-color:transparent;color:#bfbfbf;}
	.pagination .next a{border:0;}
	.well{background-color:#f5f5f5;margin-bottom:20px;padding:19px;min-height:20px;border:1px solid #eee;border:1px solid rgba(0, 0, 0, 0.05);-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, 0.05);-moz-box-shadow:inset 0 1px 1px rgba(0, 0, 0, 0.05);box-shadow:inset 0 1px 1px rgba(0, 0, 0, 0.05);}.well blockquote{border-color:#ddd;border-color:rgba(0, 0, 0, 0.15);}
	.modal-backdrop{background-color:#000000;position:fixed;top:0;left:0;right:0;bottom:0;z-index:10000;}.modal-backdrop.fade{opacity:0;}
	.modal-backdrop,.modal-backdrop.fade.in{filter:alpha(opacity=80);-khtml-opacity:0.8;-moz-opacity:0.8;opacity:0.8;}
	.modal{position:fixed;top:50%;left:50%;z-index:11000;width:560px;margin:-250px 0 0 -280px;background-color:#ffffff;border:1px solid #999;border:1px solid rgba(0, 0, 0, 0.3);*border:1px solid #999;-webkit-border-radius:6px;-moz-border-radius:6px;border-radius:6px;-webkit-box-shadow:0 3px 7px rgba(0, 0, 0, 0.3);-moz-box-shadow:0 3px 7px rgba(0, 0, 0, 0.3);box-shadow:0 3px 7px rgba(0, 0, 0, 0.3);-webkit-background-clip:padding-box;-moz-background-clip:padding-box;background-clip:padding-box;}.modal .close{margin-top:7px;}
	.modal.fade{-webkit-transition:opacity .3s linear, top .3s ease-out;-moz-transition:opacity .3s linear, top .3s ease-out;-ms-transition:opacity .3s linear, top .3s ease-out;-o-transition:opacity .3s linear, top .3s ease-out;transition:opacity .3s linear, top .3s ease-out;top:-25%;}
	.modal.fade.in{top:50%;}
	.modal-header{border-bottom:1px solid #eee;padding:5px 15px;}
	.modal-body{padding:15px;}
	.modal-body form{margin-bottom:0;}
	.modal-footer{background-color:#f5f5f5;padding:14px 15px 15px;border-top:1px solid #ddd;-webkit-border-radius:0 0 6px 6px;-moz-border-radius:0 0 6px 6px;border-radius:0 0 6px 6px;-webkit-box-shadow:inset 0 1px 0 #ffffff;-moz-box-shadow:inset 0 1px 0 #ffffff;box-shadow:inset 0 1px 0 #ffffff;zoom:1;margin-bottom:0;}.modal-footer:before,.modal-footer:after{display:table;content:"";zoom:1;}
	.modal-footer:after{clear:both;}
	.modal-footer .btn{float:right;margin-left:5px;}
	.modal .popover,.modal .twipsy{z-index:12000;}
	.twipsy{display:block;position:absolute;visibility:visible;padding:5px;font-size:11px;z-index:1000;filter:alpha(opacity=80);-khtml-opacity:0.8;-moz-opacity:0.8;opacity:0.8;}.twipsy.fade.in{filter:alpha(opacity=80);-khtml-opacity:0.8;-moz-opacity:0.8;opacity:0.8;}
	.twipsy.above .twipsy-arrow{bottom:0;left:50%;margin-left:-5px;border-left:5px solid transparent;border-right:5px solid transparent;border-top:5px solid #000000;}
	.twipsy.left .twipsy-arrow{top:50%;right:0;margin-top:-5px;border-top:5px solid transparent;border-bottom:5px solid transparent;border-left:5px solid #000000;}
	.twipsy.below .twipsy-arrow{top:0;left:50%;margin-left:-5px;border-left:5px solid transparent;border-right:5px solid transparent;border-bottom:5px solid #000000;}
	.twipsy.right .twipsy-arrow{top:50%;left:0;margin-top:-5px;border-top:5px solid transparent;border-bottom:5px solid transparent;border-right:5px solid #000000;}
	.twipsy-inner{padding:3px 8px;background-color:#000000;color:white;text-align:center;max-width:200px;text-decoration:none;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;}
	.twipsy-arrow{position:absolute;width:0;height:0;}
	.popover{position:absolute;top:0;left:0;z-index:1000;padding:5px;display:none;}.popover.above .arrow{bottom:0;left:50%;margin-left:-5px;border-left:5px solid transparent;border-right:5px solid transparent;border-top:5px solid #000000;}
	.popover.right .arrow{top:50%;left:0;margin-top:-5px;border-top:5px solid transparent;border-bottom:5px solid transparent;border-right:5px solid #000000;}
	.popover.below .arrow{top:0;left:50%;margin-left:-5px;border-left:5px solid transparent;border-right:5px solid transparent;border-bottom:5px solid #000000;}
	.popover.left .arrow{top:50%;right:0;margin-top:-5px;border-top:5px solid transparent;border-bottom:5px solid transparent;border-left:5px solid #000000;}
	.popover .arrow{position:absolute;width:0;height:0;}
	.popover .inner{background:#000000;background:rgba(0, 0, 0, 0.8);padding:3px;overflow:hidden;width:280px;-webkit-border-radius:6px;-moz-border-radius:6px;border-radius:6px;-webkit-box-shadow:0 3px 7px rgba(0, 0, 0, 0.3);-moz-box-shadow:0 3px 7px rgba(0, 0, 0, 0.3);box-shadow:0 3px 7px rgba(0, 0, 0, 0.3);}
	.popover .title{background-color:#f5f5f5;padding:9px 15px;line-height:1;-webkit-border-radius:3px 3px 0 0;-moz-border-radius:3px 3px 0 0;border-radius:3px 3px 0 0;border-bottom:1px solid #eee;}
	.popover .content{background-color:#ffffff;padding:14px;-webkit-border-radius:0 0 3px 3px;-moz-border-radius:0 0 3px 3px;border-radius:0 0 3px 3px;-webkit-background-clip:padding-box;-moz-background-clip:padding-box;background-clip:padding-box;}.popover .content p,.popover .content ul,.popover .content ol{margin-bottom:0;}
	.fade{-webkit-transition:opacity 0.15s linear;-moz-transition:opacity 0.15s linear;-ms-transition:opacity 0.15s linear;-o-transition:opacity 0.15s linear;transition:opacity 0.15s linear;opacity:0;}.fade.in{opacity:1;}
	.label{padding:1px 3px 2px;font-size:9.75px;font-weight:bold;color:#ffffff;text-transform:uppercase;white-space:nowrap;background-color:#bfbfbf;-webkit-border-radius:3px;-moz-border-radius:3px;border-radius:3px;}.label.important{background-color:#c43c35;}
	.label.warning{background-color:#f89406;}
	.label.success{background-color:#46a546;}
	.label.notice{background-color:#62cffc;}
	.media-grid{margin-left:-20px;margin-bottom:0;zoom:1;}.media-grid:before,.media-grid:after{display:table;content:"";zoom:1;}
	.media-grid:after{clear:both;}
	.media-grid li{display:inline;}
	.media-grid a{float:left;padding:4px;margin:0 0 18px 20px;border:1px solid #ddd;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:0 1px 1px rgba(0, 0, 0, 0.075);-moz-box-shadow:0 1px 1px rgba(0, 0, 0, 0.075);box-shadow:0 1px 1px rgba(0, 0, 0, 0.075);}.media-grid a img{display:block;}
	.media-grid a:hover{border-color:#0069d6;-webkit-box-shadow:0 1px 4px rgba(0, 105, 214, 0.25);-moz-box-shadow:0 1px 4px rgba(0, 105, 214, 0.25);box-shadow:0 1px 4px rgba(0, 105, 214, 0.25);}

file:a/cutenews/LICENSE.txt (deleted)

CutePHP.com Software License Agreement

1. This Software License Agreement is a legal agreement between you,
the end-user ("Licensee"), and Authors of software ("Authors"). By
using our software or storing it on a computer hard drive (or other
type of media), you are agreeing to be bound by the terms of this
Agreement.

2. CutePHP Software IS DISTRIBUTED "AS IS". NO WARRANTY OF ANY KIND IS
EXPRESSED OR IMPLIED. You Use our software AT YOUR OWN RISK. CutePHP
Author hereby disclaims all warranties and guarantees regarding the
use, or the results of use, of the software in terms of correctness,
accuracy, reliability or otherwise. The Author will not be responsible
for any incidental, consequential, direct or indirect damages. You
also agree that the disclaimer is the complete and exclusive statement
of agreement between the parties and supersede all proposals or prior
agreements, oral or written, and any other communications between the
parties relating to the subject matter of the disclaimer.

3. All copyrights to "CutePHP.com" are exclusively owned by the author
- Georgi Avramov.

4. You can use CutePHP.com Software for free (non-commercial needs) as
long as you do not remove / edit, and keep visible the "Powered by..."
line (displayed on every page where the script is included) without
the explicit written permission of CutePHP.com or payed registration.
The Software is licensed only to you. You may not rent, lease,
sublicense, sell, assign, pledge, transfer or otherwise dispose of the
Software in any form, on a temporary or permanent basis, without the
prior written consent of CutePHP.com

5. Users may modify software code for their personal use (at their own
risk), but any altered code must not be redistributed or resold in any
form without the explicit written permission of CutePHP.com

6. Registered Users/Customers (purchased-license holders) are allowed
to remove the 'Powered by...' line.

6.1 All customers must include the URL of the domain where the Script
will be used. This is done through the Customer Area at CutePHP.com

6.2 Customers are allowed to install the script only on the domain
stated in their license. This means that the Licensee can install the
script only on one domain per license purchased. Multiple instances of
the script (installations) are allowed in the scope of the licensed
domain.

6.3 Once you are in receipt of our software, License fees are
non-refundable. We encourage you to verify (by installing the free
version) that the software is working on your server and no problems
are occurring.

6.4 Un-Official technical support will be provided in our forums from
voluntary members to both Registered and Un-Registered Users.

TERMINATION
This Agreement will terminate automatically upon failure to comply
with the limitations described herein or on written notice from an
authorized representative of CutePHP.com. On termination, you must
destroy all copies of the Software within 48 hours.

file:a/cutenews/README.htm (deleted)

<html><head><title>CuteNews README</title>
<meta content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<style type=text/css>
A:link { color:#3E749F; text-decoration:none}
A:visited { color:#3E749F; text-decoration:none}
A:hover { color:#3E749F; text-decoration:underline}
A:active { color:#3E749F; text-decoration:underline}

A.menu:hover, A.menu:active{ color:black; text-decoration:none}
A.menu:link, A.menu:visited{ color:#305367; text-decoration:none}

BODY, P, LI, TD {
COLOR: #000000; FONT-FAMILY: verdana; FONT-SIZE: 11px; LINE-HEIGHT: 16px
}
</STYLE>
</head>
<body aLink=#cccccc bgColor=lightsteelblue link=#333333 vLink=#555555>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<table align=center border=0 cellPadding=1 cellSpacing=0 width=733 height="1">
<tbody>
<tr>
<td bgColor=#000000 width="744" height="1">

<table border=0 cellSpacing=0 width="735" height="1">
<tbody>
<tr>
<td bgColor=#ffffff width="731" colspan="4" align="center" valign="top" height="18">
<b><font size="4" color="#7BA0DD">CuteNews README</font></b></td></tr>
<tr>
<td bgColor=#ffffff width="731" valign="top" align="center" height="4" colspan="4">




</td>
</tr>
<tr>
<td bgColor=#C2E4DB width="731" valign="top" align="center" height="6" colspan="4">


<p align="left"> <font size="2"><b>Information About The Script</b></font>

</td>
</tr>
<tr>
<td bgColor=#ffffff width="10" valign="top" align="center" height="9">




</td>
<td bgColor=#ffffff width="721" valign="top" align="center" height="9" colspan="3">


<p align="left">CuteNews v1.4.6 by <a href="http://cutephp.com">CutePHP</a>
Team.<br />
<br />
Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports<br />
comments and archives that can be organized by months.<br />
Please read the provided license.txt file to get familiar with the legal usage
of this script.<br>
<a href="http://cutephp.com/cutenews/register/">Registered</a> Customers can seek support on at <a href="mailto:support%20[at]%20cutephp.com">our support mail</a> (technichal issues are discussed in our <a href="http://cutephp.com/forum">Forums</a>!)

</td>
</tr>
<tr>
<td bgColor=#ffffff width="731" valign="top" align="center" height="8" colspan="4">




</td>
</tr>
<tr>
<td bgColor=#C2E4DB width="731" valign="top" align="center" height="8" colspan="4">


<p align="left"><font size="2"> <b>Installing CuteNews</b></font>

</td>
</tr>
<tr>
<td bgColor=#ffffff width="12" valign="top" align="center" height="7">




</td>
<td bgColor=#ffffff width="719" valign="top" align="center" height="7" colspan="3">


<p align="left">The installation of CuteNews is really easy and you should do it
without any problems if you fallow these steps:</p>
<p align="left"> <b>1</b>) Create a directory on your server ( e.g.
cutenews )<br />
<b>2</b>) Upload the content of the cutenews.1.4.6.zip to the directory you
created in step 1<br />
<b>3</b>) Now You must
<a title="How do I CHMOD?" target="_blank" href="http://cutephp.com/forum/index.php?showtopic=81">CHMOD</a> the the directory cutenews/data/ and all files and <br>
folders under the data/ directory must be also
chmod'ed to 777.<br>
<b>4</b>) Finally, go to http://yoursite.com/cutenews/index.php
with you favorite browser and fallow the instructions.

</td>
</tr>
<tr>
<td bgColor=#ffffff width="731" valign="top" align="center" height="5" colspan="4">




</td>
</tr>
<tr>
<td bgColor=#C2E4DB width="731" valign="top" align="center" height="13" colspan="4">


<p align="left"><font size="2"><b> Getting The News On Your Page...</b></font>

</td>
</tr>
<tr>
<td bgColor=#ffffff width="14" valign="top" align="center" height="1" rowspan="17">




</td>
<td bgColor=#ffffff width="717" valign="top" align="center" height="7" colspan="3">


<p align="left">You can show the news,  archives on your page by using
some of the following php codes in your page. <br />
The page where you include news, should be with extension .php <br>
If you want these codes to be auto-generated for you, login into CuteNews and go
to Options > <b>Integration Wizards</b></td>
</tr>
<tr>
<td bgColor=#ffffff width="717" valign="top" align="center" height="9" colspan="3">


<hr width="70%">

</td>
</tr>
<tr>
<td bgColor=#ffffff width="717" valign="top" align="center" height="10" colspan="3">


<p align="center"><b>General</b>

</td>
</tr>
<tr>
<td bgColor=#ffffff width="717" valign="top" align="center" height="10" colspan="3">


when showing news, archives you can use <font color="#993300">$number =
<i>x</i>; </font>to limit the to <i>x</i> the number of maximum showed news on
one page. If you use $number, "next >>" link to remaining news
will be displayed. <br>
<br>
if you want to show news, archives from certain category you can use <font color="#993300">$category
= "ID"; </font>where ID is the id of the category, you can choose and more that
one category like this: <font color="#993300">$category =
"ID1,ID2,ID3";</font><br />
<br />
when you want to display news and headlines on one page for example, and want when a headline
is clicked, the article to be displayed on the place of the news you must use <font color="#993300">$static
= TRUE; </font>before including headlines.

</td>
</tr>
<tr>
<td bgColor=#ffffff width="717" valign="top" align="center" height="10" colspan="3">



<p><b>Showing Active News</b>

</td>
</tr>
<tr>
<td bgColor=#ffffff width="20%" valign="top" align="center" height="10">




</td>
<td bgColor=#EDF1F8 width="326" valign="top" align="center" height="10">


<p align="left"><?PHP<br />
include("path/to/show_news.php");<br />
?>

</td>
<td bgColor=#ffffff width="20%" valign="top" align="center" height="10">




</td>
</tr>
<tr>
<td bgColor=#ffffff width="717" valign="top" align="left" height="6" colspan="3">



<p align="center"><b>Showing with Different Template</b>

</td>
</tr>
<tr>
<td bgColor=#ffffff valign="top" align="center" height="8">




</td>
<td bgColor=#EDF1F8 width="329" valign="top" align="left" height="8">


<?PHP<br>
$template = "YOUR_TEMPLATE_NAME";<br />
include("path/to/show_news.php");<br />
?>

</td>
<td bgColor=#ffffff valign="top" align="left" height="8">




</td>
</tr>
<tr>
<td bgColor=#ffffff width="717" valign="top" align="left" height="7" colspan="3">



<p align="center"><b>Showing Archives</b>

</td>
</tr>
<tr>
<td bgColor=#ffffff valign="top" align="center" height="6">




</td>
<td bgColor=#EDF1F8 width="330" valign="top" align="left" height="6">


<?PHP<br />
include("path/to/show_archives.php");<br />
?>

</td>
<td bgColor=#ffffff valign="top" align="left" height="6">




</td>
</tr>
<tr>
<td bgColor=#ffffff width="717" valign="top" align="left" height="10" colspan="3">



<p align="center"><b>Showing 5 Latest News</b>

</td>
</tr>
<tr>
<td bgColor=#ffffff valign="top" align="center" height="6">




</td>
<td bgColor=#EDF1F8 width="330" valign="top" align="left" height="6">


<?PHP<br />
$number = "5";<br />
include("path/to/show_news.php");<br />
?>

</td>
<td bgColor=#ffffff valign="top" align="left" height="6">




</td>
</tr>
<tr>
<td bgColor=#ffffff width="717" valign="top" align="left" height="6" colspan="3">



<p align="center"><b>Showing 5 News from Category with ID 2 </b>

</td>
</tr>
<tr>
<td bgColor=#ffffff valign="top" align="center" height="4">




</td>
<td bgColor=#EDF1F8 width="330" valign="top" align="left" height="4">


<?PHP<br />
$number = "5";<br>
$category = "2";<br />
include("path/to/show_news.php");<br />
?>

</td>
<td bgColor=#ffffff valign="top" align="left" height="4">




</td>
</tr>
<tr>
<td bgColor=#ffffff width="717" valign="top" align="left" height="2" colspan="3">




<p align="center"><b>Showing All Headlines And The 1 Latest News Article  On
One Page</b>

</td>
</tr>
<tr>
<td bgColor=#ffffff valign="top" align="center" height="7">




</td>
<td bgColor=#EDF1F8 width="330" valign="top" align="center" height="7">


<p align="left">


<?PHP<br />
$static = TRUE;<br>
$template = "Headlines";<br />
include("path/to/show_news.php");<br />
<br />
$number = "1";<br />
include("path/to/show_news.php");<br />
?>

</td>
<td bgColor=#ffffff valign="top" align="center" height="7">




</td>
</tr>
<tr>
<td bgColor=#ffffff width="711" valign="top" align="center" height="9" colspan="3">




</td>
</tr>
<tr>
<td bgColor=#ffffff width="731" valign="top" align="center" height="12" colspan="4">


<hr width="70%">

<p><b>Remember that:</b></p>
<ul>
<li>in all of the above examples you must replace path/to/... to with your
path where you installed CuteNews<br>
and not to use the URL but the path<br>
<font color="#FF0000">WRONG</font>: include("http://site.com/cutenews/show_news.php);<br>
<font color="#008000">CORRECT</font>: include("cutenews/show_news.php);                          </li>
<li>in most cases when you include news and headlines in one page, you must
use <font color="#993300">$static = TRUE; </font>.</li>
<li>when you use $number, $category, $template or any other variable, it must
be BEFORE include("show_news.php");</li>
<li>if you have any problems, you can always go to our support forums and
we'll be more than glad to help you<br />
</li>
</ul>

</td>
</tr>
<tr>
<td bgColor=#C2E4DB width="731" valign="top" align="center" height="4" colspan="4">


<p align="left"><b><font size="2"> Help & Support</font></b>

</td>
</tr>
<tr>
<td bgColor=#ffffff width="16" valign="top" align="center" height="9">




</td>
<td bgColor=#ffffff width="715" valign="top" align="center" height="9" colspan="3">


<p align="left">If you have some problems with CuteNews you can go to our<a href="http://cutephp.com/forum/" target="_blank">
support forum</a>.<br>
But before posting your problem on our forums, please look at the included Help
Documentation with CuteNews. You can access it through CuteNews > Help > CuteNews internal Help Documentation

</td>
</tr>
</tbody></table></td></tr></tbody></table>
</body></html>

file:a/cutenews/data/.htaccess (deleted)

Order Deny,Allow
Deny from all
Allow from 127.0.0.1

file:a/cutenews/data/Default.tpl (deleted)

<?PHP
///////////////////// TEMPLATE Default /////////////////////
$template_active = <<<HTML
<div style="width:420px; margin-bottom:30px;">
<div><strong>{title}</strong></div>

<div style="text-align:justify; padding:3px; margin-top:3px; margin-bottom:5px; border-top:1px solid #D3D3D3;">{short-story}</div>



<div><em>Posted on {date} by {author}</em></div>
</div>
HTML;


$template_full = <<<HTML
<div style="width:420px; margin-bottom:15px;">
<div><strong>{title}</strong></div>

<div style="text-align:justify; padding:3px; margin-top:3px; margin-bottom:5px; border-top:1px solid #D3D3D3;">{full-story}</div>

<div style="float: right;">{comments-num} Comments</div>

<div><em>Posted on {date} by {author}</em></div>
</div>
HTML;


$template_comment = <<<HTML
<div style="width: 400px; margin-bottom:20px;">

<div style="border-bottom:1px solid black;"> by <strong>{author}</strong> @ {date}</div>

<div style="padding:2px; background-color:#F9F9F9">{comment}</div>

</div>
HTML;


$template_form = <<<HTML
<table border="0" width="370" cellspacing="0" cellpadding="0">
<tr>
<td width="60">Name:</td>
<td><input type="text" name="name"></td>
</tr>
<tr>
<td>E-mail:</td>
<td><input type="text" name="mail"> (optional)</td>
</tr>
<tr>
<td>Smile:</td>
<td>{smilies}</td>
</tr>
<tr>
<td colspan="2">
<textarea cols="40" rows="6" id=commentsbox name="comments"></textarea><br />
<input type="submit" name="submit" value="Add My Comment">
<input type=checkbox name=CNremember id=CNremember value=1><label for=CNremember> Remember Me</label> \|
<a href="javascript:CNforget();">Forget Me</a>
</td>
</tr>
</table>
HTML;


$template_prev_next = <<<HTML
<p align="center">[prev-link]<< Previous[/prev-link] {pages} [next-link]Next >>[/next-link]</p>
HTML;
$template_comments_prev_next = <<<HTML
<p align="center">[prev-link]<< Older[/prev-link] ({pages}) [next-link]Newest >>[/next-link]</p>
HTML;
?>

file:a/cutenews/data/Headlines.tpl (deleted)

<?PHP
///////////////////// TEMPLATE Headlines /////////////////////
$template_active = <<<HTML
[link]{title}[/link], posted on {date} by {author}<br />
HTML;


$template_full = <<<HTML
<div style="width:420px; margin-bottom:15px;">
<div><strong>{title}</strong></div>

<div style="text-align:justify; padding:3px; margin-top:3px; margin-bottom:5px; border-top:1px solid #D3D3D3;">{full-story}</div>

<div style="float: right;">{comments-num} Comments</div>

<div><em>Posted on {date} by {author}</em></div>
</div>
HTML;


$template_comment = <<<HTML
<div style="width: 400px; margin-bottom:20px;">

<div style="border-bottom:1px solid black;">by <strong>{author}</strong> @ {date}</div>

<div style="padding:2px; background-color:#F9F9F9">{comment}</div>

</div>
HTML;


$template_form = <<<HTML
<table border="0" width="370" cellspacing="0" cellpadding="0">
<tr>
<td width="60">Name:</td>
<td><input type="text" name="name"></td>
</tr>
<tr>
<td>E-mail:</td>
<td><input type="text" name="mail"> (optional)</td>
</tr>
<tr>
<td>Smile:</td>
<td>{smilies}</td>
</tr>
<tr>
<td colspan="2">
<textarea cols="40" rows="6" id=commentsbox name="comments"></textarea><br />
<input type="submit" name="submit" value="Add My Comment">
<input type=checkbox name=CNremember id=CNremember value=1><label for=CNremember> Remember Me</label> \|
<a href="javascript:CNforget();">Forget Me</a>
</td>
</tr>
</table>
HTML;


$template_prev_next = <<<HTML

HTML;
$template_comments_prev_next = <<<HTML

HTML;
?>

file:a/cutenews/data/archives/index.htm (deleted)

<HTML><TITLE>Accedd denied</TITLE><BODY>
<p>You can not view the content of this directory !!!</p>
</BODY></HTML>

file:a/cutenews/data/auto_archive.db.php (deleted)

file:a/cutenews/data/backup/index.html (deleted)

<HTML><TITLE>Accedd denied</TITLE><BODY>
<p>You can not view the content of this directory !!!</p>
</BODY></HTML>

file:a/cutenews/data/cat.num.php (deleted)

0

file:a/cutenews/data/category.db.php (deleted)

file:a/cutenews/data/comments.txt (deleted)

file:a/cutenews/data/config.php (deleted)

<?PHP

//System Configurations

$config_http_script_dir = "http://localhost/contractDashboard/cutenews";

$config_skin = "default";

$config_date_adjust = "0";

$config_smilies = "smile,wink,wassat,tongue,laughing,sad,angry,crying";

$config_auto_archive = "no";

$config_allow_registration = "no";

$config_registration_level = "4";

$config_use_avatar = "no";

$config_use_wysiwyg = "no";

$config_reverse_active = "no";

$config_timestamp_active = "d M Y";

$config_full_popup = "no";

$config_full_popup_string = "HEIGHT=400,WIDTH=650,resizable=yes,scrollbars=yes";

$config_show_comments_with_full = "yes";

$config_auto_wrap = "44";

$config_reverse_comments = "no";

$config_flood_time = "15";

$config_comment_max_long = "1500";

$config_comments_per_page = "50";

$config_only_registered_comment = "no";

$config_allow_url_instead_mail = "yes";

$config_timestamp_comment = "d M Y h:i a";

$config_comments_popup = "no";

$config_comments_popup_string = "HEIGHT=400,WIDTH=650,resizable=yes,scrollbars=yes";

$config_show_full_with_comments = "yes";

$config_notify_email = "govhack@lambdacomplex.org";

$config_notify_status = "disabled";

$config_notify_registration = "no";

$config_notify_comment = "no";

$config_notify_unapproved = "no";

$config_notify_archive = "no";

$config_notify_postponed = "no";

?>

file:a/cutenews/data/emoticons/.htaccess (deleted)

Order Deny,Allow
Allow from all

file:a/cutenews/data/emoticons/angry.gif (deleted)

 Binary files a/cutenews/data/emoticons/angry.gif and /dev/null differ

file:a/cutenews/data/emoticons/crying.gif (deleted)

 Binary files a/cutenews/data/emoticons/crying.gif and /dev/null differ

file:a/cutenews/data/emoticons/index.html (deleted)

<HTML><TITLE>Accedd denied</TITLE><BODY>
<p>You can not view the content of this directory !!!</p>
</BODY></HTML>

file:a/cutenews/data/emoticons/laughing.gif (deleted)

 Binary files a/cutenews/data/emoticons/laughing.gif and /dev/null differ

file:a/cutenews/data/emoticons/sad.gif (deleted)

 Binary files a/cutenews/data/emoticons/sad.gif and /dev/null differ

file:a/cutenews/data/emoticons/smile.gif (deleted)

 Binary files a/cutenews/data/emoticons/smile.gif and /dev/null differ

file:a/cutenews/data/emoticons/tongue.gif (deleted)

 Binary files a/cutenews/data/emoticons/tongue.gif and /dev/null differ

file:a/cutenews/data/emoticons/wassat.gif (deleted)

 Binary files a/cutenews/data/emoticons/wassat.gif and /dev/null differ

file:a/cutenews/data/emoticons/wink.gif (deleted)

 Binary files a/cutenews/data/emoticons/wink.gif and /dev/null differ

file:a/cutenews/data/flood.db.php (deleted)

file:a/cutenews/data/index.html (deleted)

<HTML><TITLE>Accedd denied</TITLE><BODY>
<p>You can not view the content of this directory !!!</p>
</BODY></HTML>

file:a/cutenews/data/ipban.db.php (deleted)

file:a/cutenews/data/news.txt (deleted)

file:a/cutenews/data/postponed_news.txt (deleted)

file:a/cutenews/data/rss.tpl (deleted)

<?PHP
///////////////////// TEMPLATE rss /////////////////////
$template_active = <<<HTML
<item>
<title><![CDATA[{title}]]></title>
<link>{rss-news-include-url}?subaction=showfull&id={news-id}&archive={archive-id}</link>
<description><![CDATA[{short-story}]]></description>
<guid isPermaLink="false">{news-id}</guid>
<pubDate>{date}</pubDate>
</item>
HTML;


$template_full = <<<HTML

HTML;


$template_comment = <<<HTML

HTML;


$template_form = <<<HTML

HTML;


$template_prev_next = <<<HTML

HTML;
$template_comments_prev_next = <<<HTML

HTML;
?>

file:a/cutenews/data/rss_config.php (deleted)

file:a/cutenews/data/unapproved_news.txt (deleted)

file:a/cutenews/data/upimages/.htaccess (deleted)

Order Deny,Allow
Allow from all

file:a/cutenews/data/upimages/cutenews-banner.gif (deleted)

 Binary files a/cutenews/data/upimages/cutenews-banner.gif and /dev/null differ

file:a/cutenews/data/upimages/index.html (deleted)

<HTML><TITLE>Accedd denied</TITLE><BODY>
<p>You can not view the content of this directory !!!</p>
</BODY></HTML>

file:a/cutenews/data/users.db.php (deleted)

<?PHP die("You don't have access to open this file !!!"); ?>
1259446539\|1\|maxious\|9c1cfbdadde1e4c9c5d301f57848bf38\|cD team\|govhack@lambdacomplex.org\|0\|0\|\|1259446557\|\|

file:a/cutenews/example1.php (deleted)

<html>
<head><title>Example1</title></head>
<body>

<a href="?go=news">news</a> \|\|
<a href="?go=headlines">headlines</a> \|\|
<a href="?go=archives">arhcives</a> \|\|
<a href="?go=search">search</a> \|\|
<a style="font-size:120%" href="example2.php">See Advanced Example >></a>

<hr>


<?PHP
error_reporting (E_ALL ^ E_NOTICE);

if($_GET['go'] == "" or $_GET['go'] == "news"){
include("show_news.php");
}
elseif($_GET['go'] == "headlines"){
$template = "Headlines";
include("show_news.php");
}
elseif($_GET['go'] == "archives"){
include("show_archives.php");
}
elseif($_GET['go'] == "search"){
include("search.php");
}
?>



</body>
</html>

file:a/cutenews/example2.php (deleted)

<?PHP

?>
<html>
<head>
<title>Example</title>
<style>
<!--
A { color: #003366; text-decoration: none; }
A:link { color: #003366; text-decoration: none; }
A:visited { color: #003366; text-decoration: none; }
A:active { color: #54622D; }
A:hover { color: #54622D; }


BODY,TD,TR{
font-family: verdana, arial, sans-serif;
color:#000;
font-size:11;
font-weight:normal;
}
.banner {
font-family: georgia, verdana, arial, sans-serif;
color:white;
font-size:x-large;
font-weight:bold;
border-left:1px solid #FFF;
border-right:1px solid #FFF;
border-top:1px solid #FFF;
background:#003366;
padding:7px;
}
.description{
font-family:verdana, arial, sans-serif;
font-size:x-small;
font-weight:bold;
}

//-->
</style>
</head>
<body bgcolor="#ffffff">
<div align="center"><center>
<table border="0" width="700" cellspacing="0" cellpadding="0">
<tr>
<td class=banner >
Put here your title<br>
<span class="description">and this is your description</span>
</td>
</tr>

<tr>
<td>

</center>

<table border="0" width="100%" cellspacing="0" cellpadding="6">
<tr>
<td width="180" valign=top style="border-right: 1px dotted #000000;"><table border="0" width=93% cellspacing="0" cellpadding="0">
<tr>

<td width="100%" style="border-top: 1 solid #000000; border-bottom: 1 solid #000000" bgcolor="#F3F4F5" height="26">
<p align="left"> <b><font color="#003366">Navigation</font></b></p>
</td>
</tr>
<tr>

<td width="100%">

</td>
</tr>
<tr>

<td width="100%">
<a href="?">main page</a>
</td>
</tr>
<tr>

<td width="100%">
<a href="?do=archives">archives</a>
</td>
</tr>
<tr>

<td width="100%">
<a href="?do=stats">statistic</a>
</td>
</tr>
<tr>

<td width="100%">
<a href="?">other link</a>
</td>
</tr>
<tr>

<td width="100%">
<a href="?">other link</a>
</td>
</tr>
<tr>

<td width="100%">

</td>
</tr>
<tr>

<td width="100%" style="border-top: 1 solid #000000; border-bottom: 1 solid #000000" bgcolor="#F3F4F5" height="26">
<p align="left"> <font color="#003366"><b>Quick search</b></font></p>
</td>
</tr>
<tr>

<td width="100%">
</td>
</tr>
<tr>
<!-- The Quick Search Form -->
<form method="post">
<td width="100%" align="center"> <br>
<input type="text" name="story" size="14">
<input type="hidden" name="do" value="search">
</td>
</form>
<!-- End of the Search Form -->

</tr>
<tr>

<td width="100%">

</td>
</tr>
<tr>

<td width="100%" style="border-top: 1 solid #000000; border-bottom: 1 solid #000000" bgcolor="#F3F4F5" height="26">
<p align="left"> <b><font color="#003366">banners/sponsors</font></b></p>
</td>
</tr>
<center>

<tr>

<td width="100%">

</td>
</tr>
<tr>

<td width="100%">
put some banners here
</td>
</tr>
<tr>

<td width="100%">

</td>
</tr>
<tr>

<td width="100%">
and another banners here
</td>
</tr>
<tr>

<td width="100%">

</td>
</tr>
<tr>

<td width="100%" style="border-top: 1 solid #000000; border-bottom: 1 solid #000000" bgcolor="#F3F4F5" height="26">
<p align="left"> <font color="#003366"><b>Friends</b></font></p>
</td>
</tr>
<tr>

<td width="100%">

</td>
</tr>
<tr>

<td width="100%">
<a href="http://cutephp.com" title="PHP News Content Management System" target="_blank">CutePHP Scripts</a>
</td>
</tr>
<tr>

<td width="100%">
<a href="http://news.google.com" target="_blank">Google News</a>
</td>
</tr>
<tr>

<td width="100%">
<a href="http://mozilla.org" target="_blank">Mozilla.org</a>
</td>
</tr>
</table>

<p align="center"><br><br>
<br>
<br>
<br>
</center>
</td>
<td width="520" valign="top" align="center">

<table border="0" width="453" cellspacing="1" cellpadding="3">
<tr>
<td width="441">
<?PHP

/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Here we decide what page to include
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */

if($_POST['do'] == "search" or $_GET['dosearch'] == "yes"){ $subaction = "search"; $dosearch = "yes"; include("./search.php"); }
elseif($_GET['do'] == "archives"){ include("./show_archives.php"); }
elseif($_GET['do'] == "stats"){ echo"You can download the stats addon and include it here to show how many news, comments ... you have"; /* include("$path/stats.php"); */ }
else{ include("./show_news.php"); }

?>
</td>
</tr>
</table>

</td>
</tr>
</table>
</td>
</tr>

</table><br><br><center>
<table border=0 width=700 style="border-top: 1px dotted #000000;">
<tr><td>
<p align="center">put your footer and copyright here

</td></tr></table>
</body>
</html>

file:a/cutenews/inc/.htaccess (deleted)

Order Deny,Allow
Deny from all
Allow from 127.0.0.1

file:a/cutenews/inc/about.mdu (deleted)

<?PHP

// ********************************************************************************
// CuteCode
// ********************************************************************************
if($action == "cutecode")
{
echo"<html>
<head>
<title>CuteCode</title>
<style type=\"text/css\">
<!--
BODY, TD {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
a:active,a:visited,a:link {color: #446488; text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
a:hover {font-size : 8pt; color: #000000; font-family: verdana; text-decoration: none; }
-->
</style>
</head>
<body bgcolor=#FFFFFF>
<script language=\"javascript\" type=\"text/javascript\">
<!--
function insertcode(type,var1,var2) {

if(var1 != null){
if(var2 == null){ var2=' '; }

switch(type) {
case 'link':
code = '<a href=\"' +var1+ '\">' +var2+ '</a>';
break;
case 'image':
code = '<img src=\"' +var1+ '\" alt=\"\" style=\"border: none;\" />';
break;
case 'bold':
code = '<strong>' +var1+ '</strong>';
break;
case 'italic':
code = '<em>' +var1+ '</em>';
break;
case 'underline':
code = '<span style=\"text-decoration: underline;\">' +var1+ '</span>';
break;
case 'color':
code = '<span style=\"color: ' +var1+ '\">' +var2+ '</span>';
break;
case 'size':
code = '<span style=\"font-size: ' +var1+ 'pt\">' +var2+ '</span>';
break;
case 'font':
code = '<span style=\"font-family: ' +var1+ '\">' +var2+ '</span>';
break;
case 'align':
code = '<div style=\"text-align: ' +var1+ '\">' +var2+ '</div>';
break;
case 'quote':
code = '[quote]' +var1+ '[/quote]';
break;
case 'list':
code = '<ul>\\n<li>Text1</li>\\n<li>Text2</li>\\n<li>Text3</li>\\n</ul>';
alert('Sample List will be inserted into the textarea');
break;
default:
}

code = ' ' + code + ' ';
opener.document.addnews.$target.value += code;
if(document.my.ifClose.checked == true)
{
opener.document.addnews.$target.focus();
window.close();
opener.document.addnews.$target.focus();
}
}
}
//-->
</script>
<table border=0 height=247 width=320 cellspacing=\"0\" cellpadding=\"0\">

<td height=\"15\" colspan=\"2\" width=\"21\">
<td height=\"15\" width=\"342\">
<tr>
<td height=\"15\" colspan=\"2\" width=\"367\">
<font size=\"1\" face=\"Verdana\"><b>QuickTags</b></font>
<td height=\"15\" width=\"0\">
</tr>

<tr bgcolor=#F7F6F4><td height=16 width=\"21\">

<td height=16 width=\"344\">
<a href=\"javascript:insertcode('link', prompt('Enter the complete URL of the hyperlink', 'http://'), prompt('Enter the title of the webpage', '') )\">
Insert Link</a>
<td height=16 width=\"0\">
[link=<font color=\"#808080\">URL</font>]<font color=\"#808080\">Text</font>[/link]
</tr>

<tr ><td height=16 width=\"21\">

<td height=16 width=\"344\">
<a href=\"javascript:insertcode('image', prompt('Enter URL of the Image:', 'http://') )\">
Insert Image</a>
<td height=16 width=\"0\">
[image=<font color=\"#808080\">URL</font>]
</tr>

<tr bgcolor=#F7F6F4><td height=16 width=\"21\">

<td height=16 width=\"344\">
<a href=\"javascript:insertcode('quote', prompt('Text to Quote:', '') )\">
Instert Quote</a>
<td height=16 width=\"0\">
[quote=<font color=\"#808080\">Name</font>]<font color=\"#808080\">Text</font>[/quote]
</tr>

<tr ><td height=16 width=\"21\">

<td height=16 width=\"344\">
<a href=\"javascript:insertcode('list', 'none' )\">
Insert List</a>
<td height=16 width=\"0\">
[list]<font color=\"#808080\">[]Text1[]Text2</font>[/list]
</tr>

<tr bgcolor=#F7F6F4><td height=16 width=\"21\">

<td height=16 width=\"344\">
<a href=\"javascript:insertcode('bold', prompt('Enter Text you want to be BOLD', '') )\">
Bold Text</a>

<td height=16 width=\"0\">
[b]<font color=\"#808080\">Text</font>[/b]
</tr><tr ><td height=16 width=\"21\">

<td height=16 width=\"344\">
<a href=\"javascript:insertcode('italic', prompt('Enter Text you want to be Italic', '') )\">
Italic Text</a>
<td height=16 width=\"0\">
[i]<font color=\"#808080\">Text</font>[/i]
</tr><tr bgcolor=#F7F6F4><td height=16 width=\"21\">


<td height=16 width=\"344\">
<a href=\"javascript:insertcode('underline', prompt('Enter Text you want to be Underlined', '') )\">
Underlined Text</a>
<td height=16 width=\"0\">
[u]<font color=\"#808080\">Text</font>[/u]
</tr>



<tr><td height=16 width=\"21\">

<td height=16 width=\"344\">
<a href=\"javascript:insertcode('color', prompt('Enter color of the text (blue, red, green, fuchsia)',''), prompt('Enter the text to be in this color','') )\">
Text Color</a>
<td height=16 width=\"0\">
[color=<font color=\"#808080\">COLOR</font>]<font color=\"#808080\">Text</font>[/color]
</tr><tr bgcolor=#F7F6F4><td height=16 width=\"21\">


<td height=16 width=\"344\">
<a href=\"javascript:insertcode('size', prompt('Enter size of the text (in points format)',''), prompt('Enter the text to be in this size','') )\">
Text Size</a>
<td height=16 width=\"0\">
[size=<font color=\"#808080\">SIZE</font>]<font color=\"#808080\">Text</font>[/size]
</tr><tr><td height=16 width=\"21\">

<td height=16 width=\"344\">
<a href=\"javascript:insertcode('font', prompt('Enter font of the text (verdana, arial, times, courier)',''), prompt('Enter the text to be in this font','') )\">
Text Font</a>

<td height=16 width=\"0\">
[font=<font color=\"#808080\">FONT</font>]<font color=\"#808080\">Text</font>[/font]
</tr><tr bgcolor=#F7F6F4><td height=16 width=\"21\">

<td height=16 width=\"344\">
<a href=\"javascript:insertcode('align', prompt('Enter align of the text (right, left, center, justify)',''), prompt('Enter the text to be in this align','') )\">
Text Align</a>
<td height=16 width=\"0\">
[align=<font color=\"#808080\">ALIGN</font>]<font color=\"#808080\">Text</font>[/align]
</tr><tr>
<td width=21 height=\"57\">
<form name=my>
<td height=57 colspan=\"2\" width=\"342\">

<label><input type=checkbox checked name=ifClose> Close this window after I insert code</label>
</tr></form>
</table></body></HTML>";
}
else{
echoheader("question", "Help / About");

if ( function_exists("md5_file") ){
$functions_md5 = md5_file("inc/functions.inc.php");
}else{
$functions_md5 = "MD5NotSupported";
}

// echo"$functions_md5";
if(file_exists("./data/reg.php")){ include("./data/reg.php"); }

echo"<table border=0 cellpading=0 cellspacing=0 width=\"654\" height=\"175\" >
<tr>
<td width=\"650\" valign=\"middle\" height=\"1\" bgcolor=\"#F7F6F4\" colspan=\"3\">
<font size=\"2\"><b>Help & Support</b></font>
</tr>
<tr>
<td width=\"31\" valign=\"middle\" height=\"70\">

<td width=\"619\" valign=\"middle\" colspan=\"2\" align=justify>
If you are experiencing any kind of problems, the first thing you should do before asking for help from us is look
at <a href=\"$PHP_SELF?mod=help\">CuteNews internal Help Documentation</a>.
If you still can not solve your problem look at the <a href=\"http://cutephp.com/faq/\" target=\"_blank\">FAQ section of our site</a> or post your issues in our <a href=\"http://cutephp.com/forum/\" target=\"_blank\">support
forum</a>, but only after you have read the readme.html file included in the zip

<ol style=\"margin-bottom:8px;\">
<li><a href=\"$PHP_SELF?mod=help\">Internal Help Documentation</a></li>
<li><a href=\"http://cutephp.com/cutenews/readme.html\" target=_blank>Readme.html File (online)</a></li>
<li><a href=\"http://cutephp.com/forum/\" target=_blank>Support Forums</a></li>
</ol>

</tr>



<tr>
<td width=\"650\" valign=\"middle\" height=\"1\" bgcolor=\"#F7F6F4\" colspan=\"3\">
<font size=\"2\"><b>Version Check</b></font>
</tr>
<tr>
<td width=\"29\" valign=\"middle\" height=\"24\">
<td width=\"100\" valign=\"middle\" height=\"24\">
Your version
<td width=\"523\" valign=\"middle\" height=\"24\">
: $config_version_name   (build Id - $config_version_id)
</tr>
<tr>
<td width=\"29\" valign=\"middle\" height=\"23\">
<td width=\"100\" valign=\"top\" height=\"23\">
Latest Version
<td width=\"521\" valign=\"top\" height=\"23\">
: <script type=\"text/javascript\" src=\"http://cutephp.com/cutenews/check_version.php?config_http_script_dir=$config_http_script_dir&mybid=$config_version_id&reglicense=$reg_site_key&functions_md5=$functions_md5\"></script>
</tr>

";
if(!file_exists('./data/reg.php')){ echo"
<tr>
<td width=\"650\" valign=\"middle\" height=\"1\" bgcolor=\"#F7F6F4\" colspan=\"3\">
<font size=\"2\" color=red><b>Unregistered</b></font>
</tr>
<tr>
<td width=\"29\" valign=\"middle\" height=\"24\">
<td width=\"100\" valign=\"middle\" height=\"24\" style=\"color:red;\"> » » »
<td width=\"523\" valign=\"middle\" height=\"24\">Your version of CuteNews is Unregistered - <b><a href=\"http://cutephp.com/cutenews/register/\" target=_blank>Find out how to register it</a></b><br>
by registering your version, all 'powered by CuteNews...' lines will be removed

</tr>
";
}
echo"

<tr>
<td width=\"650\" valign=\"middle\" height=\"1\" bgcolor=\"#F7F6F4\" colspan=\"3\">
<font size=\"2\"><b>Rate our Script</b></font>
</tr>
<tr>
<td width=\"33\" valign=\"middle\" height=\"47\">
<p>
<form action=\"http://www.hotscripts.com/rate/21011.html\" method=\"POST\" target=\"_blank\">
<td width=\"617\" valign=\"middle\" height=\"47\" colspan=\"2\">
Please rate our script <a href=\"http://www.hotscripts.com/?RID=11206\" style=\"text-decoration: none\">
@ HotScripts.com
</a> if you like it.
<select name=rating size=1>
<option value=5 selected>Excellent!</option>
<option value=4>Very Good</option>
<option value=3>Good</option>
<option value=2>Fair</option>
<option value=1>Poor</option>
</select>
<input type=\"submit\" value=\"Cast My Vote!\">
<input type=\"hidden\" name=\"sexternal\" value=\"1\">
</form>
</tr>
</table>";

echofooter();
}

?>

file:a/cutenews/inc/addnews.mdu (deleted)

<?PHP

if($member_db[1] > 3){ msg("error", "Access Denied", "You don't have permission to add news"); }

$orig_cat_lines = file("./data/category.db.php");
//only show allowed categories
$allowed_cats = array();
$cat_lines = array();
foreach($orig_cat_lines as $single_line){
$ocat_arr = explode("\|", $single_line);
if($member_db[1] <= $ocat_arr[3] or ($ocat_arr[3] == '0' \|\| $ocat_arr[3] == '')){
$cat_lines[] = $single_line;
$allowed_cats[] = $ocat_arr[0];
}

}

if ($action == "addnews"){






echoheader("addnews", "Add News");


$short_story_id = 'short_story';
$full_story_id = 'full_story';

//
// Are we using the WYSIWYG ?
//
if($config_use_wysiwyg == "yes"){
$use_wysiwyg = true;
$article_format_options = "
<label for='convert'>
<input id='convert' style=\"border:0; background-color:transparent\" type=checkbox value=\"yes\" name=\"if_convert_new_lines\" disabled > Convert new lines to <br /></label>
<br/>
<label for='html'>
<input id='html' style=\"border:0; background-color:transparent\" type=checkbox value=\"yes\" name=\"dummi\" checked disabled> Use HTML in this article</label>
<input type=hidden name=\"if_use_html\" value=\"yes\">
<br/>";

}else{
$use_wysiwyg = false;
$article_format_options = "
<label for='convert'>
<input id='convert' style=\"border:0; background-color:transparent\" type=checkbox value=\"yes\" name=\"if_convert_new_lines\" checked > Convert new lines to <br /></label>
<br/>
<label for='html'>
<input id='html' style=\"border:0; background-color:transparent\" type=checkbox value=\"yes\" name=\"if_use_html\" checked> Use HTML in this article</label>
<br/>";
}

echo "
<SCRIPT LANGUAGE=\"JavaScript\">
function preview(){
if(document.addnews.short_story.value == '' \|\| document.addnews.title.value == ''){ alert('Your article must have at least Title and Short Story'); }
else{
dd=window.open('','prv','height=400,width=750,resizable=1,scrollbars=1')
document.addnews.mod.value='preview';document.addnews.target='prv'
document.addnews.submit();dd.focus()
setTimeout(\"document.addnews.mod.value='addnews';document.addnews.target='_self'\",500)
}
}

function increaseTextarea(area){
if (document.getElementById(area).style.height == '') {
document.getElementById(area).style.height = '300px';
}
else{
var pattern = new RegExp(\"\\\\d+\",'ig');
var currHeight = document.getElementById(area).style.height.match(pattern);
var newHeight = +currHeight + 100;
document.getElementById(area).style.height = newHeight + 'px';
}


}


function submitForm() {
//make sure hidden and iframe values are in sync before submitting form
//to sync only 1 rte, use updateRTE(rte)
//to sync all rtes, use updateRTEs
updateRTE('short_story');
updateRTE('full_story');
//updateRTEs();

//change the following line to true to submit form
return true;
}

function increaseTextareaBug(){";

if($use_wysiwyg){
echo"var area = '$full_story_id';
if (document.getElementById(area).style.height == '') {
document.getElementById(area).style.height = '250px';
}
else{
var pattern = new RegExp(\"\\\\d+\",'ig');
var currHeight = document.getElementById(area).style.height.match(pattern);
var newHeight = +currHeight + 1;
document.getElementById(area).style.height = newHeight + 'px';
}";
}

echo"}

onload=focus;function focus(){document.forms[0].title.focus();}

</SCRIPT>

<form onSubmit = \"return submitForm();\" method=post name=addnews action=\"$PHP_SELF\">
<table border=0 cellpading=0 cellspacing=0 width=\"654\" >

<tr>
<td width=\"75\">
Title
<td width=\"575\" colspan=\"2\">
<input type=text size=\"55\" name=\"title\" tabindex=1>
</tr>";

if($config_use_avatar == "yes"){
echo"<tr>
<td width=\"75\">
Avatar URL
<td width=\"575\" colspan=\"2\">
<input tabindex=2 type=text size=\"42\" value=\"$member_db[8]\" name=\"manual_avatar\" >   <font style=\"font-size:7pt\">(optional)</font>
</tr>";
}
/* Old Single Category Code */

if(count($cat_lines) > 0){
echo"<tr id='singlecat'>
<td width=\"75\">
Category
<td width=\"575\" colspan=\"2\">
<select id='selecsinglecat' name=category tabindex=3>\n
<option value=\"\"> </option>\n";
foreach($cat_lines as $single_line){
$cat_arr = explode("\|", $single_line);
$if_is_selected = "";
if($category == $cat_arr[0]){ $if_is_selected = " selected "; }
echo"<option $if_is_selected value=\"$cat_arr[0]\">$cat_arr[1]</option>\n";
}
echo"</select> <a href=\"javascript:ShowOrHide('multicat','singlecat');\" onClick=\"javascript:document.getElementById('selecsinglecat').name='';\">(multiple categories)</a></tr>";
}


/*###
##### New Multy Category Code
*/###



if(count($cat_lines) > 0){
echo"
<tr style=\"display:none;\" id='multicat'>
<td width=\"75\">
Category
<td>";
echo'<table width="100%" border="0" cellspacing="0" cellpadding="0" class="panel">';

foreach($cat_lines as $single_line){


$cat_arr = explode("\|", $single_line);
$if_is_selected = "";
if($category == $cat_arr[0]){ $if_is_selected = " checked "; }

// echo"<input name='category[]' type=checkbox $if_is_selected value=\"$cat_arr[0]\">$cat_arr[1],\n";

echo"

