<?php
require("core.php");
if (isset($_POST['title_input']) and
isset($_POST['body_input'])) { header("Location: edit.php?entry=$maj_req_entry"); }
if (!isset($maj_req_entry)) { }
if (!file_exists("$maj_data_directory/items/$maj_req_entry")) { }
if (!isset($maj_logged_in_username)) { }
$do = 0;
if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-rw.txt") and
file_exists("$maj_data_directory/wiki.txt") and
(file_exists("$maj_data_directory/items/$maj_req_entry/edit.txt") or
(file_get_contents("$maj_data_directory/items/$maj_req_entry/author.txt") == $maj_logged_in_username))) { $do = 1;
}
if (file_exists("$maj_data_directory/items/$maj_req_entry/lock.txt")) { $do = 0;
}
if ($maj_logged_in_username == $maj_admin_username) {
$do = 1;
}
if ($do == 0) {
}
$title_file = "$maj_data_directory/items/$maj_req_entry/title.txt";
$body_file = "$maj_data_directory/items/$maj_req_entry/body.txt";
$date_file = "$maj_data_directory/items/$maj_req_entry/date.txt";
$img_file = "$maj_data_directory/items/$maj_req_entry/image.txt";
$revisions_file = "$maj_data_directory/items/$maj_req_entry/revisions.txt";
include("css.php");
echo "\n<style>body { margin: {$maj_wspace}px; } .input, .click { width: 520px; }</style>\n";
?>
<title>Edit</title>
<?php
if (isset($_POST['auth_member']) and
!empty($_POST['auth_member']) and
isset($_POST['auth_toggle']) and
!empty($_POST['auth_toggle'])) { if (($_POST['auth_toggle'] == "ack") and
file_exists("$maj_data_directory/members/active/{$_POST['auth_member']}")) { if (!file_exists("$maj_data_directory/items/$maj_req_entry/members")) { mkdir("$maj_data_directory/items/$maj_req_entry/members"); }
if (!file_exists("$maj_data_directory/items/$maj_req_entry/members/{$_POST['auth_member']}")) { mkdir("$maj_data_directory/items/$maj_req_entry/members/{$_POST['auth_member']}"); }
if (!file_exists("$maj_data_directory/items/$maj_req_entry/imembers")) { mkdir("$maj_data_directory/items/$maj_req_entry/imembers"); }
if (!file_exists("$maj_data_directory/items/$maj_req_entry/imembers/{$_POST['auth_member']}")) { mkdir("$maj_data_directory/items/$maj_req_entry/imembers/{$_POST['auth_member']}"); }
}
if (($_POST['auth_toggle'] == "nak") and
file_exists("$maj_data_directory/members/active/{$_POST['auth_member']}")) { if (file_exists("$maj_data_directory/items/$maj_req_entry/members/{$_POST['auth_member']}")) { rmdirr("$maj_data_directory/items/$maj_req_entry/members/{$_POST['auth_member']}");
}
if (file_exists("$maj_data_directory/items/$maj_req_entry/imembers/{$_POST['auth_member']}")) { rmdirr("$maj_data_directory/items/$maj_req_entry/imembers/{$_POST['auth_member']}");
}
}
}
if (isset($maj_req_category) and
!empty($maj_req_category)) { if (file_exists("$maj_data_directory/categories/$maj_req_category/members")) { if ($dh_cat_members = opendir("$maj_data_directory/categories/$maj_req_category/members")) { while (($get_cat_member = readdir($dh_cat_members)) !== false) { if ($get_cat_member != "." && $get_cat_member != "..") {
if (file_exists("$maj_data_directory/members/active/$get_cat_member")) { $get_cat_members[] = $get_cat_member;
} else {
rmdirr("$maj_data_directory/categories/$maj_req_category/members/$get_cat_member");
}
}
}
}
}
if (($_POST['do'] == "unfile") and
file_exists("$maj_data_directory/items/$maj_req_entry/categories/$maj_req_category")) { rmdirr("$maj_data_directory/items/$maj_req_entry/categories/$maj_req_category");
if (count(glob("$maj_data_directory/items/$maj_req_entry/categories/*")) < 1) { rmdirr("$maj_data_directory/items/$maj_req_entry/categories");
}
if ($dh_get_categories = opendir("$maj_data_directory/categories")) { while (($get_category = readdir($dh_get_categories)) !== false) { if ($get_category != "." && $get_category != "..") {
$get_categories[] = $get_category;
}
}
}
foreach ($get_cat_members as $get_cat_mem) {
$count_mem = 0;
foreach ($get_categories as $get_category) {
if (file_exists("$maj_data_directory/categories/$get_category/members/$get_cat_mem") and
($maj_req_category != $get_category) and
file_exists("$maj_data_directory/items/$maj_req_entry/categories/$get_category")) { $count_mem = $count_mem + 1;
}
}
if (($count_mem < 1) and
!file_exists("$maj_data_directory/items/$maj_req_entry/imembers/$get_cat_mem")) { rmdirr("$maj_data_directory/items/$maj_req_entry/members/$get_cat_mem");
}
}
}
}
if (($_POST['do'] == "file") and
!file_exists("$maj_data_directory/items/$maj_req_entry/categories/$maj_req_category")) { if (!file_exists("$maj_data_directory/items/$maj_req_entry/categories")) { mkdir("$maj_data_directory/items/$maj_req_entry/categories"); }
mkdir("$maj_data_directory/items/$maj_req_entry/categories/$maj_req_category");
foreach ($get_cat_members as $get_cat_mem) {
if (!file_exists("$maj_data_directory/items/$maj_req_entry/members/$get_cat_mem")) { mkdir("$maj_data_directory/items/$maj_req_entry/members/$get_cat_mem"); }
}
}
}
if (isset($_REQUEST['comment']) and
!empty($_REQUEST['comment']) and
isset($_POST['comment_txt']) and
!empty($_POST['comment_txt']) and
isset($_REQUEST['type']) and
!empty($_REQUEST['type']) and
(($_REQUEST['type'] == "live") or
