<?PHP
|
<?PHP
|
|
|
|
|
// bad practice, i know
|
// bad practice, i know
|
if ($HTTP_SESSION_VARS) {extract($HTTP_SESSION_VARS, EXTR_SKIP);}
|
if ($HTTP_SESSION_VARS) {extract($HTTP_SESSION_VARS, EXTR_SKIP);}
|
if ($_SESSION) {extract($_SESSION, EXTR_SKIP);}
|
if ($_SESSION) {extract($_SESSION, EXTR_SKIP);}
|
if ($HTTP_COOKIE_VARS) {extract($HTTP_COOKIE_VARS, EXTR_SKIP);}
|
if ($HTTP_COOKIE_VARS) {extract($HTTP_COOKIE_VARS, EXTR_SKIP);}
|
if ($_COOKIE) {extract($_COOKIE, EXTR_SKIP);}
|
if ($_COOKIE) {extract($_COOKIE, EXTR_SKIP);}
|
if ($HTTP_POST_VARS) {extract($HTTP_POST_VARS, EXTR_SKIP);}
|
if ($HTTP_POST_VARS) {extract($HTTP_POST_VARS, EXTR_SKIP);}
|
if ($_POST) {extract($_POST, EXTR_SKIP);}
|
if ($_POST) {extract($_POST, EXTR_SKIP);}
|
if ($HTTP_GET_VARS) {extract($HTTP_GET_VARS, EXTR_SKIP);}
|
if ($HTTP_GET_VARS) {extract($HTTP_GET_VARS, EXTR_SKIP);}
|
if ($_GET) {extract($_GET, EXTR_SKIP);}
|
if ($_GET) {extract($_GET, EXTR_SKIP);}
|
if ($HTTP_ENV_VARS) {extract($HTTP_ENV_VARS, EXTR_SKIP);}
|
if ($HTTP_ENV_VARS) {extract($HTTP_ENV_VARS, EXTR_SKIP);}
|
if ($_ENV) {extract($_ENV, EXTR_SKIP);}
|
if ($_ENV) {extract($_ENV, EXTR_SKIP);}
|
|
|
|
|
//----------------------------------
|
//----------------------------------
|
// Sanitize Variables
|
// Sanitize Variables
|
//----------------------------------
|
//----------------------------------
|
if( isset($template) and $template != "" and !eregi("^[_a-zA-Z0-9-]{1,}$", $template)){ die("invalid template characters"); }
|
if( isset($template) and $template != "" and !eregi("^[_a-zA-Z0-9-]{1,}$", $template)){ die("invalid template characters"); }
|
if( isset($archive) and $archive != "" and !eregi("^[_a-zA-Z0-9-]{1,}$", $archive)){ die("invalid archive characters"); }
|
if( isset($archive) and $archive != "" and !eregi("^[_a-zA-Z0-9-]{1,}$", $archive)){ die("invalid archive characters"); }
|
|
|
|
|
|
|
if($PHP_SELF == ""){ $PHP_SELF = $_SERVER["PHP_SELF"]; }
|
if($PHP_SELF == ""){ $PHP_SELF = $_SERVER["PHP_SELF"]; }
|
|
|
$phpversion = @phpversion();
|
$phpversion = @phpversion();
|
|
|
$a7f89abdcf9324b3 = "";
|
$a7f89abdcf9324b3 = "";
|
|
|
$comm_start_from = htmlspecialchars($comm_start_from);
|
$comm_start_from = htmlspecialchars($comm_start_from);
|
$start_from = htmlspecialchars($start_from);
|
$start_from = htmlspecialchars($start_from);
|
$archive = htmlspecialchars($archive);
|
$archive = htmlspecialchars($archive);
|
$subaction = htmlspecialchars($subaction);
|
$subaction = htmlspecialchars($subaction);
|
$id = htmlspecialchars($id);
|
$id = htmlspecialchars($id);
|
$ucat = htmlspecialchars($ucat);
|
$ucat = htmlspecialchars($ucat);
|
|
|
if(is_array($category)){ foreach($category as $ckey=>$cvalue){ $category[$ckey] = htmlspecialchars($category[$ckey]);} }
|
if(is_array($category)){ foreach($category as $ckey=>$cvalue){ $category[$ckey] = htmlspecialchars($category[$ckey]);} }
|
else{ $category = htmlspecialchars($category); }
|
else{ $category = htmlspecialchars($category); }
|
|
|
$number = htmlspecialchars($number);
|
$number = htmlspecialchars($number);
|
$template = htmlspecialchars($template);
|
$template = htmlspecialchars($template);
|
$show = htmlspecialchars($show);
|
$show = htmlspecialchars($show);
|
|
|
|
|
$config_version_name = "CuteNews v1.4.6";
|
$config_version_name = "CuteNews v1.4.6";
|
$config_version_id = 186;
|
$config_version_id = 186;
|
|
|
|
|
|
|
|
|
//----------------------------------
|
//----------------------------------
|
// Some Special Chars
|
// Some Special Chars
|
//----------------------------------
|
//----------------------------------
|
$HTML_SPECIAL_CHARS = Array ( // Master array replaced ALWAYS !!!