<td style='font-size:10px;' valign=top>
<label for='cat{$cat_arr[0]}'>
<input $if_is_selected style='background-color:transparent;border:0px;' type=checkbox name='category[]' id='cat{$cat_arr[0]}' value='{$cat_arr[0]}'>$cat_arr[1]</label>";
$i++;
if ($i%4 == 0){ echo'<tr>'; }


}
echo"</tr></table> <td> </td> ";
}









echo"
<tr>
<td width=\"75\" valign=\"top\">
<br />Short Story
<td>";


if ($use_wysiwyg) {
echo"
<script language=\"JavaScript\" type=\"text/javascript\" src=\"rte/richtext.js\"></script>
<script language=\"JavaScript\" type=\"text/javascript\">
initRTE(\"rte/images/\", \"rte/\", \"rte/\", false); </script>

<script language=\"JavaScript\" type=\"text/javascript\">
writeRichText('short_story', '', 460, 250, true, false);
</script>
";
}else{
echo"
<textarea rows=\"12\" cols=\"74\" id=\"short_story\" name=\"short_story\" tabindex=4></textarea>
";
}

echo"
<td width=\"108\" valign=\"top\" style='background: url(skins/images/baloon.gif) no-repeat top left'>
<p align=\"center\"><a href=# onclick=\"window.open('$PHP_SELF?&mod=images&action=quick&area=$short_story_id&wysiwyg=$use_wysiwyg', '_Addimage', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=360');return false;\" target=\"_Addimage\"><br />
[insert image]</a><br />
<!-- <a href=# onclick=\"window.open('$PHP_SELF?&mod=about&action=cutecode&target=short_story', '_CuteCode', 'HEIGHT=280,resizable=yes,scrollbars=yes,WIDTH=360');return false;\" target=\"_Addimage\">[quick tags]</a><br /> -->
<a href=# onclick=\"increaseTextarea('$short_story_id'); return false;\">[expand]</a>
<br /><br />

";

echo insertSmilies("$short_story_id", 4, true, "$use_wysiwyg");

echo"
</tr>

<tr id='full-story' style='display:none;z-index:1;'>
<td width=\"75\" valign=\"top\">
<br />Full Story<br /><font style=\"font-size:7pt\">(optional)</font>
<td>
";


if ($use_wysiwyg) {
echo"<script language=\"JavaScript\" type=\"text/javascript\">
writeRichText('full_story', '', 460, 300, true, false);
</script>";
}else{
echo"<textarea rows=\"12\" cols=\"74\" id=\"full_story\" name=\"full_story\" tabindex=5></textarea>";
}

echo"
<td width=\"108\" valign=\"top\" style='background: url(skins/images/baloon.gif) no-repeat top left'>
<p align=\"center\"><br />
<a href=# onclick=\"window.open('$PHP_SELF?mod=images&action=quick&area=$full_story_id&wysiwyg=$use_wysiwyg', '_Addimage', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=360');return false;\" target=\"_Addimage\">[insert image]</a><br />
<!-- <a href=# onclick=\"window.open('$PHP_SELF?&mod=about&action=cutecode&target=full_story', '_Addimage', 'HEIGHT=280,resizable=yes,scrollbars=yes,WIDTH=360');return false;\" target=\"_CuteCode\">[quick tags]</a><br />-->

<a href=# onclick=\"increaseTextarea('$full_story_id'); return false;\">[expand]</a>
<br /><br />
";

echo insertSmilies("$full_story_id", 4, true, "$use_wysiwyg");

echo"
</tr>

<tr>
<td>
<td>



<table border=0 cellspacing=0 cellpadding=0 width=100%>
<tr>
<td width=50%>
<input type=submit style='font-weight:bold' title=\"Post the New Article\" value=\" Add News \" accesskey=\"s\">
</td>
<td width=50% align=right>
<input style='width:110px;'type=button onClick=\"ShowOrHide('full-story',''); setTimeout('increaseTextareaBug()',310);\" value=\"Toggle Full-Story\"> <input style='width:90px;' type=button onClick=\"ShowOrHide('options','');\" value=\"Article Options\">
</td>
</tr>
</table>

</tr>

<tr id='options' style='display:none;'>
<td width=\"75\"><br>Options
<td width=\"575\" colspan=\"4\">
<br>

$article_format_options

<label for='active'><input CHECKED id='active' style=\"border:0; background-color:transparent\" type=radio value=\"active\" name=\"postpone_draft\">
<b>Normal</b>, add article as active</label>
<br />

<label for='draft'><input id='draft' style=\"border:0; background-color:transparent\" type=radio value=\"draft\" name=\"postpone_draft\">
<b>Draft</b>, add article as unapproved</label>
<br />

<label for='postpone'><input id='postpone' style=\"border:0; background-color:transparent\" type=radio value=\"postpone\" name=\"postpone_draft\">
<b>Postpone</b>, make article active at</label>


<select name=from_date_day>";


for($i=1;$i<32;$i++){
if(date("j") == $i){ echo"<option selected value=$i>$i</option> \n"; }
else{ echo"<option value=$i>$i</option> \n"; }
}

echo"</select> \n <select name=from_date_month> \n";

for($i=1;$i<13;$i++){
$timestamp = mktime(0,0,0,$i,1,2003);
if(date("n") == $i){ echo"<option selected value=$i>". date("M", $timestamp) ."</option> \n"; }
else{ echo"<option value=$i>". date("M", $timestamp) ."</option> \n"; }
}

echo"</select> \n <select name=from_date_year>";

for($i=2005;$i<2011;$i++){
if(date("Y") == $i){ echo"<option selected value=$i>$i</option> \n"; }
else{ echo"<option value=$i>$i</option> \n"; }
}

$date_hour = date("H");
$date_minutes = date("i");
echo"
</select>

@ <input value='$date_hour' title='24 Hour format [hh]' name=from_date_hour size=2 type=text /> : <input value='$date_minutes' title='Minutes [mm]' name=from_date_minutes size=2 type=text />



</tr>

<input type=hidden name=mod value=addnews>
<input type=hidden name=action value=doaddnews>

</table></form>";

echofooter();
}
// ********************************************************************************
// Do add News to news.txt
// ********************************************************************************

elseif($action == "doaddnews")
{

/////
///Format our categories variable
/////

if( is_array($category) ){ //User has selected multiple categories

$nice_category = '';
$ccount = 0;

foreach($category as $ckey=>$cvalue){
if( !in_array($cvalue,$allowed_cats) ){ die('not allowed category'); }
if($ccount==0){ $nice_category = $cvalue; }//first cat
else{ $nice_category = $nice_category.','.$cvalue; }

$ccount++;
}

}else{ //Single or Not category
//don't format $nice_cats because we have not selected any.
if( $category !="" and isset($category) and !in_array($category,$allowed_cats) ){ die('not allowed category'); }
$nice_category = $category;

}

// die($nice_category);


if($member_db[1] == 3 or $postpone_draft == "draft"){
//if the user is Journalist, add the article as unapproved
$decide_news_file = "./data/unapproved_news.txt";
$added_time = time()+ ($config_date_adjust*60);
$postpone = FALSE;
$unapproved_status_msg = "The article was marked as Unapproved!";
}
elseif($postpone_draft == "postpone"){

if( !ereg("^[[:digit:]]{1,}$", $from_date_hour) or !ereg("^[[:digit:]]{1,}$", $from_date_minutes) ){ msg("error","Error !!!","You want to add a postponed article, but the hour format is invalid.", "javascript:history.go(-1)"); }
$postpone = TRUE;
$added_time = mktime($from_date_hour,$from_date_minutes,0,$from_date_month,$from_date_day,$from_date_year) + ($config_date_adjust*60);
$decide_news_file = "./data/postponed_news.txt";

}
else{
$postpone = FALSE;
$added_time = time()+ ($config_date_adjust*60);
$decide_news_file = "./data/news.txt";
}



if($if_convert_new_lines == "yes"){ $n_to_br = TRUE; }
if($if_use_html == "yes"){ $use_html = TRUE; }

$full_story = replace_news("add", $full_story, $n_to_br, $use_html);
$short_story = replace_news("add", $short_story, $n_to_br, $use_html);
// $title = replace_news("add", $title, TRUE, $use_html);
$title = replace_news("add", $title, TRUE, FALSE); // HTML in title is not allowed

if(trim($title) == "" or !$title){ msg("error","Error !!!","The title can not be blank.", "javascript:history.go(-1)"); }
if(trim($short_story) == "" or !$short_story){ msg("error","Error !!!","The story can not be blank.", "javascript:history.go(-1)"); }


if($member_db[7] == 1){ $added_by_email = $member_db[5]; }
else{ $added_by_email = "none"; }


// Save The News Article In Active_News_File

$all_db = file("$decide_news_file");

foreach($all_db as $news_line){
$news_arr = explode("\|", $news_line);
if($news_arr[0] == $added_time){ $added_time++; }
}

$news_file = fopen("$decide_news_file", "w");
fwrite($news_file, "$added_time\|$member_db[2]\|$title\|$short_story\|$full_story\|$manual_avatar\|$nice_category\|\|\n");
foreach ($all_db as $line){ fwrite($news_file, "$line");}
fclose($news_file);

// Add Blank Comment In The Active_Comments_File
$old_com_db = file("./data/comments.txt");
$new_com_db = fopen("./data/comments.txt", "w");
fwrite($new_com_db, "$added_time\|>\|\n");
foreach ($old_com_db as $line){ fwrite($new_com_db, "$line");}
fclose($new_com_db);

// Incrase By 1 The Number of Written News for Current User
$old_user_db = file("./data/users.db.php");
$new_user_db = fopen("./data/users.db.php", w);
foreach($old_user_db as $old_user_db_line){
$old_user_db_arr = explode("\|", $old_user_db_line);
if($username!=$old_user_db_arr[2]){
fwrite($new_user_db,"$old_user_db_line");
}
else
{
$countplus = $old_user_db_arr[6]+1;
fwrite($new_user_db,"$old_user_db_arr[0]\|$old_user_db_arr[1]\|$old_user_db_arr[2]\|$old_user_db_arr[3]\|$old_user_db_arr[4]\|$old_user_db_arr[5]\|$countplus\|$old_user_db_arr[7]\|$old_user_db_arr[8]\|$old_user_db_arr[9]\|\|\n");
}
}
fclose($new_user_db);

if($member_db[1] == 3){
//user is journalist and the article needs to be approved, Notify !!!

if($config_notify_unapproved == "yes" and $config_notify_status == "active"){
send_mail("$config_notify_email", "CuteNews - Unapproved article was Added", "The user $member_db[2] (journalist) posted article '$title' which needs first to be Approved.");
}
}

if($postpone){
msg("info","News added (Postponed)", "The news item was successfully added to the database as postponed.<br/>It will be activated at ".date("r",$added_time));
}
else{
msg("info","News added", "The news item was successfully added.</br>$unapproved_status_msg");
}


}
?>

file:a/cutenews/inc/categories.mdu (deleted)

<?PHP
$result="";
if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permission to edit categories"); }

// ********************************************************************************
// Add Category
// ********************************************************************************
if($action == "add")
{
$cat_name = htmlspecialchars(stripslashes($cat_name));
if(!$cat_name){ msg("error","Error !!!","Please enter name of the category", "javascript:history.go(-1)"); }
$cat_icon = preg_replace("/ /", "", $cat_icon);
if($cat_icon == "(optional)"){ $cat_icon = ""; }

$big_num = file("./data/cat.num.php");
$big_num = $big_num[0];
if(!$big_num or $big_num == ""){ $big_num = 1; }

$all_cats = file("./data/category.db.php");
foreach($all_cats as $cat_line)
{
$cat_arr = explode("\|", $cat_line);
if($cat_arr[1] == $cat_name){ msg("error", "Error !!!", "Category with this name already exist", "?mod=categories"); }
if($cat_arr[0] == $big_num){ $big_num = 33; }
}
$new_cats = fopen("./data/category.db.php", "a");
$cat_name = stripslashes( preg_replace(array("'\\|'",), array("&#124",), $cat_name) );
$cat_icon = stripslashes( preg_replace(array("'\\|'",), array("&#124",), $cat_icon) );
fwrite($new_cats, "$big_num\|$cat_name\|$cat_icon\|$cat_access\|\|\|\n");
fclose($new_cats);
$big_num ++;

$num_file = fopen("./data/cat.num.php", "w");
fwrite($num_file, $big_num);
fclose($num_file);
}
// ********************************************************************************
// Remove Category
// ********************************************************************************
elseif($action == "remove")
{
if(!$catid){ msg("error","Error !!!","No category ID", "$PHP_SELF?mod=categories"); }

$old_cats = file("./data/category.db.php");
$new_cats = fopen("./data/category.db.php", "w");

foreach($old_cats as $old_cats_line){
$cat_arr = explode("\|", $old_cats_line);
if($cat_arr[0] != $catid){
fwrite($new_cats, $old_cats_line);
}
}
fclose($new_cats);
}
// ********************************************************************************
// Edit Category
// ********************************************************************************
elseif($action == "edit")
{
if(!$catid){ msg("error","Error !!!","No category ID", "$PHP_SELF?mod=categories"); }

$all_cats = file("./data/category.db.php");
foreach($all_cats as $cat_line){
$cat_arr = explode("\|", $cat_line);
if($cat_arr[0] == $catid){

$if_all_access = ($cat_arr[3] == "" \|\| $cat_arr[3] == "0") ? "selected" : "";

$if_1_access = ($cat_arr[3] == "1") ? "selected" : "";
$if_2_access = ($cat_arr[3] == "2") ? "selected" : "";


$msg=<<<HTML
<form action=$PHP_SELF?mod=categories method=post>
<table border="0" >
<tr>
<td width="100" >Name</td>
<td ><input value="$cat_arr[1]" type=text name=cat_name></td>
</tr>
<tr>
<td >Icon</td>
<td ><input value="$cat_arr[2]" type=text name=cat_icon></td>
</tr>


<tr>
<td >
Category Access
<td >

<select name="cat_access">
<option $if_all_access value="0" selected>Everyone Can Write</option>
<option $if_2_access value="2">Only Editors and Admin</option>
<option $if_1_access value="1">Only Admin</option>

</select>

</tr>


<tr>
<td></td>
<td ><br><input type=submit value="Save Changes"</td>
</tr>
</table>
<input type=hidden name=action value=doedit>
<input type=hidden name=catid value=$catid>
</form>
HTML;

msg("options", "Edit Category", $msg);

}
}
}
// ********************************************************************************
// DO Edit Category
// ********************************************************************************
elseif($action == "doedit")
{
$cat_name = htmlspecialchars(stripslashes($cat_name));
if(!$catid){ msg("error","Error !!!","No category ID", "$PHP_SELF?mod=categories"); }
if($cat_name == ""){ msg("error", "Error !!!", "Category name can not be blank", "javascript:history.go(-1)"); }

$old_cats = file("./data/category.db.php");
$new_cats = fopen("./data/category.db.php", "w");
foreach($old_cats as $cat_line){
$cat_arr = explode("\|", $cat_line);
if($cat_arr[0] == $catid){
fwrite($new_cats, "$catid\|$cat_name\|$cat_icon\|$cat_access\|\|\|\n");
}else{
fwrite($new_cats, "$cat_line");
}
}
fclose($new_cats);
}
// ********************************************************************************
// List all Categories
// ********************************************************************************
echoheader("options", "Categories");
echo<<<HTML

<table border=0 cellpading=0 cellspacing=0 width="645" >
<form method=post action="$PHP_SELF">
<td width=321 height="33">
<b>Add Category</b>
<table border=0 cellpading=0 cellspacing=0 width=300 class="panel" >
<tr>
<td width=130 height="25">
Name
<td height="25">
<input type=text name=cat_name>
</tr>
<tr>
<td height="22">
Icon URL
<td height="22">
<input onFocus="this.select()" value="(optional)" type=text name=cat_icon>
</tr>


<tr>
<td height="22">
Category Access
<td height="22">

<select name="cat_access">
<option value="0" selected>Everyone Can Write</option>
<option value="2">Only Editors and Admin</option>
<option value="1">Only Admin</option>

</select>

</tr>


<tr>
<td width=98 height="32">

<td width=206 height="32">
<input type=submit value=" Add Category ">
<input type=hidden name=mod value=categories>
<input type=hidden name=action value=add>
</tr>
</form>
</table>


<td width=320 height="33" align="center">
<!-- HELP -->
<table height="25" cellspacing="0" cellpadding="0">
<tr>
<td width="25" align=middle><img border="0" src="skins/images/help_small.gif"></td>
<td > <a onClick="javascript:Help('categories')" href="#">What are categories and<br>
How to use them</a></td>
</tr>
</table><br>
<!-- END HELP -->

<tr>
<td width=654 colspan="2" height="11">
<img height=20 border=0 src="skins/images/blank.gif" width=1>
</tr>
HTML;


$all_cats = file("./data/category.db.php");
$count_categories = 0;
foreach($all_cats as $cat_line)
{
if($i%2 != 0){ $bg = "bgcolor=#F7F6F4"; }else{ $bg = ""; }
$i++;
$cat_arr = explode("\|", $cat_line);
$cat_arr[1] = stripslashes( preg_replace(array("'\"'", "'\''"), array(""", "'"), $cat_arr[1]) );
$cat_help_names[] = $cat_arr[1];
$cat_help_ids[] = $cat_arr[0];
$result .= "

<tr>
<td $bg > <b>$cat_arr[0]</b></td>
<td $bg >$cat_arr[1]</td>
<td $bg >";
if($cat_arr[2] != ""){ $result .= "<img border=0 src=\"$cat_arr[2]\" high=40 width=40 alt=\"$cat_arr[2]\">"; }
else{ $result .= "---"; }
$result .= "</td><td $bg >";

$result .= ($cat_arr[3] == "" \|\| $cat_arr[3] == "0") ? "<span title='Everyone can Write'>---</span>" : "";
$result .= ($cat_arr[3] == "1") ? "Only Admin" : "";
$result .= ($cat_arr[3] == "2") ? "Only Editors & Admin" : "";


$result .= "</td>
<td $bg ><a href=\"$PHP_SELF?mod=categories&action=edit&catid=$cat_arr[0]\">[edit]</a> <a href=\"$PHP_SELF?mod=categories&action=remove&catid=$cat_arr[0]\">[delete]</a></td>
</tr>";
$count_categories ++;
}

if($count_categories == 0){
echo"<tr>
<td width=654 colspan=2 height=14>
<p align=center><br><b>You havn't defined any categories yet</b><br>
categories are optional and you can write your news without having categories<br>
</tr>
<tr>";
}else{
echo"<tr>
<td width=654 colspan=2 height=14>
<b>Categories</b>
</tr>
<tr>
<td width=654 colspan=2 height=1>
<table width=100% height=100% cellspacing=0 cellpadding=0>
<tr>
<td width=6% bgcolor=#F7F6F4> <u>ID</u></td>
<td width=30% bgcolor=#F7F6F4><u>name</u></td>
<td width=14% bgcolor=#F7F6F4><u>icon</u></td>
<td width=20% bgcolor=#F7F6F4><u>restriction</u></td>
<td width=20% bgcolor=#F7F6F4><u>action</u></td>
</tr>";

echo $result;

echo"</table>";
}

echo"
</table>";
echofooter();
?>

file:a/cutenews/inc/debug.mdu (deleted)

<?PHP

echo"<center><b>CuteNews Debug Information:</b><hr><br />";
echo"Script Version/ID:&nbsp $config_version_name / $config_version_id<br />";
echo"\$config_http_script_dir:  $config_http_script_dir<br /><BR>";
echo"<hr>";
phpinfo();
echo"<hr><textarea cols=85 rows=24>";
print_r(ini_get_all());
echo"</textarea>";


exit();


?>

file:a/cutenews/inc/editcomments.mdu (deleted)

<?PHP

if($member_db[1] > 2){ msg("error", "Access Denied", "You don't have permission to edit comments"); }
// ********************************************************************************
// Edit Comment
// ********************************************************************************
if($action == "editcomment")
{
if($source == ""){ $all_comments = file("./data/comments.txt"); }
else{ $all_comments = file("./data/archives/${source}.comments.arch"); }

foreach($all_comments as $comment_line)
{
$comment_line_arr = explode("\|>\|", $comment_line);
if($comment_line_arr[0] == $newsid)
{
$comment_arr = explode("\|\|", $comment_line_arr[1]);
foreach($comment_arr as $single_comment)
{
$single_arr = explode("\|", $single_comment);
if($comid == $single_arr[0])
{
break;
}
}
}
}

$single_arr[4] = str_replace("<br />","\n",$single_arr[4]);
$comdate = date("D, d F Y h:i:s", $single_arr[0]);

echo"<html>
<head>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">
<title>Edit user</title>
<style type=\"text/css\">
<!--
SELECT, option, textarea, input {
BORDER-RIGHT: #808080 1px dotted;
BORDER-TOP: #808080 1px dotted;
BORDER-BOTTOM: #808080 1px dotted;
BORDER-LEFT: #808080 1px dotted;
COLOR: #000000;
FONT-SIZE: 11px;
FONT-FAMILY: Verdana; BACKGROUND-COLOR: #ffffff }
TD {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
BODY {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 3pt;}
.header { font-size : 16px; font-weight: bold; color: #808080; font-family: verdana; text-decoration: none; }
-->
</style>
</head>
<body bgcolor=\"#FFFFFF\">
<form method=post action=\"$PHP_SELF\">
<table width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">
<td width=\"1108\" height=\"8%\" colspan=\"2\">
<div class=header>Edit Comment</div>
<tr>
<td height=20 valign=middle width=\"102\" bgcolor=\"#F9F8F7\">
Poster
<td height=20 valign=middle width=\"1002\" bgcolor=\"#F9F8F7\">
<input type=text name=poster value=\"$single_arr[1]\">
</tr>

<tr>
<td height=20 valign=middle valign=\"top\" width=\"102\">
Email
<td height=20 valign=middle width=\"1002\">
<input type=text name=mail value=\"$single_arr[2]\">
</tr>

<tr>
<td height=20 valign=middle valign=\"top\" width=\"102\" bgcolor=\"#F9F8F7\">
IP
<td height=20 valign=middle width=\"1002\" bgcolor=\"#F9F8F7\">
<a href=\"http://www.ripe.net/perl/whois?searchtext=$single_arr[3]\" target=_blank title=\"Get more information about this ip\">$single_arr[3]</a>
<a href=\"$PHP_SELF?mod=ipban&action=quickadd&add_ip=$single_arr[3]\">[ban this ip]</a>
</tr>

<tr>
<td height=20 valign=middle valign=\"top\" width=\"102\">
Date
<td height=20 valign=middle width=\"1002\">
$comdate
</tr>
<tr>
<td height=20 valign=middle width=\"102\" bgcolor=\"#F9F8F7\">
Comments
<td height=20 valign=middle width=\"1002\" bgcolor=\"#F9F8F7\">
<textarea rows=\"8\" name=\"comment\" cols=\"45\">$single_arr[4]</textarea>
</tr>
<tr>
<td valign=\"top\" width=\"1104\" colspan=\"2\">
<p align=\"left\"><br />
<input type=submit value=\"Save Changes\" accesskey=\"s\">  <input type=button value=Cencel onClick=\"window.close();\" accesskey=\"c\">
<input type=hidden name=mod value=editcomments>
<input type=hidden name=newsid value=$newsid>
<input type=hidden name=comid value=$comid>
<input type=hidden name=source value=$source>
<input type=hidden name=action value=doeditcomment>
</tr>
</table>
</form>
</body>
</html>";
}
// ********************************************************************************
// Do Save Comment
// ********************************************************************************
elseif($action == "doeditcomment")
{
if(!$poster and !$deletecomment){ echo"<br /><br><br />The poster can not be blank !!!"; exit(); }
if($mail == "" and !$deletecomment){ $mail = "none"; }
if($poster == "" and !$deletecomment){ $poster = "Anonymous"; }
if($comment == "" and !$deletecomment){ die("comment can not be blank"); }

$comment = str_replace("\r\n","<br />",$comment);
$comment = str_replace("\|","I",$comment);

if($source == ""){ $news_file = "./data/news.txt"; $com_file = "./data/comments.txt"; }
else{ $news_file = "./data/archives/$source.news.arch"; $com_file = "./data/archives/$source.comments.arch";}

$old_com = file("$com_file");
$new_com = fopen("$com_file","w");

foreach($old_com as $line)
{
$line_arr = explode("\|>\|",$line);
if($line_arr[0] == $newsid)
{
fwrite($new_com,"$line_arr[0]\|>\|");


$comments = explode("\|\|", $line_arr[1]);
foreach($comments as $single_comment)
{
$single_comment = trim($single_comment);
$comment_arr = explode("\|", $single_comment);
if($comment_arr[0] == $comid and $comment_arr[0] != "" and $delcomid != "all")
{
fwrite($new_com,"$comment_arr[0]\|$poster\|$mail\|$comment_arr[3]\|$comment\|\|");
}
elseif($delcomid[$comment_arr[0]] != 1 and $comment_arr[0] != "" and $delcomid[all] != 1){
fwrite($new_com,"$single_comment\|\|");
}
}
fwrite($new_com,"\n");


}
else{ fwrite($new_com, "$line"); }
}

if(isset($deletecomment) and $delcomid[all] == 1){ msg("info", "Comments Deleted", "All comments were deleted.", "$PHP_SELF?mod=editnews&action=editnews&id=$newsid&source=$source"); }
elseif(isset($deletecomment) and isset($delcomid)){ msg("info", "Comment Deleted", "The selected comment(s) has been deleted.", "$PHP_SELF?mod=editnews&action=editnews&id=$newsid&source=$source"); }
else{ echo"<br /><br /><br /><br /><center><b>Comment is saved."; }
}

?>

file:a/cutenews/inc/editnews.mdu (deleted)

<?PHP

if($member_db[1] > 3){ msg("error", "Access Denied", "You don't have permission to edit news"); }




$orig_cat_lines = file("./data/category.db.php");
//only show allowed categories
$allowed_cats = array();
$cat_lines = array();
foreach($orig_cat_lines as $single_line){
$ocat_arr = explode("\|", $single_line);
$cat[$ocat_arr[0]] = $ocat_arr[1];
if($member_db[1] <= $ocat_arr[3] or ($ocat_arr[3] == '0' \|\| $ocat_arr[3] == '')){
$cat_lines[] = $single_line;
$allowed_cats[] = $ocat_arr[0];
}

}




// ********************************************************************************
// List all news available for editing
// ********************************************************************************
if($action == "list")
{
echoheader("editnews","Edit News");







// How Many News to show on one page
if($news_per_page == ""){ $news_per_page = 21; }

$all_db = array();
if($source == ""){ $all_db = file("./data/news.txt"); }
elseif($source == "postponed"){ $all_db = file("./data/postponed_news.txt"); ResynchronizePostponed(); }
elseif($source == "unapproved"){ $all_db = file("./data/unapproved_news.txt");}
else{ $all_db = file("./data/archives/${source}.news.arch"); }



// choose only needed news items
if ($category != '' or $author != "" or $member_db[1] == 3){
foreach($all_db as $raw_line){
$raw_arr = explode("\|", $raw_line);

;

if (
($category == '' or in_array($category, explode(',',$raw_arr[6])))
and ($author == "" or $raw_arr[1] == $author)
and ($member_db[1] != 3 or $raw_arr[1] == $member_db[2] )

){
$all_db_tmp[] = $raw_line;
}
}
$all_db = $all_db_tmp;
}


// Prelist Entries
$flag = 1;
if($start_from == "0"){ $start_from = ""; }
$i = $start_from;
$entries_showed = 0;

if(!empty($all_db)){

foreach ($all_db as $line){
if($j < $start_from){ $j++; continue; }
$i++;

$item_db = explode("\|",$line);
$itemdate = date("d/m/y",$item_db[0]);

if($flag == 1){ $bg="#F7F6F4"; $flag = 0; }
else {$bg = "#FFFFFF"; $flag = 1;}

if(strlen($item_db[2]) > 74){ $title = substr($item_db[2],0,70)." ..."; }
$title = stripslashes( preg_replace(array("'\\|'", "'\"'", "'\''"), array("I", """, "'"), $item_db[2]) );
$title = ereg_replace("<[^>]*>","",$title);
$entries .= "<tr>

<td height=18 bgcolor=$bg>
<!-- ID: $item_db[0]--><a title='EDIT: $item_db[2]' href=\"$PHP_SELF?mod=editnews&action=editnews&id=$item_db[0]&source=$source\">$title</a>
<td height=18 bgcolor=$bg align=right>";
$count_comments = countComments($item_db[0], $source);
if($count_comments == 0){$entries .= "<font color=gray>$count_comments</font>";}
else{$entries .= "$count_comments";}

$entries .= "    <td height=18 bgcolor=$bg nowrap>   ";


if($item_db[6] == ""){ $my_cat = "<font color=gray>---</font>"; }

// elseif($cat[$item_db[6]] == ""){ $my_cat = "<font color=red title='The news article is posted in category which does not exist anymore'>(ID: <b>$item_db[6]</b>)</font>"; }

elseif(strstr($item_db[6],',')){
$all_this_cats_arr = explode(',',$item_db[6]);
$my_multy_cat_labels = '';
foreach($all_this_cats_arr as $this_single_cat){
$my_multy_cat_labels .= "$cat[$this_single_cat], ";
}
$my_cat = "<span onmouseover=\" window.status='categories: $my_multy_cat_labels'; return true\" onmouseout=\"window.status=''; return true\"><font color=#7979FF title='$my_multy_cat_labels'>(multiple)</font></span>";
}

else{ $my_cat = $cat[$item_db[6]]; }

$entries .= "$my_cat <td height=18 bgcolor=$bg>
$itemdate
<td height=18 bgcolor=$bg>
$item_db[1]

<td align=center bgcolor=$bg><input name=\"selected_news[]\" value=\"{$item_db[0]}\" style=\"border:0; background-color:$bg\" type='checkbox'>

</tr>
";
$entries_showed ++;

if($i >= $news_per_page + $start_from){ break; }
}//foreach news line
}
// End prelisting



$all_count_news = count($all_db);
if($category != ""){ $cat_msg = "Category: <b>$cat[$category]</b>;"; }

if($source == "postponed"){ $source_msg = "<span style='background-color:yellow;'>Postponed News, <a title='Refresh the postponed news file' href=\"$PHP_SELF?mod=editnews&action=list&source=postponed\">[Resynchronize]</a></span>"; $postponed_selected = " selected ";}
elseif($source == "unapproved"){ $source_msg = "<span style='background-color:yellow;'>Unapproved News</span>"; $unapproved_selected = " selected ";}
elseif($source != "" ){

$news_lines = file("./data/archives/$source.news.arch");
$count = count($news_lines);
$last = $count-1;
$first_news_arr = explode("\|", $news_lines[$last]);
$last_news_arr = explode("\|", $news_lines[0]);
$first_timestamp = $first_news_arr[0];
$last_timestamp = $last_news_arr[0];
$source_msg = "Archive: <b>". date("d M Y",$first_timestamp) ." - ". date("d M Y",$last_timestamp) ."</b>;";
}



///////////////////////////////////////////
// Options Bar
echo"
<table class=panel border=0 cellpading=0 cellspacing=0 width=99% >
<tr>
<td title='Show More Options' style=\"cursor:pointer;\" onClick=\"getElementById('options').style.display='';\">
Showing <b>$entries_showed</b> articles from total <b>$all_count_news</b>; $cat_msg $source_msg
</td>

<td >
<p align=\"right\"><a href=\"javascript:ShowOrHide('options','')\">show options </a>
</td>
</tr>
<tr>
<td colspan=\"2\" >


<div id='options' style='display:none;z-index:1;' >
<form action=\"$PHP_SELF?mod=editnews&action=list\" method=POST name=options_bar>
<table width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">
<tr>
<td height=\"1\" style=\"border-top: 1px dashed silver\" width=\"100%\" align=\"right\" colspan=\"3\">
<p align=\"center\">
</td>
</tr>
<tr >
<td height=\"1\" width=\"286\" align=\"right\">
Source
</td>
<td height=\"1\" width=\"180\">
<select name=\"source\" size=\"1\"><option value=\"\">- Active News -</option> \n <option $postponed_selected value=\"postponed\">- Postponed News -</option> \n <option $unapproved_selected value=\"unapproved\">- Unapproved News -</option>";

if(!$handle = opendir("./data/archives")){ die("<center>Can not open directory ./data/archives "); }
while (false !== ($file = readdir($handle)))
{
if($file != "." and $file != ".." and !is_dir("./data/archives/$file") and eregi("news.arch", $file))
{
$file_arr = explode(".", $file);
$id = $file_arr[0];

$news_lines = file("./data/archives/$file");
$count = count($news_lines);
$last = $count-1;
$first_news_arr = explode("\|", $news_lines[$last]);
$last_news_arr = explode("\|", $news_lines[0]);

$first_timestamp = $first_news_arr[0];
$last_timestamp = $last_news_arr[0];

$arch_date = date("d M Y",$first_timestamp) ." - ". date("d M Y",$last_timestamp);
$ifselected = "";
if($source == $file_arr[0]){ $ifselected = "selected"; }
echo "<option $ifselected value=\"$file_arr[0]\">Archive: $arch_date ($count)</option>";
}
}
closedir($handle);

echo"</select>

</td>
<td height=\"1\" width=\"182\">
</td>
</tr>
<tr>
<td height=\"1\" width=\"284\" align=\"right\" >
Category
</td>
<td height=\"1\" width=\"178\" >
<select name=\"category\" ><option selected value=\"\">- All -</option>";

//$cat_lines = file("./data/category.db.php"); commented-out because can lines are already opened before, and filtered with propper restrictions for user

foreach($cat_lines as $single_line){
$cat_arr = explode("\|", $single_line);
$ifselected = "";
if($category == $cat_arr[0]){ $ifselected = "selected"; }
echo"<option $ifselected value=\"$cat_arr[0]\">$cat_arr[1]</option>\n";
}

echo"</select>

</td>
<td height=\"1\" width=\"180\" >
</td>
</tr>
";

if($member_db[1] != 3){
echo"
<tr>
<td height=\"1\" width=\"284\" align=\"right\" >
Author
</td>
<td height=\"1\" width=\"178\" >
<select name=author size=\"1\"><option value=\"\">- Any -</option>";
$user_lines = file("./data/users.db.php");
foreach($user_lines as $single_line){
if(!eregi("<\?", $single_line)){
$user_arr = explode("\|", $single_line);
$ifselected = "";
if($user_arr[1] != 4){
if($author == $user_arr[2]){ $ifselected = "selected"; }
echo"<option $ifselected value=\"$user_arr[2]\">$user_arr[2]</option>\n";
}
}
}
echo"</select>
</td>
<td height=\"1\" width=\"180\" >
</td>
</tr>
";
}

echo"
<tr>
<td height=\"1\" width=\"284\" align=\"right\" >
News per page
</td>
<td height=\"1\" width=\"178\" >
<input style=\"text-align: Center\" name=\"news_per_page\" value=\"$news_per_page\" type=text size=3>
</td>
<td height=\"1\" width=\"180\" >
</td>
</tr>


<tr>
<td height=\"1\" width=\"284\" align=\"right\" >
</td>
<td height=\"1\" width=\"178\" >
<br><input type=submit value=\"Show\">
</td>
<td height=\"1\" width=\"180\" >
</td>
</tr>
</table>
</form>
</div>
</td>
</tr>
</table> ";

// End Options Bar
//////////////////////////////////////////////////////////////////////////////// Showing List of News
if($entries_showed == 0){
echo"<table border=0 cellpading=0 cellspacing=0 width=100% >
<form method=post name=editnews>
<td colspan=6 ><p style=\"border: solid black 1px; margin: 22px 22px 22px 22px; padding: 4px 4px 4px 4px;\" align=center>- No news were found matching your criteria -<br><a href=\"#\" onClick=\"getElementById('options').style.display='';\">[options]</a></p>";
}
else{
echo<<<JSCRIPT
<script language='JavaScript' type="text/javascript">
<!--
function ckeck_uncheck_all() {
var frm = document.editnews;
for (var i=0;i<frm.elements.length;i++) {
var elmnt = frm.elements[i];
if (elmnt.type=='checkbox') {
if(frm.master_box.checked == true){ elmnt.checked=false; }
else{ elmnt.checked=true; }
}
}
if(frm.master_box.checked == true){ frm.master_box.checked = false; }
else{ frm.master_box.checked = true; }
}

-->
</script>
JSCRIPT;

echo"<table border=0 cellpading=0 cellspacing=0 width=99% >
<form method=post name=editnews>
<td width=347>
Title
<td width=65>
Comments

<td width=65>
Category

<td width=58>
Date

<td width=78>
Author

<td width=21 align=center> <input style=\"border: 0px; background:transparent;\" type=checkbox name=master_box title=\"Check All\" onclick=\"javascript:ckeck_uncheck_all()\"> </a> ";
}
#####################################################################################################################
echo $entries;
#####################################################################################################################

if($start_from > 0)
{

$previous = $start_from - $news_per_page;
$npp_nav .= "<a href=\"$PHP_SELF?mod=editnews&action=list&start_from=$previous&category=$category&author=$author&source=$source&news_per_page=$news_per_page\"><< Previous</a>";
$tmp = 1;
}

if(count($all_db) > $i)
{
if($tmp){ $npp_nav .= "  \|\|  ";}
$how_next = count($all_db) - $i;
if($how_next > $news_per_page){ $how_next = $news_per_page; }
$npp_nav .= "<a href=\"$PHP_SELF?mod=editnews&action=list&start_from=$i&category=$category&author=$author&source=$source&news_per_page=$news_per_page\">Next $how_next >></a>";
}

if($entries_showed != 0){
echo<<<HTML
<tr>
<td colspan=7 align=right>
</tr>

<tr>
<td>
$npp_nav
<td colspan=7 align=right>

With selected:
<select name=action>
<option value="">-- Choose Action --</option>
<option title="delete all selected news" value="mass_delete">Delete</option>
HTML;

if($member_db[1] == 1){ echo"<option title=\"make new archive with all selected news\" value=\"mass_archive\">Send to Archive</option>"; }


if( $source == "unapproved" ){ $if_mass_appr = "SELECTED"; } else {$if_mass_appr = ''; }
if( $source == "unapproved" and ($member_db[1] == 1 or $member_db[1] == 2)){ echo"<option $if_mass_appr title=\"approve selected news\" value=\"mass_approve\">Approve News</option>"; }

if($member_db[1] == 1){ echo"<option title=\"move all selected news to one category\" value=\"mass_move_to_cat\">Change Category</option>"; }
echo<<<HTML

</select>
<input type=hidden name=source value="$source">
<input type=hidden name=mod value="massactions">
<input type=submit value=Go>
</tr>
HTML;
}


echo<<<HTML
</tr>
<tr>
<td colspan=1>
</tr>
<tr>
<td colspan=6>
</tr>
</form></table>
HTML;

echofooter();
}
// ********************************************************************************
// Edit News Article
// ********************************************************************************
elseif($action == "editnews")
{
// Show The Article for Editing


if($source == ""){ $all_db = file("./data/news.txt"); }
elseif($source == "postponed"){ $all_db = file("./data/postponed_news.txt"); }
elseif($source == "unapproved"){ $all_db = file("./data/unapproved_news.txt"); }
else{ $all_db = file("./data/archives/$source.news.arch"); }
$found = FALSE;
foreach ($all_db as $line)
{
$item_db=explode("\|",$line);
if ($id == $item_db[0]){ $found = TRUE; break;}
}//foreach news line

$have_perm = 0;
if(($member_db[1] == 1) or ($member_db[1] == 2)){$have_perm = 1;}
elseif($member_db[1] == 3 and $item_db[1] == $member_db[2]) {$have_perm = 1;}
if(!$have_perm){ msg("error", "NO Access", "You dont have access for this action", "$PHP_SELF?mod=editnews&action=list"); }







if(strstr($item_db[6], ',')){
$all_these_cats = explode(',',$item_db[6]);
foreach($all_these_cats as $all_this_cat){
if($member_db[1] != 1 and !in_array($all_this_cat,$allowed_cats) ){ msg("error", "Access Denied", "This article is posted under category which you are not allowed to access."); }
}

}
else{
if($member_db[1] != 1 and !in_array($item_db[6],$allowed_cats) ){ msg("error", "Access Denied", "This article is posted under category which you are not allowed to access."); }
}






if (!$found){ msg("error","Error !!!","The selected news item can <b>not</b> be found."); }
$newstime = date("D, d F Y h:i:s", $item_db[0]);
$item_db[2] = stripslashes( preg_replace(array("'\\|'", "'\"'", "'\''"), array("I", """, "'"), $item_db[2]) );




$short_story_id = 'short_story';
$full_story_id = 'full_story';

//
// Are we using the WYSIWYG ?
//
if($config_use_wysiwyg == "yes"){
$use_wysiwyg = true;
$article_format_options = "
<label for='convert'>
<input id='convert' style=\"border:0; background-color:transparent\" type=checkbox value=\"yes\" name=\"if_convert_new_lines\" disabled > Convert new lines to <br /></label>
<br/>
<label for='html'>
<input id='html' style=\"border:0; background-color:transparent\" type=checkbox value=\"yes\" name=\"dummi\" checked disabled> Use HTML in this article</label>
<input type=hidden name=\"if_use_html\" value=\"yes\">
<br/>";
}else{
$use_wysiwyg = false;
$article_format_options = "
<label for='convert'>
<input id='convert' style=\"border:0; background-color:transparent\" type=checkbox value=\"yes\" name=\"if_convert_new_lines\" checked > Convert new lines to <br /></label>
<br/>
<label for='html'>
<input id='html' style=\"border:0; background-color:transparent\" type=checkbox value=\"yes\" name=\"if_use_html\" checked> Use HTML in this article</label>
<br/>";
}



$item_db[3] = replace_news("admin", $item_db[3], $use_wysiwyg);
$item_db[4] = replace_news("admin", $item_db[4], $use_wysiwyg);


echoheader("editnews","Edit News");

echo"
<SCRIPT LANGUAGE=\"JavaScript\">
function preview(){
dd=window.open('','prv','height=400,width=750,resizable=1,scrollbars=1')
document.addnews.mod.value='preview';document.addnews.target='prv'
document.addnews.submit();dd.focus()
setTimeout(\"document.addnews.mod.value='editnews';document.addnews.target='_self'\",500)
}
function confirmDelete(url){
var agree=confirm(\"Do you really want to permanently delete this article ?\");
if (agree)
document.location=url;
}

function increaseTextarea(area){
if (document.getElementById(area).style.height == '') {
document.getElementById(area).style.height = '300px';
}
else{
var pattern = new RegExp(\"\\\\d+\",'ig');
var currHeight = document.getElementById(area).style.height.match(pattern);
var newHeight = +currHeight + 100;
document.getElementById(area).style.height = newHeight + 'px';
}


}

function submitForm() {
//make sure hidden and iframe values are in sync before submitting form
//to sync only 1 rte, use updateRTE(rte)
//to sync all rtes, use updateRTEs
updateRTE('short_story');
updateRTE('full_story');
//updateRTEs();

//change the following line to true to submit form
return true;
}

</SCRIPT>

<form onSubmit = \"return submitForm();\" method=POST name=addnews action=\"$PHP_SELF\">
<table border=0 cellpading=0 cellspacing=0 width=\"654\" height=\"100%\" >
<td valign=middle width=\"75\">
Info.
<td width=\"571\" colspan=\"6\">
Posted on $newstime by $item_db[1]

<tr>
<td valign=middle width=\"75\" valign=\"top\">
Title
<td width=\"464\" colspan=\"3\">
<input type=text name=title value=\"$item_db[2]\" size=55 tabindex=1>
<td width=\"103\" valign=\"top\">
</tr>";

if($config_use_avatar == "yes"){
echo"
<tr>
<td valign=middle width=\"75\" valign=\"top\">
Avatar URL
<td width=\"464\" colspan=\"3\">
<input type=text name=editavatar value=\"$item_db[5]\" size=42 tabindex=2>   <font style=\"font-size:7pt\">(optional)</font>
<td width=\"103\" valign=\"top\">
</tr>";
}



/* Old Single Category Code

echo"<tr>
<td valign=middle width=\"75\" valign=\"top\">
Category
<td width=\"464\" colspan=\"3\">
<select name=\"category\" >";

$cat_lines = file("./data/category.db.php");
foreach($cat_lines as $single_line){
$cat_arr = explode("\|", $single_line);
if($item_db[6] == $cat_arr[0]){
echo"<option selected=\"selected\" value=\"$cat_arr[0]\">$cat_arr[1]</option>\n";
$selected = TRUE;
}else{ echo"<option value=\"$cat_arr[0]\">$cat_arr[1]</option>\n"; }
}
if(!$selected){ echo"<option selected value=\"\">     </option>"; }
else{ echo"<option value=\"\">     </option>"; }

echo"</select>
<td width=\"105\" valign=\"top\">

</tr>";
*/



echo"<tr>
<td valign=middle width=\"75\" valign=\"top\">
Category
<td width=\"464\" colspan=\"3\">";
echo'<table width="100%" border="0" cellspacing="0" cellpadding="0" class="panel">';


// $cat_lines = file("./data/category.db.php"); commented-out because can lines are already opened before, and filtered with propper restrictions for user
foreach($cat_lines as $single_line){
$cat_arr = explode("\|", $single_line);

echo"
<td style='font-size:10px;' valign=top>
<label for='cat{$cat_arr[0]}'>";

if( in_array($cat_arr[0], explode(',',$item_db[6])) ){
echo"<input checked style='background-color:transparent;border:0px;' type=checkbox name='category[]' id='cat{$cat_arr[0]}' value='{$cat_arr[0]}'>$cat_arr[1]</label>";
}else{

echo"<input style='background-color:transparent;border:0px;' type=checkbox name='category[]' id='cat{$cat_arr[0]}' value='{$cat_arr[0]}'>$cat_arr[1]</label>";
}

$i++;
if ($i%4 == 0){ echo'<tr>'; }


}
echo"</tr>";

echo" </table> <td> </td> </tr>";








echo" <tr>
<td valign=\"top\">
<br />Short Story
<td width=\"464\" colspan=\"3\">
";

if ($use_wysiwyg) {
echo"
<script language=\"JavaScript\" type=\"text/javascript\" src=\"rte/richtext.js\"></script>
<script language=\"JavaScript\" type=\"text/javascript\">
initRTE(\"rte/images/\", \"rte/\", \"rte/\", false); </script>

<script language=\"JavaScript\" type=\"text/javascript\">
writeRichText('short_story', '".rteSafe($item_db[3])."', 460, 250, true, false);
</script>
";
}else{
echo"
<textarea rows=\"12\" cols=\"74\" id=\"short_story\" name=\"short_story\" tabindex=3>$item_db[3]</textarea>
";
}

echo"

<td width=\"165\" valign=\"top\" align=center style='background: url(skins/images/baloon.gif) no-repeat top left'>
<p align=\"center\"><a href=# onclick=\"window.open('$PHP_SELF?&mod=images&action=quick&area=$short_story_id&wysiwyg=$use_wysiwyg', '_Addimage', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=360');return false;\" target=\"_Addimage\"><br />
[insert image]</a><br />
<!-- <a href=# onclick=\"window.open('$PHP_SELF?&mod=about&action=cutecode&target=short_story', '_CuteCode', 'HEIGHT=280,resizable=yes,scrollbars=yes,WIDTH=360');return false;\" target=\"_Addimage\">[quick tags]</a><br /> -->
<a href=# onclick=\"increaseTextarea('$short_story_id'); return false;\">[expand]</a>
<br /><br />

";

echo insertSmilies("$short_story_id", 4, true, "$use_wysiwyg");

echo"</tr>

<tr>
<td width=\"75\" valign=\"top\">
<br />Full Story<br /><font style=\"font-size:7pt\">(optional)</font>
<td width=\"464\" colspan=\"3\">
";

if ($use_wysiwyg) {
echo"
<script language=\"JavaScript\" type=\"text/javascript\">
writeRichText('full_story', '".rteSafe($item_db[4])."', 460, 250, true, false);
</script>
";
}else{
echo"
<textarea rows=\"12\" cols=\"74\" id=\"full_story\" name=\"full_story\" tabindex=4>$item_db[4]</textarea>
";
}

echo"

<td width=\"108\" valign=\"top\" style='background: url(skins/images/baloon.gif) no-repeat top left'>
<p align=\"center\"><br />
<a href=# onclick=\"window.open('$PHP_SELF?mod=images&action=quick&area=$full_story_id&wysiwyg=$use_wysiwyg', '_Addimage', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=360');return false;\" target=\"_Addimage\">[insert image]</a><br />
<!-- <a href=# onclick=\"window.open('$PHP_SELF?&mod=about&action=cutecode&target=full_story', '_Addimage', 'HEIGHT=280,resizable=yes,scrollbars=yes,WIDTH=360');return false;\" target=\"_CuteCode\">[quick tags]</a><br />-->

<a href=# onclick=\"increaseTextarea('$full_story_id'); return false;\">[expand]</a>
<br /><br />";

echo insertSmilies("$full_story_id", 4, true, "$use_wysiwyg");

echo"</tr>
<tr>
<td>
<td colspan=\"3\">
<input type=hidden name=id value=$id>
<input type=hidden name=action value=doeditnews>
<input type=hidden name=mod value=editnews>
<input type=hidden name=source value=$source>






<table border=0 cellspacing=0 cellpadding=0 width=100%>
<tr>
<td width=50%>
<input type=submit style='font-weight:bold' value=\"Save Changes\" accesskey=\"s\">
<!--<input type=button value=\"Preview\" onClick=\"preview()\" accesskey=\"p\">-->
</td>
<td width=50% align=right>
";

if($source == 'unapproved'){
echo"<input type=button value=\"Approve\" onClick=\"javascript:document.location=('$PHP_SELF?mod=massactions&selected_news[]=$id&action=mass_approve&source=unapproved');\">  ";
}

echo"<input type=button value=\"Delete\" onClick=\"confirmDelete('$PHP_SELF?mod=editnews&action=doeditnews&source=$source&ifdelete=yes&id=$id')\">
<input style='width:90px;' type=button onClick=\"ShowOrHide('options','')\" value=\"Article Options\">
</td>
</tr>
</table>


</tr>

<tr id='options' style='display:none;'>
<td width=\"75\">
<br>Options
<td width=\"565\" colspan=\"4\">
<br>
$article_format_options
</tr>

</form>



<tr>
<td width=\"75\"><br>
<td width=\"561\" colspan=\"4\"><br>
</tr>



<tr>
<td width=\"75\">
Comments";

// Show the Comments for Editing

if($source == "" or $source == "postponed" or $source == "unapproved"){ $all_comments_db = file("./data/comments.txt"); }
else{ $all_comments_db = file("./data/archives/${source}.comments.arch"); }

$found_newsid = FALSE;
foreach($all_comments_db as $comment_line)
{
$comment_line = trim($comment_line);
$comments_arr = explode("\|>\|",$comment_line);
if($comments_arr[0] == $id)
{//if these are comments for our story
$found_newsid = TRUE;
if ($comments_arr[1] != "")
{
echo" <td width=290>
<b>  Poster</b>, Comment preview

<td width=120>
<b>Date</b>

<td width=1>
<td width=100>
</tr>
<form method=post name=comments action=\"$PHP_SELF\">";

$flag = 1;
$different_posters = explode("\|\|",$comments_arr[1]);
foreach($different_posters as $individual_comment)
{
if($flag == 1){ $bg = "bgcolor=#F7F6F4"; $flag = 0;}
else{$bg = ""; $flag = 1;}

$comment_arr = explode("\|",$individual_comment);
$comtime = date("d/m/y h:i:s",$comment_arr[0]);
$comm_value = stripslashes(strip_tags($comment_arr[4]));
$comm_excerpt_lenght = 43 - strlen($comment_arr[1]);

if($comm_excerpt_lenght < strlen($comm_value)){
$comm_excerpt = substr($comm_value,0, $comm_excerpt_lenght).'...';
}else{
$comm_excerpt = $comm_value;
}

if($comment_arr[1])
{
if(strlen($comment_arr[1]) > 25){ $comment_arr[1] = substr($comment_arr[1],0,22)."..."; }
echo"<tr>
<td >
<td $bg>
<a title=\"edit this comment\nip:$comment_arr[3]\" href=\"$PHP_SELF?mod=editcomments&action=editcomment&newsid=$id&comid=$comment_arr[0]&source=$source\" onclick=\"window.open('$PHP_SELF?mod=editcomments&action=editcomment&newsid=$id&comid=$comment_arr[0]&source=$source', 'Comments', 'HEIGHT=270,resizable=yes,scrollbars=yes,WIDTH=400');return false;\">$comment_arr[1]</a>,
$comm_excerpt