($_REQUEST['type'] == "pending"))) { $comment_txt = ucfirst($_POST['comment_txt']); $comment_txt = str_replace("\n", '<br />', $comment_txt); $comment_txt = str_replace(':((', '<img src="images/smileys/crying.png" border="0">', $comment_txt); $comment_txt = str_replace(':(', '<img src="images/smileys/frown.png" border="0">', $comment_txt); $comment_txt = str_replace(':|', '<img src="images/smileys/indifferent.png" border="0">', $comment_txt); $comment_txt = str_replace(':D', '<img src="images/smileys/laughing.png" border="0">', $comment_txt); $comment_txt = str_replace(':P', '<img src="images/smileys/lick.png" border="0">', $comment_txt); $comment_txt = str_replace(':O', '<img src="images/smileys/ohno.png" border="0">', $comment_txt); $comment_txt = str_replace(':)', '<img src="images/smileys/smile.png" border="0">', $comment_txt); $comment_txt = str_replace('=)', '<img src="images/smileys/surprised.png" border="0">', $comment_txt); $comment_txt = str_replace(':\\', '<img src="images/smileys/undecided.png" border="0">', $comment_txt); $comment_txt = str_replace(';)', '<img src="images/smileys/wink.png" border="0">', $comment_txt); $comment_txt_file = "$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}/comment.txt";
$open_comment_txt_file = fopen($comment_txt_file, "w"); fwrite($open_comment_txt_file, $comment_txt); fclose($open_comment_txt_file);
$comment_revisions_file = "$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}/revisions.txt";
$fp_comment_revisions_file = fopen($comment_revisions_file, "r"); $comment_revisions_count = fread($fp_comment_revisions_file, filesize($comment_revisions_file)); fclose($fp_comment_revisions_file);
$comment_revisions_count = $comment_revisions_count + 1;
$fp_comment_revisions_file = fopen($comment_revisions_file, "w"); fwrite($fp_comment_revisions_file, $comment_revisions_count); fclose($fp_comment_revisions_file); }
if (isset($_REQUEST['comment']) and
!empty($_REQUEST['comment']) and
isset($_REQUEST['type']) and
!empty($_REQUEST['type']) and
(($_REQUEST['type'] == "live") or
($_REQUEST['type'] == "pending"))) { if (!file_exists("$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}")) { }
?>
<table border="0" cellspacing="0" cellpadding="0"><tr><td width="520">
<div class="panel_title"><?php
readfile("$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}/firstname.txt"); ?> <?php
readfile("$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}/lastname.txt"); ?> <<?php
readfile("$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}/email.txt"); ?>></div>
<div class="panel_body"><?php
echo "<font style=\"font-size: $maj_font_Spx; color: #999999;\">";
if (file_exists("$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}/author.txt")) { readfile("$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}/author.txt"); echo " - ";
}
entry2date($_REQUEST['comment']);
echo ' (Revision ';
readfile("$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}/revisions.txt"); echo " - ";
echo date("l, M j, Y, g:i A", filemtime("$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}/comment.txt")); echo ')';
}
echo "</font><div style=\"height: {$maj_wspace}px;\"></div>";
readfile("$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}/comment.txt"); ?></div>
</td></tr></table>
<table border="0" cellspacing="2" cellpadding="0">
<form enctype="multipart/form-data" action="edit.php" method="post">
<tr><td><textarea class="input" name="comment_txt" rows="10"><?php
$comment_txt_file = "$maj_data_directory/items/$maj_req_entry/comments/{$_REQUEST['type']}/{$_REQUEST['comment']}/comment.txt";
$open_comment_txt_file = fopen($comment_txt_file, "r"); $read_comment_txt_file = fread($open_comment_txt_file, filesize($comment_txt_file)); fclose($open_comment_txt_file);
$comment_smiley2emoticon = str_replace('<br />', "\n", $read_comment_txt_file); $comment_smiley2emoticon = str_replace('<img src="images/smileys/crying.png" border="0">', ':((', $comment_smiley2emoticon); $comment_smiley2emoticon = str_replace('<img src="images/smileys/frown.png" border="0">', ':(', $comment_smiley2emoticon); $comment_smiley2emoticon = str_replace('<img src="images/smileys/indifferent.png" border="0">', ':|', $comment_smiley2emoticon); $comment_smiley2emoticon = str_replace('<img src="images/smileys/laughing.png" border="0">', ':D', $comment_smiley2emoticon); $comment_smiley2emoticon = str_replace('<img src="images/smileys/lick.png" border="0">', ':P', $comment_smiley2emoticon); $comment_smiley2emoticon = str_replace('<img src="images/smileys/ohno.png" border="0">', ':O', $comment_smiley2emoticon); $comment_smiley2emoticon = str_replace('<img src="images/smileys/smile.png" border="0">', ':)', $comment_smiley2emoticon); $comment_smiley2emoticon = str_replace('<img src="images/smileys/surprised.png" border="0">', '=)', $comment_smiley2emoticon); $comment_smiley2emoticon = str_replace('<img src="images/smileys/undecided.png" border="0">', ':\\', $comment_smiley2emoticon); $comment_smiley2emoticon = str_replace('<img src="images/smileys/wink.png" border="0">', ';)', $comment_smiley2emoticon);
echo $comment_smiley2emoticon;
?></textarea></td></tr>
<tr><td><input type="hidden" name="entry" value="<?php
echo $maj_req_entry;
?>"></td></tr>
<tr><td><input type="hidden" name="comment" value="<?php
echo $_REQUEST['comment'];
?>"></td></tr>
<tr><td><input type="hidden" name="type" value="<?php
echo $_REQUEST['type'];