|
$HTML_SPECIAL_CHARS = Array ( // Master array replaced ALWAYS !!!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
);
|
);
|
|
|
|
|
|
|
///////////////////////////////////////////////////////
|
///////////////////////////////////////////////////////
|
// Function: ResynchronizeAutoArchive
|
// Function: ResynchronizeAutoArchive
|
// Description: Auto-Archives News
|
// Description: Auto-Archives News
|
|
|
function ResynchronizeAutoArchive(){
|
function ResynchronizeAutoArchive(){
|
global $cutepath, $config_auto_archive, $config_notify_email,$config_notify_archive,$config_notify_status;
|
global $cutepath, $config_auto_archive, $config_notify_email,$config_notify_archive,$config_notify_status;
|
|
|
$count_news = count(file("$cutepath/data/news.txt"));
|
$count_news = count(file("$cutepath/data/news.txt"));
|
if($count_news > 1){
|
if($count_news > 1){
|
|
|
if($config_auto_archive == "yes"){
|
if($config_auto_archive == "yes"){
|
|
|
$now[year] = date("Y");
|
$now[year] = date("Y");
|
$now[month] = date("n");
|
$now[month] = date("n");
|
|
|
$db_content = file("$cutepath/data/auto_archive.db.php");
|
$db_content = file("$cutepath/data/auto_archive.db.php");
|
list($last_archived[year], $last_archived[month]) = split("\|", $db_content[0] );
|
list($last_archived[year], $last_archived[month]) = split("\|", $db_content[0] );
|
|
|
|
|
$tmp_now_sum = $now[year] . sprintf("%02d", $now[month]) ;
|
$tmp_now_sum = $now[year] . sprintf("%02d", $now[month]) ;
|
$tmp_last_sum = (int)$last_archived[year] . sprintf("%02d", (int)$last_archived[month]) ;
|
$tmp_last_sum = (int)$last_archived[year] . sprintf("%02d", (int)$last_archived[month]) ;
|
|
|
if($tmp_now_sum > $tmp_last_sum){
|
if($tmp_now_sum > $tmp_last_sum){
|
|
|
$error = FALSE;
|
$error = FALSE;
|
$arch_name = time();
|
$arch_name = time();
|
if(!@copy("$cutepath/data/news.txt","$cutepath/data/archives/$arch_name.news.arch")) { $error = "Can not copy news.txt from data/ to data/archives"; }
|
if(!@copy("$cutepath/data/news.txt","$cutepath/data/archives/$arch_name.news.arch")) { $error = "Can not copy news.txt from data/ to data/archives"; }
|
if(!@copy("$cutepath/data/comments.txt","$cutepath/data/archives/$arch_name.comments.arch")) { $error = "Can not copy comments.txt from data/ to data/archives"; }
|
if(!@copy("$cutepath/data/comments.txt","$cutepath/data/archives/$arch_name.comments.arch")) { $error = "Can not copy comments.txt from data/ to data/archives"; }
|
|
|
|
|
$handle = fopen("$cutepath/data/news.txt","w") or $error = "Can not open news.txt";
|
$handle = fopen("$cutepath/data/news.txt","w") or $error = "Can not open news.txt";
|
fclose($handle);
|
fclose($handle);
|
$handle = fopen("$cutepath/data/comments.txt","w") or $error = "Can not open comments.txt";
|
$handle = fopen("$cutepath/data/comments.txt","w") or $error = "Can not open comments.txt";
|
fclose($handle);
|
fclose($handle);
|
|
|
|
|
$fp = @fopen("$cutepath/data/auto_archive.db.php", "w");
|
$fp = @fopen("$cutepath/data/auto_archive.db.php", "w");
|
@flock ($fp,2);