<td $bg>
<a title=\"edit this comment\nip:$comment_arr[3]\" href=\"$PHP_SELF?mod=editcomments&action=editcomment&newsid=$id&comid=$comment_arr[0]&source=$source\" onclick=\"window.open('$PHP_SELF?mod=editcomments&action=editcomment&newsid=$id&comid=$comment_arr[0]&source=$source', 'Comments', 'HEIGHT=270,resizable=yes,scrollbars=yes,WIDTH=400');return false;\">$comtime</a>
<td width=\"1\" $bg>
<input type=checkbox name=\"delcomid[$comment_arr[0]]\" value=1>
<td $bg>
</tr>";
}//if not blank
}//foreach comment

echo"<tr>
<td >
<td >

<td >
<p align=\"right\">delete all?
<td >
<input type=checkbox name=delcomid[all] value=1>
<td >
</tr>

<tr>
<td >
<td colspan=\"3\">
<p align=\"right\"><input type=submit value=\"Delete Selected\">
<td >
</tr>

<input type=hidden name=newsid value=$id>
<input type=hidden name=deletecomment value=yes>
<input type=hidden name=action value=doeditcomment>
<input type=hidden name=mod value=editcomments>
<input type=hidden name=source value=$source>
</form>
</table>";

break;//foreach comment line
}//if there are any comments
else
{
echo"<td width=\"210\">
No Comments
<td width=\"219\">
<td width=\"1\">
<td width=\"105\">
</tr>
</tr>
</table>";
}
}//if these are comments for our story
}//foreach comments line
if($found_newsid == FALSE){
echo"<td width=\"210\">
No Comments
<td width=\"219\">
<td width=\"1\">
<td width=\"105\">
</tr>
</tr>
</table>";
}
echofooter();
}
// ********************************************************************************
// Do Edit News
// ********************************************************************************
elseif($action == "doeditnews")
{

/////
///Format our categories variable
/////

if( is_array($category) ){ //User has selected multiple categories

$nice_category = '';
$ccount = 0;

foreach($category as $ckey=>$cvalue){
if( !in_array($cvalue,$allowed_cats) ){ die('not allowed category'); }
if($ccount==0){ $nice_category = $cvalue; }//first cat
else{ $nice_category = $nice_category.','.$cvalue; }

$ccount++;
}



}else{ //Not in a category
if( $category !="" and isset($category) and !in_array($category,$allowed_cats) ){ die('not allowed category'); }
//don't format $nice_cats because we have not selected any.
}

if(trim($title) == "" and $ifdelete != "yes"){ msg("error","Error !!!","The title can not be blank.", "javascript:history.go(-1)"); }
if($short_story == "" and $ifdelete != "yes"){ msg("error","Error !!!","The story can not be blank.", "javascript:history.go(-1)"); }

if($if_convert_new_lines == "yes"){ $n_to_br = TRUE; }
if($if_use_html == "yes"){ $use_html = TRUE; }

$short_story = replace_news("add", rtrim($short_story), $n_to_br, $use_html);
$full_story = replace_news("add", rtrim($full_story), $n_to_br, $use_html);
$title = stripslashes( preg_replace(array("'\\|'", "'\n'", "''"), array("I", "<br />", ""), $title) );
$avatar = stripslashes( preg_replace(array("'\\|'", "'\n'", "''"), array("I", "<br />", ""), $avatar) );

if($source == ""){ $news_file = "./data/news.txt"; $com_file = "./data/comments.txt"; }
elseif($source == "postponed"){ $news_file = "./data/postponed_news.txt"; $com_file = "./data/comments.txt"; }
elseif($source == "unapproved"){ $news_file = "./data/unapproved_news.txt"; $com_file = "./data/comments.txt"; }
else{ $news_file = "./data/archives/$source.news.arch"; $com_file = "./data/archives/$source.comments.arch";}

$old_db = file("$news_file");
$new_db = fopen("$news_file", w);
foreach($old_db as $old_db_line){
$old_db_arr = explode("\|", $old_db_line);
if($id != $old_db_arr[0]){
fwrite($new_db,"$old_db_line");
}
else
{

$have_perm = 0;
if(($member_db[1] == 1) or ($member_db[1] == 2)){$have_perm = 1;}
elseif($member_db[1] == 3 and $old_db_arr[1] == $member_db[2]) {$have_perm = 1;}
if($have_perm){
if($ifdelete != "yes")
{
$okchanges = TRUE;
fwrite($new_db,"$old_db_arr[0]\|$old_db_arr[1]\|$title\|$short_story\|$full_story\|$editavatar\|$nice_category\|\|\n");
}
else
{
$okdeleted = TRUE;
$all_file = file("$com_file");
$new_com=fopen("$com_file","w");
foreach($all_file as $line)
{
$line_arr = explode("\|>\|",$line);
if($line_arr[0] == $id){ $okdelcom = TRUE; }
else{ fwrite($new_com,"$line"); }
}
fclose($new_com);
}
}else{ fwrite($new_db,"$old_db_line"); $no_permission = TRUE; }
}
}
fclose($new_db);

if($no_permission){ msg("error", "NO Access", "You dont have access for this action", "$PHP_SELF?mod=editnews&action=list"); }
if($okdeleted and $okdelcom){ msg("info","News Deleted","The news item successfully was deleted.<br />If there were comments for this article they are also deleted."); }
if($okdeleted and !$okdelcom){ msg("info","News Deleted","The news item successfully was deleted.<br />If there were comments for this article they are also deleted.<br /><font color=red>But can not delete comments of this article !!!</font>"); }
elseif($okchanges){ msg("info","Changes Saved","The changes were successfully saved", "$PHP_SELF?mod=editnews&action=editnews&id=$id&source=$source"); }
else{ msg("error","Error !!!","The news item can not be found or there is an error with the news database file."); }

}


?>

file:a/cutenews/inc/editusers.mdu (deleted)

<?PHP

if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permission to edit users"); }
// ********************************************************************************
// List All Available Users + Show Add User Form
// ********************************************************************************
if($action == "list")
{
echoheader("users","Manage Users");

echo'<script language="javascript">
<!-- begin
function popupedit(id){
window.open(\''.$PHP_SELF.'?mod=editusers&action=edituser&id=\'+id,\'User\',\'toolbar=0,location=0,status=0,menubar=0,scrollbars=0,resizable=0,width=360,height=210\');
}
function confirmdelete(id){
var agree=confirm("Are you sure you want to delete this user ?");
if (agree)
document.location="'.$PHP_SELF.'?mod=editusers&action=dodeleteuser&id="+id;
}
// end -->
</script>
<table border=0 cellpading=0 cellspacing=0 width=654>
<tr>
<td width=654 colspan="6">
<!-- Start add edit users table + info + help -->
<table border="0" width="657" cellspacing="0" cellpadding="0" height="81" >
<tr>
<td valign="bottom" width="311" valign="top" height="1">

<b>Add User</b>

</td>
<td width="5" valign="top" rowspan="3" height="81">

</td>
<td valign="bottom" width="330" height="1"><b>User Levels</b></td>
</tr>

<tr>
<td width="311" rowspan="2" valign="top" height="60" >

<!-- Add User Table -->
<table class="panel" cellspacing="0" cellpadding="0" width="100%">
<form method=post action="'.$PHP_SELF.'">
<tr>
<td > Username</td>
<td ><input size=21 type=text name=regusername></td>
</tr>
<tr>
<td > Password</td>
<td ><input size=21 type=text name=regpassword></td>
</tr>
<tr>
<td > Nickname</td>
<td ><input size=21 type=text name=regnickname></td>
</tr>
<tr>
<td > Email</td>
<td ><input size=21 type=text name=regemail></td>
</tr>
<tr>
<td > Access Level</td>
<td ><select name=reglevel>
<option value=4>4 (commenter)</option>
<option selected value=3>3 (journalist)</option>
<option value=2>2 (editor)</option>
<option value=1>1 (administrator)</option>
</select>
</td>
</tr>
<tr>
<td > </td>
<td height="35"><input type=submit value="Add User">
<input type=hidden name=action value=adduser>
<input type=hidden name=mod value=editusers>
</td>
</tr>
</form>
</table>
<!-- End Add User Table -->

</td>
<td width="330" height="1" valign="top" >

<!-- User Levels Table -->
<table class="panel" cellspacing="3" cellpadding="0" width="100%">
<tr>
<td valign="top"> Administrator : have full access and privilegies<br>
Editor : can add news and edit others posts<br>
Journalist : can only add news (must be approved)<br>
Commenter : only post comments</td>
</tr>
</table>
<!-- End User Levels Table -->

</td>
</tr>
<tr>
<td width="330" valign="top" align=center height="70"><br>

<!-- HELP -->
<table height="25" cellspacing="0" cellpadding="0">
<tr>
<td width="25" align=middle><img border="0" src="skins/images/help_small.gif" width="25" height="25"></td>
<td > <a onClick="javascript:Help(\'users\')" href="#">Understanding user levels</a> </td>
</tr>
</table>
<!-- END HELP -->
</td>
</tr>
</table>
<!-- END add edit users table + info + help -->

</tr>
<tr>
<td width=654 colspan="6">
</tr>
<tr>
<td width=650 colspan="6">
<img height=20 border=0 src="skins/images/blank.gif" width=1><br>
<b>Edit Users</b>
</tr>

<tr>
<td width=130 bgcolor="#F7F6F4">
<u>Username</u>
<td width=197 bgcolor="#F7F6F4">
<u>registration date</u>
<td width=2 bgcolor="#F7F6F4">

<td width=83 bgcolor="#F7F6F4">
<u>written news</u>
<td width=132 bgcolor="#F7F6F4">
<u>Access Level</u>
<td width=93 bgcolor="#F7F6F4">
<u>action</u>
</tr>';

$all_users = file("./data/users.db.php");
$i = 1;
foreach($all_users as $user_line)
{
$i++; $bg = "";
if($i%2 == 0){ $bg = "bgcolor=\"#f7f6f4\""; }
if(!eregi("<\?",$user_line)){
$user_arr = explode("\|", $user_line);

if(isset($user_arr[9]) and $user_arr[9] != ''){ $last_login = date('r',$user_arr[9]); }
else{ $last_login = 'never'; }

switch($user_arr[1]){
case 1: $user_level = "administrator"; break;
case 2: $user_level = "editor"; break;
case 3: $user_level = "journalist"; break;
case 4: $user_level = "commenter"; break;
}
echo"<tr $bg title='$user_arr[2]'s last login was on: $last_login'>
<td width=143>
$user_arr[2]
<td width=197>";
echo( date("F, d Y @ H:i a",$user_arr[0]) );
echo"<td width=2>
<td width=83 >
$user_arr[6]
<td width=122>
$user_level
<td width=80 title=''>
<a onClick=\"javascript:popupedit('$user_arr[0]'); return(false)\" href=#>[edit]</a> <a onClick=\"javascript:confirmdelete('$user_arr[0]'); return(false)\" href=\"$PHP_SELF?mod=editusers&action=dodeleteuser&id=$user_arr[0]\">[delete]</a>
</tr>";
}
}

echo"</table>";

echofooter();
}
// ********************************************************************************
// Add User
// ********************************************************************************
elseif($action == "adduser")
{
if(!$regusername){ msg("error","Error !!!", "Username can not be blank", "javascript:history.go(-1)"); }
if(!$regpassword){ msg("error","Error !!!", "Password can not be blank", "javascript:history.go(-1)"); }

$all_users = file("./data/users.db.php");
foreach($all_users as $user_line)
{
$user_arr = explode("\|", $user_line);
if($user_arr[2] == $regusername){ msg("error", "Error !!!", "Sory but user with this username already exist", "javascript:history.go(-1)"); }
}

$add_time = time()+($config_date_adjust*60);
$regpassword = md5($regpassword);

$old_users_file = file("./data/users.db.php");
$new_users_file = fopen("./data/users.db.php", "a");

fwrite($new_users_file, "$add_time\|$reglevel\|$regusername\|$regpassword\|$regnickname\|$regemail\|0\|0\|\|\|\|\n");

fclose($new_users_file);

switch($reglevel){
case "1": $level = "administrator"; break;
case "2": $level = "editor"; break;
case "3": $level = "journalist"; break;
case "4": $level = "commenter"; break;
}
msg("info","User Added","The user <b>$regusername</b> was successfully added as <b>$level</b>", "$PHP_SELF?mod=editusers&action=list");
}
// ********************************************************************************
// Edit User Details
// ********************************************************************************
elseif($action == "edituser")
{

$users_file = file("./data/users.db.php");
foreach($users_file as $user_line){
$user_arr = explode("\|", $user_line);
if($id == $user_arr[0]){
break;
}
}

if(isset($user_arr[9]) and $user_arr[9] != ''){ $last_login = date('r',$user_arr[9]); }
else{ $last_login = 'never'; }

echo"<html><head>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">
<title>Edit Users</title>
<style type=\"text/css\">
<!--
select, option, textarea, input {
BORDER-RIGHT: #808080 1px solid;
BORDER-TOP: #808080 1px solid;
BORDER-BOTTOM: #808080 1px solid;
BORDER-LEFT: #808080 1px solid;
COLOR: #000000;
FONT-SIZE: 11px;
FONT-FAMILY: Verdana; BACKGROUND-COLOR: #ffffff }
TD {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
BODY {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 3pt;}
.header { font-size : 16px; font-weight: bold; color: #808080; font-family: verdana; text-decoration: none; }
-->
</style>
</head>
<body>
<form action=\"$PHP_SELF\" method=post><table width=\"828\" cellspacing=\"0\" cellpadding=\"0\" height=\"13\">
<td width=\"826\" height=\"21\" colspan=\"2\"><div class=header>$user_arr[2] <font size=\"2\">($user_arr[4])</font></div>

<tr>
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">written news
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
$user_arr[6]
</tr>

<tr>
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">last login date
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
$last_login
</tr>

<tr>
<td width=\"126\" height=\"20\">
registration date
<td height=\"20\" width=\"698\">";
echo date("r", $user_arr[0]);
echo"
</tr>

<tr>
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">
Email
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
$user_arr[5]
</tr>

<tr>
<td width=\"126\" height=\"20\">
New Password
<td height=\"20\" width=\"698\">
<input size=\"20\" name=\"editpassword\" >
</tr>

<tr>
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">
Access Level
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
<select name=editlevel>";

if($user_arr[1] == 4){echo" <option value=4 selected>4 (commenter)</option>";} else {echo" <option value=4>4 (commenter)</option>";}
if($user_arr[1] == 3){echo" <option value=3 selected>3 (journalist)</option>";} else {echo" <option value=3>3 (journalist)</option>";}
if($user_arr[1] == 2){echo" <option value=2 selected>2 (editor)</option>";} else {echo" <option value=2>2 (editor)</option>";}
if($user_arr[1] == 1){echo" <option value=1 selected>1 (administrator)</option>";}else {echo" <option value=1>1 (administrator)</option>";}

echo"</select>
</tr>
<tr>
<td width=\"826\" height=\"7\" colspan=\"2\">
<br />
<input type=submit value=\"Save Changes\"> <input type=button value=\"Cancel\" onClick=\"window.close();\">
<input type=hidden name=id value=$id>
<input type=hidden name=mod value=editusers>
<input type=hidden name=action value=doedituser>
</tr>
</table></form>
</body>
</html>";


}
// ********************************************************************************
// Do Edit User
// ********************************************************************************
elseif($action == "doedituser")
{
if(!$id){ die("This is not a valid user."); }

$old_db = file("./data/users.db.php");
$new_db = fopen("./data/users.db.php", "w");
foreach($old_db as $old_db_line){
$old_db_arr = explode("\|", $old_db_line);
if($id != $old_db_arr[0]){
fwrite($new_db,"$old_db_line");
}else{
if($editpassword != ""){
$old_db_arr[3] = md5($editpassword);
if($old_db_arr[2] == $username){setcookie("md5_password", $old_db_arr[3]); }
}
fwrite($new_db,"$old_db_arr[0]\|$editlevel\|$old_db_arr[2]\|$old_db_arr[3]\|$old_db_arr[4]\|$old_db_arr[5]\|$old_db_arr[6]\|$old_db_arr[7]\|$old_db_arr[8]\|$old_db_arr[9]\|\|\n");
}
}
fclose($new_db);
$result = "Changes Saved";

echo"<html>
<head>
<title>Edit Users</title>
</head>
<body bgcolor=#FFFFFF>
<table border=0 cellpading=0 cellspacing=0 width=100% height=100% >
<tr><td align=middle width=154>
<p align=right><img border=0 src=\"skins/images/info.gif\" width=60 height=57>
</td><td align=middle width=558>
<p align=left>$result
</td></tr>
</table>
</body>
</html>";

}
// ********************************************************************************
// Delete User
// ********************************************************************************
elseif($action == "dodeleteuser")
{
if(!$id){ die("This is not a valid user."); }

$old_users_file = file("./data/users.db.php");
$new_users_file = fopen("./data/users.db.php", "w");
foreach($old_users_file as $old_user_line){
$old_user_line_arr = explode("\|", $old_user_line);
if($id != $old_user_line_arr[0]){
fwrite($new_users_file, $old_user_line);
}else{
$deleted = TRUE; $user = $old_user_line_arr[2];
}
}
fclose($new_users_file);

msg("info","User Deleted","The user $user was successfully deleted.", "$PHP_SELF?mod=editusers&action=list");
}
?>

file:a/cutenews/inc/functions.inc.php (deleted)

<?PHP


// bad practice, i know
if ($HTTP_SESSION_VARS) {extract($HTTP_SESSION_VARS, EXTR_SKIP);}
if ($_SESSION) {extract($_SESSION, EXTR_SKIP);}
if ($HTTP_COOKIE_VARS) {extract($HTTP_COOKIE_VARS, EXTR_SKIP);}
if ($_COOKIE) {extract($_COOKIE, EXTR_SKIP);}
if ($HTTP_POST_VARS) {extract($HTTP_POST_VARS, EXTR_SKIP);}
if ($_POST) {extract($_POST, EXTR_SKIP);}
if ($HTTP_GET_VARS) {extract($HTTP_GET_VARS, EXTR_SKIP);}
if ($_GET) {extract($_GET, EXTR_SKIP);}
if ($HTTP_ENV_VARS) {extract($HTTP_ENV_VARS, EXTR_SKIP);}
if ($_ENV) {extract($_ENV, EXTR_SKIP);}


//----------------------------------
// Sanitize Variables
//----------------------------------
if( isset($template) and $template != "" and !eregi("^[_a-zA-Z0-9-]{1,}$", $template)){ die("invalid template characters"); }
if( isset($archive) and $archive != "" and !eregi("^[_a-zA-Z0-9-]{1,}$", $archive)){ die("invalid archive characters"); }



if($PHP_SELF == ""){ $PHP_SELF = $_SERVER["PHP_SELF"]; }

$phpversion = @phpversion();

$a7f89abdcf9324b3 = "";

$comm_start_from = htmlspecialchars($comm_start_from);
$start_from = htmlspecialchars($start_from);
$archive = htmlspecialchars($archive);
$subaction = htmlspecialchars($subaction);
$id = htmlspecialchars($id);
$ucat = htmlspecialchars($ucat);

if(is_array($category)){ foreach($category as $ckey=>$cvalue){ $category[$ckey] = htmlspecialchars($category[$ckey]);} }
else{ $category = htmlspecialchars($category); }

$number = htmlspecialchars($number);
$template = htmlspecialchars($template);
$show = htmlspecialchars($show);


$config_version_name = "CuteNews v1.4.6";
$config_version_id = 186;




//----------------------------------
// Some Special Chars
//----------------------------------
$HTML_SPECIAL_CHARS = Array ( // Master array replaced ALWAYS !!!







































);



///////////////////////////////////////////////////////
// Function: ResynchronizeAutoArchive
// Description: Auto-Archives News

function ResynchronizeAutoArchive(){
global $cutepath, $config_auto_archive, $config_notify_email,$config_notify_archive,$config_notify_status;

$count_news = count(file("$cutepath/data/news.txt"));
if($count_news > 1){

if($config_auto_archive == "yes"){

$now[year] = date("Y");
$now[month] = date("n");

$db_content = file("$cutepath/data/auto_archive.db.php");
list($last_archived[year], $last_archived[month]) = split("\\|", $db_content[0] );


$tmp_now_sum = $now[year] . sprintf("%02d", $now[month]) ;
$tmp_last_sum = (int)$last_archived[year] . sprintf("%02d", (int)$last_archived[month]) ;

if($tmp_now_sum > $tmp_last_sum){

$error = FALSE;
$arch_name = time();
if(!@copy("$cutepath/data/news.txt","$cutepath/data/archives/$arch_name.news.arch")) { $error = "Can not copy news.txt from data/ to data/archives"; }
if(!@copy("$cutepath/data/comments.txt","$cutepath/data/archives/$arch_name.comments.arch")) { $error = "Can not copy comments.txt from data/ to data/archives"; }


$handle = fopen("$cutepath/data/news.txt","w") or $error = "Can not open news.txt";
fclose($handle);
$handle = fopen("$cutepath/data/comments.txt","w") or $error = "Can not open comments.txt";
fclose($handle);


$fp = @fopen("$cutepath/data/auto_archive.db.php", "w");
@flock ($fp,2);

if(!$errors){ fwrite($fp, $now[year]."\|".$now[month]."\n"); }
else{ fwrite($fp, "0\|0\|$error\n"); }
foreach($db_content as $line){
@fwrite($fp, $line);
}

@flock ($fp,3);
@fclose($fp);


if($config_notify_archive == "yes" and $config_notify_status == "active"){
send_mail("$config_notify_email", "CuteNews - AutoArchive was Performed", "CuteNews has performed the AutoArchive function.\n$count_news News Articles were archived.\n$error");
}
}
}
}
}

///////////////////////////////////////////////////////
// Function: ResynchronizePostponed
// Description: Refreshes the Postponed News file.

function ResynchronizePostponed(){
global $cutepath,$config_notify_postponed,$config_notify_status,$config_notify_email;
$all_postponed_db = file("$cutepath/data/postponed_news.txt");
if(!empty($all_postponed_db)){
$new_postponed_db = fopen("$cutepath/data/postponed_news.txt", w);
@flock ($new_postponed_db,2);
$now_date = time();

foreach ($all_postponed_db as $p_line){
$p_item_db = explode("\|",$p_line);
if($p_item_db[0] <= $now_date){
// Item is old and must be Activated, add it to news.txt


$all_active_db = file("$cutepath/data/news.txt");
$active_news_file = fopen("$cutepath/data/news.txt", "w");
@flock ($active_news_file,2);

fwrite($active_news_file,"$p_line");
foreach ($all_active_db as $active_line){ fwrite($active_news_file, "$active_line");}
@flock ($active_news_file,3);
fclose($active_news_file);



if($config_notify_postponed == "yes" and $config_notify_status == "active"){
send_mail("$config_notify_email", "CuteNews - Postponed article was Activated", "CuteNews has activated the article '$p_item_db[2]'");
}

}else{
// Item is still postponed
fwrite($new_postponed_db,"$p_line");
}



}
@flock ($new_postponed_db,3);
fclose($new_postponed_db);
}

}

///////////////////////////////////////////////////////
// Function: send_mail
// Description: sends mail ... huh :)

function send_mail($to, $subject, $message){

if(!isset($to) or !$to or $to == ''){ }else{

$tos = FALSE;
$to = str_replace(' ', '', $to);
if(eregi(',', '')){
$tos = explode(',', $to);
}

$from = 'CuteNews@' . $_SERVER['SERVER_NAME'];

$headers = '';
$headers .= "From: $from\n";
$headers .= "Reply-to: $from\n";
$headers .= "Return-Path: $from\n";
$headers .= "Message-ID: <" . md5(uniqid(time())) . "@" . $_SERVER['SERVER_NAME'] . ">\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/plain;\n";
$headers .= "Date: " . date('r', time()) . "\n";

if($tos){
foreach($tos as $my_to){
@mail($my_to,$subject,$message,$headers);
}
}else{ @mail($to,$subject,$message,$headers); }

}
}

///////////////////////////////////////////////////////
// Function: formatsize
// Description: Format the size of given file

function formatsize($file_size){

if($file_size >= 1073741824)
{$file_size = round($file_size / 1073741824 * 100) / 100 . "Gb";}
elseif($file_size >= 1048576)
{$file_size = round($file_size / 1048576 * 100) / 100 . "Mb";}
elseif($file_size >= 1024)
{$file_size = round($file_size / 1024 * 100) / 100 . "Kb";}
else{$file_size = $file_size . "b";}

return $file_size;
}

///////////////////////////////////////////////////////
// Class: microTimer
// Description: calculates the micro time

class microTimer {
function start() {
global $starttime;
$mtime = microtime ();
$mtime = explode (' ', $mtime);
$mtime = $mtime[1] + $mtime[0];
$starttime = $mtime;
}
function stop() {
global $starttime;
$mtime = microtime ();
$mtime = explode (' ', $mtime);
$mtime = $mtime[1] + $mtime[0];
$endtime = $mtime;
$totaltime = round (($endtime - $starttime), 5);
return $totaltime;
}
}


///////////////////////////////////////////////////////
// Function: check_login
// Description: Check login information

function check_login($username, $md5_password){
$result = FALSE;
$full_member_db = file("./data/users.db.php");
global $member_db;

foreach($full_member_db as $member_db_line)
{
if(!eregi("<\?",$member_db_line)){
$member_db = explode("\|",$member_db_line);
if(strtolower($member_db[2]) == strtolower($username) && $member_db[3] == $md5_password)
{
$result = TRUE;
break;
}
}
}
return $result;
}

///////////////////////////////////////////////////////
// Function: cute_query_string
// Description: Format the Query_String for CuteNews purpuses index.php?

function cute_query_string($q_string, $strips, $type="get"){
foreach($strips as $key){
$strips[$key] = TRUE;
}
$var_value = explode("&", $q_string);

foreach($var_value as $var_peace){
$parts = explode("=", $var_peace);
if($strips[$parts[0]] != TRUE and $parts[0] != ""){
if($type == "post"){
$my_q .= "<input type=\"hidden\" name=\"".@htmlspecialchars($parts[0])."\" value=\"".@htmlspecialchars($parts[1])."\" />\n";
}else{
$my_q .= "$var_peace&";
}
}
}

if( substr($my_q, -5) == "&" ){ $my_q = substr($my_q, 0, -5); }

return $my_q;
}

///////////////////////////////////////////////////////
// Function: Flooder
// Description: Flood Protection Function
function flooder($ip, $comid){
global $cutepath, $config_flood_time;

$old_db = file("$cutepath/data/flood.db.php");
$new_db = fopen("$cutepath/data/flood.db.php", w);
$result = FALSE;
foreach($old_db as $old_db_line){
$old_db_arr = explode("\|", $old_db_line);

if(($old_db_arr[0] + $config_flood_time) > time() ){
fwrite($new_db, $old_db_line);
if($old_db_arr[1] == $ip and $old_db_arr[2] == $comid)
{ $result = TRUE; }
}
}
fclose($new_db);
return $result;
}

////////////////////////////////////////////////////////
// Function: msg
// Description: Displays message to user

function msg($type, $title, $text, $back=FALSE){
echoheader($type, $title);
global $lang;
echo"<table border=0 cellpading=0 cellspacing=0 width=100% height=100%><tr><td >$text";
if($back){
echo"<br /><br> <a href=\"$back\">go back</a>";
}
echo"</td></tr></table>";
echofooter();
exit();
}



////////////////////////////////////////////////////////
// Function: echoheader
// Description: Displays header skin

function echoheader($image, $header_text){
global $PHP_SELF, $is_loged_in, $config_skin, $skin_header, $lang_content_type, $skin_menu, $skin_prefix, $config_version_name;

if($is_loged_in == TRUE){ $skin_header = preg_replace("/{menu}/", "$skin_menu", "$skin_header"); }
else { $skin_header = preg_replace("/{menu}/", "   $config_version_name", "$skin_header"); }

$skin_header = get_skin($skin_header);
$skin_header = preg_replace("/{image-name}/", "${skin_prefix}${image}", $skin_header);
$skin_header = preg_replace("/{header-text}/", $header_text, $skin_header);
$skin_header = preg_replace("/{content-type}/", $lang_content_type, $skin_header);

echo $skin_header;
}

////////////////////////////////////////////////////////
// Function: echofooter
// Description: Displays footer skin

function echofooter(){

global $PHP_SELF, $is_loged_in, $config_skin, $skin_footer, $lang_content_type, $skin_menu, $skin_prefix, $config_version_name;

if($is_loged_in == TRUE){ $skin_footer = preg_replace("/{menu}/", "$skin_menu", "$skin_footer"); }
else { $skin_footer = preg_replace("/{menu}/", "   $config_version_name", "$skin_footer"); }

$skin_footer = get_skin($skin_footer);
$skin_footer = preg_replace("/{image-name}/", "${skin_prefix}${image}", $skin_footer);
$skin_footer = preg_replace("/{header-text}/", $header_text, $skin_footer);
$skin_footer = preg_replace("/{content-type}/", $lang_content_type, $skin_footer);

// Do not remove the Copyrights!


echo $skin_footer;

}

////////////////////////////////////////////////////////
// Function: b64dck
// Description: And the duck fly away.
function b64dck(){
$cr = bd_config('e2NvcHlyaWdodHN9');$shder = bd_config('c2tpbl9oZWFkZXI=');$sfter = bd_config('c2tpbl9mb290ZXI=');
global $$shder,$$sfter;
$HDpnlty = bd_config('PGNlbnRlcj48aDE+Q3V0ZU5ld3M8L2gxPjxhIGhyZWY9Imh0dHA6Ly9jdXRlcGhwLmNvbSI+Q3V0ZVBIUC5jb208L2E+PC9jZW50ZXI+PGJyPg==');
$FTpnlty = bd_config('PGNlbnRlcj48ZGl2IGRpc3BsYXk9aW5saW5lIHN0eWxlPVwnZm9udC1zaXplOiAxMXB4XCc+UG93ZXJlZCBieSA8YSBzdHlsZT1cJ2ZvbnQtc2l6ZTogMTFweFwnIGhyZWY9XCJodHRwOi8vY3V0ZXBocC5jb20vY3V0ZW5ld3MvXCIgdGFyZ2V0PV9ibGFuaz5DdXRlTmV3czwvYT4gqSAyMDA1ICA8YSBzdHlsZT1cJ2ZvbnQtc2l6ZTogMTFweFwnIGhyZWY9XCJodHRwOi8vY3V0ZXBocC5jb20vXCIgdGFyZ2V0PV9ibGFuaz5DdXRlUEhQPC9hPi48L2Rpdj48L2NlbnRlcj4=');

if(!stristr($$shder,$cr) and !stristr($$sfter,$cr)){ $$shder = $HDpnlty.$$shder; $$sfter = $$sfter.$FTpnlty; }
}
////////////////////////////////////////////////////////
// Function: CountComments
// Description: Count How Many Comments Have a Specific Article

function CountComments($id, $archive = FALSE){

global $cutepath;

if($cutepath == ""){ $cutepath = "."; }
$result = "0";
if($archive and ($archive != "postponed" and $archive != "unapproved")){ $all_comments = file("$cutepath/data/archives/${archive}.comments.arch"); }
else{ $all_comments = file("$cutepath/data/comments.txt"); }

foreach($all_comments as $comment_line)
{
$comment_arr_1 = explode("\|>\|", $comment_line);
if($comment_arr_1[0] == $id)
{
$comment_arr_2 = explode("\|\|", $comment_arr_1[1]);
$result = count($comment_arr_2)-1;

}
}

return $result;
}

////////////////////////////////////////////////////////
// Function: insertSmilies
// Description: insert smilies for adding into news/comments

function insertSmilies($insert_location, $break_location = FALSE, $admincp = FALSE, $wysiwyg = FALSE)
{
global $config_http_script_dir, $config_smilies;

$smilies = explode(",", $config_smilies);
foreach($smilies as $smile)
{
$i++; $smile = trim($smile);
if($admincp){
if($wysiwyg){
// $advanced_smile = "<img alt=\':$smile:\' src=\'data/emoticons/$smile.gif\' />";
// $output .= "<a href=# onclick=\"javascript:InsertIntoArea('$insert_location','$advanced_smile'); return false;\"><img style=\"border: none;\" alt=\"$smile\" src=\"$config_http_script_dir/data/emoticons/$smile.gif\" /></a>";
$output .= "<a href=# onclick=\"document.getElementById('$insert_location').contentWindow.document.execCommand('InsertImage', false, '$config_http_script_dir/data/emoticons/$smile.gif'); return false;\"><img style=\"border: none;\" alt=\"$smile\" src=\"$config_http_script_dir/data/emoticons/$smile.gif\" /></a>";

}
else{ $output .= "<a href=# onclick=\"javascript:document.getElementById('$insert_location').value += ' :$smile:'; return false;\"><img style=\"border: none;\" alt=\"$smile\" src=\"$config_http_script_dir/data/emoticons/$smile.gif\" /></a>"; }
}else{
$output .= "<a href=\"javascript:insertext(':$smile:','$insert_location')\"><img style=\"border: none;\" alt=\"$smile\" src=\"$config_http_script_dir/data/emoticons/$smile.gif\" /></a>";
};
if( isset($break_location) && (int)$break_location > 0 && $i%$break_location == 0 )
{
$output .= "<br />";
}else{ $output .= " "; }
}
return $output;
}

////////////////////////////////////////////////////////
// Function: replace_comments
// Description: Replaces comments charactars
function replace_comment($way, $sourse){
global $HTML_SPECIAL_CHARS, $config_allow_html_in_news, $config_allow_html_in_comments, $config_http_script_dir, $config_smilies;

$sourse = stripslashes(trim($sourse));

if($way == "add"){

$find = array(
"'\"'",
"'\''",
"'<'",
"'>'",
"'\\|'",
"'\n'",
"'\r'",
);
$replace = array(
""",
"'",
"<",
">",
"\|",
" <br />",
"",
);

}
elseif($way == "show"){

$find = array(
"'\[b\](.*?)\[/b\]'i",
"'\[i\](.*?)\[/i\]'i",
"'\[u\](.*?)\[/u\]'i",
"'\[link\](.*?)\[/link\]'i",
"'\[link=(.?)\](.?)\[/link\]'i",

"'\[quote=(.?)\](.?)\[/quote\]'",
"'\[quote\](.*?)\[/quote\]'",
);
$replace = array(
"<strong>\\1</strong>",
"<em>\\1</em>",
"<span style=\"text-decoration: underline;\">\\1</span>",
"<a href=\"\\1\">\\1</a>",
"<a href=\"\\1\">\\2</a>",

"<blockquote><div style=\"font-size: 13px;\">quote (\\1):</div><hr style=\"border: 1px solid #ACA899;\" /><div>\\2</div><hr style=\"border: 1px solid #ACA899;\" /></blockquote>",
"<blockquote><div style=\"font-size: 13px;\">quote:</div><hr style=\"border: 1px solid #ACA899;\" /><div>\\1</div><hr style=\"border: 1px solid #ACA899;\" /></blockquote>",
);

$smilies_arr = explode(",", $config_smilies);
foreach($smilies_arr as $smile){
$smile = trim($smile);
$find[] = "':$smile:'";
$replace[] = "<img style=\"border: none;\" alt=\"$smile\" src=\"$config_http_script_dir/data/emoticons/$smile.gif\" />";
}

}

$sourse = preg_replace($find,$replace,$sourse);

foreach ( $HTML_SPECIAL_CHARS as $key=>$value ){
$sourse = str_replace($key,$value,$sourse);
}

return $sourse;
}

////////////////////////////////////////////////////////
// Function: rteSafe
// Description: safe data for the RTE

function rteSafe($strText) {
//returns safe code for preloading in the RTE
$tmpString = $strText;

//convert all types of single quotes
$tmpString = str_replace(chr(145), chr(39), $tmpString);
$tmpString = str_replace(chr(146), chr(39), $tmpString);
$tmpString = str_replace("'", "'", $tmpString);

//convert all types of double quotes
$tmpString = str_replace(chr(147), chr(34), $tmpString);
$tmpString = str_replace(chr(148), chr(34), $tmpString);
// $tmpString = str_replace("\"", """, $tmpString); // we are pasting the content within '' quotes so " are valid

//replace carriage returns & line feeds
$tmpString = str_replace(chr(10), " ", $tmpString);
$tmpString = str_replace(chr(13), " ", $tmpString);

return $tmpString;

}
////////////////////////////////////////////////////////
// Function: get_skin
// Description: Hello skin!

function get_skin($skin){
if(!file_exists('./data/reg.php')){ $stts = base64_decode('KHVucmVnaXN0ZXJlZCk='); }
else{
include('./data/reg.php');

if(preg_match('/\\A(\\w{6})-\\w{6}-\\w{6}\\z/', $reg_site_key, $mmbrid)){

if(!isset($reg_display_name) or !$reg_display_name or $reg_display_name == ''){
$stts = "<!-- (-$mmbrid[1]-) -->";
}else{
$stts = "<label title='(-$mmbrid[1]-)'>". base64_decode('TGljZW5zZWQgdG86IA==').$reg_display_name.'</label>';
}

}
else{ $stts = '!'.base64_decode('KHVucmVnaXN0ZXJlZCk=').'!'; }
}
$msn = bd_config('c2tpbg==');
$cr = bd_config('e2NvcHlyaWdodHN9');
$lct = bd_config('PGRpdiBzdHlsZT0nZm9udC1zaXplOiA5cHgnPlBvd2VyZWQgYnkgPGEgc3R5bGU9J2ZvbnQtc2l6ZTogOXB4JyBocmVmPSJodHRwOi8vY3V0ZXBocC5jb20vY3V0ZW5ld3MvIiB0YXJnZXQ9Il9ibGFuayI+Q3V0ZU5ld3MgMS40LjY8L2E+ICZjb3B5OyAyMDA4IDxhIHN0eWxlPSdmb250LXNpemU6IDlweCcgaHJlZj0iaHR0cDovL2N1dGVwaHAuY29tLyIgdGFyZ2V0PSJfYmxhbmsiPkN1dGVQSFA8L2E+Ljxicj57bC1zdGF0dXN9PC9kaXY+');

$lct = preg_replace("/{l-status}/", $stts, $lct);

$$msn = preg_replace("/$cr/", $lct, $$msn);

return $$msn;
}

////////////////////////////////////////////////////////
// Function: replace_news
// Description: Replaces news charactars

function replace_news($way, $sourse, $replce_n_to_br=TRUE, $use_html=TRUE){
global $HTML_SPECIAL_CHARS, $config_allow_html_in_news, $config_allow_html_in_comments, $config_http_script_dir, $config_smilies;
$sourse = stripslashes($sourse);

if($way == "show")
{
$find= array(

/* 1 / "'\[upimage=([^\]]?) ([^\]]*?)\]'i",
/* 2 / "'\[upimage=(.?)\]'i",
/* 3 / "'\[b\](.?)\[/b\]'i",
/* 4 / "'\[i\](.?)\[/i\]'i",
/* 5 / "'\[u\](.?)\[/u\]'i",
/* 6 / "'\[link\](.?)\[/link\]'i",
/* 7 / "'\[color=(.?)\](.*?)\[/color\]'i",
/* 8 / "'\[size=(.?)\](.*?)\[/size\]'i",
/* 9 / "'\[font=(.?)\](.*?)\[/font\]'i",
/* 10 / "'\[align=(.?)\](.*?)\[/align\]'i",
/* 12 / "'\[image=(.?)\]'i",
/* 13 / "'\[link=(.?)\](.*?)\[/link\]'i",

/* 14 / "'\[quote=(.?)\](.*?)\[/quote\]'i",
/* 15 / "'\[quote\](.?)\[/quote\]'i",

/* 16 */ "'\[list\]'i",
/* 17 */ "'\[/list\]'i",
/* 18 / "'\[\\]'i",

"'{nl}'",
);

$replace=array(

/* 1 */ "<img \\2 src=\"${config_http_script_dir}/skins/images/upskins/images/\\1\" style=\"border: none;\" alt=\"\" />",
/* 2 */ "<img src=\"${config_http_script_dir}/skins/images/upskins/images/\\1\" style=\"border: none;\" alt=\"\" />",
/* 3 */ "<strong>\\1</strong>",
/* 4 */ "<em>\\1</em>",
/* 5 */ "<span style=\"text-decoration: underline;\">\\1</span>",
/* 6 */ "<a href=\"\\1\">\\1</a>",
/* 7 */ "<span style=\"color: \\1;\">\\2</span>",
/* 8 */ "<span style=\"font-size: \\1pt;\">\\2</span>",
/* 9 */ "<span style=\"font-family: \\1;\">\\2</span>",
/* 10 */ "<div style=\"text-align: \\1;\">\\2</div>",
/* 12 */ "<img src=\"\\1\" style=\"border: none;\" alt=\"\" />",
/* 13 */ "<a href=\"\\1\">\\2</a>",

/* 14 */ "<blockquote><div style=\"font-size: 13px;\">quote (\\1):</div><hr style=\"border: 1px solid #ACA899;\" /><div>\\2</div><hr style=\"border: 1px solid #ACA899;\" /></blockquote>",
/* 15 */ "<blockquote><div style=\"font-size: 13px;\">quote:</div><hr style=\"border: 1px solid #ACA899;\" /><div>\\1</div><hr style=\"border: 1px solid #ACA899;\" /></blockquote>",

/* 16 */ "<ul>",
/* 17 */ "</ul>",
/* 18 */ "<li>",

"\n",
);

$smilies_arr = explode(",", $config_smilies);
foreach($smilies_arr as $smile){
$smile = trim($smile);
$find[] = "':$smile:'";
$replace[] = "<img style=\"border: none;\" alt=\"$smile\" src=\"$config_http_script_dir/data/emoticons/$smile.gif\" />";
}
}
elseif($way == "add"){

$find = array(
"'\\|'",
"'\r'",
);
$replace = array(
"\|",
"",
);

if($use_html != TRUE){
$find[] = "'<'";
$find[] = "'>'";

$replace[] = "<";
$replace[] = ">";
}
if($replce_n_to_br == TRUE){
$find[] = "'\n'";
$replace[] = "<br />";
}else{
$find[] = "'\n'";
$replace[] = "{nl}";
}

}
elseif($way == "admin"){

$find = array(
"''",
"'{nl}'",
);
$replace = array(
"",
"\n",
);

//this is for 'edit news' section when we use WYSIWYG
if(!$replce_n_to_br){$find[] = "'<br />'"; }
if(!$replce_n_to_br){$replace[] = "\n"; }

}

$sourse = preg_replace($find,$replace,$sourse);


foreach ( $HTML_SPECIAL_CHARS as $key=>$value ){
$sourse = str_replace($key,$value,$sourse);
}


return $sourse;
}

function bd_config($str){
return base64_decode($str);
}
?>

file:a/cutenews/inc/help.mdu (deleted)

<?PHP

/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Our Help Sections
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
$help_sections = array();

//----------------------------------
// Including the News
//----------------------------------
$help_sections["including"] = <<<HTML
<h1>Including The News</h1>
After CuteNews is successfully installed you can start posting your news. To display the news you must include the
file <b>show_news.php</b> (located in the main cutenews folder). To include show_news.php on your page you must use a code like this:
<div class="code"><?PHP<br>
include("path/to/show_news.php");<br>
?></div>
And you must replace <i>path/to/show_news.php</i> with the real path to show_news.php, <b>NOT</b> the URL !!!<br>
Examples:<br>
<font color=green>CORRECT</font>: include("cutenews/show_news.php");<br>
<font color=red>WRONG   </font>: include("http://site.com/cutenews/show_news.php");<br>
<br>
Remember that to be able to use the php code, the extension of the file where you include it must be .php<br>
If you want to include the code in .html page, you can rename he .html to .php and everything will work normal
HTML;

//----------------------------------
// All possible variables while including
//----------------------------------
$help_sections["variables"] = <<<HTML
<h1>All Variables You are Allowed to Use</h1>
Here is a list of all possible variables that you are allowed to use when including news or archives:<BR>
<div class="code" style='font-family: Verdana, Arial, Helvetica, sans-serif;'><?PHP<br><br>
<b>\$number = "<X>";</b>  <i>// show only the X newest articles.</i><br>
<b>\$template = "<NAME>";</b>  <i>// load another template, if you don't use it the default template will be loaded.</i><br>
<b>\$static = TRUE;</b>  <i>// included news will not load on this location, for more info see 'Using Multiple Includes'.</i><br>
<b>\$category = "<ID>";</b>  <i>// show only news from the selected category where <ID> is the id of category.</i><br>
<b>\$start_from = "<NUMBER>";</b>  <i>// show the news starting not from the first newest but from <NUMBER>, it is required to use \$start_from = "<NUMBER>";
only when you use \$number = "X";.</i><br>

<br>include("path/to/show_news.php");<br>
?></div>
All of the above variables are optional and you may wish don't to use them.
HTML;

//----------------------------------
// Using Multiple Includes
//----------------------------------
$help_sections["multiple_includes"] = <<<HTML
<h1>Using Multiple Includes on One Page</h1>
Now will examine the situation when you want to use more than one include on a single page. For example if you want to show 5 headlines (using template headlines)
and below them to be shown all other news. The problem in this situatuion situation is that when you click on a headline CuteNews won't understand where to show the result,
on the headlines part or where all other news are included. The solution is to use the variable <b>$static = TRUE;</b> before including the headlines. When you use
this variable CuteNews won't display any result on the place where you use $static.<br>
Here is the correct code of the above example with the headlines and news:
<div class="code"><?PHP<br>
<u>Our Latest 5 Headlines</u>:<br>
\$static = TRUE;<br>
\$number = "5";<br>
\$template = "Headlines";<br>
include("path/to/show_news.php");<br>
<br>
<u>The News</u><br>
include("path/to/show_news.php");<br>
?></div>
Now When you click on a headline it will be displayed on the place of the other news and the
list with the latest 5 headlines will still be showed.<br><br>
Make some test with <b>\$static = TRUE;</b> yourself to understand how it works exactly and how powerful
it can be.