?>"></td></tr>
<tr><td><input class="click" type="submit" value="click here to update this comment"></td></tr>
</form>
<form enctype="multipart/form-data" action="index.php?entry=<?php
echo $maj_req_entry;
?>&show=comments" method="post">
<tr><td><input class="click" type="submit" value="click here to view posted entry"></td></tr>
</form>
<form enctype="multipart/form-data" action="index.php" method="post">
<tr><td><input class="click" type="submit" value="click here to go to the index page"></td></tr>
</form>
</table>
<?php
}
?>
<table border="0" cellspacing="0" cellpadding="0">
<tr><td valign="top">
<table border="0" cellspacing="0" cellpadding="0"><tr><td width="520">
<div class="panel_wrapper">
<div class="panel_title"><?php
?></div>
<div class="panel_body"><table border="0" cellspacing="0" cellpadding="0"><tr><td><?php
echo "<font style=\"font-size: $maj_font_Spx; color: #999999;\">";
if (file_exists("$maj_data_directory/items/$maj_req_entry/author.txt")) { readfile("$maj_data_directory/items/$maj_req_entry/author.txt"); echo " - ";
}
entry2date($maj_req_entry);
echo ' (Revision ';
echo " - ";
echo date("l, M j, Y, g:i A", filemtime("$maj_data_directory/items/$maj_req_entry/body.txt")); echo ')';
}
echo "</font><div style=\"height: {$maj_wspace}px;\"></div>";
?></td></tr></table></div></div>
</td></tr></table>
<form enctype="multipart/form-data" action="edit.php" method="post">
<table border="0" cellspacing="2" cellpadding="0">
<?php
if (($maj_logged_in_username == $maj_admin_username) or
(file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-ul.txt") and
file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-rw.txt"))) { ?>
<input type="hidden" name="max_file_size" value="<?php
echo $max_file_size;
?>">
<tr><td><input autocomplete="off" type="file" name="entry_image_input"> Upload optional GIF, JPG, or PNG entry image.</td></tr>
<tr><td><input type="hidden" name="max_file_size" value="<?php
echo $max_file_size;
?>"></td></tr>
<tr><td><input autocomplete="off" type="file" name="file_input"> Upload optional file. Max size supported by server is <?php
echo($max_file_size / (1024 * 1024));
?>MB.</td></tr>
<tr><td><input autocomplete="off" type="file" name="album_image_input"> Upload optional album image.</td></tr>
<tr><td><input autocomplete="off" type="text" name="caption" class="input" style="width: 300px;"> Enter optional album image caption.</td></tr>
<tr><td><input type="hidden" name="max_file_size" value="<?php
echo $max_file_size;
?>"></td></tr>
<?php
}
if ($maj_logged_in_username == $maj_admin_username) {
?>
<tr><td><input class="input" style="width: 300px;" autocomplete="off" type="password" name="passwd" <?php
if (file_exists("$maj_data_directory/items/$maj_req_entry/passwd.txt")) { echo "value=\"password\"";
}
?>
> <?php
if (file_exists("$maj_data_directory/items/$maj_req_entry/passwd.txt")) { echo "Enter new password or clear field to disable password protection.";
} else {
echo "Enter optional entry access password.";
}
?></td></tr>
<tr><td><input class="input" style="width: 300px;" autocomplete="off" type="text" name="maxlines" <?php
if (file_exists("$maj_data_directory/items/$maj_req_entry/maxlines.txt")) { echo "value=\"";
readfile("$maj_data_directory/items/$maj_req_entry/maxlines.txt"); echo "\"";
}
?>
> <?php
if (file_exists("$maj_data_directory/items/$maj_req_entry/maxlines.txt")) { echo "Enter new maximum lines for initial display or clear field to disable.";
} else {
echo "Enter optional maximum lines for initial display.";
}
?></td></tr>
<tr><td><input type="checkbox" name="sticky" <?php
$sticky_sem = 'data/sticky/' . $maj_req_entry;
echo checked;
}
?>>Put entry title in Quick Links box.</td></tr>
<tr><td><input type="checkbox" name="display" <?php
$display_sem = "$maj_data_directory/items/$maj_req_entry/cat.txt";
echo checked;
}
?>>Always display. If this is not a private entry, it will be displayed even if its category is hidden or isolated.</td></tr>
<tr><td><input type="checkbox" name="private" <?php
$private_sem = "$maj_data_directory/items/$maj_req_entry/private.txt";
echo checked;
}
?>>Private entry. This entry will unconditionally be invisible to visitors<?php
echo " and to the mailing list";
}
?>, even if always display is set.</td></tr>
<?php
?>
<tr><td><input type="checkbox" name="member" <?php
$member_sem = "$maj_data_directory/items/$maj_req_entry/member.txt";
echo checked;
}
?>>Only registered members can view this entry.</td></tr>
<?php
}
?>
<?php
?>
<tr><td><input type="checkbox" name="edit" <?php
$edit_sem = "$maj_data_directory/items/$maj_req_entry/edit.txt";
echo checked;
}
?>>Registered members can edit this entry.</td></tr>
<tr><td><input type="checkbox" name="lock" <?php
if (file_exists("$maj_data_directory/items/$maj_req_entry/lock.txt")) { echo checked;
}
?>>Only the administrator can edit this entry. </td></tr>
<?php
}
}
if (($maj_logged_in_username == $maj_admin_username) or
file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-adm.txt")) { ?>
<tr><td><input type="checkbox" name="xtitle" <?php
$lastmod_sem = "$maj_data_directory/items/$maj_req_entry/xtitle.txt";
echo checked;
}
?>>Do not display the entry title.</td></tr>
<tr><td><input type="checkbox" name="xdate" <?php