|
@flock ($fp,2);
|
|
|
if(!$errors){ fwrite($fp, $now[year]."|".$now[month]."\n"); }
|
if(!$errors){ fwrite($fp, $now[year]."|".$now[month]."\n"); }
|
else{ fwrite($fp, "0|0|$error\n"); }
|
else{ fwrite($fp, "0|0|$error\n"); }
|
foreach($db_content as $line){
|
foreach($db_content as $line){
|
@fwrite($fp, $line);
|
@fwrite($fp, $line);
|
}
|
}
|
|
|
@flock ($fp,3);
|
@flock ($fp,3);
|
@fclose($fp);
|
@fclose($fp);
|
|
|
|
|
if($config_notify_archive == "yes" and $config_notify_status == "active"){
|
if($config_notify_archive == "yes" and $config_notify_status == "active"){
|
send_mail("$config_notify_email", "CuteNews - AutoArchive was Performed", "CuteNews has performed the AutoArchive function.\n$count_news News Articles were archived.\n$error");
|
send_mail("$config_notify_email", "CuteNews - AutoArchive was Performed", "CuteNews has performed the AutoArchive function.\n$count_news News Articles were archived.\n$error");
|
}
|
}
|
}
|
}
|
}
|
}
|
}
|
}
|
}
|
}
|
|
|
///////////////////////////////////////////////////////
|
///////////////////////////////////////////////////////
|
// Function: ResynchronizePostponed
|
// Function: ResynchronizePostponed
|
// Description: Refreshes the Postponed News file.
|
// Description: Refreshes the Postponed News file.
|
|
|
function ResynchronizePostponed(){
|
function ResynchronizePostponed(){
|
global $cutepath,$config_notify_postponed,$config_notify_status,$config_notify_email;
|
global $cutepath,$config_notify_postponed,$config_notify_status,$config_notify_email;
|
$all_postponed_db = file("$cutepath/data/postponed_news.txt");
|
$all_postponed_db = file("$cutepath/data/postponed_news.txt");
|
if(!empty($all_postponed_db)){
|
if(!empty($all_postponed_db)){
|
$new_postponed_db = fopen("$cutepath/data/postponed_news.txt", w);
|
$new_postponed_db = fopen("$cutepath/data/postponed_news.txt", w);
|
@flock ($new_postponed_db,2);
|
@flock ($new_postponed_db,2);
|
$now_date = time();
|
$now_date = time();
|
|
|
foreach ($all_postponed_db as $p_line){
|
foreach ($all_postponed_db as $p_line){
|
$p_item_db = explode("|",$p_line);
|
$p_item_db = explode("|",$p_line);
|
if($p_item_db[0] <= $now_date){
|
if($p_item_db[0] <= $now_date){
|
// Item is old and must be Activated, add it to news.txt
|
// Item is old and must be Activated, add it to news.txt
|
|
|
|
|
$all_active_db = file("$cutepath/data/news.txt");
|
$all_active_db = file("$cutepath/data/news.txt");
|
$active_news_file = fopen("$cutepath/data/news.txt", "w");
|
$active_news_file = fopen("$cutepath/data/news.txt", "w");
|
@flock ($active_news_file,2);
|
@flock ($active_news_file,2);
|
|
|
fwrite($active_news_file,"$p_line");
|
fwrite($active_news_file,"$p_line");
|
foreach ($all_active_db as $active_line){ fwrite($active_news_file, "$active_line");}
|
foreach ($all_active_db as $active_line){ fwrite($active_news_file, "$active_line");}
|
@flock ($active_news_file,3);
|
@flock ($active_news_file,3);
|
fclose($active_news_file);
|
fclose($active_news_file);
|
|
|
|
|
|
|