HTML;

//----------------------------------
// Users Section
//----------------------------------
$help_sections["users"] = <<<HTML
<h1>Understanding User Levels</h1>
For better security and control of your users there four types of user-levels implemented in CuteNews.
Each user-level has limited permissions in doing specified actions and these permissions can not be changed.<br>
The user-levels are as fallows:<br>
<ol>
<li><b>Administrators</b> - administrators are allowed to do anything they want: edit others posts, comments, ban users, edit system configurations
and everything else ... so be careful when adding users as administrators !!!</li>
<br>
<li><b>Editors</b> - the users from this level are allowed to post news, they can edit own posts and the news posted from all other users. They can also approve news which are added by the 'Journalists'</li>
<br>
<li><b>Journalists</b> - this level is for users who only need to post and edit news. They can edit only own posts !. When journalist add's new article it will not be active and instead will be marked as 'Unapproved', In order for this article to become visible admin or editor must approve it.</li>
<br>
<li><b>Commenters</b> - when users from this level login, they are allowed only to change their passwords. Can not post, edit news or perform any other action.
This is useful when some user wants his username to be password protected when posting comments and no one else to be able to post with his username. You can also deny unregistered users to be able to post comments.</li>
</ol>
HTML;

//----------------------------------
// Categories Section
//----------------------------------
$help_sections["categories"] = <<<HTML
<h1>What are Categories and How To Use Them</h1>
When adding new category, it will appear in the "Add News" section. Therefore when you post your news you'll be able to
specify a category to which the article will belong (selecting category it optional), that way you can organize your news.
Now, when adding new category you'll be able to specify name for this category and optionally URL to icon for this category.
Automatically an ID number will be set for the new category, this ID is used when using include script to show all news <b>only</b>
from this category. Example code:<div class="code"><?PHP<br>
\$category = "<b>2</b>";<br>include("path/to/show_news.php");<br>
?></div>
the above PHP code included on your page will display all news from category with ID 2<br>
If you for example have 5 categories and want to display news on one page from only 3 of the categories, you can use the fallowing code:
<div class="code"><?PHP<br>
\$category = "<b>2</b>,<b>3</b>,<b>5</b>";<br>include("path/to/show_news.php");<br>
?></div>
the above code will display all news from categories with ID 2, 3 and 5.<br>
When you does <b>not</b> use \$category = "<ID>"; CuteNews will display the news from all categories, but when using this code, only news from the specified category(s) will be shown.<br><br>
The category icon can be shown together with your news, to do this you must put {category-icon} in your news templates.
HTML;

//----------------------------------
// Templates Section
//----------------------------------
$help_sections["templates"] = <<<HTML
<h1>Understanding Templates</h1>
Templates are used for easy editing the news look and the way news are displayed.
You can view the different parts of the template that are used for different parts of your news look.
For example the "Active News" part of the default template is used to modify the look of the active news, "Full Story" for the way your full story will look like,
"Comment" is the part corresponding to the appearance of the comments posted by users etc.<br><br>
When editing parts of the template you can use HTML in them to build different structures etc. Now you'll need to add some special tags in your templates
to specify the place where the title of your news will be displayed and the author name and the date when the news was pasted etc... these tags are
explained above each part of the template.<br>
Lets take the "Active News" part for example: when you expand this part, a list of allowed tags for this part will be displayed and under them will be the
text area. One very common and easy tag is <b>{title}</b>, wherever you put this tag in your template it will be replaced with the real title of your news.<br><br>
You can have more than one template, this is useful if you want to include the news on different pages of your site with different look of the news.<br>
After creating more templates you must use specific code when including news to indicate whit which template the news to be shown.<br>
example code:<div class="code"><?PHP<br>
\$template = "my_test_template";<br>include("path/to/show_news.php");<br>
?></div>With the above code, all news will be showed using the my_test_template that you have created yourself.
if you don't specify what template to use, all news will use Default template which can not be deleted.
HTML;

//----------------------------------
// Archives Section
//----------------------------------
$help_sections["archives"] = <<<HTML
<h1>Explaining Archives and Their Usage</h1>
When you send your news to the archive, CuteNews will automatically create a new archive file under the ./archives/ folder with extension .arch .
Then all news that you selected for archiving will be moved from news.txt (where only the active news are hold) to the newly created file in archives/
Therefore the news you have archived won't be visible from show_news.php but from show_archives.php where all available archives are nicely listed.<br>
Once the news are archived CuteNews don't have built-in feature for moving back news from archive to active news, so the only way to do it is by manually
opening the archive file and copying its content to news.txt<br><br>
When you send all your active news to the archive there won't be left active news, but if you use<br> \$number = <b>X</b>; in your include code, CuteNews will
automatically show the X newest news from the archive.<br><br>
Sending your news to archive is optional and you may never use it, but it is useful if you have many news articles and
want to organize them. Using archive is also recommended when you have more than 3000 active news.
HTML;

//----------------------------------
// Adding News Options
//----------------------------------
$help_sections["addnews_options"] = <<<HTML
<h1>Options When Adding News</h1>
When adding/editing news, you have several options that you can choose to apply to the specified article.
<ul>
<li><b>Convert new lines to <br /></b> - if checked, this option will convert all the new lines in your article to the HTML equivalent for new line.</li>
<li><b>Use HTML in this article </b> - if checked, CuteNews will parse this article as HTML elements + text, if unchecked - your article will be treated as pute text.</li>
<li><b>Normal</b> adding of Article - if you are adding your article as normal it will be immediately desplayed</li>
<li><b>Draft</b> adding of Article - this option will add the article but it will not be visible for your visitors until you activate (approve) it later.
<li><b>Postpone</b> Article - if you postpone your article you must select a date when it will automatically be published and became visible for your visitors, when the specified that is reached the article will be added as new with this date.
</ul>
HTML;

/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Load the specified section in PopUp Window
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
if(isset($section)){
if(!isset($help_sections["$section"])){ die("Can not find the specified section <b>$section</b>"); }
echo"<HTML>
<style type=\"text/css\">
<!--
a:active,a:visited,a:link {color: #446488; text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
a:hover {color: #00004F; text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt; }
.code {
font-family : Andale Mono, Courier;
border: 1px solid #BBCDDB;
margin:10px;
padding:4px;
background:#FBFFFF;
}
h1 {
background-color : #BBCDDB;
border-bottom : #000000 1px solid;
border-top : #000000 1px solid;
color : #000000;
font-family : Tahoma, Verdana, Arial, Helvetica, sans-serif;
font-size : 16px;
font-weight : bold;
margin : -10px 0px 10px 0px;
padding-bottom : 5px;
padding-left : 10px;
padding-right : 10px;
padding-top : 5px;
text-decoration : none;
margin-left: -10px;
margin-right: -8px;
}
BODY, TD, TR {text-align:justify ;padding: 0; text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt; cursor: default;}
-->
</style>
<TITLE>HELP - $section</TITLE>
<BODY>
". $help_sections["$section"] ."
</BODY></HTML>";
}

else{

echoheader("question", "Help Documentation");
echo"<style type=\"text/css\">
<!--
.code {
font-family : Andale Mono, Courier;
border: 1px solid #BBCDDB;
margin:10px;
padding:4px;
background:#FBFFFF;
}
h1 {
background-color : #EAF0F4;
border-bottom : #000000 1px solid;
border-top : #000000 1px solid;
border-left : #000000 1px solid;

color : #000000;
font-family : Tahoma, Verdana, Arial, Helvetica, sans-serif;
font-size : 15px;
font-weight : bold;
padding-bottom : 5px;
padding-left : 10px;
padding-right : 10px;
padding-top : 5px;
text-decoration : none;
}
-->
</style>";
foreach($help_sections as $help_section){
echo"$help_section<BR><br>";
}

echofooter();
}
?>

file:a/cutenews/inc/images.mdu (deleted)

<?PHP

if($member_db[1] > 3 or ($member_db[1] != 1 and $action == "doimagedelete")){ msg("error", "Access Denied", "You don't have permission to manage images"); }



$allowed_extensions = array("gif", "jpg", "png", "bmp", "jpe", "jpeg");






// ********************************************************************************

// Show Preview of Image

// ********************************************************************************
if($action == "preview"){

echo <<<PREVIEWHTML


<HTML>
<HEAD>
<TITLE>Image Preview</TITLE>
<script language='javascript'>
var NS = (navigator.appName=="Netscape")?true:false;

function fitPic() {
iWidth = (NS)?window.innerWidth:document.body.clientWidth;
iHeight = (NS)?window.innerHeight:document.body.clientHeight;
iWidth = document.images[0].width - iWidth;
iHeight = document.images[0].height - iHeight;
window.resizeBy(iWidth, iHeight-1);
self.focus();
};
</script>
</HEAD>
<BODY bgcolor="#FFFFFF" onload='fitPic();' topmargin="0" marginheight="0" leftmargin="0" marginwidth="0">
<script language='javascript'>
document.write( "<img src='$config_http_script_dir/data/upimages/$image' border=0>" );
</script>
</BODY>

</HTML>


PREVIEWHTML;

}
// ********************************************************************************

// Show Images List

// ********************************************************************************

elseif($action != "doimagedelete")

{

if($action == "quick")

{

echo"<html>

<head>

<title>Insert Image</title>

<style type=\"text/css\">

<!--

select, option, textarea, input {

BORDER: #808080 1px solid;

COLOR: #000000;

FONT-SIZE: 11px;

FONT-FAMILY: Verdana; BACKGROUND-COLOR: #ffffff

}

BODY, TD {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}

a:active,a:visited,a:link {font-size : 10px; color: #808080; font-family: verdana; text-decoration: none;}

a:hover {font-size : 10px; color: darkblue; font-weight:bold; text-decoration: none; }
.panel { border: 1px dotted silver; background-color: #F7F6F4;}


-->

</style>

</head>

<body bgcolor=#FFFFFF>

<script language=\"javascript\" type=\"text/javascript\">

<!--

function insertimage(selectedImage) {
var area = '$area';

alternativeText = document.forms['properties'].alternativeText.value;
imageAlign = document.forms['properties'].imageAlign.value;
imageBorder = document.forms['properties'].imageBorder.value;


//finalImage = \" <img style=\\\"border:\"+ imageBorder +\"; vertical-align:\"+ imageAlign +\";\\\" alt=\\\"\"+ alternativeText +\"\\\" src=\\\"$config_http_script_dir/data/upimages/\"+ selectedImage +\"\\\">\";

finalImage = \" <img border=\\\"\"+ imageBorder +\"\\\" align=\\\"\"+ imageAlign +\"\\\" alt=\\\"\"+ alternativeText +\"\\\" src=\\\"$config_http_script_dir/data/upimages/\"+ selectedImage +\"\\\">\";
";

if($wysiwyg){

echo"
MYRTE=window.opener.document.getElementById(area).contentWindow;
window.opener.currentRTE=area; MYRTE.document.execCommand('InsertImage', false, '-my-temp-img-url-');
replacement = \"$config_http_script_dir/data/upimages/\" + selectedImage + \"\\\" alt=\\\"\" + alternativeText + \"\\\" border=\\\"\" + imageBorder + \"\\\" align=\\\"\" + imageAlign;
MYRTE.document.body.innerHTML = MYRTE.document.body.innerHTML.replace(/-my-temp-img-url-/gi,replacement);

";


}
else{ echo"opener.document.getElementById(area).value += finalImage;"; }

// echo"alert(finalImage);";

echo"

window.close();
//opener.document.getElementById(area).focus();


}

function PopupPic(sPicURL) {
window.open('$PHP_SELF?mod=images&action=preview&image='+sPicURL, '', 'resizable=1,HEIGHT=200,WIDTH=200');
}

window.resizeTo(410, 550);
self.focus();

//-->

</script>";

}else{ echoheader("images","Manage Images"); }



// ********************************************************************************

// Upload Image(s)

// ********************************************************************************

if($subaction == "upload")
{



for ($image_i = 1; $image_i < ($images_number+1); $image_i++) {
$current_image = 'image_'.$image_i;

$image = $_FILES[$current_image]['tmp_name'];
$image_name = $_FILES[$current_image]['name'];
$image_name = str_replace(" ", "_", $image_name);

$img_name_arr = explode(".",$image_name);
$type = end($img_name_arr);


if($image_name == ""){ $img_result .= "<br><font color=red>$current_image -> No File Specified For Upload!</font>"; }
elseif( !isset($overwrite) and file_exists($config_path_image_upload."/".$image_name)){ $img_result .= "<br><font color=red>$image_name -> Image already exist!</font>";}
elseif( !(in_array($type, $allowed_extensions) or in_array(strtolower($type), $allowed_extensions)) ){
$img_result .= "<br><font color=red>$image_name ->This type of file is not allowed !!!</font>";
}
else{ //Image is OK, upload it

@copy($image, $config_path_image_upload."/".$image_name) or $img_result .= "<br><font color=red>$image_name -> Couldn't copy image to server</font><br />Check if file_uploads is allowed in the php.ini file of your server";
if(file_exists($config_path_image_upload."/".$image_name))
{
$img_result .= "<br><font color=green>$image_name -> Image was uploaded</font>";
if($action == "quick"){
$img_result .= " <a title=\"Inser this image in the $my_area\" href=\"javascript:insertimage('$image_name');\">[insert it]</a>";
}
}//if file is uploaded succesfully

}
}



}


//
// Add the JS for multyple image upload.
//
echo<<<HTMLJS

<script language='javascript'>

function AddRowsToTable() {
var tbl = document.getElementById('tblSample');
var lastRow = tbl.rows.length;

// if there's no header row in the table, then iteration = lastRow + 1
var iteration = lastRow+1;
var row = tbl.insertRow(lastRow);

var cellRight = row.insertCell(0);
var el = document.createElement('input');
el.setAttribute('type', 'file');
el.setAttribute('name', 'image_' + iteration);
el.setAttribute('size', '30');
el.setAttribute('value', iteration);
cellRight.appendChild(el);

document.getElementById('images_number').value = iteration;
}
function RemoveRowFromTable() {
var tbl = document.getElementById('tblSample');
var lastRow = tbl.rows.length;
if (lastRow > 1){
tbl.deleteRow(lastRow - 1);
document.getElementById('images_number').value = document.getElementById('images_number').value - 1;
}
}

</script>

HTMLJS;



echo<<<HTML
<form name="form" id="form" action="$PHP_SELF?mod=images" method="post" enctype="multipart/form-data">


<table border=0 cellpading=0 cellspacing=0 width=100%>
<td height=33>
<b>Upload Image</b>
<table border=0 cellpading=0 cellspacing=0 class="panel" cellpadding=8>
<tr>
<td height=25>

<table border="0" cellspacing="0" cellpadding="0" id="tblSample">
<tr id="row">
<td width="1" colspan="2"><input type="file" size="30" name="image_1"></td>
</tr>
</table>
<table border="0" cellspacing="0" cellpadding="0" style="margin-top:5px;">
<tr>
<td>
<INPUT TYPE="SUBMIT" name="submit" VALUE="Upload" style="font-weight:bold;">
<input type=button value='-' style="font-weight:bold; width:22px;" title='Remove last file input box' onClick="RemoveRowFromTable();return false;">
<input type=button value='+' style="font-weight:bold; width:22px;" title='Add another file input box' onClick="AddRowsToTable();return false;">
<input style="border:0px; background-color:#F7F6F4;" type=checkbox name=overwrite id=overwrite value=1><label title='Overwrite file(s) if exist' for=overwrite> Overwrite</label>

</td>
</tr>
</table>
$img_result
</table>

<input type=hidden name=wysiwyg value='$wysiwyg'>
<input type=hidden name=subaction value=upload>
<input type=hidden name=area value='$area'>
<input type=hidden name=action value='$action'>
<input type=hidden name='images_number' id='images_number' value='1'>
</form>

HTML;


if($action == "quick"){
echo"
<form name=properties>
<table style='margin-top:10px;' border=0 cellpading=0 cellspacing=0 width=100%>

<td height=33>
<b>Image Properties</b>
<table border=0 cellpading=0 cellspacing=0 class=\"panel\" style='padding:5px'width=290px; >


<tr>
<td width=80>Alt. Text: </td>
<td><input tabindex=1 type=text name=alternativeText style=\"width:150;\"></td>
</tr>

<tr>
<td>Image Align</td>
<td>
<select name='imageAlign' style='width:150'>
<option value=none>None</option>
<option value=left>Left</option>
<option value=right>Right</option>
</select>
</td>
</tr>

<tr>
<td>Border</td>
<td><input type=text value='0' name=imageBorder style=\"width:35\"> pixels</td>
</tr>

</table>
</table></form>";
}



echo"<tr><td><img height=1 style=\"height: 13px !important; height: 1px;\" border=0 src=\"skins/images/blank.gif\" width=1></tr><tr><td>
<b>Uploaded Images</b>
</tr>

<tr >

<td height=1>
<FORM action='$PHP_SELF?mod=images' METHOD='POST'>
<table width=100% height=100% cellspacing=0 cellpadding=0>";

$img_dir = opendir($config_path_image_upload);



$i = 0;

while ($file = readdir($img_dir))
{
//Yes we'll store them in array for sorting
$images_in_dir[] = $file;
}
natcasesort($images_in_dir);
reset($images_in_dir);
foreach ($images_in_dir as $file) {




$img_name_arr = explode(".",$file);
$img_type = end($img_name_arr);


if ( (in_array($img_type, $allowed_extensions) or in_array(strtolower($img_type), $allowed_extensions)) and $file != ".." and $file != "." and is_file($config_path_image_upload."/".$file))

{

$i++;

$this_size = filesize($config_path_image_upload."/".$file);

$total_size += $this_size;

$img_info = getimagesize($config_path_image_upload."/".$file);

if( $i%2 != 0 ){ $bg = "bgcolor=#F7F6F4"; }

else{ $bg = ""; }



if($action == "quick")

{

$my_area = str_replace("_", " ", $area);

echo"

<tr $bg><td height=16 width=1px> <a title='Preview this image' href=\"javascript:PopupPic('$file')\"><img style='border:0px;' src='skins/images/view_image.gif'></a>
<td height=16 width=100%>

<a title=\"Insert this image in the $my_area\" href=\"javascript:insertimage('$file')\">$file</a>



<td height=16 align=right>

$img_info[0]x$img_info[1]



<td height=16 align=right>

". formatsize($this_size) ."

</tr>";

}

else

{

echo"<tr $bg><td height=16>



<td height=16 width=63% >

<a target=_blank href=\"". $config_path_image_upload ."/$file\">$file</a>



<td height=16 align=right>

$img_info[0]x$img_info[1]



<td height=16 align=right>

". formatsize($this_size) ."

<td width=70 height=16 align=right>
<input type=checkbox name=images[$file] value=\"$file\">

</tr>";

}

}

}



if($i > 0){

echo"<tr ><td height=16>";


if($action != "quick"){
echo" <td colspan=4 align=right>
<br><input type=submit value='Delete Selected Images'>
</tr>";

}

echo"<tr heigh=1>
<td width=14>

<td >
<br /><b>Total size</b>
<td>
<td align=right>

<br /><b>". formatsize($total_size) .'</b>

</tr>';

}

echo'
</table><input type=hidden name=action value=doimagedelete></form></table>';

if($action != "quick"){ echofooter(); }

}

// ********************************************************************************

// Delete Image

// ********************************************************************************

elseif($action == "doimagedelete")

{
if(!isset($images)){ msg("info","No Images selected","You must select images to be deleted.", "$PHP_SELF?mod=images"); }
// if(!file_exists($config_path_image_upload."/".$image) or !$image){ msg("error","Error !!!","Could not delete image", "$PHP_SELF?mod=images"); }
foreach($images as $image){
unlink($config_path_image_upload."/".$image) or print("Could not delete image <b>$file</b>");
}
msg("info","Image(s) Deleted","The image was successfully deleted.", "$PHP_SELF?mod=images");

}



?>

file:a/cutenews/inc/ipban.mdu (deleted)

<?PHP
if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permission for this section"); }
// ********************************************************************************
// Add IP
// ********************************************************************************
if($action == "add" OR $action == "quickadd")
{
if(!$add_ip){ msg("error","Error !!!","The IP can not be blank", "$PHP_SELF?mod=ipban"); }

$all_ip = file("./data/ipban.db.php");
$exist = FALSE;
foreach($all_ip as $ip_line)
{
$ip_arr = explode("\|", $ip_line);
if($ip_arr[0] == $add_ip){ $exist = TRUE; }
}
if(!$exist)
{
$new_ips = fopen("./data/ipban.db.php", "a");
$add_ip = stripslashes( preg_replace(array("'\\|'",), array("I",), $add_ip) );
fwrite($new_ips, "$add_ip\|0\|\|\n");
fclose($new_ips);
}

if($action == "quickadd"){ die('The IP '.$add_ip.' is now banned from commenting.'); }
}
// ********************************************************************************
// Remove IP
// ********************************************************************************
elseif($action == "remove")
{
if(!$remove_ip){ msg("error","Error !!!","The IP can not be blank", "$PHP_SELF?mod=ipban"); }

$old_ips = file("./data/ipban.db.php");
$new_ips = fopen("./data/ipban.db.php", "w");

foreach($old_ips as $old_ip_line){
$ip_arr = explode("\|", $old_ip_line);
if($ip_arr[0] != stripslashes($remove_ip)){
fwrite($new_ips, $old_ip_line);
}
}
fclose($new_ips);
}
// ********************************************************************************
// List all IP
// ********************************************************************************
echoheader("options", "IP Blocking");

echo'<table border=0 cellpading=0 cellspacing=0 width="645" >
<form method=post action="'.$PHP_SELF.'">
<td width=321 height="33">
<b>Block IP</b>
<table border=0 cellpading=0 cellspacing=0 width=379 class="panel" cellpadding="7" >
<tr>
<td width=79 height="25">
IP Address : <br> <br>
<td width=274 height="25">
<input type=text name=add_ip>   <input type=submit value="Block this IP"><br> <br>
example: <i>129.32.31.44</i> or <i>129.32..</i>
</tr>
<input type=hidden name=action value=add>
<input type=hidden name=mod value=ipban>
</form>
</table>
<tr>
<td width=654 height="11">
<img height=20 border=0 src="skins/images/blank.gif" width=1>
</tr><tr>
<td width=654 height=14>
<b>Blocked IP Addresses</b>
</tr>
<tr>
<td width=654 height=1>
<table width=641 height=100% cellspacing=0 cellpadding=0>
<tr>
<td width=15 bgcolor=#F7F6F4></td>
<td width=260 bgcolor=#F7F6F4><u>IP</u></td>
<td width=218 bgcolor=#F7F6F4><u>times been blocked</u></td>
<td width=140 bgcolor=#F7F6F4> <u>unblock</u></td>
</tr>';


$all_ips = file("./data/ipban.db.php");
$i = 0;
foreach($all_ips as $ip_line)
{
if(!eregi("<\?",$ip_line))
{
if($i%2 != 0){ $bg = "bgcolor=#F7F6F4"; }else{ $bg = ""; }
$i++;
$ip_arr = explode("\|", $ip_line);
$ip_arr[0] = stripslashes( preg_replace(array("'\"'", "'\''"), array(""", "'"), $ip_arr[0]) );
echo"
<tr $bg height=18>
<td></td>
<td>
<a href=\"http://www.ripe.net/perl/whois?searchtext=$ip_arr[0]\" target=_blank title=\"Get more information about this ip\">$ip_arr[0]</a>
</td>
<td>$ip_arr[1]</td>
<td>
<a href=\"$PHP_SELF?mod=ipban&action=remove&remove_ip=$ip_arr[0]\">[unblock]</a></td>
</tr>
";
}
}

if($i == 0){ echo"<tr><td align=center colspan=5><br>  No blocked IP's</td></tr>"; }

echo'</table></table>';

echofooter();
?>

file:a/cutenews/inc/main.mdu (deleted)

<?PHP
//If member access level is commenter, redirect him to personal options
if($member_db[1] == 4 and $action == "dologin"){ header("Location: $config_http_script_dir/index.php?mod=options&action=personal"); exit; }


echoheader("home", "Welcome");

if(!is_readable("./data/archives")){ die("Error !!!<br />Can not open directory ./archives for reading, check if it exists or is properly CHMOD'ed"); }
if(!is_readable("./data/news.txt")){ die("Error !!!<br />Can not open file news.txt for reading, check if it exists or is properly CHMOD'ed"); }
if(!is_readable("./data/comments.txt")){ die("Error !!!<br />Can not open file comments.txt for reading, check if it exists or is properly CHMOD'ed"); }


// Some Stats
$count_postponed_news = 0;
$count_unapproved_news = 0;
$todaynews = 0;
$count_comments = 0;
$count_my_news = 0;
$count_new_news = 0;
$news_db = file("./data/news.txt");
foreach ($news_db as $line)
{
$item_db = explode("\|",$line);
$itemdate = date("d/m/y",$item_db[0]);
if($itemdate == date("d/m/y")) {
$todaynews++;
if($item_db[1] == $member_db[2]) $count_my_news++;
if(($item_db[0] > $member_db[9]) and ($member_db[9] != '')) $count_new_news++;
}
}
$stats_news = count( $news_db );
$stats_users = count( file("./data/users.db.php") ) - 1;
$count_postponed_news = count( file("./data/postponed_news.txt") );
if($count_postponed_news > 0){
ResynchronizePostponed();
}

if($config_auto_archive == "yes"){
ResynchronizeAutoArchive();
}

$count_unapproved_news = count( file("./data/unapproved_news.txt") );

$stats_archives = 0;
$handle = opendir("./data/archives");
while (FALSE !== ($file = readdir($handle)))
{
if( preg_match("/.news.arch/",$file) ){$stats_archives++;}
}
closedir($handle);
// $stats_news_size = formatsize(filesize("./data/news.txt"));
// $stats_comments_size = formatsize(filesize("./data/comments.txt"));

// Count Comments
$all_comments = file("./data/comments.txt");
foreach($all_comments as $news_comments){
$single_news_comments = explode("\|>\|", $news_comments);
$individual_comments = explode("\|\|", $single_news_comments[1]);
$count_comments += count($individual_comments) - 1;
}
// Define Welcome Message
echo"<table border=0 cellpading=0 cellspacing=0 width=654>
<tr><td width=650 colspan=5 height=1>


<SCRIPT LANGUAGE=\"JavaScript\">
<!-- Begin
datetoday = new Date();
timenow=datetoday.getTime();
datetoday.setTime(timenow);
thehour = datetoday.getHours();
if (thehour < 9 ) display = \"Morning\";
else if (thehour < 12) display = \"Day\";
else if (thehour < 17) display = \"Afternoon\";
else if (thehour < 20) display = \"Evening\";
else display = \"Night\";
var greeting = (\"Good \" + display);
document.write(greeting);
// End -->
</script>

$member_db[2]";

if($todaynews != 1){ $s = "s"; }
if($member_db[1] != 4){
if($stats_users > 1){
$rand_msg[] = ", we have <b>$count_new_news</b> new articles since your last login (@ ".date("r",$member_db[9])." )";
$rand_msg[] = ", we have <b>$count_new_news</b> new articles since your last login (@ ".date("r",$member_db[9])." )";
$rand_msg[] = ", we have <b>$count_new_news</b> new articles since your last login (@ ".date("r",$member_db[9])." )";
}
if($todaynews == 0){
$rand_msg[] = ", we don't have new articles today";
$rand_msg[] = ", we don't have new articles today";
$rand_msg[] = ", we don't have new articles today, the first one can be yours.";
$rand_msg[] = ", we don't have new articles today, the first one can be yours.";
}
elseif($count_my_news == 0){
if($todaynews == 1){
$rand_msg[] = ", today we have <b>$todaynews</b> new article{$s} but it is not yours";
}else{
$rand_msg[] = ", today we have <b>$todaynews</b> new article{$s} but <b>$count_my_news</b> of them are yours";
}
}
elseif($count_my_news == $todaynews){
if($count_my_news == 1){
$rand_msg[] = ", today we have <b>$todaynews</b> new article{$s} and you wrote it";
$rand_msg[] = ", today we have <b>$todaynews</b> new article{$s} and you wrote it";
$rand_msg[] = ", today we have <b>$todaynews</b> new article{$s} and you wrote it";
}else{
$rand_msg[] = ", today we have <b>$todaynews</b> new article{$s} and you wrote all of them";
$rand_msg[] = ", today we have <b>$todaynews</b> new article{$s} and all are yours";
$rand_msg[] = ", today we have <b>$todaynews</b> new article{$s}, want to <a href=\"$PHP_SELF?mod=addnews&action=addnews\"><b>add</b></a> some more?";
}
}
else{
if($count_my_news == 1){ $rand_msg[] = ", today we have <b>$todaynews</b> new article{$s}, <b>1</b> of them is yours"; }
else{ $rand_msg[] = ", today we have <b>$todaynews</b> new article{$s}, <b>$count_my_news</b> of them are yours"; }
}
$rand_msg[] = ", are you in a mood of <a href=\"$PHP_SELF?mod=addnews&action=addnews\"><b>adding</b></a> some news?";
$rand_msg[] = ", today we have <b>$todaynews</b> new article{$s}, from total <b>$stats_news</b>";
if($member_db[9] != ""){
$rand_msg[] = ", your last login was on ".date("d M Y H:i:s", $member_db[9]);
$rand_msg[] = ", your last login was on ".date("d M Y H:i:s", $member_db[9]);
}

$rand_msg[] = "";

srand((double) microtime() * 1000000);
echo $rand_msg[rand(0, count($rand_msg)-1)]."<br /><br /></td></tr>";
}


//----------------------------------
// Notify user if the news were auto-archived
//----------------------------------

//get last auto-archive date
$ladb_content = file("$cutepath/data/auto_archive.db.php");
list($last_archived[year], $last_archived[month]) = split("\\|", $ladb_content[0] );
$last_login_year = date("Y", ($member_db[9] \|\| time()) );
$last_login_month = date("n", ($member_db[9] \|\| time()) );

if((int)$last_login_month < (int)$last_archived[month] and $last_login_year <= $last_archived[year]){

echo"<tr><td style='padding:3px; border:1px dashed orange; background-color:yellow;' colspan=5 height=1>
<b>Attention!</b><br>
CuteNews has performed auto-archive opperation since your last login at ".date("d M Y H:i:s", $member_db[9])."<br>
If you don't want your news to be auto-archived every month,<br>
you can swith this option off from <a href=\"?mod=options&action=syscon\">System Configurations</a>.

</td></tr>";

}
//----------------------------------
// Do we have enough free space ?
//----------------------------------
$dfs = @disk_free_space("./");
// $dfs = 5341;
if($dfs and $dfs < 10240){
$freespace = formatsize($dfs);
echo"<tr><td style='padding:3px; border:1px dashed red; background-color:#FFB9B9;' colspan=5 height=1>
<b>Warning!</b><br>
According to CuteNews, your estimated free space is $freespace. Take action to enlarge your free space or
some data files could be damaged during the writing procedure. <a href=\"?mod=tools&action=backup\">Backup your data now</a>.
</td></tr>";
}

//----------------------------------
// Install script still exists ?
//----------------------------------
if ($action == 'delete-install'){ @unlink('./inc/install.mdu'); }
if(file_exists('./inc/install.mdu')){
$freespace = formatsize($dfs);
echo"<tr><td style='padding:3px; border:1px dashed orange; background-color:yellow;' colspan=5 height=1>
<b>Attention!</b><br>
CuteNews found that the installation module is still located in the /inc folder.<br>
Please delete or rename the <b>/inc/install.mdu</b> file for security reasons.<br><br>
<a href='$PHP_SELFT?mod=main&action=delete-install'><b>(try to delete the file automatically)</b></a><br>
</td></tr>";
}

//----------------------------------
// Are we using SafeSkin ?
//----------------------------------
if($using_safe_skin){
$freespace = formatsize($dfs);
echo"<tr><td style='padding:3px; border:1px dashed orange; background-color:yellow;' colspan=5 height=1>
<b>Attention!</b><br>
CuteNews was unable to load the selected '$config_skin' skin, and automatically reverted to the default one.<br>
Please ensure that the proper skin files exist, or select another skin.
</td></tr>";
}

//----------------------------------
// Is our PHP version old ?
//----------------------------------
if($phpversion and $phpversion < '4.1.0'){
$freespace = formatsize($dfs);
echo"<tr><td style='padding:3px; border:1px dashed orange; background-color:yellow;' colspan=5 height=1>
<b>Attention!</b><br>
Your version of PHP ($phpversion) is too old. Please consider contacting your server administrator and updating to the
latest stable PHP version.
</td></tr>";
}


// Show Some stats
if($member_db[1] == 1){
echo "<tr><td valign=middle height=1 bgcolor=#F7F6F4 width=286 colspan=2>
<b>Some stats</b>
<td valign=middle height=1 width=35>
<td valign=middle height=1 bgcolor=#F7F6F4 width=326 colspan=2>
<b>System SelfCheck</b>
</tr>

<tr>
<td valign=middle height=1 width=137>
<a title='View all Active News (Edit News)' href='$PHP_SELF?mod=editnews&action=list'>Active News</a>
<td valign=middle height=1 width=146>
$stats_news
<td valign=middle height=1 width=37>
<td valign=middle height=1 width=201>
Can write to news.txt
<td valign=middle style='text-align:center' height=1 >";

if(is_writable("./data/news.txt")){ echo "<font color=green>Yes</font>"; }
else{ echo "<font color=red>No</font>"; }

echo"</tr>

<tr>
<td valign=middle height=1 width=137>
<a title='View all Postponed Articles' href='$PHP_SELF?mod=editnews&action=list&source=postponed'>Postponed News</a>
<td valign=middle height=1 width=146>
$count_postponed_news
<td valign=middle height=1 width=37>
<td valign=middle height=1 width=201>
Can write to postponed_news.txt
<td valign=middle height=1 style='text-align:center' >";

if(is_writable("./data/postponed_news.txt")){ echo "<font color=green>Yes</font>"; }
else{ echo "<font color=red>No</font>"; }

echo"</tr>

<tr>
<td valign=middle height=1 width=137>
<a title='View all Unapproved Articles' href='$PHP_SELF?mod=editnews&action=list&source=unapproved'>Unapproved News</a>
<td valign=middle height=1 width=146> ";
if($count_unapproved_news > 0){
echo"<span style='background-color:yellow;'>$count_unapproved_news</span>";
}else{
echo"$count_unapproved_news";
}
echo"<td valign=middle height=1 width=37>
<td valign=middle height=1 width=201>
Can write to unapproved news
<td valign=middle height=1 style='text-align:center'>";

if(is_writable("./data/unapproved_news.txt")){ echo "<font color=green>Yes</font>"; }
else{ echo "<font color=red>No</font>"; }

echo"</tr>

<tr>
<td valign=middle height=1 width=137>
Active Comments
<td valign=middle height=1 width=146>
$count_comments
<td valign=middle height=1 width=37>
<td valign=middle height=1 width=201>
Can write to comments.txt
<td valign=middle height=1 style='text-align:center'>";

if(is_writable("./data/comments.txt")){ echo "<font color=green>Yes</font>"; }
else{ echo "<font color=red>No</font>"; }

echo"</tr>
<tr>
<td width=137 valign=middle height=1>
<a title='View all Archives (Archives Manager)' href='$PHP_SELF?mod=tools&action=archive'>Archives</a>
<td width=146 valign=middle height=1>
$stats_archives
<td width=37 valign=middle height=1>
<td width=201 valign=middle height=1>
Can write to users.db.php
<td width=121 valign=middle style='text-align:center' height=1>";

if(is_writable("./data/users.db.php")){ echo "<font color=green>Yes</font>"; }
else{ echo "<font color=red>No</font>"; }

echo"</tr>
<tr>
<td width=137 valign=middle height=1>
<a title='View all Users (Add/Edit Users)' href='$PHP_SELF?mod=editusers&action=list'>Users</a>
<td width=146 valign=middle height=1>
$stats_users
<td width=37 valign=middle height=1>
<td width=201 valign=middle height=1>
Can write to archives dir
<td width=121 valign=middle style='text-align:center' height=1>";

if(is_writable("./data/archives")){ echo "<font color=green>Yes</font>"; }
else{ echo "<font color=red>No</font>"; }

echo"</tr>


";
}
echo"</table>";

echofooter();
?>

file:a/cutenews/inc/massactions.mdu (deleted)

<?PHP

/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mass Delete
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
if($action == "mass_delete"){

if(!$selected_news){ msg("error", "Error", "You have not specified any articles", "$PHP_SELF?mod=editnews&action=list&source=$source"); }

echoheader("options", "Delete News");
echo "<form method=post action=\"$PHP_SELF\"><table border=0 cellpading=0 cellspacing=0 width=100% height=100%><tr><td >
Are you sure you want to delete all selected news (<b>".count($selected_news)."</b>) ?<br><br>
<input type=button value=\" No \" onclick=\"javascript:document.location='$PHP_SELF?mod=editnews&action=list&source=$source'\">   <input type=submit value=\" Yes \">
<input type=hidden name=action value=\"do_mass_delete\">
<input type=hidden name=mod value=\"massactions\">
<input type=hidden name=source value=\"$source\">";
foreach($selected_news as $newsid){
echo "<input type=hidden name=selected_news[] value=\"$newsid\">\n";
}
echo "</td></tr></table></form>";

echofooter();
exit;

}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Do Mass Delete
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
elseif($action == "do_mass_delete"){
if(!$selected_news){ msg("error", "Error", "You have not specified any articles to be deleted", "$PHP_SELF?mod=editnews&action=list&source=$source"); }
if($source == ""){ $news_file = "data/news.txt"; $comm_file = "data/comments.txt";}
elseif($source == "postponed"){ $news_file = "data/postponed_news.txt"; $comm_file = "data/comments.txt"; }
elseif($source == "unapproved"){ $news_file = "data/unapproved_news.txt"; $comm_file = "data/comments.txt"; }
else{ $news_file = "./data/archives/$source.news.arch"; $comm_file = "./data/archives/$source.comments.arch"; }

$deleted_articles = 0;

// Delete News
$old_db = file("$news_file");
$new_db = fopen("$news_file", w);
foreach($old_db as $old_db_line){
$old_db_arr = explode("\|", $old_db_line);
if(@!in_array($old_db_arr[0], $selected_news)){
fwrite($new_db,"$old_db_line");
}
else
{
$have_perm = 0;
if(($member_db[1] == 1) or ($member_db[1] == 2)){$have_perm = 1;}
elseif($member_db[1] == 3 and $old_db_arr[1] == $member_db[2]) {$have_perm = 1;}
if(!$have_perm){ fwrite($new_db,"$old_db_line"); }
else{$deleted_articles ++;}
}
}
fclose($new_db);

// Delete Comments
$old_db = file("$comm_file");
$new_db = fopen("$comm_file", w);
foreach($old_db as $old_db_line){
$old_db_arr = explode("\|", $old_db_line);
if(@!in_array($old_db_arr[0], $selected_news)){
fwrite($new_db,"$old_db_line");
}
else
{
$have_perm = 0;
if(($member_db[1] == 1) or ($member_db[1] == 2)){$have_perm = 1;}
elseif($member_db[1] == 3 and $old_db_arr[1] == $member_db[2]) {$have_perm = 1;}
if(!$have_perm){ fwrite($new_db,"$old_db_line"); }
else{ /* Do Nothing => Delete :) */ }
}
}
fclose($new_db);


if(count($selected_news) == $deleted_articles){ msg("info", "Deleted News", "All articles that you selected (<b>$deleted_articles</b>) were deleted", "$PHP_SELF?mod=editnews&action=list&source=$source"); }
else{ msg("error", "Deleted News (some errors occured !!!)", "$deleted_articles of ".count($selected_news)." articles that you selected were deleted", "$PHP_SELF?mod=editnews&action=list&source=$source"); }
}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mass Approve
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
elseif($action == "mass_approve"){
if($member_db[1] != 1 and $member_db[1] != 2){ msg("error", "Error", "You do not have permissions for this action.", "$PHP_SELF?mod=editnews&action=list&source=$source"); }
if(!$selected_news){ msg("error", "Error", "You have not specified any articles", "$PHP_SELF?mod=editnews&action=list&source=$source"); }
$news_file = "./data/unapproved_news.txt";

$approved_articles = 0;
$old_db = file("$news_file");
$new_db = fopen("$news_file", w);
foreach($old_db as $old_db_line){
$old_db_arr = explode("\|", $old_db_line);
if(@!in_array($old_db_arr[0], $selected_news)){
fwrite($new_db,"$old_db_line");
}
else
{
//Move the article to Active News

$all_active_db = file("$cutepath/data/news.txt");
$active_news_file = fopen("$cutepath/data/news.txt", "w");
@flock ($active_news_file,2);

fwrite($active_news_file,"$old_db_line");
foreach ($all_active_db as $active_line){ fwrite($active_news_file, "$active_line");}
@flock ($active_news_file,3);
fclose($active_news_file);
$approved_articles++;
}
}
fclose($new_db);
if(count($selected_news) == $approved_articles){ msg("info", "News Approved", "All articles that you selected ($approved_articles) were approved and are now active", "$PHP_SELF?mod=editnews&action=list"); }
else{ msg("error", "News Approved (with errors)", "$approved_articles of ".count($selected_news)." articles that you selected were approved", "$PHP_SELF?mod=editnews&action=list"); }

exit;
}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mass Move to Cat
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
elseif($action == "mass_move_to_cat"){

if(!$selected_news){ msg("error", "Error", "You have not specified any articles", "$PHP_SELF?mod=editnews&action=list&source=$source"); }

$orig_cat_lines = file("./data/category.db.php");
//only show allowed categories
$allowed_cats = array();
$cat_lines = array();
foreach($orig_cat_lines as $single_line){
$ocat_arr = explode("\|", $single_line);
$cat[$ocat_arr[0]] = $ocat_arr[1];
if($member_db[1] <= $ocat_arr[3] or ($ocat_arr[3] == '0' \|\| $ocat_arr[3] == '')){
$cat_lines[] = $single_line;
$allowed_cats[] = $ocat_arr[0];
}

}


echoheader("options", "Move Articles to Category");

echo "<form action=\"$PHP_SELF\" method=post><table border=0 cellpading=0 cellspacing=0 width=100% height=100%><tr><td >Move selected articles (<b>".count($selected_news)."</b>) to category:";


echo'<table width="80%" border="0" cellspacing="0" cellpadding="0" class="panel">';

foreach($cat_lines as $single_line){
$cat_arr = explode("\|", $single_line);

echo"

<td style='font-size:10px;' valign=top>
<label for='cat{$cat_arr[0]}'>
<input $if_is_selected style='background-color:transparent;border:0px;' type=checkbox name='category[]' id='cat{$cat_arr[0]}' value='{$cat_arr[0]}'>$cat_arr[1]</label>";
$i++;
if ($i%4 == 0){ echo'<tr>'; }
}
echo"</tr>";


echo "</table>";



foreach($selected_news as $newsid){
echo "<input type=hidden name=selected_news[] value=\"$newsid\">";
}

echo "<br><input type=hidden name=action value=\"do_mass_move_to_cat\"><input type=hidden name=source value=\"$source\"><input type=hidden name=mod value=\"massactions\"> <input type=submit value=\"Move\"></td></tr></table></form>";

echofooter();
exit;
}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
DO Mass Move to One Category
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
elseif($action == "do_mass_move_to_cat"){

if($member_db[1] != 1){ msg("error", "Error", "You do not have permissions for this action.", "$PHP_SELF?mod=editnews&action=list&source=$source"); }

/////
///Format our categories variable
/////


$orig_cat_lines = file("./data/category.db.php");
//only show allowed categories
$allowed_cats = array();
$cat_lines = array();
foreach($orig_cat_lines as $single_line){
$ocat_arr = explode("\|", $single_line);
$cat[$ocat_arr[0]] = $ocat_arr[1];
if($member_db[1] <= $ocat_arr[3] or ($ocat_arr[3] == '0' \|\| $ocat_arr[3] == '')){
$cat_lines[] = $single_line;
$allowed_cats[] = $ocat_arr[0];
}

}


if( is_array($category) ){ //User has selected multiple categories

$nice_category = '';
$ccount = 0;

foreach($category as $ckey=>$cvalue){
if($ccount==0){ $nice_category = $cvalue; }//first cat
else{ $nice_category = $nice_category.','.$cvalue; }

$ccount++;
}

}else{ //Single or Not category
//don't format $nice_cats because we have not selected any.
$nice_category = $category;
}

if(!$selected_news){ msg("error", "Error", "You have not specified any articles", "$PHP_SELF?mod=editnews&action=list&source=$source"); }
if($source == ""){ $news_file = "./data/news.txt";}
elseif($source == "postponed"){ $news_file = "data/postponed_news.txt"; }
elseif($source == "unapproved"){ $news_file = "data/unapproved_news.txt"; }
else{ $news_file = "./data/archives/$source.news.arch"; }
$moved_articles = 0;
$old_db = file("$news_file");
$new_db = fopen("$news_file", w);
foreach($old_db as $old_db_line){
$old_db_arr = explode("\|", $old_db_line);
if(@!in_array($old_db_arr[0], $selected_news)){
fwrite($new_db,"$old_db_line");
}
else
{
$have_perm = 0;
if(($member_db[1] == 1) or ($member_db[1] == 2)){$have_perm = 1;}
elseif($member_db[1] == 3 and $old_db_arr[1] == $member_db[2]) {$have_perm = 1;}
if(!$have_perm){ fwrite($new_db,"$old_db_line"); }
else{

fwrite($new_db,"$old_db_arr[0]\|$old_db_arr[1]\|$old_db_arr[2]\|$old_db_arr[3]\|$old_db_arr[4]\|$old_db_arr[5]\|$nice_category\|\|\|\n");
$moved_articles ++;
}
}
}
fclose($new_db);
if(count($selected_news) == $moved_articles){ msg("info", "News Moved", "All articles that you selected ($moved_articles) were moved to the specified category", "$PHP_SELF?mod=editnews&action=list&source=$source"); }
else{ msg("error", "News Moved (with errors)", "$moved_articles of ".count($selected_news)." articles that you selected were moved to the specified category", "$PHP_SELF?mod=editnews&action=list&source=$source"); }
}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mass Archive
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
elseif($action == "mass_archive"){
if(!$selected_news){ msg("error", "Error", "You have not specified any articles", "$PHP_SELF?mod=editnews&action=list&source=$source"); }
if($source != ""){ msg("error", "Error", "These news are already archived or are in postpone queue", "$PHP_SELF?mod=editnews&action=list&source=$source"); }

echoheader("options", "Send News To Archive");

echo "<form method=post action=\"$PHP_SELF\"><table border=0 cellpading=0 cellspacing=0 width=100% height=100%><tr><td >
Are you sure you want to send all selected news (<b>".count($selected_news)."</b>) to the archive ?<br><br>
<input type=button value=\" No \" onclick=\"javascript:document.location='$PHP_SELF?mod=editnews&action=list&source=$source'\">   <input type=submit value=\" Yes \">
<input type=hidden name=action value=\"do_mass_archive\">
<input type=hidden name=mod value=\"massactions\">";
foreach($selected_news as $newsid){
echo"<input type=hidden name=selected_news[] value=\"$newsid\">\n";
}
echo"</td></tr></table></form>";

echofooter();
exit;
}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
DO Mass Send To Archive
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
elseif($action == "do_mass_archive"){
if($member_db[1] != 1){ msg("error", "Access Denied", "You can not perfor this action if you are not admin"); }
if(!$selected_news){ msg("error", "Error", "You have not specified any articles", "$PHP_SELF?mod=editnews&action=list&source=$source"); }
if(!is_writable("./data/archives/")){ msg("error", "Error", "The ./data/archives/ directory is not writable, CHMOD it to 777"); }
$news_file = "./data/news.txt";
$comm_file = "./data/comments.txt";

$prepeared_for_archive = array();
$prepeared_comments_for_archive = array();
$archived_news = 0;

// Prepear the news for Archiving

$old_db = file("$news_file");
$new_db = fopen("$news_file", w);
foreach($old_db as $old_db_line){
$old_db_arr = explode("\|", $old_db_line);
if(@!in_array($old_db_arr[0], $selected_news)){
fwrite($new_db,"$old_db_line");
}
else
{
$have_perm = 0;
if( ($member_db[1] == 1) or ($member_db[1] == 2) ){ $have_perm = 1; }
elseif( ($member_db[1] == 3) and ($old_db_arr[1] == $member_db[2]) ){ $have_perm = 1; }

if( !$have_perm ){ fwrite($new_db,"$old_db_line"); }
else{
$prepeared_news_for_archive[] = $old_db_line;
$archived_news++;
}
}
}
fclose($new_db);

if($archived_news == 0){ msg("error", "Error", "No news were found for archiving."); }

// Prepear the comments for Archiving

$old_db = file("$comm_file");
$new_db = fopen("$comm_file", w);
foreach($old_db as $old_db_line){
$old_db_arr = explode("\|", $old_db_line);
if(@!in_array($old_db_arr[0], $selected_news)){
fwrite($new_db,"$old_db_line");
}
else
{
$have_perm = 0;
if(($member_db[1] == 1) or ($member_db[1] == 2)){$have_perm = 1;}
elseif($member_db[1] == 3 and $old_db_arr[1] == $member_db[2]) {$have_perm = 1;}
if(!$have_perm){ fwrite($new_db,"$old_db_line"); }
else{
$prepeared_comments_for_archive[] = $old_db_line;
}
}
}
fclose($new_db);

// Start Archiving

$arch_name = time()+($config_date_adjust*60);

$arch_news = fopen("./data/archives/$arch_name.news.arch", w);
foreach($prepeared_news_for_archive as $item){
fwrite($arch_news, "$item");
}
fclose($arch_news);

$arch_comm = fopen("./data/archives/$arch_name.comments.arch", w);
foreach($prepeared_comments_for_archive as $item){
fwrite($arch_comm, "$item");
}
fclose($arch_comm);

msg("info", "News Archived", "All articles that you selected ($archived_news) are now archived under ./data/archives/<b>$arch_name</b>.news.arch", "$PHP_SELF?mod=editnews&action=list&source=$source");
}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If No Action Is Choosed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
else{

msg("info", "Choose Action", "Please choose action from the drop-down menu", "$PHP_SELF?mod=editnews&action=list&source=$source");

}
?>

file:a/cutenews/inc/options.mdu (deleted)

<?PHP

if($member_db[1] == 4 and ($action != 'personal' and $action != 'options')){ msg('error', 'Error!', 'Access Denied for your user-level (commenter)'); }
// ********************************************************************************
// Options Menu
// ********************************************************************************
if($action == "options" or $action == '')
{
echoheader("options","Options");

//----------------------------------
// Predefine Options
//----------------------------------

// access means the lower level of user allowed; 1:admin, 2:editor+admin, 3:editor+admin+journalist, 4:all
$options = array(
array(
'name' => "Personal Options",
'url' => "$PHP_SELF?mod=options&action=personal",
'access' => "4",
),

array(
'name' => "Block IP's from posting comments",
'url' => "$PHP_SELF?mod=ipban",
'access' => "1",
),


array(
'name' => "System Configurations",
'url' => "$PHP_SELF?mod=options&action=syscon&rand=".time(),
'access' => "1",
),


array(
'name' => "Integration Wizards (News and RSS)",
'url' => "$PHP_SELF?mod=wizards",
'access' => "1",
),

array(
'name' => "Edit Templates",
'url' => "$PHP_SELF?mod=options&action=templates",
'access' => "1",
),

array(
'name' => "Add/Edit Users",
'url' => "$PHP_SELF?mod=editusers&action=list",
'access' => "1",
),

array(
'name' => "Archives Manager",
'url' => "$PHP_SELF?mod=tools&action=archive",
'access' => "1",
),

array(
'name' => "Manage Uploaded Images",
'url' => "$PHP_SELF?mod=images",
'access' => "1",
),

array(
'name' => "Backup Tool",
'url' => "$PHP_SELF?mod=tools&action=backup",
'access' => "1",
),

array(
'name' => "Edit Categories",
'url' => "$PHP_SELF?mod=categories",
'access' => "1",
),



);


//------------------------------------------------
// Cut the options for wich we don't have access
//------------------------------------------------
$count_options = count($options);
for($i=0; $i<$count_options; $i++){
if($member_db[1] > $options[$i]['access']){
unset($options[$i]);
}
}
echo'<table border="0" width="100%"><tr>';
$i = 0;
foreach($options as $option){
if($i%2 == 0){ echo"</tr>\n<tr>\n<td width='47%'>   <a href='".$option['url']."'><b>".$option['name']."</b></a></td>\n"; }
else{ echo"\n<td width='53%'><a href='".$option['url']."'><b>".$option['name']."</b></a></td>\n"; }
$i++;
}

echo'</tr></table>';
echofooter();
}
// ********************************************************************************
// Show Personal Options
// ********************************************************************************
elseif($action == "personal")
{
echoheader("user","Personal Options");

$registrationdate = date("D, d F Y",$member_db[0]); //registration date
if($member_db[7] == 1){ $ifchecked = "Checked"; } //if user wants to hide his e-mail

foreach($member_db as $key=>$value){
$member_db[$key] = stripslashes(preg_replace(array("'\"'", "'\''"), array(""", "'"),$member_db[$key]));
}

echo"
<table border=0 height=1 width=617 cellspacing=\"0\" cellpadding=\"0\">
<form method=POST action=\"$PHP_SELF\" name=personal>
<td height=\"21\" width=\"99\" bgcolor=#F7F6F4 >
Username
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>
$member_db[2]
<tr>
<td height=\"21\" width=\"200\">
New Password
<td height=\"21\" width=\"400\" colspan=2>
<input name=editpassword >   Only if you want to change the current
</tr>

<tr>
<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>
Nickname
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>
<input type=text name=editnickname value=\"$member_db[4]\">
</tr>

<tr>
<td height=\"21\" width=\"200\" >
Email
<td height=\"21\" width=\"400\" colspan=2>
<input type=text name=editmail value=\"$member_db[5]\">   <input type=checkbox name=edithidemail $ifchecked> Hide my e-mail from visitors
</tr>";

if($member_db[1] != 4){echo"<tr>
<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>
Default Avatar URL
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 >
<input type=text name=change_avatar value=\"$member_db[8]\">    will appear on 'Add News' page
</tr>"; }else{ $bg = "bgcolor=#F7F6F4"; }

echo"<tr>
<td height=\"21\" width=\"200\" $bg>
Access Level
<td height=\"21\" width=\"400\" $bg colspan=2>";

if ($member_db[1] == 4){ echo "commenter"; }
elseif ($member_db[1] == 3){ echo "journalist"; }
elseif ($member_db[1] == 2){ echo "editor"; }
elseif ($member_db[1] == 1){ echo "administrator"; }

if($member_db[1] != 4){ echo"</tr>
<tr>
<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>
written news
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>
$member_db[6]
</tr>"; }

echo"<tr>
<td height=\"21\" width=\"200\" >
registration date
<td height=\"21\" width=\"400\" colspan=2>
$registrationdate
</tr>
<tr>
<td height=\"1\" width=\"611\" colspan=\"2\" colspan=3>
<br /><input type=submit value=\"Save Changes\" accesskey=\"s\">
</tr>
<input type=hidden name=mod value=options><input type=hidden name=action value=dosavepersonal>
</form>
</table>";

echofooter();
}
// ********************************************************************************
// Save Personal Options
// ********************************************************************************
elseif($action == "dosavepersonal")
{

if($editpassword != "" and ($oldpassword == "" or !$oldpassword)){
msg("info", "Old Password Verification", "<form method=POST action=\"$PHP_SELF\"> You have requested to change your password.<br>In order to complete this action you must enter your old password: <input type=text name=oldpassword> <input type=submit value='Submit'><input type=hidden name=mod value=options><input type=hidden name=action value=dosavepersonal><input type=hidden name=editpassword value='$editpassword'><input type=hidden name=editnickname value='$editnickname'><input type=hidden name=editmail value='$editmail'><input type=hidden name=edithidemail value='$edithidemail'><input type=hidden name=change_avatar value='$change_avatar'></form>");
}elseif($editpassword != "" and (md5($oldpassword) != $member_db[3])){
msg("error","Error!","You did not enter correctly your old password.");
}




$editnickname = replace_comment("add",$editnickname);
$editmail = replace_comment("add",$editmail);
$edithidemail = replace_comment("add",$edithidemail);
$change_avatar = replace_comment("add",$change_avatar);

if($editpassword != "" and !preg_match("/^[\.A-z0-9_\-]{1,15}$/i", $editpassword)){ msg("error","Error !!!", "Your password must conatain only valid characters and numbers"); }

if($edithidemail){ $edithidemail = 1;}else{ $edithidemail = 0; }

$avatars = preg_replace(array("'\\|'","'\n'","' '"), array("","","_"), $avatars);

$old_user_db = file("./data/users.db.php");
$new_user_db = fopen("./data/users.db.php", w);
$personal_success = FALSE;
foreach($old_user_db as $old_user_db_line){
$old_user_db_arr = explode("\|", $old_user_db_line);
if(strtolower($username) != strtolower($old_user_db_arr[2])){
fwrite($new_user_db,"$old_user_db_line");
}
else{
if($editpassword != ""){
$old_user_db_arr[3] = md5($editpassword);
if($config_use_cookies == TRUE){ setcookie("md5_password", $old_user_db_arr[3]); }
$_SESSION['md5_password'] = $old_user_db_arr[3];
}
fwrite($new_user_db,"$old_user_db_arr[0]\|$old_user_db_arr[1]\|$old_user_db_arr[2]\|$old_user_db_arr[3]\|$editnickname\|$editmail\|$old_user_db_arr[6]\|$edithidemail\|$change_avatar\|$old_user_db_arr[9]\|\|\n");
$personal_success = TRUE;
}
}
fclose($new_user_db);
if($personal_success){ msg("info", "Changes Saved", "Your personal information was saved.", "$PHP_SELF?mod=options&action=personal"); }
else{ msg("error", "Error !!!", "Error while listing users, $username not found", "$PHP_SELF?mod=options&action=personal"); }
}
// ********************************************************************************
// Edit Templates
// ********************************************************************************
elseif($action == "templates")
{
if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permissions for this type of action"); }
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Detect all template packs we have
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
$templates_list = array();
if(!$handle = opendir("./data")){ die("<center>Can not open directory $cutepath/data "); }
while (false !== ($file = readdir($handle))){
if(eregi(".tpl", $file)){
$file_arr = explode(".", $file);
$templates_list[]= $file_arr[0];
}
}
closedir($handle);