$lastmod_sem = "$maj_data_directory/items/$maj_req_entry/xdate.txt";
echo checked;
}
?>>Do not display the entry date.</td></tr>
<?php
echo "<tr><td><input type=\"checkbox\" name=\"xauthor\"";
if (file_exists("$maj_data_directory/items/$maj_req_entry/xauthor.txt")) { echo checked;
}
echo ">Do not display the entry author.</td></tr>";
}
else {
echo "<tr><td><input type=\"checkbox\" name=\"xavatar\"";
if (file_exists("$maj_data_directory/items/$maj_req_entry/xavatar.txt")) { echo checked;
}
echo ">Do not display the entry avatar.</td></tr>";
}
?>
<tr><td><input type="checkbox" name="lastmod" <?php
$lastmod_sem = "$maj_data_directory/items/$maj_req_entry/lastmod.txt";
echo checked;
}
?>>Display last modification date and time.</td></tr>
<?php
echo "<tr><td><input type=\"checkbox\" name=\"gl\"";
if (file_exists("$maj_data_directory/items/$maj_req_entry/gl.txt")) { echo checked;
}
echo ">Enable Google support.</td></tr>";
}
echo "<tr><td><input type=\"checkbox\" name=\"fb\"";
if (file_exists("$maj_data_directory/items/$maj_req_entry/fb.txt")) { echo checked;
}
echo ">Enable Facebook support.</td></tr>";
}
$count_album_images = count(glob("images/$maj_req_entry/album/*"));
if ($count_album_images < 1) {
rmdirr("images/$maj_req_entry/album");
}
else {
if (file_exists("$maj_data_directory/items/$maj_req_entry/auto-album.txt")) { echo "<tr><td><input type=\"checkbox\" name=\"auto_album\" checked>";
}
else {
echo "<tr><td><input type=\"checkbox\" name=\"auto_album\">";
}
if ($count_album_images > 1) {
echo "Automatically display album (<a href=\"index.php?entry=$maj_req_entry&show=album\">$count_album_images images</a>).</td></tr>";
}
else {
echo "Automatically display album (<a href=\"index.php?entry=$maj_req_entry&show=album\">$count_album_images image</a>).</td></tr>";
}
}
}
}
?>
</table></p>
<input type="hidden" name="entry" value="<?php echo $maj_req_entry; ?>">
<table border="0" cellspacing="0" cellpadding="0"><tr><td>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td><input required autocomplete="off" class="input" style="font-size:
<?php echo $maj_font_Lpx; ?>; font-weight: bold;" type="text" name="title_input" value="
<?php readfile($title_file); ?>"></td></tr>
<tr><td><textarea class="input" style="font-size: <?php echo $maj_font_Mpx; ?>;" name="body_input" rows="15" required>
<?php
$open_body_file = fopen($body_file, "r");
$body_read_content = str_replace('<br />', "\n", $read_body_file); $body_read_content = str_replace('<img src="images/smileys/crying.png" border="0">', ':((', $body_read_content); $body_read_content = str_replace('<img src="images/smileys/frown.png" border="0">', ':(', $body_read_content); $body_read_content = str_replace('<img src="images/smileys/indifferent.png" border="0">', ':|', $body_read_content); $body_read_content = str_replace('<img src="images/smileys/laughing.png" border="0">', ':D', $body_read_content); $body_read_content = str_replace('<img src="images/smileys/lick.png" border="0">', ':P', $body_read_content); $body_read_content = str_replace('<img src="images/smileys/ohno.png" border="0">', ':O', $body_read_content); $body_read_content = str_replace('<img src="images/smileys/smile.png" border="0">', ':)', $body_read_content); $body_read_content = str_replace('<img src="images/smileys/surprised.png" border="0">', '=)', $body_read_content); $body_read_content = str_replace('<img src="images/smileys/undecided.png" border="0">', ':\\', $body_read_content); $body_read_content = str_replace('<img src="images/smileys/wink.png" border="0">', ';)', $body_read_content); $body_read_content = str_replace('<!-- html -->', '<html>', $body_read_content); $body_read_content = str_replace('<!-- /html -->', '</html>', $body_read_content); $body_read_content = str_replace('<span style="background-color: #ffff00;">', '<highlight>', $body_read_content); $body_read_content = str_replace('</span>', '</highlight>', $body_read_content);
echo $body_read_content;
?>
</textarea></td></tr>
<tr><td><input class="click" type="submit" value="click here to update this entry"></td></tr>
</form>
<form enctype="multipart/form-data" action="index.php?entry=<?php echo $maj_req_entry; ?>" method="post">
<tr><td><input class="click" type="submit" value="click here to view posted entry"></td></tr>
</form>
<form enctype="multipart/form-data" action="index.php" method="post">
<tr><td><input class="click" type="submit" value="click here to go to the index page"></td></tr>
</form>
</table>
</td><td width="10"></td><td>
<table border="0" cellspacing="1" cellpadding="2">
<tr><td><img src="images/smileys/crying.png" border="0"></td><td>:((</td><td >crying</td></tr>
<tr><td><img src="images/smileys/frown.png" border="0"></td><td>:(</td><td>frown</td></tr>
<tr><td><img src="images/smileys/indifferent.png" border="0"></td><td>:|</td><td>indifferent</td></tr>
<tr><td><img src="images/smileys/laughing.png" border="0"></td><td>:D</td><td>laughing</td></tr>
<tr><td><img src="images/smileys/lick.png" border="0"></td><td>:P</td><td>lick</td></tr>
<tr><td><img src="images/smileys/ohno.png" border="0"></td><td>:O</td><td>oh no!</td></tr>
<tr><td><img src="images/smileys/smile.png" border="0"></td><td>:)</td><td>smile</td></tr>
<tr><td><img src="images/smileys/surprised.png" border="0"></td><td>=)</td><td>surprised</td></tr>