if($config_notify_postponed == "yes" and $config_notify_status == "active"){
|
if($config_notify_postponed == "yes" and $config_notify_status == "active"){
|
send_mail("$config_notify_email", "CuteNews - Postponed article was Activated", "CuteNews has activated the article '$p_item_db[2]'");
|
send_mail("$config_notify_email", "CuteNews - Postponed article was Activated", "CuteNews has activated the article '$p_item_db[2]'");
|
}
|
}
|
|
|
}else{
|
}else{
|
// Item is still postponed
|
// Item is still postponed
|
fwrite($new_postponed_db,"$p_line");
|
fwrite($new_postponed_db,"$p_line");
|
}
|
}
|
|
|
|
|
|
|
}
|
}
|
@flock ($new_postponed_db,3);
|
@flock ($new_postponed_db,3);
|
fclose($new_postponed_db);
|
fclose($new_postponed_db);
|
}
|
}
|
|
|
}
|
}
|
|
|
///////////////////////////////////////////////////////
|
///////////////////////////////////////////////////////
|
// Function: send_mail
|
// Function: send_mail
|
// Description: sends mail ... huh :)
|
// Description: sends mail ... huh :)
|
|
|
function send_mail($to, $subject, $message){
|
function send_mail($to, $subject, $message){
|
|
|
if(!isset($to) or !$to or $to == ''){ }else{
|
if(!isset($to) or !$to or $to == ''){ }else{
|
|
|
$tos = FALSE;
|
$tos = FALSE;
|
$to = str_replace(' ', '', $to);
|
$to = str_replace(' ', '', $to);
|
if(eregi(',', '')){
|
if(eregi(',', '')){
|
$tos = explode(',', $to);
|
$tos = explode(',', $to);
|
}
|
}
|
|
|
$from = 'CuteNews@' . $_SERVER['SERVER_NAME'];
|
$from = 'CuteNews@' . $_SERVER['SERVER_NAME'];
|
|
|
$headers = '';
|
$headers = '';
|
$headers .= "From: $from\n";
|
$headers .= "From: $from\n";
|
$headers .= "Reply-to: $from\n";
|
$headers .= "Reply-to: $from\n";
|
$headers .= "Return-Path: $from\n";
|
$headers .= "Return-Path: $from\n";
|
$headers .= "Message-ID: <" . md5(uniqid(time())) . "@" . $_SERVER['SERVER_NAME'] . ">\n";
|
$headers .= "Message-ID: <" . md5(uniqid(time())) . "@" . $_SERVER['SERVER_NAME'] . ">\n";
|
$headers .= "MIME-Version: 1.0\n";
|
$headers .= "MIME-Version: 1.0\n";
|
$headers .= "Content-type: text/plain;\n";
|
$headers .= "Content-type: text/plain;\n";
|
$headers .= "Date: " . date('r', time()) . "\n";
|
$headers .= "Date: " . date('r', time()) . "\n";
|
|
|
if($tos){
|
if($tos){
|
foreach($tos as $my_to){
|
foreach($tos as $my_to){
|
@mail($my_to,$subject,$message,$headers);
|
@mail($my_to,$subject,$message,$headers);
|
}
|
}
|
}else{ @mail($to,$subject,$message,$headers); }
|
}else{ @mail($to,$subject,$message,$headers); }
|
|
|
}
|
}
|
}
|
}
|
|
|
///////////////////////////////////////////////////////
|
///////////////////////////////////////////////////////
|
// Function: formatsize
|
// Function: formatsize
|
// Description: Format the size of given file
|
// Description: Format the size of given file
|
|
|
function formatsize($file_size){
|
function formatsize($file_size){
|
|
|
if($file_size >= 1073741824)
|
if($file_size >= 1073741824)
|
{$file_size = round($file_size / 1073741824 * 100) / 100 . "Gb";}
|
{$file_size = round($file_size / 1073741824 * 100) / 100 . "Gb";}
|