/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If we want to create new template
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
if($subaction == "new"){
echoheader("options", "New Template");

echo"<form method=post action=\"$PHP_SELF\"><table border=0 cellpading=0 cellspacing=0 width=100% height=100%><tr><td >Create new template based on: <select name=base_template>";
foreach($templates_list as $single_template){
echo "<option value=\"$single_template\">$single_template</option>";
}
echo '</select> with name <input type=text name=template_name>  <input type=submit value="Create Template">
<input type=hidden name=mod value=options>
<input type=hidden name=action value=templates>
<input type=hidden name=subaction value=donew>
</td></tr></table></form>';
echofooter();
exit;
}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Do Create the new template
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
if($subaction == "donew"){
if(!eregi("^[a-z0-9_-]+$", $template_name)){ msg("error", "Error", "The name of the template must be only with letters and numbers", "$PHP_SELF?mod=options&subaction=new&action=templates"); }
if(file_exists("./data/${template_name}.tpl")){ msg("error", "Error", "Template with this name already exists", "$PHP_SELF?mod=options&subaction=new&action=templates"); }

if($base_template != ""){ $base_file = "./data/${base_template}.tpl"; }
else{ $base_file = "./data/Default.tpl"; }

if (!copy($base_file, "./data/${template_name}.tpl")) {
msg("error", "Error", "Can not copy file $base_file to ./data/ folder with name ${template_name}.tpl");
}
@chmod("./data/${template_name}.tpl", 0777);

msg("info", "Template Created", "A new template was created with name <b>${template_name}</b><br>", "$PHP_SELF?mod=options&action=templates");
}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Deleting template, preparation
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
if($subaction == "delete"){
if(strtolower($do_template) == "default"){ msg("Error", "Error !!!", "You can not delete the default template", "$PHP_SELF?mod=options&action=templates"); }
if(strtolower($do_template) == "rss"){ msg("Error", "Error !!!", "You can not delete the RSS template, it is not even supposed you to edit it.", "$PHP_SELF?mod=options&action=templates"); }
$msg = "<form method=post action=\"$PHP_SELF\">Are you sure you want to delete the template <b>$do_template</b> ?<br><br>
<input type=submit value=\" Yes, Delete This Template\">  <input onClick=\"document.location='$PHP_SELF?mod=options&action=templates';\" type=button value=\"Cancel\">
<input type=hidden name=mod value=options>
<input type=hidden name=action value=templates>
<input type=hidden name=subaction value=dodelete>
<input type=hidden name=do_template value=\"$do_template\">
</form>";

msg("info", "Deleting Template", $msg);
}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
DO Deleting template
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
if($subaction == "dodelete"){
if(strtolower($do_template) == "default"){ msg("Error", "Error !!!", "You can not delete the default template", "$PHP_SELF?mod=options&action=templates"); }
$unlink = unlink("./data/${do_template}.tpl");
if(!$unlink){ msg("error", "Error", "Can not delete file ./data/${do_template}.tpl <br>maybe the is no permission from the server"); }
else{ msg("info", "Template Deleted", "The template <b>${do_template}</b> was deleted.", "$PHP_SELF?mod=options&action=templates"); }
}


/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Show The Template Manager
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
if($do_template == '' or !$do_template){
$do_template = 'Default';
$show_delete_link = '';
}elseif(strtolower($do_template) != 'default'){
$show_delete_link = "<a href=\"$PHP_SELF?action=templates&mod=options&subaction=delete&do_template=$do_template\">[delete this template]</a>";
}
require("./data/${do_template}.tpl");



if(eregi("opera", $HTTP_USER_AGENT)){ $tr_hidden = ""; }
else{ $tr_hidden = " style='display:none'"; }


$templates_names = array("template_active", "template_comment", "template_form", "template_full", "template_prev_next", "template_comments_prev_next");
foreach($templates_names as $template)
{
$$template = preg_replace("/</","<",$$template);
$$template = preg_replace("/>/",">",$$template);
}
echoheader("options","Templates");

echo'<table border=0 cellpading=0 cellspacing=0 height="77" >
<tr>
<td width=373 height="75">
<b>Manage Templates</b>


<table border=0 cellpading=0 cellspacing=0 width=347 class="panel" height="50" >
<form method=get action="'.$PHP_SELF.'">
<tr>
<td width=126height="23">
Editing Template
<td width=225height="23">
:  <b>'.$do_template.'</b>
</tr>
<tr>
<td width=126 height="27">
Switch to Template
<td width=225 height="27">
:  <select size=1 name=do_template>';

foreach($templates_list as $single_template){
if($single_template == $do_template){ echo"<option selected value=\"$single_template\">$single_template</option>"; }
else{ echo"<option value=\"$single_template\">$single_template</option>"; }
}

echo'</select>
<input type=submit value=Go>
</tr>
<tr>
<td width=351 height="25" colspan="2">
<a href="'.$PHP_SELF.'?mod=options&subaction=new&action=templates">[create new template]</a>
'.$show_delete_link.'</tr>
<input type=hidden name=action value=templates><input type=hidden name=mod value=options>
</form>
</table>

<td width=268 height="75" align="center">
<!-- HELP -->
<table cellspacing="0" cellpadding="0">
<tr>
<td width="25" align=middle><img border="0" src="skins/images/help_small.gif"></td>
<td > <a onClick="javascript:Help(\'templates\')" href="#">Understanding Templates</a></td>
</tr>
</table>
<!-- END HELP -->

</tr>
</table>
<img height=20 border=0 src="skins/images/blank.gif" width=1>
<br>
<b>Edit Template Parts</b><table width="100%"><form method=post action="'.$PHP_SELF.'">

<tr> <!- start active news -->
<td height="7" bgcolor=#F7F6F4 colspan="2">
<b><a style="font-size:16px" href="javascript:ShowOrHide(\'active-news1\',\'active-news2\')" >Active News</a></b>
</tr>
<tr id=\'active-news1\' '.$tr_hidden.'>
<td height="9" width="200" valign="top">
<b>{title}<br />
{avatar}<br />
{short-story}<br />
{full-story}<br />
{author}<br />
{author-name}<br />
[mail] </b>and<b> [/mail]<br />
{date}<br />
[link] </b>and<b> [/link]<br />
[full-link] </b>and<b> [/full-link]<br />
[com-link] </b>and<b> [/com-link]<br />
{comments-num}<br />
{category}<br />
{category-icon}
<td height="9" valign="top" width=430>
- Title of the article<br />
- Show Avatar image (if any)<br />
- Short story of news item<br />
- The full story<br />
- Author of the article, with link to his email (if any)<br />
- The name of the author, without email<br />
- Will generate a link to the author mail (if any) eg. [mail]Email[/mail]<br />
- Date when the story is written<br />
- Will generate a permanent link to the full story<br />
- Link to the full story of article, only if there is full story<br />
- Generate link to the comments of article<br />
- This will display the number of comments posted for article<br />
- Name of the category where article is posted (if any)<br />
- Shows the category icon (if any)<br />
</tr>
<tr id=\'active-news2\' '.$tr_hidden.'>
<td height="8" colspan="2">
<textarea rows="9" cols="98" name="edit_active">'.$template_active.'</textarea>
<br />

</tr> <!-- End active news -->

<tr> <!-- Start full story -->
<td height="7" bgcolor=#F7F6F4 colspan="2">
<b><a style="font-size:16px" href="javascript:ShowOrHide(\'full-story1\',\'full-story2\')" >Full Story</a></b>
</tr>
<tr id=\'full-story1\' '.$tr_hidden.'>
<td height="9" width="200" valign="top">
<b> {title}<br />
{avatar}<br />
{full-story}<br />
{short-story}</b><b><br />
{author}<br />
{author-name}<br />
[mail] </b>and<b> [/mail]<br />
{date}<br />
{comments-num}<br />
{category} <br />
{category-icon} </b>
<td height="9" valign="top">
- Title of the article<br />
- Show Avatar image (if any)<br />
- The full story<br />
- Short story of news item<br />
- Author of the article, with link to his email (if any)<br />
- The name of the author, without email<br />
- Will generate a link to the author mail (if any) eg. [mail]Email[/mail]<br />
- Date when the story is written<br />
- This will display the number of comments posted for article<br />
- Name of the category where article is posted (if any)<br />
- Shows the category icon (if any)<br />
</tr>
<tr id=\'full-story2\' '.$tr_hidden.'>
<td height="8" colspan="2">
<textarea rows="9" cols="98" name="edit_full">'.$template_full.'</textarea>
<br />

</tr> <!-- End full story -->

<tr> <!-- Start comment -->
<td height="7" bgcolor=#F7F6F4 colspan="2">
<b><a style="font-size:16px" href="javascript:ShowOrHide(\'comment1\',\'comment2\')" >Comment</a></b>
</tr>
<tr id=\'comment1\' '.$tr_hidden.'>
<td height="9" width="200" valign="top">
<b> {author}<br />
{mail}<br />
{date}<br />
{comment}<br />
{comment-iteration}</b>
<td height="9" valign="top">
- Name of the comment poster<br />
- E-mail of the poster<br />
- Date when the comment was posted<br />
- The Comment<br />
- Show the sequential number of individual comment
</tr>
<tr id=\'comment2\' '.$tr_hidden.'>
<td height="8" colspan="2">
<textarea rows="9" cols="98" name="edit_comment">'.$template_comment.'</textarea>
<br />

</tr> <!-- End comment -->

<tr> <!-- Start add comment form -->
<td height="7" bgcolor=#F7F6F4 colspan="2">
<b><a style="font-size:16px" href="javascript:ShowOrHide(\'add-comment-form1\',\'add-comment-form2\')" >Add comment form</a></b>
</tr>
<tr id=\'add-comment-form1\' '.$tr_hidden.'>
<td height="9" width="1094" valign="top" colspan="2">
Please do not edit this unless you have basic HTML knowledge !!!
</tr>
<tr id=\'add-comment-form2\' '.$tr_hidden.'>
<td height="8" colspan="2">
<textarea rows="9" cols="98" name="edit_form">'.$template_form.'</textarea>
<br />

</tr> <!-- End add comment form -->

<tr> <!-- Start previous & next -->
<td height="7" bgcolor=#F7F6F4 colspan="2">
<b><a style="font-size:16px" href="javascript:ShowOrHide(\'previous-next1\',\'previous-next2\')" >News Pagination</a></b>
</tr>
<tr id=\'previous-next1\' '.$tr_hidden.'>
<td height="9" width="200" valign="top">
<b> [prev-link] </b>and<b> [/prev-link]<br />
[next-link] </b>and<b> [/next-link]<br />
{pages}<br />
<td height="9" valign="top">
- Will generate a link to preveous page (if there is)<br />
- Will generate a link to next page (if there is)<br />
- Shows linked numbers of the pages; example: <a href=\'#\'>1</a> <a href=\'#\'>2</a> <a href=\'#\'>3</a> <a href=\'#\'>4</a>
</tr>

<tr id=\'previous-next2\' '.$tr_hidden.'>
<td height="8" colspan="2">
<textarea rows="3" cols="98" name="edit_prev_next">'.$template_prev_next.'</textarea>
</tr> <!-- End previous & next -->



<tr> <!-- Start previous & next COMMENTS-->
<td height="7" bgcolor=#F7F6F4 colspan="2">
<b><a style="font-size:16px" href="javascript:ShowOrHide(\'previous-next21\',\'previous-next22\')" >Comments Pagination</a></b>
</tr>
<tr id=\'previous-next21\' '.$tr_hidden.'>
<td height="9" width="200" valign="top">
<b> [prev-link] </b>and<b> [/prev-link]<br />
[next-link] </b>and<b> [/next-link]<br />
{pages}<br />
<td height="9" valign="top">
- Will generate a link to preveous page (if there is)<br />
- Will generate a link to next page (if there is)<br />
- Shows linked numbers of the pages; example: <a href=\'#\'>1</a> <a href=\'#\'>2</a> <a href=\'#\'>3</a> <a href=\'#\'>4</a>
</tr>

<tr id=\'previous-next22\' '.$tr_hidden.'>
<td height="8" colspan="2">
<textarea rows="3" cols="98" name="edit_comments_prev_next">'.$template_comments_prev_next.'</textarea>
</tr> <!-- End previous & next COMMENTS -->


<tr>
<td height="8" colspan="2">
<input type=hidden name=mod value=options>
<input type=hidden name=action value=dosavetemplates>
<input type=hidden name=do_template value="'.$do_template.'">
<br /><input type=submit value=" Save Changes " accesskey="s">
</tr></form>
</table>';

echofooter();
}
// ********************************************************************************
// Do Save Changes to Templates
// ********************************************************************************
elseif($action == "dosavetemplates")
{
if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permissions for this type of action"); }
$templates_names = array("edit_active", "edit_comment", "edit_form", "edit_full", "edit_prev_next", "edit_comments_prev_next");
foreach($templates_names as $template)
{
$$template = stripslashes($$template);
}

if($do_template == "" or !$do_template){ $do_template = "Default"; }
$template_file = "./data/${do_template}.tpl";

if($do_template == "rss"){ $edit_active = str_replace("&", "&",$edit_active); }

$handle = fopen("$template_file","w");
fwrite($handle, "<?PHP\n///////////////////// TEMPLATE $do_template /////////////////////\n");
fwrite($handle, "\$template_active = <<<HTML\n$edit_active\nHTML;\n\n\n");
fwrite($handle, "\$template_full = <<<HTML\n$edit_full\nHTML;\n\n\n");
fwrite($handle, "\$template_comment = <<<HTML\n$edit_comment\nHTML;\n\n\n");
fwrite($handle, "\$template_form = <<<HTML\n$edit_form\nHTML;\n\n\n");
fwrite($handle, "\$template_prev_next = <<<HTML\n$edit_prev_next\nHTML;\n");
fwrite($handle, "\$template_comments_prev_next = <<<HTML\n$edit_comments_prev_next\nHTML;\n");
fwrite($handle, "?>\n");

msg("info","Changes Saved","The changes to template <b>$do_template</b> were successfully saved.","$PHP_SELF?mod=options&action=templates&do_template=$do_template");
}

// ********************************************************************************
// System Configuration
// ********************************************************************************
elseif($action == "syscon")
{
if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permissions to access this section"); }
echoheader("options", "System Configuration");

function showRow($title="", $description="", $field="")
{
global $i;
if( $i%2 == 0 and $title != ""){ $bg = "bgcolor=#F7F6F4"; }
echo"<tr $bg >
<td colspan=\"2\" style=\"padding:4\">
<b>$title</b>
<td width=294 rowspan=\"2\" valign=\"middle\" align=middle>
$field<br />
</tr>
<tr $bg >
<td height=15 width=\"27\" style=\"padding:4\">

<td height=15 width=\"299\" valign=top>
<font color=\"#808080\">$description</font>
</tr>";
$bg = ""; $i++;
}
function makeDropDown($options, $name, $selected)
{
$output = "<select size=1 name=\"$name\">\r\n";
foreach($options as $value=>$description)
{
$output .= "<option value=\"$value\"";
if($selected == $value){ $output .= " selected "; }
$output .= ">$description</option>\n";
}
$output .= "</select>";
return $output;
}


echo"<table border=0 cellpading=0 cellspacing=0 width=654 ><form action=\"$PHP_SELF\" method=post>";

echo <<<HTML
<script language='JavaScript' type="text/javascript">

function ChangeOption(selectedButton, selectedOption) {

document.getElementById('general').style.display = "none";
document.getElementById('news').style.display = "none";
document.getElementById('comments').style.display = "none";
document.getElementById('notifications').style.display = "none";

document.getElementById('button1').style.backgroundColor = "";
document.getElementById('button2').style.backgroundColor = "";
document.getElementById('button3').style.backgroundColor = "";
document.getElementById('button4').style.backgroundColor = "";

if(selectedOption == 'general') {document.getElementById('general').style.display = "";}
if(selectedOption == 'news') {document.getElementById('news').style.display = "";}
if(selectedOption == 'comments') {document.getElementById('comments').style.display = "";}
if(selectedOption == 'notifications') {document.getElementById('notifications').style.display = "";}

document.getElementById(selectedButton).style.backgroundColor = "#EBE8E2";


}

</script>

<tr style="position:relative" valign=top>
<td style="padding-bottom:30px;" colspan="3" >
<table style="text-align:center; padding:0px; margin:0px;" width="100%" height=35px cellpadding="0" cellspacing="0">
<tr style="border:1px solid black; vertical-align:middle;" >
<td id=button1 style="background-color:#EBE8E2; border:1px solid black; -moz-border-radius: .7em .7em .0em .0em" width="25%"><a style="display:block; font-size:150%; font-weight:bold; height:100%; padding-top:10px;" href="javascript:ChangeOption('button1','general');">General</a>
<td id=button2 style="border:1px solid black; -moz-border-radius: .7em .7em .0em .0em" width="25%"><a style="display:block; font-size:150%; font-weight:bold; height:100%; padding-top:10px;" href="javascript:ChangeOption('button2','news');">News</a>
<td id=button3 style="border:1px solid black; -moz-border-radius: .7em .7em .0em .0em" width="25%"><a style="display:block; font-size:150%; font-weight:bold; height:100%; padding-top:10px;" href="javascript:ChangeOption('button3','comments');">Comments</a>
<td id=button4 style="border:1px solid black; -moz-border-radius: .7em .7em .0em .0em" width="25%"><a style="display:block; font-size:150%; font-weight:bold; height:100%; padding-top:10px;" href="javascript:ChangeOption('button4','notifications');">Notifications</a>
</tr>
</table>
</tr>
HTML;


if(!$handle = opendir("./skins")){ die("Can not open directory ./skins "); }
while (false !== ($file = readdir($handle))) {
$file_arr = explode(".",$file);
if($file_arr[1] == "skin"){
$sys_con_skins_arr[$file_arr[0]] = $file_arr[0];
}elseif($file_arr[1] == "lang"){
$sys_con_langs_arr[$file_arr[0]] = $file_arr[0];
}
}
closedir($handle);

// General
echo"<tr style='' id=general width=100%><td colspan=10 width=100%><table cellpading=0 cellspacing=0 colspan=10 width=100%>";
showRow("Full URL to CuteNews Directory", "example: http://yoursite.com/cutenews", "<input type=text style=\"text-align: center;\" name='save_con[http_script_dir]' value='$config_http_script_dir' size=40>");
showRow("CuteNews Skin", "you can download more from our website", makeDropDown($sys_con_skins_arr, "save_con[skin]", "$config_skin"));
showRow("Time Adjustment", "in minutes; eg. : <b>180</b>=+3 hours; <b>-120</b>=-2 hours", "<input type=text style=\"text-align: center;\" name='save_con[date_adjust]' value=\"$config_date_adjust\" size=10>");
showRow("Smilies", "Separate them with commas (<b>,</b>)", "<input type=text style=\"text-align: center;\" name='save_con[smilies]' value=\"$config_smilies\" size=40>");
showRow("Auto-Archive every Month", "if yes, evrery month the active news will be archived", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[auto_archive]", "$config_auto_archive"));
showRow("Allow Self-Registration", "allow users to auto-register", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[allow_registration]", "$config_allow_registration"));
showRow("Self-Registration Level", "with what access level are users auto-registerd ?", makeDropDown(array("3"=>"Journalist","4"=>"Commenter"), "save_con[registration_level]", "$config_registration_level"));
echo"</table></td></tr>";

// News
echo"<tr style='display:none' id=news width=100%><td colspan=10 width=100%><table cellpading=0 cellspacing=0 colspan=10 width=100%>";
showRow("Use Avatars", "if not, the avatar URL field wont be shown", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[use_avatar]", "$config_use_avatar"));
showRow("Use WYSIWYG Editor","use (or not) the advanced editor", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[use_wysiwyg]", "$config_use_wysiwyg"));
showRow("Reverse News", "if yes, older news will be shown on the top", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[reverse_active]", "$config_reverse_active"));
showRow("Time Format For News", "view help for time formatting <a href=\"http://www.php.net/manual/en/function.date.php\" target=\"_blank\">here</a>", "<input type=text style=\"text-align: center;\" name='save_con[timestamp_active]' value='$config_timestamp_active' size=40>");
showRow("Show Full Story In PopUp", "full Story will be opened in PopUp window", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[full_popup]", "$config_full_popup"));
showRow("Settings for Full Story PopUp", "only if 'Show Full Story In PopUp' is enabled", "<input type=text style=\"text-align: center;\" name='save_con[full_popup_string]' value=\"$config_full_popup_string\" size=40>");
showRow("Show Comments When Showing Full Story", "if yes, comments will be shown under the story", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[show_comments_with_full]", "$config_show_comments_with_full"));
echo"</table></td></tr>";

// Comments
echo"<tr style='display:none' id=comments width=100%><td colspan=10 width=100%><table cellpading=0 cellspacing=0 colspan=10 width=100%>";
showRow("Auto Wrap Comments", "any word that is longer than this will be wrapped", "<input type=text style=\"text-align: center;\" name='save_con[auto_wrap]' value=\"$config_auto_wrap\" size=10>");
showRow("Reverse Comments", "if yes, newest comments will be shown on the top", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[reverse_comments]", "$config_reverse_comments"));
showRow("Comments Flood Protection", "in seconds; 0 = no protection", "<input type=text style=\"text-align: center;\" name='save_con[flood_time]' value=\"$config_flood_time\" size=10>");
showRow("Max. Length of Comments in Characters", "enter <b>0</b> to disable checking", "<input type=text style=\"text-align: center;\" name='save_con[comment_max_long]' value='$config_comment_max_long' size=10>");
showRow("Comments Per Page (Pagination)", "enter <b>0</b> or leave empty to disable pagination", "<input type=text style=\"text-align: center;\" name='save_con[comments_per_page]' value='$config_comments_per_page' size=10>");
showRow("Only Registered Users Can Post Comments", "if yes, only registered users can post comments", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[only_registered_comment]", "$config_only_registered_comment"));
showRow("Allow Mail Field to Act and as URL Field", "visitors will be able to put their site URL insted of mail", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[allow_url_instead_mail]", "$config_allow_url_instead_mail"));
showRow("Time Format For Comments", "view help for time formatting <a href=\"http://www.php.net/manual/en/function.date.php\" target=\"_blank\">here</a>", "<input type=text style=\"text-align: center;\" name='save_con[timestamp_comment]' value='$config_timestamp_comment' size=40>");
showRow("Show Comments In PopUp", "comments will be opened in PopUp window", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[comments_popup]", "$config_comments_popup"));
showRow("Settings for Comments PopUp", "only if 'Show Comments In PopUp' is enabled", "<input type=text style=\"text-align: center;\" name=\"save_con[comments_popup_string]\" value=\"$config_comments_popup_string\" size=40>");
showRow("Show Full Story When Showing Comments", "if yes, comments will be shown under the story", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[show_full_with_comments]", "$config_show_full_with_comments"));
echo"</table></td></tr>";

// Notifications
echo"<tr style='display:none' id=notifications width=100%><td colspan=10 width=100%><table cellpading=0 cellspacing=0 colspan=10 width=100%>";
showRow("Email(s)", "Where the notification will be send, separate multyple emails by comma", "<input type=text style=\"text-align: center;\" name='save_con[notify_email]' value=\"$config_notify_email\" size=40>");
showRow("Notifications - Active/Disabled", "global status of notifications", makeDropDown(array("active"=>"Active","disabled"=>"Disabled"), "save_con[notify_status]", "$config_notify_status"));
showRow("Notify of New Registrations", "when new user auto-registers", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[notify_registration]", "$config_notify_registration"));
showRow("Notify of New Comments", "when new comment is added", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[notify_comment]", "$config_notify_comment"));
showRow("Notify of Unapproved News", "when unapproved article is posted (by journalists)", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[notify_unapproved]", "$config_notify_unapproved"));
showRow("Notify of Auto-Archiving", "when (if) news are auto-archived", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[notify_archive]", "$config_notify_archive"));
showRow("Notify of Activated Postponed Articles", "when postponed article is activated", makeDropDown(array("yes"=>"Yes","no"=>"No"), "save_con[notify_postponed]", "$config_notify_postponed"));
echo"</table></td></tr>";



echo"
<input type=hidden name=mod value=options>
<input type=hidden name=action value=dosavesyscon>".
showRow("","","<br /><input style='font-weight:bold;font-size:120%;' type=submit value=\" Save Changes \" accesskey=\"s\">")."
</form></table>";
echofooter();
}
// ********************************************************************************
// Save System Configuration
// ********************************************************************************
elseif($action == "dosavesyscon")
{
if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permission for this section"); }
$handler = fopen("./data/config.php", "w");
fwrite($handler, "<?PHP \n\n//System Configurations (Auto Generated file)\n\n");
foreach($save_con as $name=>$value)
{
fwrite($handler, "\$config_$name = \"".htmlspecialchars($value)."\";\n\n");
}
fwrite($handler, "?>");
fclose($handler);

include("./skins/".$save_con["skin"].".skin.php");
msg("info", "Configurations Saved", "The System Configurations were successfully saved.");
}

?>

file:a/cutenews/inc/preview.mdu (deleted)

<HTML>
<TITLE>Preview</TITLE>
<BODY>
<center>
<?PHP
require("./data/Default.tpl");

$cat_lines = @file("./data/category.db.php");
foreach($cat_lines as $single_line){
$cat_arr = explode("\|", $single_line);
$cat[$cat_arr[0]] = $cat_arr[1];
$cat_icon[$cat_arr[0]]=$cat_arr[2];
}

if($manual_avatar != ""){ $avatar = $manual_avatar; }
elseif( $select_avatar != "" and $select_avatar != "none" ){ $avatar = $select_avatar; }
else{ $avatar = ""; }

if($if_convert_new_lines == "yes"){ $n_to_br = TRUE; }
if($if_use_html == "yes"){ $use_html = TRUE; }

$full_story = replace_news("add", $full_story, $n_to_br, $use_html);
$short_story = replace_news("add", $short_story, $n_to_br, $use_html);
$title = replace_news("add", $title, TRUE, $use_html);

if($member_db[4] != ""){
if($member_db[7] != 1 and $member_db[5] != ""){ $author = "<a href=mailto:$member_db[5]>$member_db[4]</a>"; }
else{ $author = "$member_db[4]"; }
}else{
if($member_db[7] != 1 and $member_db[5] != ""){ $author = "<a href=mailto:$member_db[5]>$member_db[2]</a>"; }
else{ $author = "$member_db[2]"; }
}

$output = $template_active;
$output = str_replace("{title}", $title, $output);
$output = str_replace("{date}", date($config_timestamp_active, time()), $output);
$output = str_replace("{author}", $author, $output);
if($avatar != ""){$output = str_replace("{avatar}", "<img src=\"$avatar\" border=0>", $output); }
else{ $output = str_replace("{avatar}", "", $output); }
$output = str_replace("[link]","<a href=#>", $output);
$output = str_replace("[/link]","</a>", $output);
$output = str_replace("{comments-num}", countComments($id), $output);
$output = str_replace("{short-story}", $short_story, $output);
$output = str_replace("{full-story}", $full_story, $output);
if($full_story){
$output = str_replace("[full-link]", "<a href=#>", $output); }
else{
$output = preg_replace("'\[full-link\].*?\[/full-link\]'","", $output);
}
$output = str_replace("[/full-link]", "</a>", $output);
$output = str_replace("[com-link]", "<a href=#>", $output);
$output = str_replace("[/com-link]", "</a>", $output);

$output = str_replace("{category}", $cat[$category], $output);
$output = str_replace("{category-id}", $category, $output);
if($cat_icon[$category] != ""){ $output = str_replace("{category-icon}", "<img border=0 src=\"".$cat_icon[$category]."\">", $output); }
else{ $output = str_replace("{category-icon}", "", $output); }


$output = str_replace("{author-name}", $member_db[2], $output);

if($member_db[5] != ""){
$output = str_replace("[mail]","<a href=\"mailto:". $member_db[5] ."\">", $output);
$output = str_replace("[/mail]","</a>", $output);
}else{
$output = str_replace("[mail]","", $output);
$output = str_replace("[/mail]","", $output);
}
$output = str_replace("{news-id}", "ID Unknown", $output);
$output = str_replace("{archive-id}", $archive, $output);
$output = str_replace("{php-self}", $PHP_SELF, $output);
$output = str_replace("{cute-http-path}", $config_http_script_dir, $output);

$output = replace_news("show", $output);



echo("<fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 13px;\">Active News:</span> </legend>".$output."</fieldset>");


if($full_story){

$output = $template_full;
$output = str_replace("{title}", $title, $output);
$output = str_replace("{date}", date($config_timestamp_active, time()), $output);
$output = str_replace("{author}", $author, $output);
if($avatar != ""){$output = str_replace("{avatar}", "<img src=\"$avatar\" border=0>", $output); }
else{ $output = str_replace("{avatar}", "", $output); }
$output = str_replace("[link]","<a href=#>", $output);
$output = str_replace("[/link]","</a>", $output);
$output = str_replace("{comments-num}", countComments($id), $output);
$output = str_replace("{short-story}", $short_story, $output);
$output = str_replace("{full-story}", $full_story, $output);
if($full_story){
$output = str_replace("[full-link]", "<a href=#>", $output); }
else{
$output = preg_replace("'\[full-link\].*?\[/full-link\]'","", $output);
}
$output = str_replace("[/full-link]", "</a>", $output);
$output = str_replace("[com-link]", "<a href=#>", $output);
$output = str_replace("[/com-link]", "</a>", $output);
$output = str_replace("{category}", $cat[$category], $output);
$output = str_replace("{category-id}", $category, $output);
if($cat_icon[$category] != ""){ $output = str_replace("{category-icon}", "<img border=0 src=\"".$cat_icon[$category]."\">", $output); }
else{ $output = str_replace("{category-icon}", "", $output); }


$output = str_replace("{author-name}", $member_db[2], $output);

if($member_db[5] != ""){
$output = str_replace("[mail]","<a href=\"mailto:". $member_db[5] ."\">", $output);
$output = str_replace("[/mail]","</a>", $output);
}else{
$output = str_replace("[mail]","", $output);
$output = str_replace("[/mail]","", $output);
}
$output = str_replace("{news-id}", "ID Unknown", $output);
$output = str_replace("{archive-id}", $archive, $output);
$output = str_replace("{php-self}", $PHP_SELF, $output);
$output = str_replace("{cute-http-path}", $config_http_script_dir, $output);

$output = replace_news("show", $output);

echo("<br /><fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 13px;\">Full Story:</span> </legend>".$output."</fieldset>");
}

?>
</center>
</BODY>
</HTML>

file:a/cutenews/inc/shows.inc.php (deleted)

<?PHP


do{ // Used if we want to display some error to the user and halt the rest of the script

$user_query = cute_query_string($QUERY_STRING, array( "comm_start_from","start_from", "archive", "subaction", "id", "ucat"));
$user_post_query = cute_query_string($QUERY_STRING, array( "comm_start_from", "start_from", "archive", "subaction", "id", "ucat"), "post");
//####################################################################################################################
// Define Categories
//####################################################################################################################
$cat_lines = file("$cutepath/data/category.db.php");
foreach($cat_lines as $single_line){
$cat_arr = explode("\|", $single_line);
$cat[$cat_arr[0]] = $cat_arr[1];
$cat_icon[$cat_arr[0]]=$cat_arr[2];
}



///////////////////////////////////////////////////////
// Function: Category ID to Name
// Description: convert to category name from ID
if ( !function_exists('catid2name') )
{

function catid2name($thecat){
global $cat;

if(strstr($thecat,',')){
$thecat_arr = explode(',',$thecat);
foreach($thecat_arr as $single_thecat){
if($thecat_not_first){ $thecat_str .= ', '. $cat[$single_thecat]; }
else{ $thecat_str .= $cat[$single_thecat]; }

$thecat_not_first = TRUE;
}

return $thecat_str;

}else{
return $cat[$thecat];
}

}

}

//####################################################################################################################
// Define Users
//####################################################################################################################
$all_users = file("$cutepath/data/users.db.php");
foreach($all_users as $user)
{
if(!eregi("<\?",$member_db_line)){
$user_arr = explode("\|",$user);
if($user_arr[4] != "")
{
if($user_arr[7] != 1 and $user_arr[5] != ""){ $my_names[$user_arr[2]] = "<a href=\"mailto:$user_arr[5]\">$user_arr[4]</a>"; }
else{ $my_names[$user_arr[2]] = "$user_arr[4]"; }
$name_to_nick[$user_arr[2]] = $user_arr[4];
}
else
{
if($user_arr[7] != 1 and $user_arr[5] != ""){ $my_names[$user_arr[2]] = "<a href=\"mailto:$user_arr[5]\">$user_arr[2]</a>"; }
else{ $my_names[$user_arr[2]] = "$user_arr[2]"; }
$name_to_nick[$user_arr[2]] = $user_arr[2];
}

if($user_arr[7] != 1){ $my_mails[$user_arr[2]] = $user_arr[5]; }
else{ $my_mails[$user_arr[2]] = ""; }
$my_passwords[$user_arr[2]] = $user_arr[3];
$my_users[] = $user_arr[2];
}
}
//####################################################################################################################
// Activate Postponed Articles
//####################################################################################################################


ResynchronizePostponed();

//####################################################################################################################
// Auto-Archive Function
//####################################################################################################################

if($config_auto_archive == "yes"){
ResynchronizeAutoArchive();
}

//####################################################################################################################
// Add Comment
//####################################################################################################################
if($allow_add_comment){

$name = trim($name);
$mail = trim($mail);
$id = (int) $id; // Yes it's stupid how I didn't thought about this :/

//----------------------------------
// Check the lenght of comment, include name + mail
//----------------------------------

if( strlen($name) > 50 ){
echo"<div style=\"text-align: center;\">Your name is too long!</div>";
$CN_HALT = TRUE;
break 1;
}
if( strlen($mail) > 50){
echo"<div style=\"text-align: center;\">Your e-mail is too long!</div>";
$CN_HALT = TRUE;
break 1;
}
if( strlen($comments) > $config_comment_max_long and $config_comment_max_long != "" and $config_comment_max_long != "0"){
echo"<div style=\"text-align: center;\">Your comment is too long!</div>";
$CN_HALT = TRUE;
break 1;
}

//----------------------------------
// Get the IP
//----------------------------------
$foundip = TRUE;
if (getenv("HTTP_CLIENT_IP")) $ip = getenv("HTTP_CLIENT_IP");
else if(getenv("REMOTE_ADDR")) $ip = getenv("REMOTE_ADDR");
else if(getenv("HTTP_X_FORWARDED_FOR")) $ip = getenv("HTTP_X_FORWARDED_FOR");
else {$ip = "not detected"; $foundip = FALSE;}

if( !$foundip or !preg_match("/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/", "$ip") ){ $ip = "not detected"; $foundip = FALSE;} //ensure that what we have is a real IP
//----------------------------------
// Flood Protection
//----------------------------------
if($config_flood_time != 0 and $config_flood_time != "" ){
if(flooder($ip, $id) == TRUE ){
echo("<div style=\"text-align: center;\">Flood protection activated !!!<br />you have to wait $config_flood_time seconds after your last comment before posting again at this article.</div>");
$CN_HALT = TRUE;
break 1;
}
}

//----------------------------------
// Check if IP is blocked
//----------------------------------
$blockip = FALSE;
$old_ips = file("$cutepath/data/ipban.db.php");
$new_ips = fopen("$cutepath/data/ipban.db.php", "w");
@flock ($new_ips,2);
foreach($old_ips as $old_ip_line){
$ip_arr = explode("\|", $old_ip_line);

//implemented wildcard match
$ip_check_matches = 0;
$db_ip_split = explode(".", $ip_arr[0]);
$this_ip_split = explode(".", $ip);

for($i_i=0;$i_i<4;$i_i++){
// echo"IF $this_ip_split[$i_i] == $db_ip_split[$i_i] or $db_ip_split[$i_i] == '*'<br>";
if ($this_ip_split[$i_i] == $db_ip_split[$i_i] or $db_ip_split[$i_i] == '*') {
$ip_check_matches += 1;
}

}

if ($ip_check_matches == 4) {
$countblocks = $ip_arr[1] = $ip_arr[1] + 1;
fwrite($new_ips, "$ip_arr[0]\|$countblocks\|\|\n"); $blockip = TRUE;
} else {
fwrite($new_ips, $old_ip_line);
}

}
@flock ($new_ips,3);
fclose($new_ips);
if($blockip){
echo("<div style=\"text-align: center;\">Sorry but you have been blocked from posting comments</div>");
$CN_HALT = TRUE;
break 1;
}

//----------------------------------
// Check if the name is protected
//----------------------------------
$is_member = FALSE;
foreach($all_users as $member_db_line)
{
if(!eregi("<\?",$member_db_line) and $member_db_line != ""){
$user_arr = explode("\|",$member_db_line);

//if the name is protected
if((strtolower($user_arr[2]) == strtolower($name) or strtolower($user_arr[4]) == strtolower($name)) and ($user_arr[3] != $CNpass and $user_arr[3] != md5($password)) and $name != "")
{
//$comments = replace_comment("add", $comments); //commented because will mess up the <br />
$comments = preg_replace(array("'\"'", "'\''", "''"), array(""", "'", ""), $comments);
$name = replace_comment("add", preg_replace("/\n/", "",$name));
$mail = replace_comment("add", preg_replace("/\n/", "",$mail));


echo"<div style=\"text-align: center;\">This name is owned by a registered user and you must enter password to use it<br />
<form name=passwordForm id=passwordForm method=\"post\" action=\"\">
Password: <input type=\"password\" name=\"password\" />
<input type=\"hidden\" name=\"name\" value=\"$name\" />
<input type=\"hidden\" name=\"comments\" value=\"$comments\" />
<input type=\"hidden\" name=\"mail\" value=\"$mail\" />
<input type=\"hidden\" name=\"ip\" value=\"$ip\" />
<input type=\"hidden\" name=\"subaction\" value=\"addcomment\" />
<input type=\"hidden\" name=\"show\" value=\"$show\" />
<input type=\"hidden\" name=\"ucat\" value=\"$ucat\" />
$user_post_query
<input type=\"submit\" /> \n <br>
<input type=\"checkbox\" name=\"CNrememberPass\" value=1 /> Remember password in cookie (md5 format)
</form>
</div>";
$CN_HALT = TRUE;
break 2;

}

if(strtolower($user_arr[2]) == strtolower($name)) $is_member = TRUE;

//----------------------------------
// Member wants to save his pass in cookie ?
//----------------------------------
if($CNrememberPass == 1){
if(file_exists("$cutepath/remember.js")){
echo"<script type=\"text/javascript\" src=\"$config_http_script_dir/remember.js\"></script>";
echo"<script>CNRememberPass('".md5($password)."')</script>";
}
}

}
}

//----------------------------------
// Check if only members can comment
//----------------------------------
if($config_only_registered_comment == "yes" and !$is_member){
echo"<div style=\"text-align: center;\">Sorry but only registered users can post comments, and '".htmlspecialchars($name)."' is not recognized as valid member.</div>";
$CN_HALT = TRUE;
break 1;
}

//----------------------------------
// Wrap the long words
//----------------------------------
if($config_auto_wrap > 1){
$comments_arr = explode("\n", $comments);
foreach($comments_arr as $line){
$wraped_comm .= ereg_replace("([^ \/\/]{".$config_auto_wrap."})","\\1\n", $line) ."\n";
}
if(strlen($name) > $config_auto_wrap){ $name = substr($name, 0, $config_auto_wrap)." ..."; }
$comments = $wraped_comm;
}



//----------------------------------
// Do some validation check 4 name, mail..
//----------------------------------
$comments = replace_comment("add", $comments);
$name = replace_comment("add", preg_replace("/\n/", "",$name));
$mail = replace_comment("add", preg_replace("/\n/", "",$mail));

if($name == " " or $name == ""){
echo("<div style=\"text-align: center;\">You must enter name.<br /><a href=\"javascript:history.go(-1)\">go back</a></div>");
$CN_HALT = TRUE;
break 1;
}
if($mail == " " or $mail == ""){ $mail = "none"; }
else{ $ok = FALSE;
if(preg_match("/^[\.A-z0-9_\-\+]+[@][A-z0-9_\-]+([.][A-z0-9_\-]+)+[A-z]{1,4}$/", $mail)) $ok = TRUE;
elseif($config_allow_url_instead_mail == "yes" and preg_match("/((http(s?):\/\/)\|(www\.))([\w\.]+)([\/\w+\.-?]+)/", $mail)) $ok = TRUE;
elseif($config_allow_url_instead_mail != "yes"){
echo("<div style=\"text-align: center;\">This is not a valid e-mail<br /><a href=\"javascript:history.go(-1)\">go back</a></div>");
$CN_HALT = TRUE;
break 1;
}
else{
echo("<div style=\"text-align: center;\">This is not a valid e-mail or site URL<br /><a href=\"javascript:history.go(-1)\">go back</a></div>");
$CN_HALT = TRUE;
break 1;
}
}

if($comments == ""){
echo("<div style=\"text-align: center;\">Sorry but the comment can not be blank<br /><a href=\"javascript:history.go(-1)\">go back</a></div>");
$CN_HALT = TRUE;
break 1;
}

$time = time()+($config_date_adjust*60);

//----------------------------------
// Add The Comment ... Go Go GO!
//----------------------------------

$old_comments = file("$comm_file");
$new_comments = fopen("$comm_file", "w");
@flock ($new_comments,2);
$found = FALSE;
foreach($old_comments as $old_comments_line)
{
$old_comments_arr = explode("\|>\|", $old_comments_line);
if($old_comments_arr[0] == $id)
{
$old_comments_arr[1] = trim($old_comments_arr[1]);
fwrite($new_comments, "$old_comments_arr[0]\|>\|$old_comments_arr[1]$time\|$name\|$mail\|$ip\|$comments\|\|\n");
$found = TRUE;
}else{
fwrite($new_comments, $old_comments_line);
//if we do not have the news ID in the comments.txt we are not doing anything (see comment below) (must make sure the news ID is valid)
}
}
if(!$found){
/* // do not add comment if News ID is not found \\ fwrite($new_comments, "$id\|>\|$time\|$name\|$mail\|$ip\|$comments\|\|\n");*/

echo("<div style=\"text-align: center;\">CuteNews did not added your comment because there is some problem with the comments database.<br /><a href=\"javascript:history.go(-1)\">go back</a></div>");
$CN_HALT = TRUE;
break 1;
}
@flock ($new_comments,3);
fclose($new_comments);

//----------------------------------
// Sign this comment in the Flood Protection
//----------------------------------
if($config_flood_time != "0" and $config_flood_time != "" ){

$flood_file = fopen("$cutepath/data/flood.db.php", "a");
@flock ($flood_file,2);
fwrite($flood_file, time()."\|$ip\|$id\|\n");
@flock ($flood_file,3);
fclose($flood_file);
}
//----------------------------------
// Notify for New Comment ?
//----------------------------------

if($config_notify_comment == "yes" and $config_notify_status == "active"){
send_mail("$config_notify_email", "CuteNews - New Comment Added", "New Comment was added by $name:\n--------------------------$comments");
}

echo "<script type=\"text/javascript\">window.location=\"$PHP_SELF?subaction=showfull&id=$id&ucat=$ucat&archive=$archive&start_from=$start_from&$user_query\";</script>";
}
//####################################################################################################################
// Show Full Story
//####################################################################################################################
if($allow_full_story){

if(!file_exists($news_file)){ die("Error!<br>news file does not exists!"); }
$all_active_news = file("$news_file");

foreach($all_active_news as $active_news)
{
$news_arr = explode("\|", $active_news);
if($news_arr[0] == $id and (!$catid or $catid == $news_arr[6]))
{
$found = TRUE;
if($news_arr[4] == "" and (!eregi("\{short-story\}", $template_full)) ){ $news_arr[4] = $news_arr[3]; }

if($my_names[$news_arr[1]]){ $my_author = $my_names[$news_arr[1]]; }
else{ $my_author = $news_arr[1]; }

$output = str_replace("{title}", $news_arr[2], $template_full);
$output = str_replace("{date}", date($config_timestamp_active, $news_arr[0]), $output);
$output = str_replace("{author}", $my_author, $output);
$output = str_replace("{short-story}", $news_arr[3], $output);
$output = str_replace("{full-story}", $news_arr[4], $output);
if($news_arr[5] != ""){$output = str_replace("{avatar}", "<img alt=\"\" src=\"$news_arr[5]\" style=\"border: none;\" />", $output); }
else{ $output = str_replace("{avatar}", "", $output); }
$output = str_replace("{avatar-url}", "$news_arr[5]", $output);
$output = str_replace("{comments-num}", countComments($news_arr[0], $archive), $output);
$output = str_replace("{category}", catid2name($news_arr[6]), $output);
$output = str_replace("{category-id}", $news_arr[6], $output);
if($cat_icon[$news_arr[6]] != ""){ $output = str_replace("{category-icon}", "<img style=\"border: none;\" alt=\"".$cat[$news_arr[6]]." icon\" src=\"".$cat_icon[$news_arr[6]]."\" />", $output); }
else{ $output = str_replace("{category-icon}", "", $output); }

if($config_comments_popup == "yes"){
$output = str_replace("[com-link]","<a href=\"#\" onclick=\"window.open('$config_http_script_dir/show_news.php?subaction=showcomments&template=$template&id=$news_arr[0]&archive=$archive&start_from=$my_start_from&ucat=$news_arr[6]', '_News', '$config_comments_popup_string');return false;\">", $output);
}else{
$output = str_replace("[com-link]","<a href=\"$PHP_SELF?subaction=showcomments&id=$news_arr[0]&archive=$archive&start_from=$my_start_from&ucat=$news_arr[6]&$user_query\">", $output);
}
$output = str_replace("[/com-link]","</a>", $output);
$output = str_replace("{author-name}", $name_to_nick[$news_arr[1]], $output);

if($my_mails[$news_arr[1]] != ""){
$output = str_replace("[mail]","<a href=\"mailto:".$my_mails[$news_arr[1]]."\">", $output);
$output = str_replace("[/mail]","</a>", $output);
}else{
$output = str_replace("[mail]","", $output);
$output = str_replace("[/mail]","", $output);
}
$output = str_replace("{news-id}", $news_arr[0], $output);
$output = str_replace("{archive-id}", $archive, $output);
$output = str_replace("{php-self}", $PHP_SELF, $output);
$output = str_replace("{cute-http-path}", $config_http_script_dir, $output);


$output = replace_news("show", $output);

echo $output;
}
}
if(!$found){

//
// Article ID was not found, if we have not specified an archive -> try to find the article in some archive.
//

// Auto-Find ID In archives
//----------------------------------------------------------------------

if(!$archive or $archive == ''){
//get all archives. (if any) and fit our lost id in the most propper archive.
$lost_id = $id;
$all_archives = FALSE;
$hope_archive = FALSE;

if(!$handle = opendir("$cutepath/data/archives")){ echo("<!-- Can not open directory $cutepath/data/archives --> "); }
while (false !== ($file = readdir($handle)))
{
if($file != "." and $file != ".." and !is_dir("./data/archives/$file") and eregi("news.arch", $file))
{
$file_arr = explode(".", $file);
$all_archives[] = $file_arr[0];
}
}
closedir($handle);


if($all_archives){
sort($all_archives);
if(isset($all_archives[1])){
foreach($all_archives as $this_archive){
if($this_archive > $lost_id){ $hope_archive = $this_archive; break;}
}
}else{
if($all_archives[0] > $lost_id){ $hope_archive = $all_archives[0]; break;}
}
}
}

if($hope_archive){
echo"
<center>You are now being redirected to the article in our archives<br>if the redirection fails, please <a href=\"$PHP_SELF?start_from=$start_from&ucat=$ucat&subaction=$subaction&id=$id&archive=$hope_archive&$user_query\">click here</a></center>
<SCRIPT LANGUAGE=\"JavaScript\">
<!-- Lets hope the archive id is correct.
window.location=\"$PHP_SELF?start_from=$start_from&ucat=$ucat&subaction=$subaction&id=$id&archive=$hope_archive&$user_query\";
// -->
</script>";
}else{
echo("<div style=\"text-align: center;\">Can not find an article with id: <strong>". @(int) htmlspecialchars($id)."</strong></div>");
}


$CN_HALT = TRUE;
break 1;
}
}
//####################################################################################################################
// Show Comments
//####################################################################################################################
if($allow_comments){


$comm_per_page = $config_comments_per_page;

$total_comments = 0;
$showed_comments = 0;
$comment_number = 0;
$showed = 0;
$all_comments = file("$comm_file");

foreach($all_comments as $comment_line)
{
$comment_line = trim($comment_line);
$comment_line_arr = explode("\|>\|", $comment_line);
if($id == $comment_line_arr[0])
{
$individual_comments = explode("\|\|", $comment_line_arr[1]);

$total_comments = @count($individual_comments) - 1;

//show the page with our new comment, if we just added one
/* causes some problems, will be updated !!!
if($allow_add_comment and true){
$comm_start_from = $total_comments-1;
if($config_reverse_comments == "yes"){
$comm_start_from = 0;
}
}
*/

$iteration = 0;
if($config_reverse_comments == "yes"){$iteration = count($individual_comments)+1; $individual_comments = array_reverse($individual_comments); }

foreach($individual_comments as $comment)
{
if($config_reverse_comments == "yes") { $iteration --; }
else{ $iteration ++; }


$comment_arr = explode("\|", $comment);
if($comment_arr[0] != "")
{

if(isset($comm_start_from) and $comm_start_from != ""){
if($comment_number < $comm_start_from){ $comment_number++; continue; }
elseif($showed_comments == $comm_per_page){ break; }
}

$comment_number ++;
$comment_arr[4] = stripslashes(rtrim($comment_arr[4]));

if($comment_arr[2] != "none"){
if( preg_match("/^[\.A-z0-9_\-\+]+[@][A-z0-9_\-]+([.][A-z0-9_\-]+)+[A-z]{1,4}$/", $comment_arr[2])){ $url_target = "";$mail_or_url = "mailto:"; }
else{
$url_target = "target=\"_blank\"";
$mail_or_url = "";
if(substr($comment_arr[2],0,3) == "www"){ $mail_or_url = "http://"; }
}

$output = str_replace("{author}", "<a $url_target href=\"$mail_or_url".stripslashes($comment_arr[2])."\">".stripslashes($comment_arr[1])."</a>", $template_comment);
}
else{ $output = str_replace("{author}", $comment_arr[1], $template_comment); }

$comment_arr[4] = preg_replace("/\b((http(s?):\/\/)\|(www\.))([\w\.]+)([&-~\%\/\w+\.-?]+)\b/i", "<a href=\"http$3://$4$5$6\" target=\"_blank\">$2$4$5$6</a>", $comment_arr[4]);
$comment_arr[4] = preg_replace("/([\w\.]+)(@)([-\w\.]+)/i", "<a href=\"mailto:$0\">$0</a>", $comment_arr[4]);


$output = str_replace("{mail}", "$comment_arr[2]",$output);
$output = str_replace("{date}", date($config_timestamp_comment, $comment_arr[0]),$output);
$output = str_replace("{comment-id}", $comment_arr[0],$output);
$output = str_replace("{comment}", "<a name=\"".$comment_arr[0]."\"></a>$comment_arr[4]",$output);
$output = str_replace("{comment-iteration}", $iteration ,$output);

$output = replace_comment("show", $output);
echo $output;
$showed_comments++;
if($comm_per_page != 0 and $comm_per_page == $showed_comments){ break; }
}
}
}
}

//----------------------------------
// Prepare the Comment Pagination
//----------------------------------

$prev_next_msg = $template_comments_prev_next;

// Previous link
if(isset($comm_start_from) and $comm_start_from != "" and $comm_start_from > 0){
$prev = $comm_start_from - $comm_per_page;
$prev_next_msg = preg_replace("'\[prev-link\](.*?)\[/prev-link\]'si", "<a href=\"$PHP_SELF?comm_start_from=$prev&archive=$archive&subaction=showcomments&id=$id&ucat=$ucat&$user_query\">\\1</a>", $prev_next_msg);
}else{ $prev_next_msg = preg_replace("'\[prev-link\](.*?)\[/prev-link\]'si", "\\1", $prev_next_msg); $no_prev = TRUE; }