<tr><td><img src="images/smileys/undecided.png" border="0"></td><td>:\</td><td>undecided</td></tr>
<tr><td><img src="images/smileys/wink.png" border="0"></td><td>;)</td><td>wink</td></tr>
</table>
</td></tr></table>
</td><td width="25"></td><td valign="top">
<?php
// improve category handling (20100221) - start
echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\"><tr><td valign=\"top\" width=\"150\">";
if ($dh_cat = opendir("$maj_data_directory/categories")) { while (($entry_cat = readdir($dh_cat)) !== false) { if ($entry_cat != "." && $entry_cat != "..") {
if (file_exists("$maj_data_directory/categories/$entry_cat/private.txt") and
($maj_admin_username != $maj_logged_in_username)) { continue;
}
if (($maj_admin_username != $maj_logged_in_username) and
!file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-adm.txt")) { continue;
}
if (file_exists("$maj_data_directory/items/$maj_req_entry/categories/$entry_cat")) { $filed_cat[] = $entry_cat;
}
if (!file_exists("$maj_data_directory/items/$maj_req_entry/categories/$entry_cat")) { $unfiled_cat[] = $entry_cat;
}
}
}
$count_filed_cat = count($filed_cat); $count_unfiled_cat = count($unfiled_cat); }
if ($count_filed_cat > 0) {
echo "<p><b>Filed Under</b></p>";
echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\" width=\"150\">";
foreach ($filed_cat as $filed_category) {
echo "<form enctype=\"multipart/form-data\" action=\"edit.php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"entry\" value=\"$maj_req_entry\">";
echo "<input type=\"hidden\" name=\"category\" value=\"$filed_category\">";
echo "<input type=\"hidden\" name=\"do\" value=\"unfile\">";
echo "<tr bgcolor=\"#ffffff\"><td><a href=\"index.php?category=$filed_category\">$filed_category</a></td>";
echo "<td width=\"14\"><input type=\"image\" src=\"images/widget.x.png\"></td></tr>";
echo "</form>";
}
echo "</table>";
}
echo "</td><td width=\"25\"></td><td valign=\"top\" width=\"150\">";
if ($count_unfiled_cat > 0) {
echo "<p><b>Available Categories</b></p>";
echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\" width=\"150\">";
foreach ($unfiled_cat as $unfiled_category) {
echo "<form enctype=\"multipart/form-data\" action=\"edit.php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"entry\" value=\"$maj_req_entry\">";
echo "<input type=\"hidden\" name=\"category\" value=\"$unfiled_category\">";
echo "<input type=\"hidden\" name=\"do\" value=\"file\">";
echo "<tr bgcolor=\"#ffffff\"><td width=\"14\"><input type=\"image\" src=\"images/widget.ok.png\"></td>";
echo "<td align=\"right\"><a href=\"index.php?category=$unfiled_category\">$unfiled_category</a></td></tr>";
echo "</form>";
}
echo "</table>";
}
echo "</td></tr></table><br>";
}
// improve category handling (20100221) - end
// add member authorization (20100221) - start
if (file_exists("$maj_data_directory/members/active") and
(($maj_admin_username == $maj_logged_in_username) or
(($maj_admin_username != $maj_logged_in_username) and
file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-adm.txt")))) { echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\"><tr><td valign=\"top\" width=\"150\">";
if ($dh_ack_members = opendir("$maj_data_directory/items/$maj_req_entry/members")) { while (($ack_member = readdir($dh_ack_members)) !== false) { if ($ack_member != "." && $ack_member != "..") {
if (file_exists("$maj_data_directory/members/active/$ack_member")) { $ack_members[] = $ack_member;
} else {
rmdirr("$maj_data_directory/items/$maj_req_entry/members/$ack_member");
}
}
}
$count_ack_members = count($ack_members); }
if ($dh_nak_members = opendir("$maj_data_directory/members/active")) { while (($nak_member = readdir($dh_nak_members)) !== false) { if ($nak_member != "." && $nak_member != "..") {
if (file_exists("$maj_data_directory/items/$maj_req_entry/members/$nak_member")) { continue;
}
if (!file_exists("$maj_data_directory/items/$maj_req_entry/members/$nak_member")) { $nak_members[] = $nak_member;
}
}
}
$count_nak_members = count($nak_members); }
if ($count_ack_members > 0) {
echo "<p><b>Authorized Members</b></p>";
echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\" width=\"150\">";
foreach ($ack_members as $ack_member) {
if ($maj_logged_in_username == $nak_member) {
continue;
}
echo "<form enctype=\"multipart/form-data\" action=\"edit.php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"entry\" value=\"$maj_req_entry\">";
echo "<input type=\"hidden\" name=\"auth_member\" value=\"$ack_member\">";
echo "<input type=\"hidden\" name=\"auth_toggle\" value=\"nak\">";
echo "<tr bgcolor=\"#ffffff\"><td><a href=\"member.php?id=$ack_member\">$ack_member</a></td>";
echo "<td width=\"14\"><input type=\"image\" src=\"images/widget.x.png\"></td></tr>";
echo "</form>";
}
echo "</table>";
}
echo "</td><td width=\"25\"></td><td valign=\"top\" width=\"150\">";
if ($count_nak_members > 0) {
echo "<p><b>Registered Members</b></p>";
echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\" width=\"150\">";
foreach ($nak_members as $nak_member) {
if ($maj_logged_in_username == $nak_member) {
continue;
}
echo "<form enctype=\"multipart/form-data\" action=\"edit.php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"entry\" value=\"$maj_req_entry\">";