elseif($file_size >= 1048576)
|
elseif($file_size >= 1048576)
|
{$file_size = round($file_size / 1048576 * 100) / 100 . "Mb";}
|
{$file_size = round($file_size / 1048576 * 100) / 100 . "Mb";}
|
elseif($file_size >= 1024)
|
elseif($file_size >= 1024)
|
{$file_size = round($file_size / 1024 * 100) / 100 . "Kb";}
|
{$file_size = round($file_size / 1024 * 100) / 100 . "Kb";}
|
else{$file_size = $file_size . "b";}
|
else{$file_size = $file_size . "b";}
|
|
|
return $file_size;
|
return $file_size;
|
}
|
}
|
|
|
///////////////////////////////////////////////////////
|
///////////////////////////////////////////////////////
|
// Class: microTimer
|
// Class: microTimer
|
// Description: calculates the micro time
|
// Description: calculates the micro time
|
|
|
class microTimer {
|
class microTimer {
|
function start() {
|
function start() {
|
global $starttime;
|
global $starttime;
|
$mtime = microtime ();
|
$mtime = microtime ();
|
$mtime = explode (' ', $mtime);
|
$mtime = explode (' ', $mtime);
|
$mtime = $mtime[1] + $mtime[0];
|
$mtime = $mtime[1] + $mtime[0];
|
$starttime = $mtime;
|
$starttime = $mtime;
|
}
|
}
|
function stop() {
|
function stop() {
|
global $starttime;
|
global $starttime;
|
$mtime = microtime ();
|
$mtime = microtime ();
|
$mtime = explode (' ', $mtime);
|
$mtime = explode (' ', $mtime);
|
$mtime = $mtime[1] + $mtime[0];
|
$mtime = $mtime[1] + $mtime[0];
|
$endtime = $mtime;
|
$endtime = $mtime;
|
$totaltime = round (($endtime - $starttime), 5);
|
$totaltime = round (($endtime - $starttime), 5);
|
return $totaltime;
|
return $totaltime;
|
}
|
}
|
}
|
}
|
|
|
|
|
///////////////////////////////////////////////////////
|
///////////////////////////////////////////////////////
|
// Function: check_login
|
// Function: check_login
|
// Description: Check login information
|
// Description: Check login information
|
|
|
function check_login($username, $md5_password){
|
function check_login($username, $md5_password){
|
$result = FALSE;
|
$result = FALSE;
|
$full_member_db = file("./data/users.db.php");
|
$full_member_db = file("./data/users.db.php");
|
global $member_db;
|
global $member_db;
|
|
|
foreach($full_member_db as $member_db_line)
|
foreach($full_member_db as $member_db_line)
|
{
|
{
|
if(!eregi("<\?",$member_db_line)){
|
if(!eregi("<\?",$member_db_line)){
|
$member_db = explode("|",$member_db_line);
|
$member_db = explode("|",$member_db_line);
|
if(strtolower($member_db[2]) == strtolower($username) && $member_db[3] == $md5_password)
|
if(strtolower($member_db[2]) == strtolower($username) && $member_db[3] == $md5_password)
|
{
|
{
|
$result = TRUE;
|
$result = TRUE;
|
break;
|
break;
|
}
|
}
|
}
|
}
|
}
|
}
|
return $result;
|
return $result;
|
}
|
}
|
|
|
///////////////////////////////////////////////////////
|
///////////////////////////////////////////////////////
|
// Function: cute_query_string
|
// Function: cute_query_string
|
// Description: Format the Query_String for CuteNews purpuses index.php?
|
// Description: Format the Query_String for CuteNews purpuses index.php?
|
|
|
function cute_query_string($q_string, $strips, $type="get"){
|
function cute_query_string($q_string, $strips, $type="get"){
|
foreach($strips as $key){
|
foreach($strips as $key){
|
$strips[$key] = TRUE;
|
$strips[$key] = TRUE;
|
}
|
}
|
$var_value = explode("&", $q_string);
|
$var_value = explode("&", $q_string);
|
|
|
foreach($var_value as $var_peace){
|
foreach($var_value as $var_peace){
|
$parts = explode("=", $var_peace);
|
$parts = explode("=", $var_peace);
|
if($strips[$parts[0]] != TRUE and $parts[0] != ""){
|
if($strips[$parts[0]] != TRUE and $parts[0] != ""){
|
if($type == "post"){
|
if($type == "post"){
|
$my_q .= "<input type=\"hidden\" name=\"".@htmlspecialchars($parts[0])."\" value=\"".@htmlspecialchars($parts[1])."\" />\n";
|
$my_q .= "<input type=\"hidden\" name=\"".@htmlspecialchars($parts[0])."\" value=\"".@htmlspecialchars($parts[1])."\" />\n";
|
}else{
|
}else{
|
$my_q .= "$var_peace&";
|
$my_q .= "$var_peace&";
|
}
|
}
|
}
|
}
|
}
|
}
|
|
|
if( substr($my_q, -5) == "&" ){ $my_q = substr($my_q, 0, -5); }
|
if( substr($my_q, -5) == "&" ){ $my_q = substr($my_q, 0, -5); }
|
|
|
return $my_q;
|
return $my_q;
|
}
|
}
|
|
|
///////////////////////////////////////////////////////
|
///////////////////////////////////////////////////////
|
// Function: Flooder
|
// Function: Flooder
|
// Description: Flood Protection Function
|
// Description: Flood Protection Function
|
function flooder($ip, $comid){
|
function flooder($ip, $comid){
|
global $cutepath, $config_flood_time;
|
global $cutepath, $config_flood_time;
|
|
|
$old_db = file("$cutepath/data/flood.db.php");
|
$old_db = file("$cutepath/data/flood.db.php");
|
$new_db = fopen("$cutepath/data/flood.db.php", w);
|
$new_db = fopen("$cutepath/data/flood.db.php", w);
|
$result = FALSE;
|
$result = FALSE;
|
foreach($old_db as $old_db_line){
|
foreach($old_db as $old_db_line){
|
$old_db_arr = explode("|", $old_db_line);
|
$old_db_arr = explode("|", $old_db_line);
|
|
|
if(($old_db_arr[0] + $config_flood_time) > time() ){
|
if(($old_db_arr[0] + $config_flood_time) > time() ){
|
fwrite($new_db, $old_db_line);
|
fwrite($new_db, $old_db_line);
|
if($old_db_arr[1] == $ip and $old_db_arr[2] == $comid)
|
if($old_db_arr[1] == $ip and $old_db_arr[2] == $comid)
|
{ $result = TRUE; }
|
{ $result = TRUE; }
|
}
|
}
|
}
|
}
|
fclose($new_db);
|
fclose($new_db);
|
return $result;
|
return $result;
|
}
|
}
|
|
|
////////////////////////////////////////////////////////
|
////////////////////////////////////////////////////////
|
// Function: msg
|
// Function: msg
|
// Description: Displays message to user
|
// Description: Displays message to user
|
|
|
function msg($type, $title, $text, $back=FALSE){
|
function msg($type, $title, $text, $back=FALSE){
|
echoheader($type, $title);
|
echoheader($type, $title);
|
global $lang;
|
global $lang;
|
echo"<table border=0 cellpading=0 cellspacing=0 width=100% height=100%><tr><td >$text";
|
echo"<table border=0 cellpading=0 cellspacing=0 width=100% height=100%><tr><td >$text";
|
if($back){
|
if($back){
|
echo"<br /><br> <a href=\"$back\">go back</a>";
|
echo"<br /><br> <a href=\"$back\">go back</a>";
|
}
|
}
|
echo"</td></tr></table>";
|
echo"</td></tr></table>";
|
echofooter();
|
echofooter();
|
exit();
|
exit();
|
}
|
}
|
|
|
|
|
|
|
////////////////////////////////////////////////////////
|
////////////////////////////////////////////////////////
|
// Function: echoheader
|
// Function: echohe |