// Pages
if($comm_per_page){
$pages_count = @ceil($total_comments/$comm_per_page);
$pages_start_from = 0;
$pages = "";
for($j=1;$j<=$pages_count;$j++){
if($pages_start_from != $comm_start_from){ $pages .= "<a href=\"$PHP_SELF?comm_start_from=$pages_start_from&archive=$archive&subaction=showcomments&id=$id&ucat=$ucat&$user_query\">$j</a> "; }
else{ $pages .= " <strong>$j</strong> "; }
$pages_start_from += $comm_per_page;
}
$prev_next_msg = str_replace("{pages}", $pages, $prev_next_msg);
}

// Next link
if($comm_per_page < $total_comments and $comment_number < $total_comments){
$prev_next_msg = preg_replace("'\[next-link\](.*?)\[/next-link\]'si", "<a href=\"$PHP_SELF?comm_start_from=$comment_number&archive=$archive&subaction=showcomments&id=$id&ucat=$ucat&$user_query\">\\1</a>", $prev_next_msg);
}else{ $prev_next_msg = preg_replace("'\[next-link\](.*?)\[/next-link\]'si", "\\1", $prev_next_msg); $no_next = TRUE;}

if (!$no_prev or !$no_next){
echo $prev_next_msg;
}



$template_form = str_replace("{config_http_script_dir}", "$config_http_script_dir", $template_form);
//----------------------------------
// Check if the remember script exists
//----------------------------------
$CN_remember_include = '';
$CN_remember_form = '';
if(file_exists("$cutepath/remember.js")){
$CN_remember_include = "<script type=\"text/javascript\" src=\"$config_http_script_dir/remember.js\"></script><script>CNreadCookie();</script>";
$CN_remember_form = "onsubmit=\"return CNSubmitComment()\"";
}


$smilies_form = "\n<script type=\"text/javascript\">
//<![CDATA[
function insertext(text){
document.comment.comments.value+=\" \"+ text;
document.comment.comments.focus();
}
//]]></script>
<noscript>Your browser is not Javascript enable or you have turn it off. We recommend you to activate, otherwise you will have to enter the emoticons representations manually.
</noscript>".insertSmilies('short', FALSE);

$template_form = str_replace("{smilies}", $smilies_form, $template_form);

echo"<form $CN_remember_form method=\"post\" name=\"comment\" id=\"comment\" action=\"\">".$template_form."<div><input type=\"hidden\" name=\"subaction\" value=\"addcomment\" /><input type=\"hidden\" name=\"ucat\" value=\"$ucat\" /><input type=\"hidden\" name=\"show\" value=\"$show\" />$user_post_query</div></form>
\n $CN_remember_include";

}
//####################################################################################################################
// Active News
//####################################################################################################################

if($allow_active_news){

$all_news = file("$news_file");
if($reverse == TRUE){ $all_news = array_reverse($all_news); }

$count_all = 0;
if(isset($category) and $category != ""){
foreach($all_news as $news_line){

$news_arr = explode("\|", $news_line);

$is_in_cat = FALSE;
if(strstr($news_arr[6],',')){ //if the article is in multiple categories
// echo"<br>$news_arr[0] item is multy<br>";
$this_cats_arr = explode(',',$news_arr[6]);
foreach($this_cats_arr as $this_single_cat){
// echo"<br>if we want $this_single_cat ";
if($requested_cats and $requested_cats[$this_single_cat] == TRUE){ $is_in_cat=TRUE;}
}

}else{
// echo"<br>$news_arr[0] item is single<br>";
// echo"<br>if we want $news_arr[6] ";
if($requested_cats and $requested_cats[$news_arr[6]] == TRUE){ $is_in_cat=TRUE;}
}


if($is_in_cat){ $count_all ++; }
else{ continue; }


}
}else{ $count_all = count($all_news); }

$i = 0;
$showed = 0;
$repeat = TRUE;
$url_archive = $archive;
while($repeat != FALSE){

foreach($all_news as $news_line){

$news_arr = explode("\|", $news_line);





$is_in_cat = FALSE;
if(strstr($news_arr[6],',')){ //if the article is in multiple categories
$this_cats_arr = explode(',',$news_arr[6]);
foreach($this_cats_arr as $this_single_cat){
if($requested_cats and $requested_cats[$this_single_cat] == TRUE){ $is_in_cat=TRUE;}
}

}else{
if($requested_cats and $requested_cats[$news_arr[6]] == TRUE){ $is_in_cat=TRUE;}
}

if(!$is_in_cat and $category != '' and isset($category)){ continue; }





if(isset($start_from) and $start_from != ""){
if($i < $start_from){ $i++; continue; }
elseif($showed == $number){ break; }
}

if($my_names[$news_arr[1]]){ $my_author = $my_names[$news_arr[1]]; }
else{ $my_author = $news_arr[1]; }

$output = $template_active;
$output = str_replace("{title}", $news_arr[2], $output);
$output = str_replace("{author}", $my_author, $output);
if($news_arr[5] != ""){$output = str_replace("{avatar}", "<img alt=\"\" src=\"$news_arr[5]\" style=\"border: none;\" />", $output); }
else{ $output = str_replace("{avatar}", "", $output); }
$output = str_replace("{avatar-url}", "$news_arr[5]", $output);
$output = str_replace("[link]","<a href=\"$PHP_SELF?subaction=showfull&id=$news_arr[0]&archive=$archive&start_from=$my_start_from&ucat=$news_arr[6]&$user_query\">", $output);
$output = str_replace("[/link]","</a>", $output);
$output = str_replace("{comments-num}", countComments($news_arr[0], $archive), $output);
$output = str_replace("{short-story}", $news_arr[3], $output);
$output = str_replace("{full-story}", $news_arr[4], $output);
$output = str_replace("{category}", catid2name($news_arr[6]), $output);
$output = str_replace("{category-id}", $news_arr[6], $output);
if($cat_icon[$news_arr[6]] != ""){ $output = str_replace("{category-icon}", "<img alt=\"".$cat[$news_arr[6]]." icon\" style=\"border: none;\" src=\"".$cat_icon[$news_arr[6]]."\" />", $output); }
else{ $output = str_replace("{category-icon}", "", $output); }

$output = str_replace("{author-name}", $name_to_nick[$news_arr[1]], $output);

if($my_mails[$news_arr[1]] != ""){
$output = str_replace("[mail]","<a href=\"mailto:".$my_mails[$news_arr[1]]."\">", $output);
$output = str_replace("[/mail]","</a>", $output);
}else{
$output = str_replace("[mail]","", $output);
$output = str_replace("[/mail]","", $output);
}

$output = str_replace("{news-id}", $news_arr[0], $output);
$output = str_replace("{archive-id}", $archive, $output);
$output = str_replace("{php-self}", $PHP_SELF, $output);
$output = str_replace("{cute-http-path}", $config_http_script_dir, $output);


//if we are showing the RSS feed, add some need variables.
if($template == 'rss'){
$output = str_replace("{date}", date("r", $news_arr[0]), $output); // in RSS we need the date in specific format

if($rss_news_include_url == '' or !$rss_news_include_url){ $rss_news_include_url = '$config_http_script_dir/show_news.php'; }
$output = str_replace("{rss-news-include-url}", $rss_news_include_url, $output);
}else{
//normally display the date in the format that user wants it.
$output = str_replace("{date}", date($config_timestamp_active, $news_arr[0]), $output);
}



$output = replace_news("show", $output);


if($news_arr[4] != "" or $action == "showheadlines"){//if full story
if($config_full_popup == "yes"){

$output = preg_replace("/\\[full-link\\]/","<a href=\"#\" onclick=\"window.open('$config_http_script_dir/show_news.php?subaction=showfull&id=$news_arr[0]&archive=$archive&template=$template', '_News', '$config_full_popup_string');return false;\">", $output);
}else{
$output = str_replace("[full-link]","<a href=\"$PHP_SELF?subaction=showfull&id=$news_arr[0]&archive=$archive&start_from=$my_start_from&ucat=$news_arr[6]&$user_query\">", $output);
}
$output = str_replace("[/full-link]","</a>", $output);
}else{
$output = preg_replace("'\\[full-link\\].*?\\[/full-link\\]'si","<!-- no full story-->", $output);
}

if($config_comments_popup == "yes"){
$output = str_replace("[com-link]","<a href=\"#\" onclick=\"window.open('$config_http_script_dir/show_news.php?subaction=showcomments&template=$template&id=$news_arr[0]&archive=$archive&start_from=$my_start_from&ucat=$news_arr[6]', '_News', '$config_comments_popup_string');return false;\">", $output);
}else{
$output = str_replace("[com-link]","<a href=\"$PHP_SELF?subaction=showcomments&id=$news_arr[0]&archive=$archive&start_from=$my_start_from&ucat=$news_arr[6]&$user_query\">", $output);
}
$output = str_replace("[/com-link]","</a>", $output);


echo $output;
$showed++;
$i++;

if($number != 0 and $number == $i){ break; }
}
$used_archives[$archive] = TRUE;
// Archives Looop
if($i < $number and $only_active != TRUE){

if(!$handle = opendir("$cutepath/data/archives")){ die("<div style=\"text-align: center;\">Can not open directory $cutepath/data/archives</div>"); }
while (false !== ($file = readdir($handle)))
{
if($file != "." and $file != ".." and eregi("news.arch", $file))
{
$file_arr = explode(".",$file);
$archives_arr[$file_arr[0]] = $file_arr[0];
}
}
closedir($handle);

$archives_arr[$in_use]="";
$in_use = max($archives_arr);

if($in_use != "" and !$used_archives[$in_use]){
$all_news = file("$cutepath/data/archives/$in_use.news.arch");
$archive = $in_use;
$used_archives[$in_use] = TRUE;
}else{ $repeat = FALSE; }

}else{ $repeat = FALSE; }
}

// << Previous & Next >>

$prev_next_msg = $template_prev_next;

//----------------------------------
// Previous link
//----------------------------------
if(isset($start_from) and $start_from != "" and $start_from > 0){
$prev = $start_from - $number;
$prev_next_msg = preg_replace("'\[prev-link\](.*?)\[/prev-link\]'si", "<a href=\"$PHP_SELF?start_from=$prev&ucat=$ucat&archive=$url_archive&subaction=$subaction&id=$id&$user_query\">\\1</a>", $prev_next_msg);
}else{ $prev_next_msg = preg_replace("'\[prev-link\](.*?)\[/prev-link\]'si", "\\1", $prev_next_msg); $no_prev = TRUE; }

//----------------------------------
// Pages
//----------------------------------
if($number){
$pages_count = @ceil($count_all/$number);
$pages_start_from = 0;
$pages = "";
for($j=1;$j<=$pages_count;$j++){
if($pages_start_from != $start_from){ $pages .= "<a href=\"$PHP_SELF?start_from=$pages_start_from&ucat=$ucat&archive=$url_archive&subaction=$subaction&id=$id&$user_query\">$j</a> "; }
else{ $pages .= " <strong>$j</strong> "; }
$pages_start_from += $number;
}
$prev_next_msg = str_replace("{pages}", $pages, $prev_next_msg);
}
//----------------------------------
// Next link (typo here ... typo there... typos everywhere !)
//----------------------------------
if($number < $count_all and $i < $count_all){
$prev_next_msg = preg_replace("'\[next-link\](.*?)\[/next-link\]'si", "<a href=\"$PHP_SELF?start_from=$i&ucat=$ucat&archive=$url_archive&subaction=$subaction&id=$id&$user_query\">\\1</a>", $prev_next_msg);
}else{ $prev_next_msg = preg_replace("'\[next-link\](.*?)\[/next-link\]'si", "\\1", $prev_next_msg); $no_next = TRUE;}


if (!$no_prev or !$no_next){ echo $prev_next_msg; }
}
}while(0);

if((!isset($count_cute_news_includes) or !$count_cute_news_includes) and $template != 'rss'){
///
/// Removing the "P0wered By..." line is NOT allowed by the CuteNews License, only registered users are alowed to do so.
///
if(!file_exists("$cutepath/data/reg.php")){ echo base64_decode('PGRpdiBzdHlsZT0ibWFyZ2luLXRvcDoxNXB4O3dpZHRoOjEwMCU7dGV4dC1hbGlnbjpjZW50ZXI7Zm9udDo5cHggVmVyZGFuYTsiPkNvbnRlbnQgTWFuYWdlbWVudCBQb3dlcmVkIGJ5IDxhIGhyZWY9Imh0dHA6Ly9jdXRlcGhwLmNvbS8iIHRpdGxlPSJDdXRlTmV3cyAtIFBIUCBOZXdzIE1hbmFnZW1lbnQgU3lzdGVtIj5DdXRlTmV3czwvYT48L2Rpdj4='); }
else{
include("$cutepath/data/reg.php");
if(preg_match('/\\A(\\w{6})-\\w{6}-\\w{6}\\z/', $reg_site_key, $mmbrid)){

}else{
echo base64_decode('PGRpdiBzdHlsZT0ibWFyZ2luLXRvcDoxNXB4O3dpZHRoOjEwMCU7dGV4dC1hbGlnbjpjZW50ZXI7Zm9udDo5cHggVmVyZGFuYTsiPkNvbnRlbnQgTWFuYWdlbWVudCBQb3dlcmVkIGJ5IDxhIGhyZWY9Imh0dHA6Ly9jdXRlcGhwLmNvbS8iIHRpdGxlPSJDdXRlTmV3cyAtIFBIUCBOZXdzIE1hbmFnZW1lbnQgU3lzdGVtIj5DdXRlTmV3czwvYT48L2Rpdj4=');
}

}
}
$count_cute_news_includes++;
?>

file:a/cutenews/inc/tools.mdu (deleted)

<?PHP

if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permission for this section"); }
$success = FALSE;
// ********************************************************************************
// Archive
// ********************************************************************************
if($action == "archive")
{


// ***************************
// Un-Archive
// ***************************
if($subaction == "unarchive" and $aid != "" and isset($aid)){


if(!$handle = opendir("$cutepath/data/archives")){ die("<center>Unable to open directory $cutepath/data/archive</center>"); }
while (false !== ($file = readdir($handle)))
{
if ($file == "$aid.news.arch")
{
$newsfile = fopen("$cutepath/data/news.txt", 'a');
$newsarch = file("$cutepath/data/archives/$file");
foreach ($newsarch as $newsline)
{
fwrite($newsfile,$newsline);
}
fclose($newsfile);
unlink("$cutepath/data/archives/$file");
}
elseif ($file == "$aid.comments.arch")
{
$commfile = fopen("$cutepath/data/comments.txt", 'a');
$commarch = file("$cutepath/data/archives/$file");
foreach ($commarch as $commline)
{
fwrite($commfile,$commline);
}
fclose($commfile);
unlink("$cutepath/data/archives/$file");
}
}
closedir($handle);

}//end Un-Archive function


echoheader("archives", "Archives");

echo<<<HTML

<script language="javascript">
function confirmdelete(id,news){
var agree=confirm("Do you really want to permanently delete this archive ?\\nAll ("+news+") news and comments in it will be deleted.");
if (agree)
document.location="$PHP_SELF?mod=tools&action=dodeletearchive&archive="+id;
}
</script>
<form method=post action="$PHP_SELF"><table border=0 cellpading=0 cellspacing=0 width="645" >
<td width=321 height="33">
<b>Send news to archive</b>
<table border=0 cellpading=0 cellspacing=0 width=300 class="panel" cellpadding="10" >
<tr>
<td width=304 height="25">
<p align="center">
<input type=submit value="Proceed with archiving ...">
</tr>

</table>
<input type=hidden name=action value=doarchive>
<input type=hidden name=mod value=tools>
</form>

<td width=320 height="33" align="center">
<!-- HELP -->

<table height="25" cellspacing="0" cellpadding="0">
<tr>
<td width="25" align=middle><img border="0" src="skins/images/help_small.gif"></td>
<td > <a onClick="javascript:Help('archives')" href="#">Explaining archives and<br>
Their usage</a></td>
</tr>
</table>

<tr>
<td width=654 colspan="2" height="11">
<img height=20 border=0 src="skins/images/blank.gif" width=1>
<br> </tr>
<tr>
<td width=654 colspan=2 height=14>
<b>Available archives</b>
</tr>
<tr>

<td width=654 colspan=2 height=1>
<table width=641 height=100% cellspacing=0 cellpadding=0>
<tr>
<td width=8 bgcolor=#F7F6F4> </td>
<td width=160 bgcolor=#F7F6F4><u>archivation date</u></td>
<td width=222 bgcolor=#F7F6F4><u>duration</u></td>
<td width=81 bgcolor=#F7F6F4><u>news</u></td>
<td width=110 bgcolor=#F7F6F4><u><!--action--></u></td>

</tr>
HTML;

if(!$handle = opendir("./data/archives")){ die("<center>Can not open directory $cutepath/data/archives "); }
while (false !== ($file = readdir($handle)))
{
if($file != "." and $file != ".." and !is_dir("./data/archives/$file") and eregi("news.arch", $file))
{

$file_arr = explode(".", $file);
$id = $file_arr[0];

$news_lines = file("./data/archives/$file");
$creation_date = date("d F Y",$file_arr[0]);
$count = count($news_lines);
$last = $count-1;
$first_news_arr = explode("\|", $news_lines[$last]);
$last_news_arr = explode("\|", $news_lines[0]);

$first_timestamp = $first_news_arr[0];
$last_timestamp = $last_news_arr[0];

$duration = (date("d M Y",$first_timestamp) ." - ". date("d M Y",$last_timestamp) );
echo "
<tr>
<td ></td>
<td >$creation_date</td>
<td >$duration</td>
<td >$count</td>
<td ><a title='Edit the news in this archive' href=\"$PHP_SELF?mod=editnews&action=list&source=$id\">[edit]</a> <a title='restore news from this archive to active news' href=\"$PHP_SELF?mod=tools&action=archive&subaction=unarchive&aid=$id\">[unarchive]</a> <a title='Delete this archive' onClick=\"javascript:confirmdelete('$id', '$count');\" href=\"#\">[delete]</a></td>
</tr>
";
}
}
closedir($handle);

if($count == 0){
echo"<tr><td align=center colspan=6><br>There are no archives</td></tr>";
}

echo<<<HTML
</table>
</table>
HTML;

echofooter();
}
// ********************************************************************************
// Make Archive
// ********************************************************************************
elseif($action == "doarchive")
{
if(filesize("./data/news.txt") == 0){ msg("error", "Error !!!", "Sorry but there are no news to be archived", "$PHP_SELF?mod=tools&action=archive"); }
if(filesize("./data/comments.txt") == 0){ msg("error", "Error !!!", "The comments file is empty and can not be archived", "$PHP_SELF?mod=tools&action=archive"); }

$arch_name = time()+($config_date_adjust*60);
if(!@copy("./data/news.txt","./data/archives/$arch_name.news.arch")) { msg("error","Error !!!","Can not create file ./data/archives/$arch_name.news.arch", "$PHP_SELF?mod=tools&action=archive");}
if(!@copy("./data/comments.txt","./data/archives/$arch_name.comments.arch")) { msg("error","Error !!!","Can not create file ./data/archives/$arch_name.comments.arch", "$PHP_SELF?mod=tools&action=archive");}

$handle = fopen("./data/news.txt","w");
fclose($handle);
$handle = fopen("./data/comments.txt","w");
fclose($handle);

msg("archives", "Archive Saved", "&nbsp  All active news were successfully added to archives file with name <b>$arch_name.news.arch</b>", "$PHP_SELF?mod=tools&action=archive");
}
// ********************************************************************************
// Do Delete Archive
// ********************************************************************************
elseif($action == "dodeletearchive"){
$success = 0;
if(!$handle = opendir("./data/archives")){ die("<center>Can not open directory $cutepath/data/archive "); }
while (false !== ($file = readdir($handle))){
if($file == "$archive.news.arch" or $file == "$archive.comments.arch"){
unlink("./data/archives/$file"); $success ++;
}
}
closedir($handle);

if($success == 2){
msg("info", "Arhcive Deleted", "The archive was successfully deleted", "$PHP_SELF?mod=tools&action=archive");
}elseif($success == 1){
msg("error", "Error !!!", "Either the comments part or the news part of the archive was not deleted", "$PHP_SELF?mod=tools&action=archive");
}else{
msg("error", "Error !!!", "The archive you specified was not deleted, it is not on the server or you don't have permissions to delete it", "$PHP_SELF?mod=tools&action=archive");
}

}
// ********************************************************************************
// Backup News and archives
// ********************************************************************************
elseif($action == "backup")
{
echoheader("options", "Backup");
echo'
<script language="javascript">
function confirmdelete(id){
var agree=confirm("Do you really want to permanently delete this backup ?");
if (agree)
document.location="index.php?mod=tools&action=dodeletebackup&backup="+id;
}
function confirmrestore(id){
var agree=confirm("Do you really want to restore your news from this backup ?\nAll current news and archives will be overwritten.");
if (agree)
document.location="index.php?mod=tools&action=dorestorebackup&backup="+id;
}
</script>
<table border=0 cellpading=0 cellspacing=0 width="645" >
<td width=321 height="33">
<b>Create BackUp</b>
<table border=0 cellpading=0 cellspacing=0 class="panel" cellpadding="10" width="390" >
<form method=post action="'.$PHP_SELF.'">
<tr>
<td height="25" width="366">
Name of the BackUp: <input type=text name=back_name>  <input type=submit value=" Proceed ">

</td>
</tr>
<input type=hidden name=action value=dobackup>
<input type=hidden name=mod value=tools>
</form>
</table>
<tr>
<td width=654 height="11">
<img height=20 border=0 src="skins/images/blank.gif" width=1>
<br> </tr>
<tr>
<td width=654 height=14>
<b>Available BackUps</b>
</tr>
<tr>
<td width=654 height=1>
<table width=641 height=100% cellspacing=0 cellpadding=0>
<tr>
<td width=2% bgcolor=#F7F6F4> </td>
<td width=40% bgcolor=#F7F6F4><u>name</u></td>
<td width=22% bgcolor=#F7F6F4><u>active news</u></td>
<td width=16% bgcolor=#F7F6F4><u>archives</u></td>
<td width=20% bgcolor=#F7F6F4><u>action</u></td>
</tr>';

$count = 0;
if(!$handle = opendir("./data/backup")){ die("<center>Can not open directory $cutepath/data/backup "); }
while (false !== ($file = readdir($handle)))
{
if($file != "." and $file != ".." and is_dir("./data/backup/$file"))
{
$archives_count = 0;
$archives_handle = @opendir("./data/backup/$file/archives");
while (false !== ($arch = readdir($archives_handle))){
if(eregi(".news.arch", $arch)){ $archives_count++; }
}
closedir($archives_handle);


$news_count = count(file("./data/backup/$file/news.txt"));
echo "<tr>
<td></td>
<td>$file</td>
<td> $news_count</td>
<td> $archives_count</td>
<td><a onClick=\"javascript:confirmdelete('$file'); return(false)\" href=\"$PHP_SELF?mod=tools&action=dodeletebackup&backup=$file\">[delete]</a> <a onClick=\"javascript:confirmrestore('$file'); return(false)\" href=\"$PHP_SELF?mod=tools&action=dorestorebackup&backup=$file\">[restore]</a></td>
</tr>";
$count++;
}
}
closedir($handle);

if($count == 0){
echo"<tr><td colspan=5><p align=center><br>There are no backups</p></td></tr>";
}

echo'</table></table>';

echofooter();
}

// ********************************************************************************
// Do Delete Backup
// ********************************************************************************
elseif($action == "dodeletebackup")
{

function listdir($dir){

$current_dir = opendir($dir);
while($entryname = readdir($current_dir)){
if(is_dir("$dir/$entryname") and ($entryname != "." and $entryname!="..")){
listdir("${dir}/${entryname}");
}elseif($entryname != "." and $entryname!=".."){
unlink("${dir}/${entryname}");
}
}
@closedir($current_dir);
rmdir(${dir});
}
listdir("./data/backup/$backup");

msg("info", "Backup Deleted", "The backup was successfully deleted.", "$PHP_SELF?mod=tools&action=backup");

}
// ********************************************************************************
// Do restore backup
// ********************************************************************************
elseif($action == "dorestorebackup"){


if(!@copy("./data/backup/$backup/news.txt", "./data/news.txt")){ msg("error", "error", "./data/backup/$backup/news.txt", "$PHP_SELF?mod=tools&action=backup"); }
if(!@copy("./data/backup/$backup/comments.txt", "./data/comments.txt")){ msg("error", "error", "./data/backup/$backup/comments.txt", "$PHP_SELF?mod=tools&action=backup"); }

$dirp = opendir("./data/backup/$backup/archives");
while($entryname = readdir($dirp)){
if(!is_dir("./data/backup/$backup/archives/$entryname") and $entryname!="." and $entryname!=".."){
if(!@copy("./data/backup/$backup/archives/$entryname", "./data/archives/$entryname")){ msg("error", "error", "Can not copy ./data/backup/$backup/archives/$entryname"); }
}
}

msg("info", "Backup Restored", "The backup was successfully restored.", "$PHP_SELF?mod=tools&action=backup");
}
// ********************************************************************************
// Make The BackUp
// ********************************************************************************
elseif($action == "dobackup")
{
$back_name = eregi_replace(" ", "-", $back_name);


if(filesize("./data/news.txt") == 0){msg("error", "Error !!!", "The news file is empty and can not be backed-up", "$PHP_SELF?mod=tools&action=backup");}
if(filesize("./data/comments.txt") == 0){msg("error", "Error !!!", "The comments file is empty and can not be backed-up", "$PHP_SELF?mod=tools&action=backup");}

if(is_readable("./data/backup/$back_name")){ msg("error", "Error !!!", "A backup with this name already exist", "$PHP_SELF?mod=tools&action=backup"); }
if(!is_readable("./data/backup")){ mkdir("./backup", 0777); }
if(!is_writable("./data/backup")){ msg("error", "Error !!!", "The directory ./data/backup is not writable, please chmod it"); }
mkdir("./data/backup/$back_name", 0777);
mkdir("./data/backup/$back_name/archives", 0777);

if(!@copy("./data/news.txt", "./data/backup/$back_name/news.txt")){ die("Can not copy news.txt file to ./data/backup/$back_name :("); }
if(!@copy("./data/comments.txt","./data/backup/$back_name/comments.txt")){ die("Can not copy comments.txt file to ./data/backup/$back_name :("); }

if(!$handle = opendir("./data/archives")){ die("Can not create file"); }
while(false !== ($file = readdir($handle)))
{
if($file != "." and $file != "..")
{
if(!@copy("./data/archives/$file", "./data/backup/$back_name/archives/$file")){ die("Can not copy archive file to ./data/backup/$back_name/archives/$file :("); }
}
}
closedir($handle);

msg("info", "Backup", "All news and archives were successfully BackedUp under directory './data/backup/$back_name'", "$PHP_SELF?mod=tools&action=backup");
}

?>

file:a/cutenews/inc/wizards.mdu (deleted)

<?PHP
if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permission for this section"); }

if($action == "" or !$action){

$wizard_options = <<<HTMLWIZARDS
<ol>
<li style="margin-bottom:5px;"><a href='$PHP_SELF?mod=wizards&action=rss'><b>Rss</b> Setup and Integration</a></li>
<li><a href='$PHP_SELF?mod=wizards&action=news'>Integrate <b>News</b> into your site</a></li>
</ol>

HTMLWIZARDS;

msg("wizard", "Choose Wizard", "$wizard_options");
}


// ********************************************************************************
// Initiate the News Integration Wizard
// ********************************************************************************
if($action == "news"){

//Gather the Templates
$templates_list = array();
if(!$handle = opendir("./data")){ /die("<center>Can not open directory $cutepath/data ");/ }
while (false !== ($file = readdir($handle))){
if(eregi(".tpl", $file)){
$file_arr = explode(".", $file);
$templates_list[]= $file_arr[0];
}
}
closedir($handle);

$templates_html = "<select name=w_template>";
foreach($templates_list as $single_template){
if($single_template != "rss"){

if($single_template == "Default"){
$templates_html .= "<option selected value=\"$single_template\">$single_template</option>";
}else{
$templates_html .= "<option value=\"$single_template\">$single_template</option>";
}

}
}
$templates_html .= "</select>";

//Gather the Categories
$cat_lines = file("./data/category.db.php");
if($cat_lines){
$cat_html = "<select style='display:;' name=w_category[] id=category multiple>";
foreach($cat_lines as $single_line){
$cat_arr = explode("\|", $single_line);
$cat_html .= "<option value=\"$cat_arr[0]\">(ID:$cat_arr[0]) $cat_arr[1]</option>\n";
}
$cat_html .= "</select><br><label for=allcategory><input id=allcategory onClick=\"if(this.checked){getElementById('category').style.display='none';}else{getElementById('category').style.display='';}\" type=checkbox value='yes' name='w_allcategory'> Or Show from All Categories</label>";
}else{
$cat_html = "You have no categories";
}

echoheader("wizard", "News Integration Wizard");

echo<<<WIZARDHTML
<table border=0 cellpading=0 cellspacing=0 width=100% height=100%><form method="post" action="$PHP_SELF"><tr><td >

<table cellspacing="0" cellpadding="3" width="645" height="100%" border="0" style="border-collapse: collapse" bordercolor="#111111"><tr>
<td width="639" colspan="2">



Welcome to the News Integration Wizard. This tool will help you to integrate the
news that you have published using CuteNews, into your existing Webpage. <br>
</td></tr>
<tr>
<td bgcolor="#F7F6F4" style="padding:3px; border-bottom:1px solid gray;" width="639" colspan="2">
<b><font size="2">Quick Customization...</font></b></td>
</tr>
<tr>
<td width="356" >



<b><br>



Number of Active News to Display:</b></td>
<td width="277" rowspan="2" valign="top" align="center">



<br>
<input style="text-align: center" name="w_number" size="11"></td>
</tr>
<tr>
<td width="356" style="padding-left:10px; ">



<p align="justify"><i>if the active news are less then the specified number to show, the rest of the
news will be fetched from the archives (if any)</i></td>
</tr>
<tr>
<td width="356" >



<b><br>
Template to Use When Displaying News:</b></td>
<td width="277" rowspan="2" valign="top" align="center">



<br>
$templates_html

</td>
</tr>
<tr>
<td width="356" style="padding-left:10px; ">



<p align="justify"><i>using different templates you can customize the look of
your news, comments etc.</i></td>
</tr>
<tr>
<td width="356" >



<b><br>
Categories to Show News From:</b></td>
<td width="277" rowspan="2" valign="top" align="center">



<br>
$cat_html
</td>
</tr>
<tr>
<td width="356" style="padding-left:10px; ">



<p align="justify"><i>you can specify only from which categories news will be
displayed, hold CTRL to select multiple categories (if any)<br>
</i></td>
</tr>
<tr>
<td bgcolor="#F7F6F4" style="padding:3px; border-bottom:1px solid gray; " width="639" colspan="2">
<b><font size="2">Advanced Settings...</font></b></td>
</tr>
<tr>
<td width="356" >



<b><br>
Start 'Displaying' From...</b></td>
<td width="277" rowspan="2" align="center" valign="top">



<br>
<input name="w_start_from" size="11" style="text-align: center"></td>
</tr>
<tr>
<td width="356" style="padding-left:10px; ">



<i>if Set, the displaying of the news will be started from the specified number
(eg. if set to 2 - the first 2 news will be skipped and the rest shown)</i></td>
</tr>
<tr>
<td width="356" >



<b><br>
Reverse News Order:</b></td>
<td width="277" rowspan="2" align="center" valign="top">



<br>
<input type=checkbox value="yes" name="w_reverse"></td>
</tr>
<tr>
<td width="356" style="padding-left:10px; ">



<i>if Yes, the order of which the news are shown will be reversed</i></td>
</tr>
<tr>
<td width="356" >



<b><br>
Show Only Active News:</b></td>
<td width="277" rowspan="2" align="center" valign="top">



<br>
<input type=checkbox value="yes" name="w_only_active"></td>
</tr>
<tr>
<td width="356" style="padding-left:10px; ">



<i>if Yes, even if the number of news you requested to be shown is bigger than
all active news, no news from the archives will be shown</i></td>
</tr>
<tr>
<td width="356">



<b><br>
Static Include:</b></td>
<td width="277" rowspan="2" align="center" valign="top">



<br>
<input type=checkbox value="yes" name="w_static"></td>
</tr>
<tr>
<td width="356" style="padding-left:10px;">



<i>if Yes, the news will be displayed but will not show the full story and
comment pages when requested. useful for <a href=# onclick="javascript:Help('multiple_includes')">multiple includes</a>.</i></td>
</tr>
<tr>
<td width="639" colspan="2">



</td>
</tr>
<tr>
<td width="639" colspan="2" style="border-top:1px solid gray; padding-top:10px;">

<center><input type=submit style="font-weight:bold;" value="Proceed to Integration >>"></center>

</td>
</tr>
</table>

<input type=hidden name=mod value=wizards>
<input type=hidden name=action value=news_step2>

</td></tr></form></table>
WIZARDHTML;

echofooter();
}
// ********************************************************************************
// Show The News Integration Code
// ********************************************************************************
if($action == "news_step2"){
echoheader("wizard", "News Integration");

$the_code = '<?PHP'."\n";

// Try to determine include path
$include_path = dirname(dirname(__FILE__)) .'/show_news.php';


if($w_number and $w_number != ''){
$the_code .= '$number='.$w_number.";\n";
}


if($w_template != 'Default'){
$the_code .= '$template="'.$w_template."\";\n";
}


// Get ready with Categories (if any)
if($w_allcategory != 'yes' and isset($w_category) and $w_category != ''){
$i=0;
foreach($w_category as $category){
$i++;
$my_category .= "$category";
if(count($w_category) != $i){ $my_category .= ','; }
}
if(count($w_category) > 1){ $the_code .= '$category="'.$my_category."\";\n"; }
else{ $the_code .= '$category='.$my_category.";\n"; }
}


if($w_reverse == 'yes'){
$the_code .= "\$reverse=TRUE;\n";
}

if($w_only_active == 'yes'){
$the_code .= "\$only_active=TRUE;\n";
}

if($w_static == 'yes'){
$the_code .= "\$static=TRUE;\n";
}

if($w_start_from and $w_start_from != ''){
$the_code .= "\$start_from=$w_start_from;\n";
}

$the_code .= "include(\"$include_path\");\n?>";
echo"CuteNews determined your full path to show_news.php to be: '<b>$include_path</b>'<br>
If for some reasons the include path is incorrect or does not work, please determine<br>
the relative path for including <i>show_news.php</i> yourself or
consult your administrator.<br>
<br>
<center>To show your news, insert (copy & paste) the code into some of your pages (*.php) :<br><br>
<textarea style='sfont-weight:bold;' cols=70 rows=10>$the_code</textarea></center><br>";


echofooter();
}
// ********************************************************************************
// Initiate the RSS Wizard
// ********************************************************************************
if($action == "rss"){
echoheader("wizard", "RSS Set-Up Wizard");

echo"Rich Site Summary (sometimes referred to as Really Simple Syndication);<br>
RSS allows a web developer to share the content on his/her site. RSS repackages the web content <br>
as a list of data items, to which you can subscribe from a directory of RSS publishers. <br>
RSS 'feeds' can be read with a web browser or special RSS reader called a content aggregator.
<br><br><input onClick=\"document.location='$PHP_SELF?mod=wizards&action=rss_step2';\" type=button value='Proceed with RSS Configuration >>'><br><br>
";

echofooter();
}
// ********************************************************************************
// Show the RSS config
// ********************************************************************************
if($action == "rss_step2"){
include("./data/rss_config.php");

if($rss_language == '' or !$rss_language){ $rss_language = 'en-us'; }
if($rss_encoding == '' or !$rss_encoding){ $rss_encoding = 'UTF-8'; }

echoheader("wizard", "RSS Configuration");
echo<<<HTML

<table border=0 height=1 width=617 cellspacing="0" cellpadding="0">
<form method=POST action="index.php">
<td height="21" width=400 bgcolor=#F7F6F4 >
<b>URL of the page where you include your news</b><br>
<i>example: http://mysite.com/news.php</i><br>
<i>or: $config_http_script_dir/example2.php</i>
<td height="21" bgcolor=#F7F6F4 colspan=2>
<input name="rss_news_include_url" value="$rss_news_include_url" type=text size=30>
<tr>

<td height="21" >
<br>
Title of the RSS feed
<td height="21" colspan=2>
<br>
<input name="rss_title" value="$rss_title" size=30 >
</tr>


<tr>
<td height="21" bgcolor=#F7F6F4 >
<br>
Character Encoding (default: <i>UTF-8</i>)
<td height="21" colspan=2 bgcolor=#F7F6F4 >
<br>
<input name="rss_encoding" value="$rss_encoding" size=20 >
</tr>



<tr>
<td height="21" >
<br>
Language (default: <i>en-us</i>)
<td height="21">
<br>
<input name="rss_language" value="$rss_language" size=5 >
</tr>


<tr>
<td height="1" colspan="2" colspan=3>
<br /><br><input type=submit style="font-weight:bold; font-size:110%;" value="Save Configurations and Proceed >>" accesskey="s">
<input style="font-size:90%;" onClick="document.location='$PHP_SELF?mod=wizards&action=customizerss';" type=button value='Skip to Customization >>'>
</tr>

<input type=hidden name=mod value=wizards>
<input type=hidden name=action value=dosaverss>
</form>
</table>



HTML;

echofooter();
}

// ********************************************************************************
// Save the RSS Configuration
// ********************************************************************************
if($action == "dosaverss"){
if(!eregi("http://", "$rss_news_include_url")){ msg("error","Error", "The URL where you include your news must start with <b>http://</b> "); }

$handler = fopen("./data/rss_config.php", "w") or msg("error", "Error", "Can not open file ./data/rss_config.php");
fwrite($handler, "<?PHP \n\n//RSS Configurations (Auto Generated file)\n\n");

fwrite($handler, "\$rss_news_include_url = \"".htmlspecialchars($rss_news_include_url)."\";\n\n");
fwrite($handler, "\$rss_title = \"".htmlspecialchars($rss_title)."\";\n\n");
fwrite($handler, "\$rss_encoding = \"".htmlspecialchars($rss_encoding)."\";\n\n");
fwrite($handler, "\$rss_language = \"".htmlspecialchars($rss_language)."\";\n\n");

fwrite($handler, "?>");
fclose($handler);

msg("wizard", "RSS Configuration Saved", "The configurations were saved successfuly.<br><br><input onClick=\"document.location='$PHP_SELF?mod=wizards&action=customizerss';\" type=button value='Proceed With RSS Customization >>'>");
}
// ********************************************************************************
// Save the RSS Configuration
// ********************************************************************************
if($action == "customizerss"){
echoheader("wizard", "RSS Customization");


//
// Detect the categories (if any)
//
$cat_lines = file("./data/category.db.php");
if(count($cat_lines) > 0){
$cat_options .= "<select style=\"\" id=categories multiple size=5> \n";
foreach($cat_lines as $single_line){
$cat_arr = explode("\|", $single_line);
$cat_options .= "<option value=\"$cat_arr[0]\">(ID:$cat_arr[0]) $cat_arr[1]</option>\n";
}
$cat_options .= "</select> <br><label for=allcategories><input onClick=\"if(this.checked){getElementById('categories').style.display='none';}else{getElementById('categories').style.display='';}\" type=checkbox id=allcategories value=yes>Or show from all Categories</label>";
}else{
$cat_options = "You do not have any categories. <input type=hidden id=categories><input type=hidden id=allcategories>";
}





//
// Show the HTML
//
echo<<<HTMLECHO
<SCRIPT type="text/javascript">
function generateCode(){
sbox = document.getElementById('categories');
var categoryString = '';
var firstDone = 0;

for (var i=0; i<sbox.length; i++) {
if (sbox[i].selected) {

if(firstDone == 1){ categoryString = categoryString + ','; }
categoryString = categoryString + sbox[i].value;

firstDone = 1;

}
}

var number = document.getElementById('number').value;

var string = '$config_http_script_dir/rss.php';

if(document.getElementById('allcategories').checked \|\| categoryString == ''){
if(number != ''){ string += '?number='+number; }

}else{
string += '?category=' + categoryString;
if(number != ''){ string += '&number='+number; }
}



//alert(string);

var htmlcode = '<a title="RSS Feed" href="' + string + '">\\n<img src="$config_http_script_dir/skins/images/rss_icon.gif" border=0 />\\n</a>';

document.getElementById('result').value = htmlcode;


}

</SCRIPT>

<table cellspacing="0" cellpadding="5" width="647" height="100%" border="0" style="border-collapse: collapse" bordercolor="#111111"><tr>
<td width="647" colspan="3">After You have configured your RSS options, the
RSS feed is ready to be used.<br>
<br>
URL Address of your RSS: <b><a href="$config_http_script_dir/rss.php">
$config_http_script_dir/rss.php</a><br>
</b></td></tr>
<tr>
<td bgcolor="#F7F6F4" style="border-bottom:1px solid gray;" width="647" colspan="3"><b><font size="2"> Customizing
your RSS feed:</font></b></td>
</tr>
<tr>
<td width="647" colspan="3"> </td>
</tr>
<tr>
<td width="58"> </td><td width="393">Number of articles to be shown in
the RSS (default:10):</td><td width="196"><input id=number size=5 type="text" size="20"></td>
</tr>
<tr>
<td width="58"> </td><td width="393">Show articles only from these
categories:</td><td width="196">






$cat_options





</td>
</tr>
<tr>
<td colspan="3" style="padding:40px;">After you have selected your preferred settings, click the
'Generate HTML Code' button and you are ready to insert this code into your
page. The generated code will be of a linked RSS image that will be pointing
to your RSS feed (rss.php).

</td>
</tr>
<tr>
<td width="647" colspan="3">
<p align="center">
<input type=button value="Generate HTML Code" onClick="generateCode();" style="font-weight: bold; font-size:120%;" ><br>
<br>
<textarea id=result rows="5" cols="100"></textarea> </td>
</tr>
<tr>
<td width="647" colspan="3"> </td>
</tr>
</table>
HTMLECHO;

echofooter();
}

?>

file:a/cutenews/index.php (deleted)

<?PHP

/***************************************************************************
CuteNews CutePHP.com
Copyright (C) 2005 Georgi Avramov (flexer@cutephp.com)
****************************************************************************/

error_reporting (E_ALL ^ E_NOTICE);

require_once("./inc/functions.inc.php");
//#################

$PHP_SELF = "index.php";
$cutepath = ".";
$config_path_image_upload = "./data/upimages";

$config_use_cookies = TRUE; // Use Cookies When Checking Authorization
$config_use_sessions = FALSE; // Use Sessions When Checking Authorization
$config_check_referer = TRUE; // Set to TRUE for more seciruty
//#################

$Timer = new microTimer;
$Timer->start();

// Check if CuteNews is not installed
$all_users_db = file("./data/users.db.php");
$check_users = $all_users_db;
$check_users[1] = trim($check_users[1]);
$check_users[2] = trim($check_users[2]);
if((!$check_users[2] or $check_users[2] == "") and (!$check_users[1] or $check_users[1] == "")){
if(!file_exists("./inc/install.mdu")){ die('<h2>Error!</h2>CuteNews detected that you do not have users in your users.db.php file and wants to run the install module.<br>
However, the install module (<b>./inc/install.mdu</b>) can not be located, please reupload this file and make sure you set the proper permissions so the installation can continue.'); }
require("./inc/install.mdu");
die();
}

require_once("./data/config.php");
if(isset($config_skin) and $config_skin != "" and file_exists("./skins/${config_skin}.skin.php")){
require_once("./skins/${config_skin}.skin.php");
}else{
$using_safe_skin = true;
require_once("./skins/default.skin.php");
}

b64dck();
if($config_use_sessions){
@session_start();
@header("Cache-control: private");
}

if($action == "logout")
{
setcookie("md5_password","");
setcookie("username","");
setcookie("login_referer","");

if($config_use_sessions){
@session_destroy();
@session_unset();
setcookie(session_name(),"");
}
msg("info", "Logout", "You are now logged out, <a href=\"$PHP_SELF\">login</a><br /><br>");
}


$is_loged_in = FALSE;
$cookie_logged = FALSE;
$session_logged = FALSE;
$temp_arr = explode("?", $HTTP_REFERER);
$HTTP_REFERER = $temp_arr[0];
if(substr($HTTP_REFERER, -1) == "/"){ $HTTP_REFERER.= "index.php"; }

// Check if The User is Identified


if($config_use_cookies == TRUE){
/* Login Authorization using COOKIES */

if(isset($username))
{
if(isset($HTTP_COOKIE_VARS["md5_password"])){ $cmd5_password = $HTTP_COOKIE_VARS["md5_password"]; }
elseif(isset($_COOKIE["md5_password"])){ $cmd5_password = $_COOKIE["md5_password"]; }
else{ $cmd5_password = md5($password); }


// Do we have correct username and password ?
if(check_login($username, $cmd5_password))
{
if($action == 'dologin'){
setcookie("lastusername", $username, time()+1012324305);
if($rememberme == 'yes'){
setcookie("username", $username, time()+606024*30);
setcookie("md5_password", $cmd5_password, time()+606024*30);
}
else{
setcookie("username", $username);
setcookie("md5_password", $cmd5_password);
}
}

$cookie_logged = TRUE;

}else{
setcookie("username", FALSE);
setcookie("md5_password", FALSE);
$result = "<font color=red>Wrong username or password</font>";
$cookie_logged = FALSE;
}
}
/* END Login Authorization using COOKIES */
}

if($config_use_sessions == TRUE){
/* Login Authorization using SESSIONS */
if(isset($HTTP_X_FORWARDED_FOR)){ $ip = $HTTP_X_FORWARDED_FOR; }
elseif(isset($HTTP_CLIENT_IP)) { $ip = $HTTP_CLIENT_IP; }
if($ip == "") { $ip = $REMOTE_ADDR; }
if($ip == "") { $ip = "not detected";}

if($action == "dologin")
{
$md5_password = md5($password);
if(check_login($username, $md5_password)){
$session_logged = TRUE;

@session_register('username');
@session_register('md5_password');
@session_register('ip');
@session_register('login_referer');

$_SESSION['username'] = "$username";
$_SESSION['md5_password'] = "$md5_password";
$_SESSION['ip'] = "$ip";
$_SESSION['login_referer'] = "$HTTP_REFERER";

}else{
$result = "<font color=red>Wrong username and/or password</font>";
$session_logged = FALSE;
}
}elseif(isset($_SESSION['username'])){ // Check the if member is using valid username/password
if(check_login($_SESSION['username'], $_SESSION['md5_password'])){
if($_SESSION['ip'] != $ip){ $session_logged = FALSE; $result = "The IP in the session doesn not match with your IP"; }
else{ $session_logged = TRUE; }
}else{
$result = "<font color=red>Wrong username and/or password !!!</font>";
$session_logged = FALSE;
}
}

if(!$username){ $username = $_SESSION['username']; }
/* END Login Authorization using SESSIONS */
}

###########################

if($session_logged == TRUE or $cookie_logged == TRUE){
if($action == 'dologin'){
//-------------------------------------------
// Modify the Last Login Date of the user
//-------------------------------------------
$old_users_db = $all_users_db;
$modified_users = fopen("./data/users.db.php", "w");
foreach($old_users_db as $old_users_db_line){
$old_users_db_arr = explode("\|", $old_users_db_line);
if($member_db[0] != $old_users_db_arr[0]){
fwrite($modified_users, "$old_users_db_line");
}else{
fwrite($modified_users, "$old_users_db_arr[0]\|$old_users_db_arr[1]\|$old_users_db_arr[2]\|$old_users_db_arr[3]\|$old_users_db_arr[4]\|$old_users_db_arr[5]\|$old_users_db_arr[6]\|$old_users_db_arr[7]\|$old_users_db_arr[8]\|".time()."\|\|\n");
}
}
fclose($modified_users);
}

$is_loged_in = TRUE;
}

###########################

// If User is Not Logged In, Display The Login Page
if($is_loged_in == FALSE)
{
if($config_use_sessions){
@session_destroy();
@session_unset();
}

// setcookie("username","");
// setcookie("password","");
// setcookie("md5_password","");
// setcookie("login_referer","");

echoheader("user","Please Login");

if($config_allow_registration == "yes"){ $allow_reg_status = "<a href='register.php'>(register)</a> "; }else{ $allow_reg_status = ""; }

echo "
<table width=\"100%\" border=0 cellpadding=1 cellspacing=0>
<form name=login action='$PHP_SELF' method=post>
<tr>

<td width=80>Username: </td>
<td width='160'><input tabindex=1 type=text name=username value='$lastusername' style='width:150;'></td>
<td> $allow_reg_status</a></td>
</tr>
<tr>
<td>Password: </td>
<td><input type=password name=password style='width:150'></td>
<td> <a href='register.php?action=lostpass'>(lost password)</a> </td>
</tr>
<tr>

<td></td>
<td style='text-align:left'>
<input accesskey='s' type=submit style=\"width:150; background-color: #F3F3F3;\" value=' Login... '><br/>
</td>
<td style='text-align:left'><label for=rememberme title='Remmber me for 30 days, Do not use on Public-Terminals!'>
<input id=rememberme type=checkbox value=yes style=\"border:0px;\" name=rememberme>
Remember Me</label> </td>
</tr>

<tr>
<td align=center colspan=4 style='text-align:left;'>$result</td>
</tr>
<input type=hidden name=action value=dologin>
</form>
</table>";

echofooter();
}
elseif($is_loged_in == TRUE)
{

//----------------------------------
// Check Referer
//----------------------------------
if($config_check_referer == TRUE){
$self = $_SERVER["SCRIPT_NAME"];
if($self == ""){ $self = $_SERVER["REDIRECT_URL"]; }
if($self == ""){ $self = "index.php"; }

if(!eregi("$self",$HTTP_REFERER) and $HTTP_REFERER != ""){
die("<h2>Sorry but your access to this page was denied !</h2><br>try to <a href=\"?action=logout\">logout</a> and then login again<br>To turn off this security check, change \$config_check_referer in index.php to FALSE");
}
}
// ********************************************************************************
// Include System Module
// ********************************************************************************
if($_SERVER['QUERY_STRING'] == "debug"){ debug(); }

//name of mod //access
$system_modules = array('addnews' => 'user',
'editnews' => 'user',
'main' => 'user',
'options' => 'user',
'images' => 'user',
'editusers' => 'admin',
'editcomments' => 'admin',
'tools' => 'admin',
'ipban' => 'admin',
'about' => 'user',
'preview' => 'user',
'categories' => 'admin',
'massactions' => 'user',
'help' => 'user',
'snr' => 'admin',
'debug' => 'admin',
'wizards' => 'admin',
);


if($mod == ""){ require("./inc/main.mdu"); }
elseif( $system_modules[$mod] )
{
if( $member_db[1] == 4 and $mod != 'options'){ msg('error', 'Error!', 'Access Denied for your user-level (commenter)'); }
elseif( $system_modules[$mod] == "user"){ require("./inc/". $mod . ".mdu"); }
elseif( $system_modules[$mod] == "admin" and $member_db[1] == 1){ require("./inc/". $mod . ".mdu"); }
elseif( $system_modules[$mod] == "admin" and $member_db[1] != 1){ msg("error", "Access denied", "Only admin can access this module"); exit; }
else{ die("Module access must be set to <b>user</b> or <b>admin</b>"); }
}
else{ die("$mod is NOT a valid module"); }
}

echo"<!-- execution time: ".$Timer->stop()." -->";
?>

file:a/cutenews/register.php (deleted)

<?PHP



error_reporting (E_ALL ^E_NOTICE);
require_once("./inc/functions.inc.php");
require_once("./data/config.php");
require_once("./skins/${config_skin}.skin.php");



// Check if CuteNews is not installed
$all_users_db = file("./data/users.db.php");
$check_users = $all_users_db;
$check_users[1] = trim($check_users[1]);
$check_users[2] = trim($check_users[2]);
if((!$check_users[2] or $check_users[2] == "") and (!$check_users[1] or $check_users[1] == "")){
if(!file_exists("./inc/install.mdu")){ die('<h2>Error!</h2>CuteNews detected that you do not have users in your users.db.php file and wants to run the install module.<br>
However, the install module (<b>./inc/install.mdu</b>) can not be located, please reupload this file and make sure you set the proper permissions so the installation can continue.'); }

msg("info", "CuteNews Not Installed", "CuteNews is not properly installed (users missing) <a href=index.php>go to index.php</a>");
}


$register_level = $config_registration_level;

if($action == "doregister"){
if($config_allow_registration != "yes"){ msg("error","Error", "User registration is Disabled"); }
if(!$regusername){ msg("error","Error !!!", "Username can not be blank"); }
if(!$regpassword){ msg("error","Error !!!", "Password can not be blank"); }
if(!$regemail) { msg("error","Error !!!", "Email can not be blank"); }

$regusername = preg_replace( array("'<'", "'>'", "'\n'", "'\r'", "'\\|'"), array("", "", "", "", ""), $regusername);
$regnickname = preg_replace( array("'<'", "'>'", "'\n'", "'\r'", "'\\|'"), array("", "", "", "", ""), $regnickname);
$regemail = preg_replace( array("'<'", "'>'", "'\n'", "'\r'", "'\\|'"), array("", "", "", "", ""), $regemail);
$regpassword = preg_replace( array("'<'", "'>'", "'\n'", "'\r'", "'\\|'"), array("", "", "", "", ""), $regpassword);

if(!preg_match("/^[\.A-z0-9_\-]{1,15}$/i", $regusername)){ msg("error","Error !!!", "$regusername Your username must only contain valid characters, numbers and the symbol '_'"); }
if(!preg_match("/^[\.A-z0-9_\-]{1,15}$/i", $regnickname)){ msg("error","Error !!!", "Your nickname must only contain valid characters, numbers and the symbol '_'"); }
if(!preg_match("/^[\.A-z0-9_\-]+[@][A-z0-9_\-]+([.][A-z0-9_\-]+)+[A-z]{1,4}$/", $regemail)){ msg("error","Error !!!", "Not valid Email."); }
if(!preg_match("/^[\.A-z0-9_\-]{1,15}$/i", $regpassword)){ msg("error","Error !!!", "Your password must conatain only valid characters and numbers"); }

$all_users = file("./data/users.db.php");
foreach($all_users as $user_line)
{
$user_arr = explode("\|", $user_line);
if($user_arr[2] == $regusername){ msg("error", "Error", "This username is already taken"); }
}

$add_time = time()+($config_date_adjust*60);
$regpassword = md5($regpassword);

$old_users_file = file("./data/users.db.php");
$new_users_file = fopen("./data/users.db.php", "a");
fwrite($new_users_file, "$add_time\|$register_level\|$regusername\|$regpassword\|$regnickname\|$regemail\|0\|0\|\|\|\|\n");
fclose($new_users_file);

if($config_notify_registration == "yes" and $config_notify_status == "active"){
send_mail("$config_notify_email", "CuteNews - New User Registered", "New user ($regusername) has just registered:\nUsername: $regusername\nNickname: $regnickname\nEmail: $regemail\n ");
}

msg("user", "User Added", "You were successfully added to users database.<br>You can now login <a href=index.php>here</a>");


}elseif($action == "lostpass"){

echoheader("user","Lost Password");

echo"<form method=post action=\"$PHP_SELF\"><table border=0 cellpading=0 cellspacing=0 width=\"654\" height=\"59\" >
<td width=\"18\" height=\"11\">
<td width=\"71\" height=\"11\" align=\"left\">

Username<td width=\"203\" height=\"11\" align=\"left\">
<input type=text name=user seize=20>
<td width=\"350\" height=\"26\" align=\"left\" rowspan=\"2\" valign=\"middle\">
If the username and email match in our users database,<br> and email with furher instructions will be sent to you.
<tr>
<td width=\"18\" valign=\"top\" height=\"15\">
<td width=\"71\" height=\"15\" align=\"left\">
Email
<td width=\"203\" height=\"15\" align=\"left\">

<input type=text name=email size=\"20\">

</tr>
<tr>
<td width=\"18\" valign=\"top\" height=\"15\">
<td width=\"628\" height=\"15\" align=\"left\" colspan=\"3\">


</tr>
<tr>
<td width=\"18\" valign=\"top\" height=\"15\">
<td width=\"628\" height=\"15\" align=\"left\" colspan=\"3\">
<input type=submit value=\"Send me the Confirmation\">
</tr>
<input type=hidden name=action value=validate>
<input type=hidden name=mod value=lostpass>
<tr>
<td width=\"18\" height=\"27\">
<td width=\"632\" height=\"27\" colspan=\"3\">
</tr></table></form>";

echofooter();

}elseif($action == "validate"){

if(!isset($user) or !$user or $user == '' or !isset($email) or !$email or $email == ''){ msg("error", "Error !!!", "All the fields are required"); }

$found = FALSE;
$all_users = file("./data/users.db.php");
foreach($all_users as $user_line){
$user_arr = explode("\|", $user_line);
if($user_arr[2] == $user and $user_arr[5] == $email){ $sstring = "${user_arr[0]}${user_arr[3]}"; $found = TRUE; break;}
}
if(!$found){ msg("error", "Error !!!", "The username/email you enter did not match in our users database"); }
else{

$confirm_url = "$config_http_script_dir/register.php?a=dsp&s=$sstring";
$message = "Hi,\n Someone requested your password to be changed, if this is the desired action and you want to change your password please follow this link: $confirm_url .";


mail("$email", "Confirmation ( New Password for CuteNews )", $message,
"From: no-reply@$SERVER_NAME\r\n"
."X-Mailer: PHP/" . phpversion()) or die("can not send mail");

msg('info','Confirmation Email',"A confirmation email was sent, please check your inbox for further details.");
}


//Do Send Password
}elseif($a == "dsp"){

if($s == "" or !$s){ msg("error", "Error !!!", "All fields are required"); }
$found = FALSE;
$all_users = file("./data/users.db.php");
foreach($all_users as $user_line){
$user_arr = explode("\|", $user_line);
if($s == "${user_arr[0]}${user_arr[3]}"){ $found = TRUE; break;}
}
if(!$found){ msg("error", "Error !!!", "invalid string"); }
else{

$salt = "abchefghjkmnpqrstuvwxyz0123456789";
srand((double)microtime()*1000000);
for($i=0;$i<9;$i++){
$new_pass .= $salt{rand(0,33)};
}
$md5_pass = md5($new_pass);

$old_db = file("./data/users.db.php");
$new_db = fopen("./data/users.db.php", w);
foreach($old_db as $old_db_line){
$old_db_arr = explode("\|", $old_db_line);
if($s != "${old_db_arr[0]}${old_db_arr[3]}"){
fwrite($new_db,"$old_db_line");
}else{
fwrite($new_db,"$old_db_arr[0]\|$old_db_arr[1]\|$old_db_arr[2]\|$md5_pass\|$old_db_arr[4]\|$old_db_arr[5]\|$old_db_arr[6]\|$old_db_arr[7]\|\|\|\n");
}
}
fclose($new_db);

$message = "Hi $user_arr[2],\n Your new password for CuteNews is $new_pass, please after you login change this password.";

mail("$user_arr[5]", "Your New Password for CuteNews", $message,
"From: no-reply@$SERVER_NAME\r\n"
."X-Mailer: PHP/" . phpversion()) or die("can not send mail");


msg("info", "Password Sent", "The new password for <b> $user_arr[2]</b> was sent to the email.");
}

}else{
if($config_allow_registration != "yes"){ msg("error","Error", "User registration is Disabled"); }
echoheader("user", "User Registration");

echo<<<HTML
<table leftmargin=0 marginheight=0 marginwidth=0 topmargin=0 border=0 height=100% cellspacing=0>
<form name=login action="$PHP_SELF" method=post>
<tr>
<td width=80>Username: </td>
<td><input tabindex=1 type=text name=regusername style="width:134" size="20"></td>
</tr>
<tr>
<td width=80>Nickname: </td>
<td><input tabindex=1 type=text name=regnickname style="width:134" size="20"></td>
</tr>
<tr>
<td width=80>Password: </td>
<td><input tabindex=1 type=text name=regpassword style="width:134" size="20"></td>
</tr>
<tr>
<td width=80>Email: </td>
<td><input tabindex=1 type=text name=regemail style="width:134" size="20"></td>
</tr>
<tr>
<td></td>
<td ><input accesskey="s" type=submit style="background-color: #F3F3F3;" value='Register'></td>
</tr>
<tr>
<td align=center colspan=2>$result</td>
</tr>
<input type=hidden name=action value=doregister>
</form>
</table>
HTML;

echofooter();

}
?>

file:a/cutenews/remember.js (deleted)


function CNreadCookie() {

var CNname = CNGetCookie('CNname');
var CNmail = CNGetCookie('CNmail');

if(CNname != null){ document.comment.name.value = CNname; }
if(CNmail != null){ document.comment.mail.value = CNmail; }

}




function CNforget() {

var expDate = new Date();

CNSetCookie('name', '', expDate);
CNSetCookie('CNpass', '', expDate);
CNSetCookie('CNname', '', expDate);
CNSetCookie('CNmail', '', expDate);


document.comment.name.value = '';
document.comment.mail.value = '';

alert("All Your personal information collected by CuteNews has been deleted!\nEnjoy your anonymity.");

}




function CNSubmitComment() {

if(document.comment.CNremember.checked){
var expDays = 365;
var expDate = new Date();
expDate.setTime(expDate.getTime() + (24 * 60 * 60 * 1000 * expDays));

CNSetCookie('CNname', document.comment.name.value, expDate);
CNSetCookie('CNmail', document.comment.mail.value, expDate);
}

return true;
}




function CNRememberPass(pass) {

var expDays = 365;
var expDate = new Date();
expDate.setTime(expDate.getTime() + (24 * 60 * 60 * 1000 * expDays));

CNSetCookie('CNpass', pass, expDate);

}



function CNGetCookieVal (offset) {
var endstr = document.cookie.indexOf (";", offset);
if (endstr == -1)
endstr = document.cookie.length;
return unescape(document.cookie.substring(offset, endstr));
}





function CNGetCookie (name) {
var arg = name + "=";
var alen = arg.length;
var clen = document.cookie.length;
var i = 0;
while (i < clen) {
var j = i + alen;
if (document.cookie.substring(i, j) == arg)
return CNGetCookieVal (j);
i = document.cookie.indexOf(" ", i) + 1;
if (i == 0) break;
}
return null;
}





function CNSetCookie (name, value) {
var argv = CNSetCookie.arguments;
var argc = CNSetCookie.arguments.length;
var expires = (argc > 2) ? argv[2] : null;
var path = (argc > 3) ? argv[3] : null;
var domain = (argc > 4) ? argv[4] : null;
var secure = (argc > 5) ? argv[5] : false;
document.cookie = name + "=" + escape (value) +
((expires == null) ? "" : ("; expires=" + expires.toGMTString())) +
((path == null) ? "" : ("; path=" + path)) +
((domain == null) ? "" : ("; domain=" + domain)) +
((secure == true) ? "; secure" : "");
}

file:a/cutenews/rss.php (deleted)

<?PHP
include('./data/rss_config.php');

if(!isset($rss_news_include_url) or !$rss_news_include_url or $rss_news_include_url == ''){

die("The RSS is not configured.<br>Please do this from: <strong>CuteNews > Options > Implementation Wizards > RSS</strong>");

}

header("Content-type: text/xml");

echo"<?xml version=\"1.0\" encoding=\"$rss_encoding\" ?>
<?xml-stylesheet type=\"text/css\" href=\"skins/rss_style.css\" ?>
<rss version=\"2.0\" >
<channel>
<title>$rss_title</title>
<link>$rss_news_include_url</link>
<language>$rss_language</language>
<description></description>
<!-- <docs>This is an RSS 2.0 file intended to be viewed in a newsreader or syndicated to another site. For more information on RSS check : http://www.feedburner.com/fb/a/aboutrss</docs> -->
<generator>CuteNews</generator>
";

if(!$_GET[number] or $_GET[number] == ''){ $number = 10;}else{ $number = $_GET[number];}
if(!$_GET[only_active] or $_GET[only_active] == ''){ $only_active = TRUE;}else{ $only_active = $_GET[only_active];}

$template="rss";
include("show_news.php");


echo"</channel></rss>";
?>

file:a/cutenews/rte/blank.htm (deleted)

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title></title>
</head>

<body>

</body>
</html>

file:a/cutenews/rte/images/Thumbs.db (deleted)

 Binary files a/cutenews/rte/images/Thumbs.db and /dev/null differ

file:a/cutenews/rte/images/bgcolor.gif (deleted)

 Binary files a/cutenews/rte/images/bgcolor.gif and /dev/null differ

file:a/cutenews/rte/images/blackdot.gif (deleted)

 Binary files a/cutenews/rte/images/blackdot.gif and /dev/null differ

file:a/cutenews/rte/images/bold.gif (deleted)

 Binary files a/cutenews/rte/images/bold.gif and /dev/null differ

file:a/cutenews/rte/images/centre.gif (deleted)

 Binary files a/cutenews/rte/images/centre.gif and /dev/null differ

file:a/cutenews/rte/images/copy.gif (deleted)

 Binary files a/cutenews/rte/images/copy.gif and /dev/null differ

file:a/cutenews/rte/images/cut.gif (deleted)

 Binary files a/cutenews/rte/images/cut.gif and /dev/null differ

file:a/cutenews/rte/images/hr.gif (deleted)

 Binary files a/cutenews/rte/images/hr.gif and /dev/null differ

file:a/cutenews/rte/images/hyperlink.gif (deleted)

 Binary files a/cutenews/rte/images/hyperlink.gif and /dev/null differ

file:a/cutenews/rte/images/image.gif (deleted)

 Binary files a/cutenews/rte/images/image.gif and /dev/null differ

file:a/cutenews/rte/images/indent.gif (deleted)

 Binary files a/cutenews/rte/images/indent.gif and /dev/null differ

file:a/cutenews/rte/images/insert_table.gif (deleted)

 Binary files a/cutenews/rte/images/insert_table.gif and /dev/null differ

file:a/cutenews/rte/images/italic.gif (deleted)

 Binary files a/cutenews/rte/images/italic.gif and /dev/null differ

file:a/cutenews/rte/images/justifyfull.gif (deleted)

 Binary files a/cutenews/rte/images/justifyfull.gif and /dev/null differ

file:a/cutenews/rte/images/left_just.gif (deleted)

 Binary files a/cutenews/rte/images/left_just.gif and /dev/null differ

file:a/cutenews/rte/images/list.gif (deleted)

 Binary files a/cutenews/rte/images/list.gif and /dev/null differ

file:a/cutenews/rte/images/numbered_list.gif (deleted)

 Binary files a/cutenews/rte/images/numbered_list.gif and /dev/null differ

file:a/cutenews/rte/images/outdent.gif (deleted)

 Binary files a/cutenews/rte/images/outdent.gif and /dev/null differ

file:a/cutenews/rte/images/paste.gif (deleted)

 Binary files a/cutenews/rte/images/paste.gif and /dev/null differ

file:a/cutenews/rte/images/redo.gif (deleted)

 Binary files a/cutenews/rte/images/redo.gif and /dev/null differ

file:a/cutenews/rte/images/right_just.gif (deleted)

 Binary files a/cutenews/rte/images/right_just.gif and /dev/null differ

file:a/cutenews/rte/images/smiley.gif (deleted)

 Binary files a/cutenews/rte/images/smiley.gif and /dev/null differ

file:a/cutenews/rte/images/spellcheck.gif (deleted)

 Binary files a/cutenews/rte/images/spellcheck.gif and /dev/null differ

file:a/cutenews/rte/images/textcolor.gif (deleted)

 Binary files a/cutenews/rte/images/textcolor.gif and /dev/null differ

file:a/cutenews/rte/images/underline.gif (deleted)

 Binary files a/cutenews/rte/images/underline.gif and /dev/null differ

file:a/cutenews/rte/images/undo.gif (deleted)

 Binary files a/cutenews/rte/images/undo.gif and /dev/null differ

file:a/cutenews/rte/insert_link.htm (deleted)

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Insert Link</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<script language="JavaScript" type="text/javascript">
<!--
function AddLink() {
var oForm = document.linkForm;

//validate form
if (oForm.url.value == '') {
alert('Please enter a url.');
return false;
}
if (oForm.linkText.value == '') {
alert('Please enter link text.');
return false;
}

var html = '<a href="' + document.linkForm.url.value + '" target="' + document.linkForm.linkTarget.options[document.linkForm.linkTarget.selectedIndex].value + '">' + document.linkForm.linkText.value + '</a>';

window.opener.insertHTML(html);
window.close();
return true;
}
//-->
</script>
</head>

<body style="margin: 10px; background: #D3D3D3;">

<form name="linkForm" onSubmit="return AddLink();">
<table cellpadding="4" cellspacing="0" border="0">
<tr><td colspan="2"><span style="font-style: italic; font-size: x-small;"><b>Tip:</b> To insert an email link, start your URL with "mailto:"</span></td></tr>
<tr>
<td align="right">URL:</td>
<td><input name="url" type="text" id="url" size="40"></td>
</tr>
<tr>
<td align="right">Text:</td>
<td><input name="linkText" type="text" id="linkText" size="40"></td>
</tr>
<tr>
<td align="right">Target:</td>
<td align="left">
<select name="linkTarget" id="linkTarget">
<option value="_blank">_blank</option>
<option value="_parent">_parent</option>
<option value="_self" selected>_self</option>
<option value="_top">_top</option>
</select>
</td>
</tr>
<tr>
<td colspan="3" align="center">
<input type="submit" value="Insert Link" />
<input type="button" value="Cancel" onClick="window.close();" />
</td>
</tr>
</table>

</form>

</body>
</html>

file:a/cutenews/rte/insert_table.htm (deleted)

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Insert Table</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<script language="JavaScript" type="text/javascript">
<!--
function AddTable() {
var widthType = (document.tableForm.widthType.value == "pixels") ? "" : "%";
var html = '<table border="' + document.tableForm.border.value + '" cellpadding="' + document.tableForm.padding.value + '" ';

html += 'cellspacing="' + document.tableForm.spacing.value + '" width="' + document.tableForm.width.value + widthType + '">\n';
for (var rows = 0; rows < document.tableForm.rows.value; rows++) {
html += "<tr>\n";
for (cols = 0; cols < document.tableForm.columns.value; cols++) {
html += "<td> </td>\n";
}
html+= "</tr>\n";
}
html += "</table>\n";

window.opener.insertHTML(html);
window.close();
}
//-->
</script>
</head>

<body style="margin: 10px; background: #D3D3D3;">

<form name="tableForm">
<table cellpadding="4" cellspacing="0" border="0">
<tr>
<td align="right">Rows:</td>
<td><input name="rows" type="text" id="rows" value="2" size="4"></td>
<td align="left">Columns: <input name="columns" type="text" id="columns" value="2" size="4"></td>
</tr>
<tr>
<td align="right">Table width:</td>
<td><input name="width" type="text" id="width" value="100" size="4"></td>
<td align="left">
<select name="widthType" id="widthType">
<option value="pixels">pixels</option>
<option value="percent" selected>percent</option>
</select>
</td>
</tr>
<tr>
<td align="right">Border thickness:</td>
<td><input name="border" type="text" id="border" value="1" size="4"></td>
<td align="left">pixels</td>
</tr>
<tr>
<td align="right">Cell padding:</td>
<td><input name="padding" type="text" id="padding" value="4" size="4"></td>
<td>Cell spacing: <input name="spacing" type="text" id="0" value="0" size="4"></td>
</tr>
<tr>
<td colspan="3" align="center">
<input type="button" value="Insert Table" onClick="AddTable();" />
<input type="button" value="Cancel" onClick="window.close();" />
</td>
</tr>
</table>

</form>

</body>
</html>

file:a/cutenews/rte/palette.htm (deleted)

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Text Color</title>
<script language="JavaScript" type="text/javascript">
<!--
function selectColor(color) {
self.parent.setColor(color);
}

function InitColorPalette() {
if (document.getElementsByTagName)
var x = document.getElementsByTagName('TD');
else if (document.all)
var x = document.all.tags('TD');
for (var i=0; i < x.length; i++) {
x[i].onmouseover = over;
x[i].onmouseout = out;
x[i].onclick = click;
}
}

function over() {
this.style.border = '1px dotted white';
}

function out() {
this.style.border = '1px solid gray';
}

function click() {
selectColor(this.id);
}
//-->
</script>
</head>
<body bgcolor="white" onLoad="InitColorPalette()" leftmargin="0" rightmargin="0" marginwidth="0" marginheight="0" topmargin="0" bottommargin="0">
<table width="150" height="100" cellpadding="0" cellspacing="1" border="1" align="center">
<tr>
<td id="#FFFFFF" bgcolor="#FFFFFF" width="10" height="10"><img width="1" height="1"></td>
<td id="#FFCCCC" bgcolor="#FFCCCC" width="10" height="10"><img width="1" height="1"></td>
<td id="#FFCC99" bgcolor="#FFCC99" width="10" height="10"><img width="1" height="1"></td>
<td id="#FFFF99" bgcolor="#FFFF99" width="10" height="10"><img width="1" height="1"></td>
<td id="#FFFFCC" bgcolor="#FFFFCC" width="10" height="10"><img width="1" height="1"></td>
<td id="#99FF99" bgcolor="#99FF99" width="10" height="10"><img width="1" height="1"></td>
<td id="#99FFFF" bgcolor="#99FFFF" width="10" height="10"><img width="1" height="1"></td>
<td id="#CCFFFF" bgcolor="#CCFFFF" width="10" height="10"><img width="1" height="1"></td>
<td id="#CCCCFF" bgcolor="#CCCCFF" width="10" height="10"><img width="1" height="1"></td>
<td id="#FFCCFF" bgcolor="#FFCCFF" width="10" height="10"><img width="1" height="1"></td>
</tr>
<tr>
<td id="#CCCCCC" bgcolor="#CCCCCC" width="10" height="10"><img width="1" height="1"></td>
<td id="#FF6666" bgcolor="#FF6666" width="10" height="10"><img width="1" height="1"></td>
<td id="#FF9966" bgcolor="#FF9966" width="10" height="10"><img width="1" height="1"></td>
<td id="#FFFF66" bgcolor="#FFFF66" width="10" height="10"><img width="1" height="1"></td>
<td id="#FFFF33" bgcolor="#FFFF33" width="10" height="10"><img width="1" height="1"></td>
<td id="#66FF99" bgcolor="#66FF99" width="10" height="10"><img width="1" height="1"></td>
<td id="#33FFFF" bgcolor="#33FFFF" width="10" height="10"><img width="1" height="1"></td>
<td id="#66FFFF" bgcolor="#66FFFF" width="10" height="10"><img width="1" height="1"></td>
<td id="#9999FF" bgcolor="#9999FF" width="10" height="10"><img width="1" height="1"></td>
<td id="#FF99FF" bgcolor="#FF99FF" width="10" height="10"><img width="1" height="1"></td>
</tr>
<tr>
<td id="#C0C0C0" bgcolor="#C0C0C0" width="10" height="10"><img width="1" height="1"></td>
<td id="#FF0000" bgcolor="#FF0000" width="10" height="10"><img width="1" height="1"></td>
<td id="#FF9900" bgcolor="#FF9900" width="10" height="10"><img width="1" height="1"></td>
<td id="#FFCC66" bgcolor="#FFCC66" width="10" height="10"><img width="1" height="1"></td>
<td id="#FFFF00" bgcolor="#FFFF00" width="10" height="10"><img width="1" height="1"></td>
<td id="#33FF33" bgcolor="#33FF33" width="10" height="10"><img width="1" height="1"></td>
<td id="#66CCCC" bgcolor="#66CCCC" width="10" height="10"><img width="1" height="1"></td>
<td id="#33CCFF" bgcolor="#33CCFF" width="10" height="10"><img width="1" height="1"></td>
<td id="#6666CC" bgcolor="#6666CC" width="10" height="10"><img width="1" height="1"></td>
<td id="#CC66CC" bgcolor="#CC66CC" width="10" height="10"><img width="1" height="1"></td>
</tr>
<tr>
<td id="#999999" bgcolor="#999999" width="10" height="10"><img width="1" height="1"></td>
<td id="#CC0000" bgcolor="#CC0000" width="10" height="10"><img width="1" height="1"></td>
<td id="#FF6600" bgcolor="#FF6600" width="10" height="10"><img width="1" height="1"></td>
<td id="#FFCC33" bgcolor="#FFCC33" width="10" height="10"><img width="1" height="1"></td>
<td id="#FFCC00" bgcolor="#FFCC00" width="10" height="10"><img width="1" height="1"></td>
<td id="#33CC00" bgcolor="#33CC00" width="10" height="10"><img width="1" height="1"></td>
<td id="#00CCCC" bgcolor="#00CCCC" width="10" height="10"><img width="1" height="1"></td>
<td id="#3366FF" bgcolor="#3366FF" width="10" height="10"><img width="1" height="1"></td>
<td id="#6633FF" bgcolor="#6633FF" width="10" height="10"><img width="1" height="1"></td>
<td id="#CC33CC" bgcolor="#CC33CC" width="10" height="10"><img width="1" height="1"></td>
</tr>
<tr>
<td id="#666666" bgcolor="#666666" width="10" height="10"><img width="1" height="1"></td>
<td id="#990000" bgcolor="#990000" width="10" height="10"><img width="1" height="1"></td>
<td id="#CC6600" bgcolor="#CC6600" width="10" height="10"><img width="1" height="1"></td>
<td id="#CC9933" bgcolor="#CC9933" width="10" height="10"><img width="1" height="1"></td>
<td id="#999900" bgcolor="#999900" width="10" height="10"><img width="1" height="1"></td>
<td id="#009900" bgcolor="#009900" width="10" height="10"><img width="1" height="1"></td>
<td id="#339999" bgcolor="#339999" width="10" height="10"><img width="1" height="1"></td>
<td id="#3333FF" bgcolor="#3333FF" width="10" height="10"><img width="1" height="1"></td>
<td id="#6600CC" bgcolor="#6600CC" width="10" height="10"><img width="1" height="1"></td>
<td id="#993399" bgcolor="#993399" width="10" height="10"><img width="1" height="1"></td>
</tr>
<tr>
<td id="#333333" bgcolor="#333333" width="10" height="10"><img width="1" height="1"></td>
<td id="#660000" bgcolor="#660000" width="10" height="10"><img width="1" height="1"></td>
<td id="#993300" bgcolor="#993300" width="10" height="10"><img width="1" height="1"></td>
<td id="#996633" bgcolor="#996633" width="10" height="10"><img width="1" height="1"></td>
<td id="#666600" bgcolor="#666600" width="10" height="10"><img width="1" height="1"></td>
<td id="#006600" bgcolor="#006600" width="10" height="10"><img width="1" height="1"></td>
<td id="#336666" bgcolor="#336666" width="10" height="10"><img width="1" height="1"></td>
<td id="#000099" bgcolor="#000099" width="10" height="10"><img width="1" height="1"></td>
<td id="#333399" bgcolor="#333399" width="10" height="10"><img width="1" height="1"></td>
<td id="#663366" bgcolor="#663366" width="10" height="10"><img width="1" height="1"></td>
</tr>
<tr>
<td id="#000000" bgcolor="#000000" width="10" height="10"><img width="1" height="1"></td>
<td id="#330000" bgcolor="#330000" width="10" height="10"><img width="1" height="1"></td>
<td id="#663300" bgcolor="#663300" width="10" height="10"><img width="1" height="1"></td>
<td id="#663333" bgcolor="#663333" width="10" height="10"><img width="1" height="1"></td>
<td id="#333300" bgcolor="#333300" width="10" height="10"><img width="1" height="1"></td>
<td id="#003300" bgcolor="#003300" width="10" height="10"><img width="1" height="1"></td>
<td id="#003333" bgcolor="#003333" width="10" height="10"><img width="1" height="1"></td>
<td id="#000066" bgcolor="#000066" width="10" height="10"><img width="1" height="1"></td>
<td id="#330099" bgcolor="#330099" width="10" height="10"><img width="1" height="1"></td>
<td id="#330033" bgcolor="#330033" width="10" height="10"><img width="1" height="1"></td>
</tr>
</table>
</body>
</html>

file:a/cutenews/rte/richtext.js (deleted)

// Cross-Browser Rich Text Editor
// http://www.kevinroth.com/rte/demo.htm
// Written by Kevin Roth (kevin@NOSPAMkevinroth.com - remove NOSPAM)
// Visit the support forums at http://www.kevinroth.com/forums/index.php?c=2
// This code is public domain. Redistribution and use of this code, with or without modification, is permitted.

//init variables
var isRichText = false;
var rng;
var currentRTE;
var allRTEs = "";

var isIE;
var isGecko;
var isSafari;
var isKonqueror;

var imagesPath;
var includesPath;
var cssFile;
var generateXHTML;

var lang = "en";
var encoding = "iso-8859-1";


///////////////////////////////////
///////////
///////// javascript: currentRTE='short_story'; insertHTML("<b>Done!</b>")
//////////
///////////////////////////////////



function initRTE(imgPath, incPath, css, genXHTML) {
//set browser vars
var ua = navigator.userAgent.toLowerCase();
isIE = ((ua.indexOf("msie") != -1) && (ua.indexOf("opera") == -1) && (ua.indexOf("webtv") == -1));
isGecko = (ua.indexOf("gecko") != -1);
isSafari = (ua.indexOf("safari") != -1);
isKonqueror = (ua.indexOf("konqueror") != -1);

generateXHTML = genXHTML;

//check to see if designMode mode is available
//Safari/Konqueror think they are designMode capable even though they are not
if (document.getElementById && document.designMode && !isSafari && !isKonqueror) {
isRichText = true;
}

if (isIE) {
document.onmouseover = raiseButton;
document.onmouseout = normalButton;
document.onmousedown = lowerButton;
document.onmouseup = raiseButton;
}

//set paths vars
imagesPath = imgPath;
includesPath = incPath;
cssFile = css;

if (isRichText) document.writeln('<style type="text/css">@import "' + includesPath + 'rte.css";</style>');

//for testing standard textarea, uncomment the following line
//isRichText = false;
}

function writeRichText(rte, html, width, height, buttons, readOnly) {
if (isRichText) {
if (allRTEs.length > 0) allRTEs += ";";
allRTEs += rte;

if (readOnly) buttons = false;

//adjust minimum table widths
if (isIE) {
// if (buttons && (width < 540)) width = 540;
var tablewidth = width;
} else {
// if (buttons && (width < 540)) width = 540;
var tablewidth = width + 4;
}

document.writeln('<div class="rteDiv">');
if (buttons == true) {
document.writeln('<table class="rteBack" cellpadding=2 cellspacing=0 id="Buttons1_' + rte + '" width="' + tablewidth + '">');
document.writeln(' <tr>');
document.writeln(' <td>');
document.writeln(' <select style="margin: 1px; font-size: 12px; height: 18px;" id="formatblock_' + rte + '" onchange="selectFont(\'' + rte + '\', this.id);">');
document.writeln(' <option value="">[Style]</option>');
document.writeln(' <option value="<p>">Paragraph <p></option>');
document.writeln(' <option value="<h1>">Heading 1 <h1></option>');
document.writeln(' <option value="<h2>">Heading 2 <h2></option>');
document.writeln(' <option value="<h3>">Heading 3 <h3></option>');
document.writeln(' <option value="<h4>">Heading 4 <h4></option>');
document.writeln(' <option value="<h5>">Heading 5 <h5></option>');
document.writeln(' <option value="<h6>">Heading 6 <h6></option>');
document.writeln(' <option value="<address>">Address <ADDR></option>');
document.writeln(' <option value="<pre>">Formatted <pre></option>');
document.writeln(' </select>');
document.writeln(' </td>');
document.writeln(' <td>');
document.writeln(' <select style="margin: 1px; font-size: 12px; height: 18px;" id="fontname_' + rte + '" onchange="selectFont(\'' + rte + '\', this.id)">');
document.writeln(' <option value="Font" selected>[Font]</option>');
document.writeln(' <option value="Arial, Helvetica, sans-serif">Arial</option>');
document.writeln(' <option value="Courier New, Courier, mono">Courier New</option>');
document.writeln(' <option value="Times New Roman, Times, serif">Times New Roman</option>');
document.writeln(' <option value="Verdana, Arial, Helvetica, sans-serif">Verdana</option>');
document.writeln(' <option value="Helvetica, Verdana, Arial, sans-serif">Helvetica</option>');
document.writeln(' </select>');
document.writeln(' </td>');
document.writeln(' <td>');
document.writeln(' <select style="margin: 1px; font-size: 12px; height: 18px;" unselectable="on" id="fontsize_' + rte + '" onchange="selectFont(\'' + rte + '\', this.id);">');
document.writeln(' <option value="Size">[Size]</option>');
document.writeln(' <option value="1">1</option>');
document.writeln(' <option value="2">2</option>');
document.writeln(' <option value="3">3</option>');
document.writeln(' <option value="4">4</option>');
document.writeln(' <option value="5">5</option>');
document.writeln(' <option value="6">6</option>');
document.writeln(' <option value="7">7</option>');
document.writeln(' </select>');
document.writeln(' </td>');
document.writeln(' <td width="100%">');
document.writeln(' </td>');
document.writeln(' </tr>');
document.writeln('</table>');
document.writeln('<table class="rteBack" cellpadding="0" cellspacing="0" id="Buttons2_' + rte + '" width="' + tablewidth + '">');
document.writeln(' <tr>');
document.writeln(' <td><img id="bold" class="rteImage" src="' + imagesPath + 'bold.gif" width="25" height="24" alt="Bold" title="Bold" onClick="rteCommand(\'' + rte + '\', \'bold\', \'\')"></td>');
document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'italic.gif" width="25" height="24" alt="Italic" title="Italic" onClick="rteCommand(\'' + rte + '\', \'italic\', \'\')"></td>');
document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'underline.gif" width="25" height="24" alt="Underline" title="Underline" onClick="rteCommand(\'' + rte + '\', \'underline\', \'\')"></td>');
document.writeln(' <td><img class="rteVertSep" src="' + imagesPath + 'blackdot.gif" width="1" height="20" border="0" alt=""></td>');
document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'left_just.gif" width="25" height="24" alt="Align Left" title="Align Left" onClick="rteCommand(\'' + rte + '\', \'justifyleft\', \'\')"></td>');
document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'centre.gif" width="25" height="24" alt="Center" title="Center" onClick="rteCommand(\'' + rte + '\', \'justifycenter\', \'\')"></td>');
document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'right_just.gif" width="25" height="24" alt="Align Right" title="Align Right" onClick="rteCommand(\'' + rte + '\', \'justifyright\', \'\')"></td>');
document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'justifyfull.gif" width="25" height="24" alt="Justify Full" title="Justify Full" onclick="rteCommand(\'' + rte + '\', \'justifyfull\', \'\')"></td>');
document.writeln(' <td><img class="rteVertSep" src="' + imagesPath + 'blackdot.gif" width="1" height="20" border="0" alt=""></td>');
document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'hr.gif" width="25" height="24" alt="Horizontal Rule" title="Horizontal Rule" onClick="rteCommand(\'' + rte + '\', \'inserthorizontalrule\', \'\')"></td>');
document.writeln(' <td><img class="rteVertSep" src="' + imagesPath + 'blackdot.gif" width="1" height="20" border="0" alt=""></td>');
document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'numbered_list.gif" width="25" height="24" alt="Ordered List" title="Ordered List" onClick="rteCommand(\'' + rte + '\', \'insertorderedlist\', \'\')"></td>');
document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'list.gif" width="25" height="24" alt="Unordered List" title="Unordered List" onClick="rteCommand(\'' + rte + '\', \'insertunorderedlist\', \'\')"></td>');
document.writeln(' <td><img class="rteVertSep" src="' + imagesPath + 'blackdot.gif" width="1" height="20" border="0" alt=""></td>');
// document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'outdent.gif" width="25" height="24" alt="Outdent" title="Outdent" onClick="rteCommand(\'' + rte + '\', \'outdent\', \'\')"></td>');
// document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'indent.gif" width="25" height="24" alt="Indent" title="Indent" onClick="rteCommand(\'' + rte + '\', \'indent\', \'\')"></td>');
document.writeln(' <td><div id="forecolor_' + rte + '"><img class="rteImage" src="' + imagesPath + 'textcolor.gif" width="25" height="24" alt="Text Color" title="Text Color" onClick="dlgColorPalette(\'' + rte + '\', \'forecolor\', \'\')"></div></td>');
document.writeln(' <td><div id="hilitecolor_' + rte + '"><img class="rteImage" src="' + imagesPath + 'bgcolor.gif" width="25" height="24" alt="Background Color" title="Background Color" onClick="dlgColorPalette(\'' + rte + '\', \'hilitecolor\', \'\')"></div></td>');
document.writeln(' <td><img class="rteVertSep" src="' + imagesPath + 'blackdot.gif" width="1" height="20" border="0" alt=""></td>');
document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'hyperlink.gif" width="25" height="24" alt="Insert Link" title="Insert Link" onClick="dlgInsertLink(\'' + rte + '\', \'link\')"></td>');
// document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'image.gif" width="25" height="24" alt="Add Image" title="Add Image" onClick="addImage(\'' + rte + '\')"></td>');
document.writeln(' <td><div id="table_' + rte + '"><img class="rteImage" src="' + imagesPath + 'insert_table.gif" width="25" height="24" alt="Insert Table" title="Insert Table" onClick="dlgInsertTable(\'' + rte + '\', \'table\', \'\')"></div></td>');
if (isIE) {
// document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'spellcheck.gif" width="25" height="24" alt="Spell Check" title="Spell Check" onClick="checkspell()"></td>');
}
// document.writeln(' <td><img class="rteVertSep" src="' + imagesPath + 'blackdot.gif" width="1" height="20" border="0" alt=""></td>');
// document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'cut.gif" width="25" height="24" alt="Cut" title="Cut" onClick="rteCommand(\'' + rte + '\', \'cut\')"></td>');
// document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'copy.gif" width="25" height="24" alt="Copy" title="Copy" onClick="rteCommand(\'' + rte + '\', \'copy\')"></td>');
// document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'paste.gif" width="25" height="24" alt="Paste" title="Paste" onClick="rteCommand(\'' + rte + '\', \'paste\')"></td>');
// document.writeln(' <td><img class="rteVertSep" src="' + imagesPath + 'blackdot.gif" width="1" height="20" border="0" alt=""></td>');
// document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'undo.gif" width="25" height="24" alt="Undo" title="Undo" onClick="rteCommand(\'' + rte + '\', \'undo\')"></td>');
// document.writeln(' <td><img class="rteImage" src="' + imagesPath + 'redo.gif" width="25" height="24" alt="Redo" title="Redo" onClick="rteCommand(\'' + rte + '\', \'redo\')"></td>');
document.writeln(' <td width="100%"></td>');
document.writeln(' </tr>');
document.writeln('</table>');
}
document.writeln('<iframe id="' + rte + '" name="' + rte + '" width="' + width + 'px" height="' + height + 'px" src="' + includesPath + 'blank.htm"></iframe>');
if (!readOnly) document.writeln('<br /><input type="checkbox" id="chkSrc' + rte + '" onclick="toggleHTMLSrc(\'' + rte + '\',' + buttons + ');" /> <label for="chkSrc' + rte + '">View Source</label>');
document.writeln('<iframe width="154" height="104" id="cp' + rte + '" src="' + includesPath + 'palette.htm" marginwidth="0" marginheight="0" scrolling="no" style="visibility:hidden; position: absolute;"></iframe>');
document.writeln('<input type="hidden" id="hdn' + rte + '" name="' + rte + '" value="">');
document.writeln('</div>');

document.getElementById('hdn' + rte).value = html;
enableDesignMode(rte, html, readOnly);
} else {
if (!readOnly) {
document.writeln('<textarea name="' + rte + '" id="' + rte + '" style="width: ' + width + 'px; height: ' + height + 'px;">' + html + '</textarea>');
} else {
document.writeln('<textarea name="' + rte + '" id="' + rte + '" style="width: ' + width + 'px; height: ' + height + 'px;" readonly>' + html + '</textarea>');
}
}
}

function enableDesignMode(rte, html, readOnly) {
var frameHtml = "<html id=\"" + rte + "\">\n";
frameHtml += "<head>\n";
//to reference your stylesheet, set href property below to your stylesheet path and uncomment
if (cssFile.length > 0 ) {
frameHtml += "<link media=\"all\" type=\"text/css\" href=\"" + includesPath + "rte.css\" rel=\"stylesheet\">\n";
} else {
frameHtml += "<style>\n";
frameHtml += "body {\n";
frameHtml += " background: #FFFFFF;\n";
frameHtml += " margin: 0px;\n";
frameHtml += " padding: 0px;\n";
frameHtml += "}\n";
frameHtml += "</style>\n";
}
frameHtml += "</head>\n";
frameHtml += "<body>\n";
frameHtml += html + "\n";
frameHtml += "</body>\n";
frameHtml += "</html>";

if (document.all) {
var oRTE = frames[rte].document;
oRTE.open();
oRTE.write(frameHtml);
oRTE.close();
if (!readOnly) {
oRTE.designMode = "On";
frames[rte].document.attachEvent("onkeypress", function evt_ie_keypress(event) {ieKeyPress(event, rte);});
}
} else {
try {
if (!readOnly) document.getElementById(rte).contentDocument.designMode = "on";
try {
var oRTE = document.getElementById(rte).contentWindow.document;
oRTE.open();
oRTE.write(frameHtml);
oRTE.close();
if (isGecko && !readOnly) {
//attach a keyboard handler for gecko browsers to make keyboard shortcuts work
oRTE.addEventListener("keypress", geckoKeyPress, true);
}
} catch (e) {
alert("Error preloading content.");
}
} catch (e) {
//gecko may take some time to enable design mode.
//Keep looping until able to set.
if (isGecko) {
setTimeout("enableDesignMode('" + rte + "', '" + html + "', " + readOnly + ");", 10);
} else {
return false;
}
}
}
}

function updateRTE(rte) {
if (!isRichText) return;

//check for readOnly mode
var readOnly = false;
if (document.all) {
if (frames[rte].document.designMode != "On") readOnly = true;
} else {
if (document.getElementById(rte).contentDocument.designMode != "on") readOnly = true;
}

if (isRichText && !readOnly) {
//if viewing source, switch back to design view
if (document.getElementById("chkSrc" + rte).checked) document.getElementById("chkSrc" + rte).click();
setHiddenVal(rte);
}
}

function setHiddenVal(rte) {
//set hidden form field value for current rte
var oHdnField = document.getElementById('hdn' + rte);

//convert html output to xhtml (thanks Timothy Bell and Vyacheslav Smolin!)
if (oHdnField.value == null) oHdnField.value = "";
if (document.all) {
if (generateXHTML) {
oHdnField.value = get_xhtml(frames[rte].document.body, lang, encoding);
} else {
oHdnField.value = frames[rte].document.body.innerHTML;
}
} else {
if (generateXHTML) {
oHdnField.value = get_xhtml(document.getElementById(rte).contentWindow.document.body, lang, encoding);
} else {
oHdnField.value = document.getElementById(rte).contentWindow.document.body.innerHTML;
}
}

//if there is no content (other than formatting) set value to nothing
if (stripHTML(oHdnField.value.replace(" ", " ")) == "" &&
oHdnField.value.toLowerCase().search("<hr") == -1 &&
oHdnField.value.toLowerCase().search("<img") == -1) oHdnField.value = "";
}

function updateRTEs() {
var vRTEs = allRTEs.split(";");
for (var i = 0; i < vRTEs.length; i++) {
updateRTE(vRTEs[i]);
}
}

function rteCommand(rte, command, option) {
//function to perform command
var oRTE;
if (document.all) {
oRTE = frames[rte];
} else {
oRTE = document.getElementById(rte).contentWindow;
}

try {
oRTE.focus();
oRTE.document.execCommand(command, false, option);
oRTE.focus();
} catch (e) {
// alert(e);
// setTimeout("rteCommand('" + rte + "', '" + command + "', '" + option + "');", 10);
}
}

function toggleHTMLSrc(rte, buttons) {
//contributed by Bob Hutzel (thanks Bob!)
var oHdnField = document.getElementById('hdn' + rte);

if (document.getElementById("chkSrc" + rte).checked) {
//we are checking the box

rteCommand(rte,'selectall','');

if (buttons) {
showHideElement("Buttons1_" + rte, "hide");
showHideElement("Buttons2_" + rte, "hide");
}
setHiddenVal(rte);
if (document.all) {
frames[rte].document.body.innerText = oHdnField.value;
} else {
var oRTE = document.getElementById(rte).contentWindow.document;
var htmlSrc = oRTE.createTextNode(oHdnField.value);
oRTE.body.innerHTML = "";
oRTE.body.appendChild(htmlSrc);
}
} else {
//we are unchecking the box
if (buttons) {
showHideElement("Buttons1_" + rte, "show");
showHideElement("Buttons2_" + rte, "show");
}
if (document.all) {
//fix for IE
var output = escape(frames[rte].document.body.innerText);
output = output.replace("%3CP%3E%0D%0A%3CHR%3E", "%3CHR%3E");
output = output.replace("%3CHR%3E%0D%0A%3C/P%3E", "%3CHR%3E");
frames[rte].document.body.innerHTML = unescape(output);
} else {
var oRTE = document.getElementById(rte).contentWindow.document;
var htmlSrc = oRTE.body.ownerDocument.createRange();
htmlSrc.selectNodeContents(oRTE.body);
oRTE.body.innerHTML = htmlSrc.toString();
}
}

}

function dlgColorPalette(rte, command) {
//function to display or hide color palettes
setRange(rte);

//get dialog position
var oDialog = document.getElementById('cp' + rte);
var buttonElement = document.getElementById(command + '_' + rte);
var iLeftPos = getOffsetLeft(buttonElement);
var iTopPos = getOffsetTop(buttonElement) + (buttonElement.offsetHeight + 4);
oDialog.style.left = (iLeftPos) + "px";
oDialog.style.top = (iTopPos) + "px";

if ((command == parent.command) && (rte == currentRTE)) {
//if current command dialog is currently open, close it
if (oDialog.style.visibility == "hidden") {
showHideElement(oDialog, 'show');
} else {
showHideElement(oDialog, 'hide');
}
} else {
//if opening a new dialog, close all others
var vRTEs = allRTEs.split(";");
for (var i = 0; i < vRTEs.length; i++) {
showHideElement('cp' + vRTEs[i], 'hide');
}
showHideElement(oDialog, 'show');
}

//save current values
parent.command = command;
currentRTE = rte;
}

function dlgInsertTable(rte, command) {
//function to open/close insert table dialog
//save current values
parent.command = command;
currentRTE = rte;
InsertTable = popUpWin(includesPath + 'insert_table.htm', 'InsertTable', 360, 180, '');
}

function dlgInsertLink(rte, command) {
//function to open/close insert table dialog
//save current values
parent.command = command;
currentRTE = rte;
InsertLink = popUpWin(includesPath + 'insert_link.htm', 'InsertLink', 360, 180, '');

//get currently highlighted text and set link text value
setRange(rte);
var linkText = '';
if (isIE) {
linkText = stripHTML(rng.htmlText);
} else {
linkText = stripHTML(rng.toString());
}
setLinkText(linkText);
}

function setLinkText(linkText) {
//set link text value in insert link dialog
try {
window.InsertLink.document.linkForm.linkText.value = linkText;
} catch (e) {
//may take some time to create dialog window.
//Keep looping until able to set.
setTimeout("setLinkText('" + linkText + "');", 10);
}
}

function popUpWin (url, win, width, height, options) {
var leftPos = (screen.availWidth - width) / 2;
var topPos = (screen.availHeight - height) / 2;
options += 'width=' + width + ',height=' + height + ',left=' + leftPos + ',top=' + topPos;
return window.open(url, win, options);
}

function setColor(color) {
//function to set color
var rte = currentRTE;
var parentCommand = parent.command;

if (document.all) {
if (parentCommand == "hilitecolor") parentCommand = "backcolor";

//retrieve selected range
rng.select();
}

rteCommand(rte, parentCommand, color);
showHideElement('cp' + rte, "hide");
}

function addImage(rte) {
//function to add image
imagePath = prompt('Enter Image URL:', 'http://');
if ((imagePath != null) && (imagePath != "")) {
rteCommand(rte, 'InsertImage', imagePath);
}
}

// Ernst de Moor: Fix the amount of digging parents up, in case the RTE editor itself is displayed in a div.
// KJR 11/12/2004 Changed to position palette based on parent div, so palette will always appear in proper location regardless of nested divs
function getOffsetTop(elm) {
var mOffsetTop = elm.offsetTop;
var mOffsetParent = elm.offsetParent;
var parents_up = 2; //the positioning div is 2 elements up the tree

while(parents_up > 0) {
mOffsetTop += mOffsetParent.offsetTop;
mOffsetParent = mOffsetParent.offsetParent;
parents_up--;
}

return mOffsetTop;
}

// Ernst de Moor: Fix the amount of digging parents up, in case the RTE editor itself is displayed in a div.
// KJR 11/12/2004 Changed to position palette based on parent div, so palette will always appear in proper location regardless of nested divs
function getOffsetLeft(elm) {
var mOffsetLeft = elm.offsetLeft;
var mOffsetParent = elm.offsetParent;
var parents_up = 2;

while(parents_up > 0) {
mOffsetLeft += mOffsetParent.offsetLeft;
mOffsetParent = mOffsetParent.offsetParent;
parents_up--;
}

return mOffsetLeft;
}

function selectFont(rte, selectname) {
//function to handle font changes
var idx = document.getElementById(selectname).selectedIndex;
// First one is always a label
if (idx != 0) {
var selected = document.getElementById(selectname).options[idx].value;
var cmd = selectname.replace('_' + rte, '');
rteCommand(rte, cmd, selected);
document.getElementById(selectname).selectedIndex = 0;
}
}

function insertHTML(html) {
//function to add HTML -- thanks dannyuk1982
var rte = currentRTE;

var oRTE;
if (document.all) {
oRTE = frames[rte];
} else {
oRTE = document.getElementById(rte).contentWindow;
}

oRTE.focus();
if (document.all) {
var oRng = oRTE.document.selection.createRange();
oRng.pasteHTML(html);
oRng.collapse(false);
oRng.select();
} else {
oRTE.document.execCommand('insertHTML', false, html);
}
}

function showHideElement(element, showHide) {
//function to show or hide elements
//element variable can be string or object
if (document.getElementById(element)) {
element = document.getElementById(element);
}

if (showHide == "show") {
element.style.visibility = "visible";
} else if (showHide == "hide") {
element.style.visibility = "hidden";
}
}

function setRange(rte) {
//function to store range of current selection
var oRTE;
if (document.all) {
oRTE = frames[rte];
var selection = oRTE.document.selection;
if (selection != null) rng = selection.createRange();
} else {
oRTE = document.getElementById(rte).contentWindow;
var selection = oRTE.getSelection();
rng = selection.getRangeAt(selection.rangeCount - 1).cloneRange();
}
return rng;
}

function stripHTML(oldString) {
//function to strip all html
var newString = oldString.replace(/(<([^>]+)>)/ig,"");

//replace carriage returns and line feeds
newString = newString.replace(/\r\n/g," ");
newString = newString.replace(/\n/g," ");
newString = newString.replace(/\r/g," ");

//trim string
newString = trim(newString);

return newString;
}

function trim(inputString) {
// Removes leading and trailing spaces from the passed string. Also removes
// consecutive spaces and replaces it with one space. If something besides
// a string is passed in (null, custom object, etc.) then return the input.
if (typeof inputString != "string") return inputString;
var retValue = inputString;
var ch = retValue.substring(0, 1);

while (ch == " ") { // Check for spaces at the beginning of the string
retValue = retValue.substring(1, retValue.length);
ch = retValue.substring(0, 1);
}
ch = retValue.substring(retValue.length - 1, retValue.length);

while (ch == " ") { // Check for spaces at the end of the string
retValue = retValue.substring(0, retValue.length - 1);
ch = retValue.substring(retValue.length - 1, retValue.length);
}

// Note that there are two spaces in the string - look for multiple spaces within the string
while (retValue.indexOf(" ") != -1) {
// Again, there are two spaces in each of the strings
retValue = retValue.substring(0, retValue.indexOf(" ")) + retValue.substring(retValue.indexOf(" ") + 1, retValue.length);
}
return retValue; // Return the trimmed string back to the user
}

//********************
//Gecko-Only Functions
//********************
function geckoKeyPress(evt) {
//function to add bold, italic, and underline shortcut commands to gecko RTEs
//contributed by Anti Veeranna (thanks Anti!)
var rte = evt.target.id;

if (evt.ctrlKey) {
var key = String.fromCharCode(evt.charCode).toLowerCase();
var cmd = '';
switch (key) {
case 'b': cmd = "bold"; break;
case 'i': cmd = "italic"; break;
case 'u': cmd = "underline"; break;
};

if (cmd) {
rteCommand(rte, cmd, null);

// stop the event bubble
evt.preventDefault();
evt.stopPropagation();
}
}
}

//*****************
//IE-Only Functions
//*****************
function ieKeyPress(evt, rte) {
var key = (evt.which \|\| evt.charCode \|\| evt.keyCode);
var stringKey = String.fromCharCode(key).toLowerCase();

//the following breaks list and indentation functionality in IE (don't use)
// switch (key) {
// case 13:
// //insert <br> tag instead of <p>
// //change the key pressed to null
// evt.keyCode = 0;
//
// //insert <br> tag
// currentRTE = rte;
// insertHTML('<br>');
// break;
// };
}

function checkspell() {
//function to perform spell check
try {
var tmpis = new ActiveXObject("ieSpell.ieSpellExtension");
tmpis.CheckAllLinkedDocuments(document);
}
catch(exception) {
if(exception.number==-2146827859) {
if (confirm("ieSpell not detected. Click Ok to go to download page."))
window.open("http://www.iespell.com/download.php","DownLoad");
} else {
alert("Error Loading ieSpell: Exception " + exception.number);
}
}
}

function raiseButton(e) {
var el = window.event.srcElement;

className = el.className;
if (className == 'rteImage' \|\| className == 'rteImageLowered') {
el.className = 'rteImageRaised';
}
}

function normalButton(e) {
var el = window.event.srcElement;

className = el.className;
if (className == 'rteImageRaised' \|\| className == 'rteImageLowered') {
el.className = 'rteImage';
}
}

function lowerButton(e) {
var el = window.event.srcElement;

className = el.className;
if (className == 'rteImage' \|\| className == 'rteImageRaised') {
el.className = 'rteImageLowered';
}
}

file:a/cutenews/rte/rte.css (deleted)


.rteImage {
background: #D3D3D3;
background: #ECE9D8;
border: 1px solid #ECE9D8;
}

.rteImageRaised, .rteImage:hover {
background: #D3D3D3;
border: 1px outset;
}

.rteImageLowered, .rteImage:active {
background: #D3D3D3;
border: 1px inset;
}

.rteVertSep {
margin: 0 4px 0 4px;
}

.rteBack {
background: #D3D3D3;
background: #ECE9D8;
border: 1px outset;
letter-spacing: 0;

}

.rteBack tbody tr td, .rteBack tr td {

background: #D3D3D3;
background: #ECE9D8;
padding: 0;
}

.rteDiv {
display: block;
position: relative;
}


.rteImage {background:#EFEDDE;border:1px solid #EFEDDE;width:25px;height:24px;margin:0px;}
.rteImageRaised,.rteImage:hover {background:#cddbf3;border:1px solid #6e9ce6;width:25px;height:24px;margin:0px;}
.rteImageLowered,.rteImage:active {background:#C1D2EE;border:1px solid #316ac5;width:25px;height:24px;margin:0px;}
.rteSep {margin:0 2px 0 2px;width:1px;height:20px;border:0px}
.rteBar {
margin:0 2px 0 4px;
width:3px;
height:15px;
border:0px
}
.rteBack {
background:#EFEDDE;
letter-spacing:0;
height:24px;
border:0px;
border-top: 1px solid gray;
border-left: 1px solid gray;
border-right: 1px solid gray;
padding: 2px;
}
.rteBack tbody tr td, .rteBk tr td {background:#EFEDDE;height:24px}
.rteDiv {display:block;position:relative}

file:a/cutenews/search.php (deleted)

<?php
error_reporting (E_ALL ^ E_NOTICE);

$cutepath = __FILE__;
$cutepath = preg_replace( "'\\\search\.php'", "", $cutepath);
$cutepath = preg_replace( "'/search\.php'", "", $cutepath);

$files_arch = array();

require_once("$cutepath/inc/functions.inc.php");

//check for bad _GET and _POST
if($dosearch == "yes"){
$check_params = array_merge($_GET, $_POST);
foreach($check_params as $param_key=>$param_val){
if( !empty($param_val) && !preg_match('/^[a-zA-Z0-9\- ]{0,255}$/', $param_val) ){
die("Error! the parameter '$param_key' contains illigal characters");
}
}
}

$user_query = cute_query_string($QUERY_STRING, array("search_in_archives", "start_from", "archive", "subaction", "id", "cnshow",
"ucat","dosearch", "story", "title", "user", "from_date_day", "from_date_month", "from_date_year", "to_date_day", "to_date_month", "to_date_year"));
$user_post_query = cute_query_string($QUERY_STRING, array("search_in_archives", "start_from", "archive", "subaction", "id", "cnshow",
"ucat","dosearch", "story", "title", "user", "from_date_day", "from_date_month", "from_date_year", "to_date_day", "to_date_month", "to_date_year"), "post");

// Define Users
$all_users = file("$cutepath/data/users.db.php");
$my_names = array();
foreach($all_users as $my_user)
{
if(!eregi("<\?",$member_db_line)){
$user_arr = explode("\|",$my_user);
if($user_arr[4] != ""){ $my_names[$user_arr[2]] = "$user_arr[4]"; }
else{ $my_names[$user_arr[2]] = "$user_arr[2]"; }
}
}
// Show Search Form
echo<<<HTML
<script language='javascript' type="text/javascript">
function mySelect(form){
form.select();
}
function ShowOrHide(d1, d2) {
if (d1 != '') DoDiv(d1);
if (d2 != '') DoDiv(d2);
}
function DoDiv(id) {
var item = null;
if (document.getElementById) {
item = document.getElementById(id);
} else if (document.all){
item = document.all[id];
} else if (document.layers){
item = document.layers[id];
}
if (!item) {
}
else if (item.style) {
if (item.style.display == "none"){ item.style.display = ""; }
else {item.style.display = "none"; }
}else{ item.visibility = "show"; }
}
</script>
<form method=GET action="$PHP_SELF?subaction=search">
<input type=hidden name=dosearch value=yes>

<div align="center">
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td><table width="100%" cellspacing="0" cellpadding="0">
<td width="100%">
<p align="right">News <input type=text value="$story" name=story size="24">
</table></td>
</tr>
<tr>
<td>

<div id='advanced' style='display:none;z-index:1;'>
<table width="100%" cellspacing="0" cellpadding="0">
<td width="100%" align="right">
<p align="right">Title <input type=text value="$title" name=title size="24">
<tr>
<td width="100%" align="right">Author <input type=text value="$user" name=user size="24">
</tr>



<tr>
<td width="100%" align="right">From date
<select name=from_date_day>
<option value=""> </option>
HTML;
for($i=1;$i<32;$i++){
if($from_date_day == $i){ echo"<option selected value=$i>$i</option>"; }
else{ echo"<option value=$i>$i</option>"; }
}

echo"</select><select name=from_date_month> <option value=\"\"> </option>";

for($i=1;$i<13;$i++){
$timestamp = mktime(0,0,0,$i,1,2003);
if($from_date_month == $i){ echo"<option selected value=$i>". date("M", $timestamp) ."</option>"; }
else{ echo"<option value=$i>". date("M", $timestamp) ."</option>"; }
}

echo"</select><select name=from_date_year> <option value=\"\"> </option>";

for($i=2003;$i<2011;$i++){
if($from_date_year == $i){ echo"<option selected value=$i>$i</option>"; }
else{ echo"<option value=$i>$i</option>"; }
}
//////////////////////////////////////////////////////////////////////////
echo<<<HTML
</tr>
<tr>
<td width="100%" align="right">To date
<select name=to_date_day>
<option value=""> </option>
HTML;
for($i=1;$i<32;$i++){
if($to_date_day == $i){ echo"<option selected value=$i>$i</option>"; }
else{ echo"<option value=$i>$i</option>"; }
}

echo"</select><select name=to_date_month><option value=\"\"> </option>";

for($i=1;$i<13;$i++){
$timestamp = mktime(0,0,0,$i,1,2003);
if($to_date_month == $i){ echo"<option selected value=$i>". date("M", $timestamp) ."</option>"; }
else{ echo"<option value=$i>". date("M", $timestamp) ."</option>"; }
}

echo"</select><select name=to_date_year><option value=\"\"> </option>";

for($i=2003;$i<2011;$i++){
if($to_date_year == $i){ echo"<option selected value=$i>$i</option>"; }
else{ echo"<option value=$i>$i</option>"; }
}

if($search_in_archives){ $selected_search_arch = "checked=\"checked\""; }

echo<<<HTML
</select>
</tr>
<tr>
<td width="100%" align="right">
<p align="right"><label>Search and archives
<input type=checkbox $selected_search_arch name="search_in_archives" value="TRUE"></label>
</tr>
</table>
</div>

</td>
</tr>
<tr>
<td>
<p align="right">
<a href="javascript:ShowOrHide('advanced','')">advanced</a>   <input type=submit value=Search>
</td>
</tr>
</table>
</div>
$user_post_query
</form>
<center>
HTML;

// Don't edit below this line unless you know what you are doing !!!

if($dosearch == "yes")
{

if( $from_date_day != "" and $from_date_month != "" and $from_date_year != "" and $to_date_day != "" and $to_date_month != "" and $to_date_year != "" )
{
$date_from = mktime(0,0,0,$from_date_month,$from_date_day,$from_date_year);
$date_to = mktime(0,0,0,$to_date_month,$to_date_day,$to_date_year);

$do_date = TRUE;
}


$story = trim($story);

if($search_in_archives){
if(!$handle = opendir("$cutepath/data/archives")){ die("<center>Can not open directory $cutepath/data/archives "); }
while (false !== ($file = readdir($handle)))
{
if($file != "." and $file != ".." and eregi("news", $file))
{
$files_arch[] = "$cutepath/data/archives/$file";
}
}
}
$files_arch[] = "$cutepath/data/news.txt";

foreach($files_arch as $file)
{
$archive = FALSE;
if(ereg("([[:digit:]]{0,})\.news\.arch", $file, $regs)){ $archive = $regs[1]; }
$all_news_db = file("$file");
foreach($all_news_db as $news_line){
$news_db_arr = explode("\|",$news_line);
$found = 0;

$fuser = FALSE;
$ftitle = FALSE;
$fstory = FALSE;
if($title and @preg_match("/$title/i", "$news_db_arr[2]")){ $ftitle = TRUE; }
if($user and @preg_match("/\b$user\b/i", "$news_db_arr[1]")){ $fuser = TRUE; }
if($story and (@preg_match("/$story/i", "$news_db_arr[4]") or @preg_match("/$story/i", "$news_db_arr[3]"))){ $fstory = TRUE;}

if($title and $ftitle){ $ftitle = TRUE; }elseif(!$title){ $ftitle = TRUE; }else{ $ftitle = FALSE; }
if($story and $fstory){ $fstory = TRUE; }elseif(!$story){ $fstory = TRUE; }else{ $fstory = FALSE; }
if($user and $fuser) { $fuser = TRUE; }elseif(!$user) { $fuser = TRUE; }else{ $fuser = FALSE; }
if($do_date)
{
if($date_from < $news_db_arr[0] and $news_db_arr[0] < $date_to){ $fdate = TRUE; }else{ $fdate = FALSE; }
}else{ $fdate = TRUE; }

if($fdate and $ftitle and $fuser and $fstory){ $found_arr[$news_db_arr[0]] = $archive; }

}//foreach news line
}


echo"<br /><b>Founded News articles [". count($found_arr)."]:</b><br />";


if($do_date){echo"from ".@date("d F Y",$date_from)." to ".@date("d F Y",$date_to)."<br />";}


// Display Search Results
if(is_array($found_arr)){
foreach($found_arr as $news_id => $archive)
{
if($archive){$all_news = file("$cutepath/data/archives/$archive.news.arch");}
else{ $all_news = file("$cutepath/data/news.txt"); }

foreach($all_news as $single_line)
{
$item_arr = explode("\|",$single_line);
$local_id = $item_arr[0];

if($local_id == $news_id){
////////// Showing Result

echo"<br /><b><a href=\"$PHP_SELF?misc=search&subaction=showfull&id=$local_id&archive=$archive&cnshow=news&ucat=$item_arr[6]&start_from=&$user_query\">$item_arr[2]</a></b> (". date("d F, Y", $item_arr[0]) .")";

////////// End Showing Result
}
}
}
}else{ echo"There are no news matching your search criteria"; }

}//if user wants to search
elseif( ($misc == "search") and ($subaction == "showfull" or $subaction == "showcomments" or $_POST["subaction"] == "addcomment" or $subaction == "addcomment")){

require_once("$cutepath/show_news.php");

unset($action,$subaction);
}

?>

file:a/cutenews/show_archives.php (deleted)

<?PHP

error_reporting (E_ALL ^ E_NOTICE);

$cutepath = __FILE__;
$cutepath = preg_replace( "'\\\show_archives\.php'", "", $cutepath);
$cutepath = preg_replace( "'/show_archives\.php'", "", $cutepath);

require_once("$cutepath/inc/functions.inc.php");
require_once("$cutepath/data/config.php");
if(!isset($template) or $template == "" or strtolower($template) == "default"){ require_once("$cutepath/data/Default.tpl"); }
else{
if(file_exists("$cutepath/data/${template}.tpl")){ require("$cutepath/data/${template}.tpl"); }

else{ die("Error!<br>the template <b>".htmlspecialchars($template)."</b> does not exists, note that templates are case sensetive and you must write the name exactly as it is"); }
}

// Prepare requested categories
if(eregi("[a-z]", $category)){
die("<b>Error</b>!<br>CuteNews has detected that you use \$category = \"".htmlspecialchars($category)."\"; but you can call the categories only with their <b>ID</b> numbers and not with names<br>
example:<br><blockquote><?PHP<br>\$category = \"1\";<br>include(\"path/to/show_archives.php\");<br>?></blockquote>");
}
$category = preg_replace("/ /", "", $category);
$tmp_cats_arr = explode(",", $category);
foreach($tmp_cats_arr as $key=>$value){
if($value != ""){ $requested_cats[$value] = TRUE; }
}


if($archive == "" or !$archive){
$news_file = "$cutepath/data/news.txt";
$comm_file = "$cutepath/data/comments.txt";
}elseif(is_numeric($archive)){
$news_file = "$cutepath/data/archives/$archive.news.arch";
$comm_file = "$cutepath/data/archives/$archive.comments.arch";
}else{
die("Archive varialbe is invalid");
}

if($subaction == "" or !isset($subaction)){
$user_query = cute_query_string($QUERY_STRING, array("start_from", "archive", "subaction", "id", "ucat"));

if(!$handle = opendir("$cutepath/data/archives")){ die("<center>Can not open directory $cutepath/data/archives "); }
while (false !== ($file = readdir($handle))) {
$file_arr = explode(".",$file);
if($file != "." and $file != ".." and $file_arr[1] == "news"){
$arch_arr[] = $file_arr[0];
}
}
closedir($handle);

if(is_array($arch_arr)){
$arch_arr = array_reverse($arch_arr);
foreach($arch_arr as $arch_file){

$news_lines = file("$cutepath/data/archives/$arch_file.news.arch");
$count = count($news_lines);
$last = $count-1;
$first_news_arr = explode("\|", $news_lines[$last]);
$last_news_arr = explode("\|", $news_lines[0]);

$first_timestamp = $first_news_arr[0];
$last_timestamp = $last_news_arr[0];

echo"<a href=\"$PHP_SELF?archive=$arch_file&subaction=list-archive&$user_query\">".date("d M Y",$first_timestamp) ." - ". date("d M Y",$last_timestamp).", (<b>$count</b>)</a><br />";
}
}
}
else{

if( $CN_HALT != TRUE and $static != TRUE and ($subaction == "showcomments" or $subaction == "showfull" or $subaction == "addcomment") and ((!isset($category) or $category == "") or $requested_cats[$ucat] == TRUE) ){
if($subaction == "addcomment"){ $allow_add_comment = TRUE; $allow_comments = TRUE; }
if($subaction == "showcomments") $allow_comments = TRUE;
if(($subaction == "showcomments" or $allow_comments == TRUE) and $config_show_full_with_comments == "yes") $allow_full_story = TRUE;
if($subaction == "showfull") $allow_full_story = TRUE;
if($subaction == "showfull" and $config_show_comments_with_full == "yes") $allow_comments = TRUE;

}
else{
if($config_reverse_active == "yes"){ $reverse = TRUE; }
$allow_active_news = TRUE;
}
require("$cutepath/inc/shows.inc.php");

}
unset($template, $requested_cats, $reverse, $in_use, $archive, $archives_arr, $number, $no_prev, $no_next, $i, $showed, $prev, $used_archives);
?>
<!-- News Powered by CuteNews: http://cutephp.com/ -->

file:a/cutenews/show_news.php (deleted)

<?PHP

error_reporting (E_ALL ^ E_NOTICE);

$cutepath = __FILE__;
$cutepath = preg_replace( "'\\\show_news\.php'", "", $cutepath);
$cutepath = preg_replace( "'/show_news\.php'", "", $cutepath);

require_once("$cutepath/inc/functions.inc.php");
require_once("$cutepath/data/config.php");

// If we are showing RSS, include some need variables.
if($template == 'rss'){
include("$cutepath/data/rss_config.php");
}

//----------------------------------
// Check if we are included by PATH
//----------------------------------
if($_SERVER["HTTP_ACCEPT"] or $_SERVER["HTTP_ACCEPT_CHARSET"] or $_SERVER["HTTP_ACCEPT_ENCODING"] or $_SERVER["HTTP_CONNECTION"]){ /* do nothing */ }
elseif(eregi("show_news.php", $PHP_SELF)){
die("<h4>CuteNews has detected that you are including show_news.php using the URL to this file.<br>
This is incorrect and you must include it using the PATH to show_news.php</h4><br>Example:<br>
this is <font color=red>WRONG</font> :   <?PHP include(\"http://yoursite.com/cutenews/show_news.php\"); ?><br>
this is <font color=green>CORRECT</font>:   <?PHP include(\"cutenews/show_news.php\"); ?><br>
<br><BR>// <font size=2>if you think this message shouldn't be shown, open show_news.php and delete it from there</font>");
}
//----------------------------------
// End of the check
//----------------------------------

if(!isset($subaction) or $subaction == ""){ $subaction = $POST["subaction"]; }

if(!isset($template) or $template == "" or strtolower($template) == "default"){ require_once("$cutepath/data/Default.tpl"); }
else{
if(file_exists("$cutepath/data/${template}.tpl")){ require("$cutepath/data/${template}.tpl"); }
else{ die("Error!<br>the template <b>".htmlspecialchars($template)."</b> does not exists, note that templates are case sensetive and you must write the name exactly as it is"); }
}

// Prepare requested categories
if(eregi("[a-z]", $category)){
die("<b>Error</b>!<br>CuteNews has detected that you use \$category = \"".htmlspecialchars($category)."\"; but you can call the categories only with their <b>ID</b> numbers and not with names<br>
example:<br><blockquote><?PHP<br>\$category = \"1\";<br>include(\"path/to/show_news.php\");<br>?></blockquote>");
}
$category = preg_replace("/ /", "", $category);
$tmp_cats_arr = explode(",", $category);
foreach($tmp_cats_arr as $key=>$value){
if($value != ""){ $requested_cats[$value] = TRUE; }
}

if($archive == ""){
$news_file = "$cutepath/data/news.txt";
$comm_file = "$cutepath/data/comments.txt";
}else{
$news_file = "$cutepath/data/archives/$archive.news.arch";
$comm_file = "$cutepath/data/archives/$archive.comments.arch";
}

$allow_add_comment = FALSE;
$allow_full_story = FALSE;
$allow_active_news = FALSE;
$allow_comments = FALSE;



//<<<------------ Detarime what user want to do
if( $CN_HALT != TRUE and $static != TRUE and ($subaction == "showcomments" or $subaction == "showfull" or $subaction == "addcomment") and ((!isset($category) or $category == "") or ($requested_cats[$ucat] == TRUE ) ) ){
if($subaction == "addcomment"){ $allow_add_comment = TRUE; $allow_comments = TRUE; }
if($subaction == "showcomments"){ $allow_comments = TRUE; }
if(($subaction == "showcomments" or $allow_comments == TRUE) and $config_show_full_with_comments == "yes"){$allow_full_story = TRUE; }
if($subaction == "showfull") $allow_full_story = TRUE;
if($subaction == "showfull" and $config_show_comments_with_full == "yes") $allow_comments = TRUE;

}
else{
if($config_reverse_active == "yes"){ $reverse = TRUE; }
$allow_active_news = TRUE;
}
//----------->>> Detarime what user want to do

require("$cutepath/inc/shows.inc.php");
if($_GET['archive'] and $_GET['archive'] != ''){ $archive = $_GET['archive']; } // stupid fix ?
unset($static, $template, $requested_cats, $category, $catid, $cat,$reverse, $in_use, $archives_arr, $number, $no_prev, $no_next, $i, $showed, $prev, $used_archives);
?>
<!-- News Powered by CuteNews: http://cutephp.com/ -->

file:a/cutenews/skins/compact.skin.php (deleted)

<?PHP
$skin_prefix = "";
// *********
// Skin MENU
// *********
$skin_menu = <<<HTML
<table cellpadding=8 cellspacing=4 border=0>
<tr>
<td>
<a class="nav" href="$PHP_SELF?mod=main">Home</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=addnews&action=addnews">Add News</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=editnews&action=list">Edit News</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=options&action=options">Options</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=about&action=about">Help/About</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?action=logout">Logout</a>
</td>
</tr>
</table>
HTML;
// *******************
// Template -> Header
// *******************
$skin_header=<<<HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<script type="text/javascript" src="skins/cute.js"></script>
<style type="text/css">
<!--
SELECT, option, textarea, input {
BORDER: #000000 1px solid;
COLOR: #000000;
FONT-SIZE: 11px;
FONT-FAMILY: Verdana; BACKGROUND-COLOR: #ffffff
}
BODY {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
TD {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
a:active,a:visited,a:link {color: #446488; text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
a:hover {color: #00004F; text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}

a.nav { padding-top:3px; padding-bottom:3px; padding:2px;}
a.nav:active, a.nav:visited, a.nav:link { color: #000000; font-size : 10px; font-weight: bold; font-family: verdana; text-decoration: none;}
a.nav:hover { font-size : 10px; font-weight: bold; color: black; font-family: verdana; background-color:000000; color:FFFFFF}

.bborder { background-color: #FFFFFF; border: 1px #000000 solid; }
.panel {-moz-border-radius: .3em .3em .3em .3em; border: 1px dotted #B4D2E7; background-color: #ECF4F9;}
BODY, TD, TR {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt; cursor: default;}

input[type=submit]:hover, input[type=button]:hover{
background-color:#E0EDF3 !important;
}
-->
</style>
<title>CuteNews</title>
</head>
<body bgcolor="#A5CBDE">
<center>
<table width="565" border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="bborder" bgcolor="#FFFFFF" width="777">
<table border=0 cellpadding=0 cellspacing=0 bgcolor="#ffffff" width="645" >
<tr>
<td width="645" align="center">
{menu}
</td>
</tr>
<tr>
<td bgcolor="#000000" width="802" height="1"><img src="skins/images/blank.gif" width=1 height=1></td>
</tr>
<tr><td bgcolor="#FFFFFF" width="802" height="9"><img src="skins/images/blank.gif" width=1 height=5></td></tr>
<tr>
<td width="802" height="42">
</center>
<table border=0 cellpading=0 cellspacing=10 width="100%" height="100%" >
<tr>
<td width="98%" height="46%">
<!--MAIN area-->
HTML;
// ********************************************************************************
// Template -> Footer
// ********************************************************************************
$skin_footer=<<<HTML
<!--MAIN area-->
</tr>
</table>
</td>
</tr></table></td></tr></table>
<br /><center>{copyrights}
</body></html>
HTML;
?>

file:a/cutenews/skins/cute.js (deleted)

function Help(section) {
q=window.open('index.php?mod=help&section='+section, 'Help', 'scrollbars=1,resizable=1,width=450,height=400');
}

function ShowOrHide(d1, d2) {
if (d1 != '') DoDiv(d1);
if (d2 != '') DoDiv(d2);
}
function DoDiv(id) {
var item = null;
if (document.getElementById) {
item = document.getElementById(id);
} else if (document.all){
item = document.all[id];
} else if (document.layers){
item = document.layers[id];
}
if (!item) {
}
else if (item.style) {
if (item.style.display == "none"){ item.style.display = ""; }
else {item.style.display = "none"; }
}else{ item.visibility = "show"; }
}

file:a/cutenews/skins/default.skin.php (deleted)

<?PHP

$skin_prefix = "";

// ********************************************************************************
// Skin MENU
// ********************************************************************************

$skin_menu = <<<HTML
<table cellpadding=5 cellspacing=4 border=0>
<tr>
<td>
<a class="nav" href="$PHP_SELF?mod=main">Home</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=addnews&action=addnews" accesskey="a">Add News</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=editnews&action=list">Edit News</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=options&action=options">Options</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=about&action=about">Help/About</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?action=logout">Logout</a>
</td>
</tr>
</table>
HTML;

// ********************************************************************************
// Skin HEADER
// ********************************************************************************
$skin_header = <<<HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<script type="text/javascript" src="skins/cute.js"></script>
<style type="text/css">
<!--
select, textarea, input {
border: #808080 1px solid;
color: #000000;
font-size: 11px;
font-family: Verdana; BACKGROUND-COLOR: #ffffff }

input[type=submit]:hover, input[type=button]:hover{
background-color:#EBEBEB !important;
}

a:active,a:visited,a:link {color: #446488; text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
a:hover {color: #00004F; text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt; }

a.nav { padding-top:10px; padding-bottom:10px; padding:9px;}
a.nav:active, a.nav:visited, a.nav:link { color: #000000; font-size : 10px; font-weight: bold; font-family: verdana; text-decoration: none;}
a.nav:hover { font-size : 10px; font-weight: bold; color: black; font-family: verdana; text-decoration: underline; }

.header { font-size : 16px; font-weight: bold; color: #808080; font-family: verdana; text-decoration: none; }
.bborder { background-color: #FFFFFF; border: 1px #A7A6B4 solid; }
.panel {-moz-border-radius: .3em .3em .3em .3em; border: 1px solid silver; background-color: #F7F6F4;}

BODY, TD, TR {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt; cursor: default;}
-->
</style>
<title>CuteNews</title>



</head>

<body BgColor=white>
<center>
<table border="0" cellspacing="0" cellpadding="2" >
<tr>
<td class="bborder" bgcolor="#FFFFFF" style="-moz-border-radius: .8em .8em .8em .8em;">
<table border=0 cellpadding=0 cellspacing=0 bgcolor="#ffffff" width="745" >
<tr>
<td bgcolor="#FFFFFF" > </td>
</tr>
<tr>
<td bgcolor="#000000" ><img src="skins/images/blank.gif" width=1 height=1></td>
</tr>
<tr>
<td bgcolor="#F7F6F4" >
{menu}
</td>
</tr>
<tr>
<td bgcolor="#000000" ><img src="skins/images/blank.gif" width=1 height=1></td>
</tr>
<tr><td bgcolor="#FFFFFF" ><img src="skins/images/blank.gif" width=1 height=5></td></tr>
<tr>
<td >
</center>
<!--SELF-->
<table border=0 cellpading=0 cellspacing=0 width="100%" height="100%" >
<td width="13%" height="55%">
<p align="center"><br /><img border="0" src="skins/images/{image-name}.gif" >
<td width="87%" height="20%">
<div class=header>{header-text}</div>
<tr>
<td width="13%" height="26%">
<td width="87%" height="46%">
<!--MAIN area-->
HTML;

// ********************************************************************************
// Skin FOOTER
// ********************************************************************************
$skin_footer = <<<HTML
<!--MAIN area-->
<img border=0 height=10 src="skins/images/blank.gif"></tr>
</table>
<!--/SELF-->
</td>
</tr></table></td></tr></table>
<br /><center>{copyrights}
</body></html>
HTML;

?>

file:a/cutenews/skins/images/Thumbs.db (deleted)

 Binary files a/cutenews/skins/images/Thumbs.db and /dev/null differ

file:a/cutenews/skins/images/addnews.gif (deleted)

 Binary files a/cutenews/skins/images/addnews.gif and /dev/null differ

file:a/cutenews/skins/images/archives.gif (deleted)

 Binary files a/cutenews/skins/images/archives.gif and /dev/null differ

file:a/cutenews/skins/images/baloon.gif (deleted)

 Binary files a/cutenews/skins/images/baloon.gif and /dev/null differ

file:a/cutenews/skins/images/blank.gif (deleted)

 Binary files a/cutenews/skins/images/blank.gif and /dev/null differ

file:a/cutenews/skins/images/editnews.gif (deleted)

 Binary files a/cutenews/skins/images/editnews.gif and /dev/null differ

file:a/cutenews/skins/images/error.gif (deleted)

 Binary files a/cutenews/skins/images/error.gif and /dev/null differ

file:a/cutenews/skins/images/help_small.gif (deleted)

 Binary files a/cutenews/skins/images/help_small.gif and /dev/null differ

file:a/cutenews/skins/images/home.gif (deleted)

 Binary files a/cutenews/skins/images/home.gif and /dev/null differ

file:a/cutenews/skins/images/images.gif (deleted)

 Binary files a/cutenews/skins/images/images.gif and /dev/null differ

file:a/cutenews/skins/images/info.gif (deleted)

 Binary files a/cutenews/skins/images/info.gif and /dev/null differ

file:a/cutenews/skins/images/options.gif (deleted)

 Binary files a/cutenews/skins/images/options.gif and /dev/null differ

file:a/cutenews/skins/images/question.gif (deleted)

 Binary files a/cutenews/skins/images/question.gif and /dev/null differ

file:a/cutenews/skins/images/rss_icon.gif (deleted)

 Binary files a/cutenews/skins/images/rss_icon.gif and /dev/null differ

file:a/cutenews/skins/images/user.gif (deleted)

 Binary files a/cutenews/skins/images/user.gif and /dev/null differ

file:a/cutenews/skins/images/users.gif (deleted)

 Binary files a/cutenews/skins/images/users.gif and /dev/null differ

file:a/cutenews/skins/images/view_image.gif (deleted)

 Binary files a/cutenews/skins/images/view_image.gif and /dev/null differ

file:a/cutenews/skins/images/wizard.gif (deleted)

 Binary files a/cutenews/skins/images/wizard.gif and /dev/null differ

file:a/cutenews/skins/rss_style.css (deleted)

rss {
display: block;
font-family: verdana, arial;
}

channel title {
display:block;
margin: 5px;
padding: 2px;
color: gray;
border-bottom: 1px solid silver;
font-weight:bold;
}

channel link {
display:none;
}

item link{
display: block;
margin: 5px;
padding: 2px;
font-size:70%;
color: #91A7BA;

}
item title {
display: block;
margin: 5px;
padding: 2px;
border-bottom: 1px solid silver;
font-weight:bold;
color:black;
background-color:lightblue;
-moz-border-radius: .5em .5em .5em .5em;
}

item {
display: block;
padding: 2px 30px 2px 30px;
}

item description {
color: black;
margin: 12px;
font-size: small;
}
docs {
display: block;
background-color: #ffffe6;
margin: 20px;
text-align: center;
padding: 5px;
color: #7f7f7f;
border: 1px solid orange;
}

/* all hidden elements */
language, lastBuildDate, ttl, guid, category, generator, pubDate {
display: none;
}

channel:before{ background-color:yellow; padding:1px; -moz-border-radius:0 0 1em 0; font-size:111%; letter-spacing:0.05em; border-bottom:3px solid red; border-right:3px solid red; color:red; text-align: center; content:"This is an RSS 2.0 file intended to be viewed in a newsreader or syndicated to another site." }

file:a/cutenews/skins/simple.skin.php (deleted)

<?PHP
$skin_prefix = "";
// ********************************************************************************
// Skin MENU
// ********************************************************************************
$skin_menu = <<<HTML
<a class="nav" href="$PHP_SELF?mod=main">Home</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=addnews&action=addnews" accesskey="a">Add News</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=editnews&action=list">Edit News</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=options&action=options">Control Panel</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?mod=about&action=about">Help</a>
</td>
<td>\|</td>
<td>
<a class="nav" href="$PHP_SELF?action=logout">Exit</a>
HTML;
// ***********
// Skin HEADER
// ***********
$skin_header = <<<HTML
<html>
<head>
<title>CuteNews</title>
<script type="text/javascript" src="skins/cute.js"></script>
<style type='text/css'>
<!--
select, option, textarea, input {
BORDER: #808080 1px solid;
COLOR: #000000;
FONT-SIZE: 11px;
FONT-FAMILY: Verdana; BACKGROUND-COLOR: #ffffff
}

input[type=submit]:hover, input[type=button]:hover{
background-color:#EBEBEB !important;
}

a:active,a:visited,a:link {color: #446488; text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
a:hover {color: #00004F; text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt; }
a.nav:active, a.nav:visited, a.nav:link { color: #000000; font-size : 10px; font-weight: bold; font-family: verdana; text-decoration: none;}
a.nav:hover { font-size : 10px; font-weight: bold; color: black; font-family: verdana; text-decoration: underline; }
.bborder { background-color: #FFFFFF; }
.panel {-moz-border-radius: .3em .3em .3em .3em; border: 1px dotted silver; background-color: #F7F6F4;}
BODY, TD, TR {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt; cursor: default;}
-->
</style>
</head>
<body bgcolor=white marginwidth='0' leftmargin='0'>
<center>
<table border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="bborder" bgcolor="#FFFFFF" >
<table border=0 cellpadding=0 cellspacing=0 bgcolor="#ffffff" width="685" >
<tr>
<td bgcolor="#F7F6F4" align="center" height="24" style="-moz-border-radius: 3em 3em 0em 0em; border-left: 1px transparent; border-top: 1px transparent; border-right: 1px transparent; border-bottom: #808080 1px solid;">
<table cellpadding=5 cellspacing=0 border=0>
<tr>
<td>
{menu}
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td height="19">
</center>
<!--SELF-->
<table border=0 cellpading=0 cellspacing=15 width="100%" height="100%" >
<tr>
<td width="100%" height="100%" >
<!--MAIN area-->
HTML;
// ***********
// Skin FOOTER
// ***********
$skin_footer = <<<HTML
<!--/MAIN area-->
</tr>
</table>
</td>
</tr>
<tr >
<td bgcolor="#F7F6F4" height="24" align="center" style="-moz-border-radius: .0em .0em 3em 3em; border-left: 1px transparent; border-bottom: 1px transparent; border-right: 1px transparent; border-top: 1px solid #808080; ">
{copyrights}
</td>
</tr>
</center>
</table></td></tr></table>

</body></html>

HTML;
?>

file:a/futureindex.php -> file:b/futureindex.php

<?php	<?php
include_once ("./lib/common.inc.php");	include_once ("./lib/common.inc.php");
include_header("Agency");	include_header("Home");
include("/var/www/contractDashboard/cutenews/show_news.php");	echo ' <div class="hero-unit">
	<h1>Hello, world!</h1>
	<p>Vestibulum id ligula porta felis euismod semper. Integer posuere erat a ante venenatis dapibus posuere velit aliquet. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit.</p>
	<p><a class="btn primary large">Learn more »</a></p>
	</div>';
include_footer();	include_footer();
?>	?>

file:b/lib/bootstrap-dropdown.js (new)

	/* ============================================================
	* bootstrap-dropdown.js v1.4.0
	* http://twitter.github.com/bootstrap/javascript.html#dropdown
	* ============================================================
	* Copyright 2011 Twitter, Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	* ============================================================ */


	!function( $ ){

	"use strict"

	/* DROPDOWN PLUGIN DEFINITION
	* ========================== */

	$.fn.dropdown = function ( selector ) {
	return this.each(function () {
	$(this).delegate(selector \|\| d, 'click', function (e) {
	var li = $(this).parent('li')
	, isActive = li.hasClass('open')

	clearMenus()
	!isActive && li.toggleClass('open')
	return false
	})
	})
	}

	/* APPLY TO STANDARD DROPDOWN ELEMENTS
	* =================================== */

	var d = 'a.menu, .dropdown-toggle'

	function clearMenus() {
	$(d).parent('li').removeClass('open')
	}

	$(function () {
	$('html').bind("click", clearMenus)
	$('body').dropdown( '[data-dropdown] a.menu, [data-dropdown] .dropdown-toggle' )
	})

	}( window.jQuery \|\| window.ender );

file:a/lib/common.inc.php -> file:b/lib/common.inc.php

<?php	<?php
date_default_timezone_set("Australia/ACT");	date_default_timezone_set("Australia/ACT");

error_reporting(E_ALL ^ E_NOTICE);	error_reporting(E_ALL ^ E_NOTICE);


$conn = new PDO("pgsql:dbname=contractDashboard;user=postgres;password=snmc;host=localhost");	$conn = new PDO("pgsql:dbname=contractDashboard;user=postgres;password=snmc;host=localhost");

if (!$conn) {	if (!$conn) {
die("A database error occurred.\n");	die("A database error occurred.\n");
}	}

// $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);	// $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
function databaseError($errMsg)	function databaseError($errMsg) {
{
if ($errMsg[2] != "") {	if ($errMsg[2] != "") {
die(print_r($errMsg,true));	echo '<div class="alert-message error">';
	die(print_r($errMsg, true));
	echo "</div>";
}	}
}	}

function ucsmart($str) {	function ucsmart($str) {
$shortWords = Array("The","Pty","Ltd","Inc","Red","Oil","A","An","And","At","For","In"	$shortWords = Array("The", "Pty", "Ltd", "Inc", "Red", "Oil", "A", "An", "And", "At", "For", "In"
,"Of","On","Or","The","To","With");	, "Of", "On", "Or", "The", "To", "With");
$strArray = explode(" ",preg_replace("/(?<=(?<!:\|’s)\W)	$strArray = explode(" ", preg_replace("/(?<=(?<!:\|’s)\W)
(A\|An\|And\|At\|For\|In\|Of\|On\|Or\|The\|To\|With)	(A\|An\|And\|At\|For\|In\|Of\|On\|Or\|The\|To\|With)
(?=\W)/e", 'strtolower("$1")', ucwords(strtolower($str))));	(?=\W)/e", 'strtolower("$1")', ucwords(strtolower($str))));
foreach($strArray as &$word) {	foreach ($strArray as &$word) {
if (strlen($word) <= 4 && !in_array($word,$shortWords)) $word = strtoupper($word);	if (strlen($word) <= 4 && !in_array($word, $shortWords))
}	$word = strtoupper($word);
return implode(" ",$strArray);	}
	return implode(" ", $strArray);
}	}

function percent($num_amount, $num_total) {	function percent($num_amount, $num_total) {
$count1 = $num_amount / $num_total;	$count1 = $num_amount / $num_total;
$count2 = $count1 * 100;	$count2 = $count1 * 100;
$count = number_format($count2, 2);	$count = number_format($count2, 2);
return $count;	return $count;
}	}
function array_sum_all($a) {
if(!is_array($a)) return $a;	function array_sum_all($a) {
foreach($a as $key=>$value)	if (!is_array($a))
$totale += array_sum_all($value);	return $a;
return $totale;	foreach ($a as $key => $value)
}	$totale += array_sum_all($value);
	return $totale;
	}

// magic query modifiers	// magic query modifiers
$agency = filter_var($_REQUEST['agency'], FILTER_SANITIZE_STRING);	$agency = filter_var($_REQUEST['agency'], FILTER_SANITIZE_STRING);
if ($agency != "") $agencyQ = "agencyName = '" . $agency . "' AND ";	if ($agency != "")
	$agencyQ = "agencyName = '" . $agency . "' AND ";

$supplier = filter_var($_REQUEST['supplier'], FILTER_SANITIZE_STRING);	$supplier = filter_var($_REQUEST['supplier'], FILTER_SANITIZE_STRING);
if ($supplier != "") {	if ($supplier != "") {
$supplierParts = explode("-", $supplier);	$supplierParts = explode("-", $supplier);
$supplierName = "%".$supplierParts[1]."%";	$supplierName = "%" . $supplierParts[1] . "%";
$supplierABN = $supplierParts[0];	$supplierABN = $supplierParts[0];
if ($supplierParts[0] > 0) $supplierQ = ' "supplierABN" = :supplierABN AND ';	if ($supplierParts[0] > 0)
else $supplierQ = ' "supplierName" LIKE :supplierName AND ';	$supplierQ = ' "supplierABN" = :supplierABN AND ';
	else
	$supplierQ = ' "supplierName" LIKE :supplierName AND ';
}	}

$startYear = 2007;	$startYear = 2007;
$year = filter_var($_REQUEST['year'], FILTER_SANITIZE_NUMBER_INT);	$year = filter_var($_REQUEST['year'], FILTER_SANITIZE_NUMBER_INT);
if ($year != "") $yearQ = "YEAR(publishDate) = " . $year . " AND ";	if ($year != "")
	$yearQ = "YEAR(publishDate) = " . $year . " AND ";

$standardQ = ' "childCN" is null '; // AND YEAR(contractStart) >= 2007 AND YEAR(contractStart) <= 2010';	$standardQ = ' "childCN" is null '; // AND YEAR(contractStart) >= 2007 AND YEAR(contractStart) <= 2010';
$start =0.0;	$start = 0.0;

function include_header($title) {	function include_header($title) {
global $start;	global $start;
?>	?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">	"http://www.w3.org/TR/html4/strict.dtd">
<html>	<html>
<head>	<head>
<title>Contract Dashboard - <?php echo $title; ?></title>	<title>Contract Dashboard - <?php echo $title; ?></title>
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/2.8.0r4/build/reset-fonts-grids/reset-fonts-grids.css">	<link rel="stylesheet" type="text/css" href="bootstrap.min.css">
	<!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
	<!--[if lt IE 9]>
	<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
	<![endif]-->
<script type="text/javascript" src="lib/bsn.AutoSuggest_2.1.3_comp.js" charset="utf-8"></script>	<script type="text/javascript" src="lib/bsn.AutoSuggest_2.1.3_comp.js" charset="utf-8"></script>
<link rel="stylesheet" href="autosuggest_inquisitor.css" type="text/css" media="screen" charset="utf-8" />	<link rel="stylesheet" href="autosuggest_inquisitor.css" type="text/css" media="screen" charset="utf-8" />
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>	<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js"></script>
<script type="text/javascript">	<script type="text/javascript">
$(document).ready(function()	$(document).ready(function()
{	{
//hide the all of the element with class msg_body	//hide the all of the element with class msg_body
$(".msg_body").hide();	$(".msg_body").hide();
//toggle the componenet with class msg_body	//toggle the componenet with class msg_body
$(".msg_head").click(function()	$(".msg_head").click(function()
{	{
$(this).next(".msg_body").slideToggle(600);	$(this).next(".msg_body").slideToggle(600);
});	});
});	});
</script>	</script>

<style type="text/css" title="currentStyle">	<style type="text/css" title="currentStyle">
@import "media/css/demo_table.css";	@import "media/css/demo_table.css";
</style>	</style>
<script type="text/javascript" language="javascript" src="media/js/jquery.dataTables.js"></script>	<script type="text/javascript" language="javascript" src="media/js/jquery.dataTables.js"></script>
<script type="text/javascript" charset="utf-8">	<script type="text/javascript" language="javascript" src="lib/bootstrap-dropdown.js"></script>
jQuery.fn.dataTableExt.aTypes.unshift(	<script type="text/javascript" charset="utf-8">
function ( sData )	jQuery.fn.dataTableExt.aTypes.unshift(
{	function ( sData )
var sValidChars = "0123456789.-,";	{
var Char;	var sValidChars = "0123456789.-,";
	var Char;
/* Check the numeric part */
for ( i=1 ; i<sData.length ; i++ )	/* Check the numeric part */
{	for ( i=1 ; i<sData.length ; i++ )
Char = sData.charAt(i);	{
if (sValidChars.indexOf(Char) == -1)	Char = sData.charAt(i);
{	if (sValidChars.indexOf(Char) == -1)
return null;	{
}	return null;
}	}
	}
/* Check prefixed by currency */
if ( sData.charAt(0) == '$' \|\| sData.charAt(0) == '£' )	/* Check prefixed by currency */
{	if ( sData.charAt(0) == '$' \|\| sData.charAt(0) == '£' )
return 'currency';	{
}	return 'currency';
return null;	}
}	return null;
);	}
jQuery.fn.dataTableExt.oSort['currency-asc'] = function(a,b) {	);
/* Remove any commas (assumes that if present all strings will have a fixed number of d.p) */	jQuery.fn.dataTableExt.oSort['currency-asc'] = function(a,b) {
var x = a == "-" ? 0 : a.replace( /,/g, "" );	/* Remove any commas (assumes that if present all strings will have a fixed number of d.p) */
var y = b == "-" ? 0 : b.replace( /,/g, "" );	var x = a == "-" ? 0 : a.replace( /,/g, "" );
	var y = b == "-" ? 0 : b.replace( /,/g, "" );
/* Remove the currency sign */
x = x.substring( 1 );	/* Remove the currency sign */
y = y.substring( 1 );	x = x.substring( 1 );
	y = y.substring( 1 );
/* Parse and return */
x = parseFloat( x );	/* Parse and return */
y = parseFloat( y );	x = parseFloat( x );
return x - y;	y = parseFloat( y );
};	return x - y;
	};
jQuery.fn.dataTableExt.oSort['currency-desc'] = function(a,b) {
/* Remove any commas (assumes that if present all strings will have a fixed number of d.p) */	jQuery.fn.dataTableExt.oSort['currency-desc'] = function(a,b) {
var x = a == "-" ? 0 : a.replace( /,/g, "" );	/* Remove any commas (assumes that if present all strings will have a fixed number of d.p) */
var y = b == "-" ? 0 : b.replace( /,/g, "" );	var x = a == "-" ? 0 : a.replace( /,/g, "" );
	var y = b == "-" ? 0 : b.replace( /,/g, "" );
/* Remove the currency sign */
x = x.substring( 1 );	/* Remove the currency sign */
y = y.substring( 1 );	x = x.substring( 1 );
	y = y.substring( 1 );
/* Parse and return */
x = parseFloat( x );	/* Parse and return */
y = parseFloat( y );	x = parseFloat( x );
return y - x;	y = parseFloat( y );
};	return y - x;
$(document).ready(function() {	};
$('table').dataTable();	$(document).ready(function() {
} );	$('table').dataTable();
</script>	} );
<link type="text/css" rel="stylesheet" href="style.css">	</script>
	<link type="text/css" rel="stylesheet" href="style.css">
</head>	</head>
<body><div id="doc3" class="yui-t4">	<body>
<div id="hd">	<div class="topbar">
<h1> contract dashboard</h1>	<div class="topbar-inner">
</div>	<div class="container-fluid">
<div id="sitenav">	<a class="brand" href="#">contract dashboard</a>
<a href="displayAgency.php">agencies</a>	<ul class="nav">
<a href="displaySupplier.php">suppliers</a>	<li><a href="displayAgency.php">agencies</a></li>
<a href="displayCategory.php">product/service categories</a>	<li><a href="displaySupplier.php">suppliers</a></li>
<a href="displayCalendar.php">time periods</a>	<li><a href="displayCategory.php">categories</a></li>
\| metrics \|	<li><a href="displayCalendar.php">time periods</a></li>
<a href="displayProcurementMethod.php">procurement method</a>	<!-- <li class="dropdown">
<a href="displayConfidentialities.php">contractual confidentiality</a>	<a href="#" class="dropdown-toggle">metrics</a>
<a href="displayConsultancies.php">consultancies</a>	<ul class="dropdown-menu">-->
<a href="displayAmendments.php">amendments</a>	<li><a href="displayProcurementMethod.php">tenderm</a></li>
<a href="displayMap.php">postcodes</a>	<li><a href="displayConfidentialities.php">confidentiality</a></li>
<div id="search"><form method="post" action="search.php" class="asholder">	<li><a href="displayConsultancies.php">consultancies</a></li>
<label for="searchKeyword">search</label>	<li><a href="displayAmendments.php">amendments</a></li>
<input type="text" id="searchKeyword" name="searchKeyword" value="" style="width:150px" />	<li><a href="displayMap.php">geo</a></li>
<input type="hidden" id="searchID" name="searchID" value=""/><input type="submit" value="submit" />	<!-- </ul>
</form></div>	</li>-->
<script type="text/javascript">	</ul>

var options_xml = {
script: function (input) { return "search_autosuggest.php?input="+input; },	<form method="post" action="search.php" class="pull-right">
varname:"input",	<input type="text" id="searchKeyword" name="searchKeyword" value="" placeholder="Search" />
callback: function (obj) { document.getElementById('searchID').value = obj.id; }	<input type="hidden" id="searchID" name="searchID" value=""/>
};	</form>
var as_xml = new bsn.AutoSuggest('searchKeyword', options_xml);
</script>	</div>
	</div><!-- /topbar-inner -->
</div>	</div><!-- /topbar -->
<div id="bd" role="main">	</div><!-- /topbar-wrapper -->
<div id="yui-main">	<script type="text/javascript">
<div class="yui-b"><div class="yui-g">
<?php	var options_xml = {
$start = (float) array_sum(explode(' ',microtime()));	script: function (input) { return "search_autosuggest.php?input="+input; },
}	varname:"input",
	callback: function (obj) { document.getElementById('searchID').value = obj.id; }
function include_footer() {	};
global $start;	var as_xml = new bsn.AutoSuggest('searchKeyword', options_xml);
$end = (float) array_sum(explode(' ',microtime()));	</script>
?>	<div class="container-fluid">
</div>	<div class="sidebar">
</div>	<div class="well">
</div>	Filter by:<li>
<div class="yui-b">	<li>year
Filter by:<ul>	<li><li>2008</li>
<li>year	</li>
<ul><li>2008</li>	</li>
</ul>	</li> <br>
</li>	</div> </div>
</ul> <br> </div> </div>	<div class="content">
	<?php
<?php	$start = (float) array_sum(explode(' ', microtime()));
echo '<div id="ft"><p>'."Processing time: ". sprintf("%.4f", ($end-$start))." seconds".'</p></div>';	}
echo '</div> </body> </html>';
}	function include_footer() {
include ("graphs.inc.php");	global $start;
?>	$end = (float) array_sum(explode(' ', microtime()));

	echo ' <footer>' . "Processing time: " . sprintf("%.4f", ($end - $start)) . " seconds" . ' <footer>';
	echo '</div> </div></body> </html>';
	}

	include ("graphs.inc.php");
	?>

file:a/style.css -> file:b/style.css

body {	body {
font-family: "Arial";	padding-top:60px;
}	}
	/* div collapse from http://roshanbh.com.np/2008/03/expandable-collapsible-toggle-pane-jquery.html */
h1 {
font-size:27px;
}

li {
padding-left: 20px;
}

#search, form {
float: right;
margin-top: -1px;
}

#sitenav {

width: 99%;
text-align: left;
padding: 5px;
border-top:1px solid black;
border-bottom:1px solid black;
}

#sitenav.a {

display: inline;
}

#content {
margin: 10px;
padding: 5px;
width: auto;
}

#sidebar {
width: 100px;
border-right: 3px solid black;
height: 100%;
float: left;
}

#ft {
font-size: 66%;
}

// div collapse from http://roshanbh.com.np/2008/03/expandable-collapsible-toggle-pane-jquery.html
p {	p {
padding: 0 0 1em;	padding: 0 0 1em;
}	}
.msg_list {	.msg_list {
margin: 0px;	margin: 0px;
padding: 0px;	padding: 0px;
width: 383px;	width: 383px;
}	}
.msg_head {	.msg_head {
padding: 5px 10px;	padding: 5px 10px;
cursor: pointer;	cursor: pointer;
position: relative;	position: relative;
background-color:#FFCCCC;	background-color:#FFCCCC;
margin:1px;	margin:1px;
}	}
.msg_body {	.msg_body {
padding: 5px 10px 15px;	padding: 5px 10px 15px;
background-color:#F4F4F8;	background-color:#F4F4F8;
}	}
// div collapse

table {
width: 100% !important;
}