echo "<input type=\"hidden\" name=\"auth_member\" value=\"$nak_member\">";
echo "<input type=\"hidden\" name=\"auth_toggle\" value=\"ack\">";
echo "<tr bgcolor=\"#ffffff\"><td width=\"14\"><input type=\"image\" src=\"images/widget.ok.png\"></td>";
echo "<td align=\"right\"><a href=\"member.php?id=$nak_member\">$nak_member</a></td></tr>";
echo "</form>";
}
echo "</table>";
}
echo "</td></tr></table><br>";
}
// add member authorization (20100221) - end
?>
</td></tr></table>
<?php
if (!isset($_POST['title_input']) or
!isset($_POST['body_input']) or
empty($_POST['title_input']) or
empty($_POST['body_input'])) { }
if (file_exists("$maj_data_directory/items/$maj_req_entry/title.old")) { unlink("$maj_data_directory/items/$maj_req_entry/title.old"); }
if (file_exists("$maj_data_directory/items/$maj_req_entry/body.old")) { unlink("$maj_data_directory/items/$maj_req_entry/body.old"); }
copy("$maj_data_directory/items/$maj_req_entry/title.txt", "$maj_data_directory/items/$maj_req_entry/title.old"); copy("$maj_data_directory/items/$maj_req_entry/body.txt", "$maj_data_directory/items/$maj_req_entry/body.old");
$title_write_content = format_title_put($_POST['title_input']);
$body_write_content = format_body_put($_POST['body_input']);
$fp_revisions_file = fopen($revisions_file, "r"); $revisions_count = fread($fp_revisions_file, filesize($revisions_file));
$revisions_count = $revisions_count + 1;
$fp_revisions_file = fopen($revisions_file, "w"); fwrite($fp_revisions_file, $revisions_count);
if (isset($_FILES['album_image_input']) and
!empty($_FILES['album_image_input'])) { if ($_FILES['album_image_input']['size'] <= $max_file_size) {
if (($_FILES['album_image_input']['type'] == "image/gif") || ($_FILES['album_image_input']['type'] == "image/pjpeg") || ($_FILES['album_image_input']['type'] == "image/jpeg") || ($_FILES['album_image_input']['type'] == "image/png")) {
$album_image_input_name = str_replace(" ", "_", $_FILES['album_image_input']['name']);
if (!file_exists("images/$maj_req_entry/album/$album_image_input_name")) { mkdir("images/$maj_req_entry"); }
mkdir("images/$maj_req_entry/album"); }
mkdir("$maj_data_directory/albums"); }
if (!file_exists("$maj_data_directory/albums/$maj_req_entry")) { mkdir("$maj_data_directory/albums/$maj_req_entry"); }
if (isset($_POST['caption']) and
!empty($_POST['caption'])) { if (!file_exists("$maj_data_directory/items/$maj_req_entry/album")) { mkdir("$maj_data_directory/items/$maj_req_entry/album"); }
if (!file_exists("$maj_data_directory/items/$maj_req_entry/album/captions")) { mkdir("$maj_data_directory/items/$maj_req_entry/album/captions"); }
if (!file_exists("$maj_data_directory/items/$maj_req_entry/album/captions/{$album_image_input_name}.txt")) { $caption_txt = ucfirst($_POST['caption']); $caption_txt = str_replace(':((', '<img src="images/smileys/crying.png" border="0">', $caption_txt); $caption_txt = str_replace(':(', '<img src="images/smileys/frown.png" border="0">', $caption_txt); $caption_txt = str_replace(':|', '<img src="images/smileys/indifferent.png" border="0">', $caption_txt); $caption_txt = str_replace(':D', '<img src="images/smileys/laughing.png" border="0">', $caption_txt); $caption_txt = str_replace(':P', '<img src="images/smileys/lick.png" border="0">', $caption_txt); $caption_txt = str_replace(':O', '<img src="images/smileys/ohno.png" border="0">', $caption_txt); $caption_txt = str_replace(':)', '<img src="images/smileys/smile.png" border="0">', $caption_txt); $caption_txt = str_replace('=)', '<img src="images/smileys/surprised.png" border="0">', $caption_txt); $caption_txt = str_replace(':\\', '<img src="images/smileys/undecided.png" border="0">', $caption_txt); $caption_txt = str_replace(';)', '<img src="images/smileys/wink.png" border="0">', $caption_txt); $caption_txt = str_replace('[code]', '<code>', $caption_txt); $caption_txt = str_replace('[/code]', '</code>', $caption_txt); $caption_txt = str_replace("\n", '<br />', $caption_txt); $caption_txt = str_replace('[b]', '<b>', $caption_txt); $caption_txt = str_replace('[/b]', '</b>', $caption_txt); $caption_txt = str_replace('[i]', '<i>', $caption_txt); $caption_txt = str_replace('[/i]', '</i>', $caption_txt); $caption_txt = str_replace('[u]', '<u>', $caption_txt); $caption_txt = str_replace('[/u]', '</u>', $caption_txt); $caption_txt = str_replace('[strike]', '<strike>', $caption_txt); $caption_txt = str_replace('[/strike]', '</strike>', $caption_txt); $caption_txt = str_replace('[sup]', '<sup>', $caption_txt); $caption_txt = str_replace('[/sup]', '</sup>', $caption_txt); $caption_txt = str_replace('[sub]', '<sub>', $caption_txt); $caption_txt = str_replace('[/sub]', '</sub>', $caption_txt); $caption_txt = str_replace('[highlight]', '<highlight>', $caption_txt); $caption_txt = str_replace('[/highlight]', '</highlight>', $caption_txt); $caption_txt = str_replace('<highlight>', '<span style="background-color: #ffff00;">', $caption_txt); $caption_txt = str_replace('</highlight>', '</span>', $caption_txt);
$fp_caption_txt = fopen("$maj_data_directory/items/$maj_req_entry/album/captions/{$album_image_input_name}.txt", "w"); fwrite($fp_caption_txt, $caption_txt); }
}
$res = copy($_FILES['album_image_input']['tmp_name'], "images/$maj_req_entry/album/$album_image_input_name"); unlink($_FILES['album_image_input']['tmp_name']); } else {
unlink($_FILES['album_image_input']['tmp_name']); }
} else {
unlink($_FILES['album_image_input']['tmp_name']); }
} else {
unlink($_FILES['album_image_input']['tmp_name']); }
} else {
unlink($_FILES['album_image_input']['tmp_name']); }
}
if (isset($_FILES['entry_image_input']) and
!empty($_FILES['entry_image_input'])) { if ($_FILES['entry_image_input']['size'] <= $max_file_size) {
if (($_FILES['entry_image_input']['type'] == "image/gif") || ($_FILES['entry_image_input']['type'] == "image/pjpeg") || ($_FILES['entry_image_input']['type'] == "image/jpeg") || ($_FILES['entry_image_input']['type'] == "image/png")) {
$entry_image_input_name = str_replace(" ", "_", $_FILES['entry_image_input']['name']);
if (!file_exists("images/$maj_req_entry/$entry_image_input_name")) { mkdir("images/$maj_req_entry"); }
$res = copy($_FILES['entry_image_input']['tmp_name'], "images/$maj_req_entry/$entry_image_input_name"); unlink($_FILES['entry_image_input']['tmp_name']);
$entry_image_size = getimagesize("images/$maj_req_entry/$entry_image_input_name"); $entry_image_width = $entry_image_size[0];
$entry_image_height = $entry_image_size[1];
if ($entry_image_width > $maj_eimage) {
$sizefactor = (double)($maj_eimage / $entry_image_width);
$entry_image_width = (int)($entry_image_width * $sizefactor);
$entry_image_height = (int)($entry_image_height * $sizefactor);
}
$body_write_content = "<img src=\"images/$maj_req_entry/$entry_image_input_name\" border=\"0\" width=\"$entry_image_width\" height=\"$entry_image_height\">\n\r$body_write_content";
} else {
unlink($_FILES['entry_image_input']['tmp_name']); }
} else {
unlink($_FILES['entry_image_input']['tmp_name']); }
} else {
unlink($_FILES['entry_image_input']['tmp_name']); }
} else {
unlink($_FILES['entry_image_input']['tmp_name']); }
}
if (isset($_FILES['file_input']) and
!empty($_FILES['file_input'])) { if ($_FILES['file_input']['size'] <= $max_file_size) {
if (!file_exists("$maj_data_directory/items/$maj_req_entry/filedrop")) { mkdir("$maj_data_directory/items/$maj_req_entry/filedrop"); }
if (!file_exists("$maj_data_directory/items/$maj_req_entry/filedrop/files")) { mkdir("$maj_data_directory/items/$maj_req_entry/filedrop/files"); }
$file_input_name = str_replace(" ", "_", $_FILES['file_input']['name']);
if (!file_exists("$maj_data_directory/items/$maj_req_entry/filedrop/files/$file_input_name")) { $res = copy($_FILES['file_input']['tmp_name'], "$maj_data_directory/items/$maj_req_entry/filedrop/files/$file_input_name"); unlink($_FILES['file_input']['tmp_name']);
$fp_file_txt = fopen("$maj_data_directory/items/$maj_req_entry/filedrop/{$file_input_name}.txt", "w"); fwrite($fp_file_txt, "$maj_data_directory/items/$maj_req_entry/filedrop/files/$file_input_name"); } else {
unlink($_FILES['file_input']['tmp_name']); }
} else {
unlink($_FILES['file_input']['tmp_name']); }
} else {
unlink($_FILES['file_input']['tmp_name']); }
}
$old_title = file_get_contents("$maj_data_directory/items/$maj_req_entry/title.old");
if (($old_title != $title_write_content) or ($old_body != $body_write_content)) {
if (!file_exists("$maj_data_directory/items/$maj_req_entry/wiki")) { mkdir("$maj_data_directory/items/$maj_req_entry/wiki"); }
if (!file_exists("$maj_data_directory/items/$maj_req_entry/wiki/delta")) { mkdir("$maj_data_directory/items/$maj_req_entry/wiki/delta"); }
$ddate = date("YmdHis", time() + $maj_offset);
if (!file_exists("$maj_data_directory/items/$maj_req_entry/wiki/delta/$ddate")) { mkdir("$maj_data_directory/items/$maj_req_entry/wiki/delta/$ddate"); }
$new_body = fopen("$maj_data_directory/items/$maj_req_entry/wiki/delta/$ddate/body.txt", "w"); fwrite($new_body, $body_write_content);
$new_title = fopen("$maj_data_directory/items/$maj_req_entry/wiki/delta/$ddate/title.txt", "w"); fwrite($new_title, $title_write_content);
copy("$maj_data_directory/items/$maj_req_entry/title.txt", "$maj_data_directory/items/$maj_req_entry/wiki/delta/$ddate/ptitle.txt"); copy("$maj_data_directory/items/$maj_req_entry/body.txt", "$maj_data_directory/items/$maj_req_entry/wiki/delta/$ddate/prev.txt"); copy("$maj_data_directory/items/$maj_req_entry/date.txt", "$maj_data_directory/items/$maj_req_entry/wiki/delta/$ddate/date.txt");
if (file_exists("$maj_data_directory/items/$maj_req_entry/contrib.txt")) { copy("$maj_data_directory/items/$maj_req_entry/contrib.txt", "$maj_data_directory/items/$maj_req_entry/wiki/delta/$ddate/contrib.txt"); }
$open_editor_file = fopen("$maj_data_directory/items/$maj_req_entry/wiki/delta/$ddate/editor.txt", "w"); fwrite($open_editor_file, $maj_logged_in_username); }
}
$open_title_file = fopen($title_file, "w"); fwrite($open_title_file, $title_write_content);
$open_body_file = fopen($body_file, "w"); fwrite($open_body_file, $body_write_content);
if (file_exists("$maj_data_directory/wiki.txt") and
(file_exists("$maj_data_directory/items/$maj_req_entry/edit.txt") or
(file_get_contents("$maj_data_directory/items/$maj_req_entry/author.txt") == $maj_logged_in_username))) { $open_contrib_file = fopen("$maj_data_directory/items/$maj_req_entry/contrib.txt", "w"); fwrite($open_contrib_file, $maj_logged_in_username); }
if ($maj_logged_in_username == $maj_admin_username) {
$sticky_sem = 'data/sticky/' . $maj_req_entry;
if (isset($_POST['sticky']) and
!empty($_POST['sticky']) and
($_POST['sticky'] == "on")) { mkdir("$maj_data_directory/sticky"); }
}
}
if (!isset($_POST['sticky']) or
empty($_POST['sticky'])) { }
}
$display_sem = "$maj_data_directory/items/$maj_req_entry/cat.txt";
if (isset($_POST['display']) and
!empty($_POST['display']) and
($_POST['display'] == "on")) { }
}
if (!isset($_POST['display']) or
empty($_POST['display'])) { }
}
$private_sem = "$maj_data_directory/items/$maj_req_entry/private.txt";
if (isset($_POST['private']) and
!empty($_POST['private']) and
($_POST['private'] == "on")) { }
}
if (!isset($_POST['private']) or
empty($_POST['private'])) { }
}
$member_sem = "$maj_data_directory/items/$maj_req_entry/member.txt";
if (isset($_POST['member']) and
!empty($_POST['member']) and
($_POST['member'] == "on")) { }
}
if (!isset($_POST['member']) or
empty($_POST['member'])) { }
}
$edit_sem = "$maj_data_directory/items/$maj_req_entry/edit.txt";
if (isset($_POST['edit']) and
!empty($_POST['edit']) and
($_POST['edit'] == "on")) { }
}
if (!isset($_POST['edit']) or
empty($_POST['edit'])) { }
}
if (isset($_POST['lock']) and
!empty($_POST['lock']) and
($_POST['lock'] == "on")) { if (file_exists("$maj_data_directory/items/$maj_req_entry/edit.txt")) { unlink("$maj_data_directory/items/$maj_req_entry/edit.txt"); }
if (!file_exists("$maj_data_directory/items/$maj_req_entry/lock.txt")) { touch("$maj_data_directory/items/$maj_req_entry/lock.txt"); }
}
if (!isset($_POST['lock']) or
empty($_POST['lock'])) { if (file_exists("$maj_data_directory/items/$maj_req_entry/lock.txt")) { unlink("$maj_data_directory/items/$maj_req_entry/lock.txt"); }
}
$xauthor_sem = "$maj_data_directory/items/$maj_req_entry/xauthor.txt";
if (isset($_POST['xauthor']) and
!empty($_POST['xauthor']) and
($_POST['xauthor'] == "on")) { }
}
if (!isset($_POST['xauthor']) or
empty($_POST['xauthor'])) { }
}
$passwd_file = "$maj_data_directory/items/$maj_req_entry/passwd.txt";
if (isset($_POST['passwd']) and
!empty($_POST['passwd'])) { $fp_passwd_txt = fopen("$passwd_file", "w"); $passwd_crypt = sha1($_POST['passwd']); $passwd_crypt = md5($passwd_crypt); $passwd_crypt = crypt($passwd_crypt, $passwd_crypt); fwrite($fp_passwd_txt, $passwd_crypt); }
if (!isset($_POST['passwd']) or
empty($_POST['passwd'])) { }
}
$fp_maxlines_txt = fopen("$maj_data_directory/items/$maj_req_entry/maxlines.txt", "w"); fwrite($fp_maxlines_txt, $_POST['maxlines']); }
if (!isset($_POST['maxlines']) or
empty($_POST['maxlines'])) { if (file_exists("$maj_data_directory/items/$maj_req_entry/maxlines.txt")) { unlink("$maj_data_directory/items/$maj_req_entry/maxlines.txt"); }
}
}
if (($maj_logged_in_username == $maj_admin_username) or
file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-adm.txt")) { $xtitle_sem = "$maj_data_directory/items/$maj_req_entry/xtitle.txt";
if (isset($_POST['xtitle']) and
!empty($_POST['xtitle']) and
($_POST['xtitle'] == "on")) { }
}
if (!isset($_POST['xtitle']) or
empty($_POST['xtitle'])) { }
}
$xdate_sem = "$maj_data_directory/items/$maj_req_entry/xdate.txt";
if (isset($_POST['xdate']) and
!empty($_POST['xdate']) and
($_POST['xdate'] == "on")) { }
}
if (!isset($_POST['xdate']) or
empty($_POST['xdate'])) { }
}
$xavatar_sem = "$maj_data_directory/items/$maj_req_entry/xavatar.txt";
if (isset($_POST['xavatar']) and
!empty($_POST['xavatar']) and
($_POST['xavatar'] == "on")) { }
}
if (!isset($_POST['xavatar']) or
empty($_POST['xavatar'])) { }
}
$lastmod_sem = "$maj_data_directory/items/$maj_req_entry/lastmod.txt";
if (isset($_POST['lastmod']) and
!empty($_POST['lastmod']) and
($_POST['lastmod'] == "on")) { }
}
if (!isset($_POST['lastmod']) or
empty($_POST['lastmod'])) { }
}
$gl_sem = "$maj_data_directory/items/$maj_req_entry/gl.txt";
if (isset($_POST['gl']) and
!empty($_POST['gl']) and
($_POST['gl'] == "on")) { }
}
if (!isset($_POST['gl']) or
empty($_POST['gl'])) { }
}
$fb_sem = "$maj_data_directory/items/$maj_req_entry/fb.txt";
if (isset($_POST['fb']) and
!empty($_POST['fb']) and
($_POST['fb'] == "on")) { }
}
if (!isset($_POST['fb']) or
empty($_POST['fb'])) { }
}
if (isset($_POST['auto_album']) and
!empty($_POST['auto_album']) and
($_POST['auto_album'] == "on")) {
if (!file_exists("$maj_data_directory/items/$maj_req_entry/auto-album.txt")) { touch("$maj_data_directory/items/$maj_req_entry/auto-album.txt"); }
}
if (!isset($_POST['auto_album']) or
empty($_POST['auto_album'])) {
if (file_exists("$maj_data_directory/items/$maj_req_entry/auto-album.txt")) { unlink("$maj_data_directory/items/$maj_req_entry/auto-album.txt"); }
}
}
if (file_exists("$maj_data_directory/items/$maj_req_entry/title.old")) { unlink("$maj_data_directory/items/$maj_req_entry/title.old"); }
if (file_exists("$maj_data_directory/items/$maj_req_entry/body.old")) { unlink("$maj_data_directory/items/$maj_req_entry/body.old"); }
foreach ($ping_urls as $ping_url) {
}
}
?>
Although MAJ started as a family project, care has been taken to make it as "safe" as possible. With more people now working on MAJ, bugs and exploitable code may sometimes slip in. We invite you to poke around and see if you can find any. Generally, there are two things you can do when you find a MAJ or PHP-related bug or exploit:
