Profile
MAJ is an Open Source, PHP-based content management system (CMS) that can be deployed as a blog, bulletin or message board, Internet forum, and wiki. It is extensible via PHP panels and is HTML5 and CSS3 ready.
Git
This blob has been accessed 21 times via Git panel.

  1. <?php
  2.  
  3. require("core.php");
  4.  
  5. ?>
  6.  
  7. <title>Dig!</title>
  8.  
  9. <style>
  10. body {
  11.         color: #666666;
  12.         margin: 10px;
  13.         padding: 0px;
  14.         text-align: left;
  15.         font-family: <?php
  16.                                 if (file_exists("$maj_data_directory/fonts/body.txt")) {
  17.                                         $font_body = file_get_contents("$maj_data_directory/fonts/body.txt");
  18.                                         echo "{$font_body},";
  19.                                 }
  20.         ?> arial, helvetica, sans-serif;
  21.         background-color: #FFFFFF;
  22. }
  23.  
  24. p, td {
  25.         font-size: 11px;
  26. }
  27.  
  28. a {
  29.         font-weight: bold;
  30.         text-decoration: none;
  31. }
  32.  
  33. a:link, a:visited {
  34.         color: #666666;
  35. }
  36.  
  37. a:hover {
  38.         color: #336699;
  39. }
  40.  
  41. a:active {
  42.         color: #336699;
  43. }
  44. </style>
  45.  
  46. <?php
  47.  
  48. if (!isset($_POST['search'])) {
  49.         exit();
  50. }
  51.  
  52. if (empty($_POST['search'])) {
  53.         echo "<p>Search string required. Click <a href=\"index.php\">here</a> to go to the index page.</p>";
  54.         exit();
  55. }
  56.  
  57. $search = trim(strip_tags(mb_strtolower($_POST['search'])));
  58.  
  59. $google = str_replace(" ", "+", $search);
  60.  
  61. if (mb_strlen($search) < 3) {
  62.         echo "<p>Search string must be composed of 3 or more characters. Click <a href=\"index.php\">here</a> to go to the index page.</p>";
  63.         exit();
  64. }
  65.  
  66. if (file_exists("$maj_data_directory/bb.txt") and file_exists("$maj_data_directory/members/active") and ($dh_search_members = opendir("$maj_data_directory/members/active"))) {
  67.  
  68.         $start_time_member = round(microtime(), 3);
  69.  
  70.         while (($entry_search_members = readdir($dh_search_members)) !== false) {
  71.  
  72.                 if ($entry_search_members != "." && $entry_search_members != "..") {
  73.                         $total_members[] = $entry_search_members;
  74.                 }
  75.  
  76.                 if ($entry_search_members != "." && $entry_search_members != ".." && (preg_match("/\b$search\b/i", file_get_contents("$maj_data_directory/members/active/$entry_search_members/firstname.txt")) or preg_match("/\b$search\b/i", file_get_contents("$maj_data_directory/members/active/$entry_search_members/lastname.txt")) or preg_match("/\b$search\b/i", file_get_contents("$maj_data_directory/members/active/$entry_search_members/rank.txt")) or ($search == $entry_search_members))) {
  77.                         $show_search_members[] = $entry_search_members;
  78.                 }
  79.         }
  80.  
  81.         $stop_time_member = round(microtime(), 3);
  82.  
  83.         $generation_time_member = $stop_time_member - $start_time_member;
  84.         $generation_time_member = str_replace("-","",$generation_time_member);
  85.  
  86.         $show_search_members = array_unique($show_search_members);
  87.         $show_search_members = array_values($show_search_members);
  88.  
  89.         sort($show_search_members);
  90.  
  91.         $count_search_members = count($show_search_members);
  92.  
  93.         $count_total_members = count($total_members);
  94.  
  95.         if ($count_search_members > 0) {
  96.                 echo "<p>Found <b>$search</b> in $count_search_members out of $count_total_members ";
  97.  
  98.                 if ($count_total_members == 1) {
  99.                         echo "member";
  100.                 }
  101.  
  102.                 if ($count_total_members > 1) {
  103.                         echo "members";
  104.                 }
  105.  
  106.                 echo " ($generation_time_member seconds).</p>";
  107.  
  108.                 $search_ucfirst = ucfirst($search);
  109.                 $search_ucwords = ucwords($search);
  110.                 $search_strtoupper = mb_strtoupper($search);
  111.  
  112.                 foreach ($show_search_members as $match_member) {
  113.                         $match_member_firstname = file_get_contents("$maj_data_directory/members/active/$match_member/firstname.txt");
  114.                         $match_member_firstname = str_replace($search, "<span style=\"background-color: #ffff00;\">$search</span>", $match_member_firstname);
  115.                         $match_member_firstname = str_replace($search_ucfirst, "<span style=\"background-color: #ffff00;\">$search_ucfirst</span>", $match_member_firstname);
  116.                         $match_member_firstname = str_replace($search_ucwords, "<span style=\"background-color: #ffff00;\">$search_ucwords</span>", $match_member_firstname);
  117.                         $match_member_firstname = str_replace($search_strtoupper, "<span style=\"background-color: #ffff00;\">$search_strtoupper</span>", $match_member_firstname);
  118.  
  119.                         $match_member_lastname = file_get_contents("$maj_data_directory/members/active/$match_member/lastname.txt");
  120.                         $match_member_lastname = str_replace($search, "<span style=\"background-color: #ffff00;\">$search</span>", $match_member_lastname);
  121.                         $match_member_lastname = str_replace($search_ucfirst, "<span style=\"background-color: #ffff00;\">$search_ucfirst</span>", $match_member_lastname);
  122.                         $match_member_lastname = str_replace($search_ucwords, "<span style=\"background-color: #ffff00;\">$search_ucwords</span>", $match_member_lastname);
  123.                         $match_member_lastname = str_replace($search_strtoupper, "<span style=\"background-color: #ffff00;\">$search_strtoupper</span>", $match_member_lastname);
  124.  
  125.                         $match_member_link = "http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/member.php?id={$match_member}";
  126.                         $match_member_link_fix = array('//member.php', '///member.php');
  127.                         $match_member_link = str_replace($match_member_link_fix, '/member.php', $match_member_link);
  128.                         $match_member_link = trim($match_member_link);
  129.  
  130.                         echo "<p><a href=member.php?id={$match_member}>$match_member</a><br>{$match_member_firstname} {$match_member_lastname}<br>$match_member_link</p>";
  131.                 }
  132.         }
  133. }
  134.  
  135. if ($dh_search_items = opendir("$maj_data_directory/items")) {
  136.  
  137.         $start_time_item = round(microtime(), 3);
  138.  
  139.         while (($entry_search_items = readdir($dh_search_items)) !== false) {
  140.  
  141.                 $today = date("YmdHis", time() + $offset);
  142.  
  143.                 if (($entry_search_items > $today) and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $maj_admin_username))) {
  144.                         continue;
  145.                 }
  146.  
  147.                 $private = "0";
  148.  
  149.                 if (file_exists("$maj_data_directory/items/$entry_search_items/categories")) {
  150.                        
  151.                         if ($dh_cat_dig = opendir("$maj_data_directory/items/$entry_search_items/categories")) {
  152.                        
  153.                                 while (($entry_cat_dig = readdir($dh_cat_dig)) !== false) {
  154.                        
  155.                                         if ($entry_cat_dig != "." && $entry_cat_dig != "..") {
  156.                        
  157.                                                 if (file_exists("$maj_data_directory/categories/$entry_cat_dig/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $maj_admin_username))) {
  158.                                                         $private = $private + 1;
  159.                                                 }
  160.                                         }
  161.                                 }
  162.                                 closedir($dh_cat_dig);
  163.                         }
  164.                 }
  165.  
  166.                 if (($private > 0) and !file_exists("$maj_data_directory/items/$entry_search_items/cat.txt")) {
  167.                         continue;
  168.                 }
  169.  
  170.                 if (file_exists("$maj_data_directory/items/$entry_search_items/private.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $maj_admin_username))) {
  171.                         continue;
  172.                 }
  173.  
  174.                 if (file_exists("$maj_data_directory/items/$entry_search_items/passwd.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $maj_admin_username))) {
  175.                         continue;
  176.                 }
  177.  
  178.                 if (file_exists("$maj_data_directory/items/$entry_search_items/member.txt") and !isset($_SESSION['logged_in'])) {
  179.                         continue;
  180.                 }
  181.  
  182.                 if ($entry_search_items != "." && $entry_search_items != "..") {
  183.                         $total_entries[] = $entry_search_items;
  184.                 }
  185.  
  186.                 if ($entry_search_items != "." && $entry_search_items != ".." && (preg_match("/\b$search\b/i", file_get_contents("$maj_data_directory/items/$entry_search_items/title.txt")) or preg_match("/\b$search\b/i", file_get_contents("$maj_data_directory/items/$entry_search_items/body.txt")))) {
  187.                         $show_search_items[] = $entry_search_items;
  188.                 }
  189.  
  190.                 if ($entry_search_items != "." && $entry_search_items != ".." && file_exists("$maj_data_directory/items/$entry_search_items/comments/live")) {
  191.                         if ($dh_comment_items = opendir("$maj_data_directory/items/$entry_search_items/comments/live")) {
  192.                                 while (($entry_comment_items = readdir($dh_comment_items)) !== false) {
  193.  
  194.                                         if ($entry_comment_items != "." && $entry_comment_items != "..") {
  195.                                                 $total_comments[] = $entry_comment_items;
  196.                                         }
  197.  
  198.                                         if ($entry_comment_items != "." && $entry_comment_items != ".." && preg_match("/\b$search\b/i", file_get_contents("$maj_data_directory/items/$entry_search_items/comments/live/$entry_comment_items/comment.txt"))) {
  199.                                                 $show_search_items[] = $entry_search_items;
  200.                                         }
  201.                                 }
  202.                         }
  203.                 }
  204.         }
  205.         closedir($dh_search_items);
  206. }
  207.  
  208. $stop_time_item = round(microtime(), 3);
  209.  
  210. $generation_time_item = $stop_time_item - $start_time_item;
  211. $generation_time_item = str_replace("-","",$generation_time_item);
  212.  
  213. $show_search_items = array_unique($show_search_items);
  214. $show_search_items = array_values($show_search_items);
  215.  
  216. rsort($show_search_items);
  217.  
  218. $count_search_items = count($show_search_items);
  219.  
  220. $count_total_comments = count($total_comments);
  221.  
  222. $count_total_items = count($total_entries);
  223.  
  224. if (($count_search_items > 0) and ($count_total_items > 0)) {
  225.  
  226.         echo "<p>Found <b>$search</b> in $count_search_items out of $count_total_items ";
  227.  
  228.         if ($count_total_items == 1) {
  229.                 echo "entry";
  230.         }
  231.  
  232.         if ($count_total_items > 1) {
  233.                 echo "entries";
  234.         }
  235.  
  236.         if ($count_total_comments > 0) {
  237.                 echo " and $count_total_comments ";
  238.  
  239.                 if ($count_total_comments == 1) {
  240.                         echo "comment";
  241.                 }
  242.  
  243.                 if ($count_total_comments > 1) {
  244.                         echo "comments";
  245.                 }
  246.         }
  247.        
  248.         echo " ($generation_time_item seconds).</p>";
  249.  
  250.         $increment_search_entries = 0;
  251.  
  252.         while ($increment_search_entries <= ($count_search_items - 1)) {
  253.                 $link = "http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?entry=$show_search_items[$increment_search_entries]";
  254.                 $fix_link = array('//index.php', '///index.php');
  255.                 $link = str_replace($fix_link, '/index.php', $link);
  256.                 $link = trim($link);
  257.  
  258.                 echo "<p><a href=$link";
  259.  
  260.                 if (file_exists("$maj_data_directory/items/$show_search_items[$increment_search_entries]/comments/live") and !preg_match("/\b$search\b/i",file_get_contents("$maj_data_directory/items/$show_search_items[$increment_search_entries]/title.txt")) and !preg_match("/\b$search\b/i",file_get_contents("$maj_data_directory/items/$show_search_items[$increment_search_entries]/body.txt"))) {
  261.                         echo "&show=comments";
  262.                 }
  263.  
  264.                 echo ">";
  265.                 readfile("$maj_data_directory/items/$show_search_items[$increment_search_entries]/title.txt");
  266.                 echo "</a><br>";
  267.                 readfile("$maj_data_directory/items/$show_search_items[$increment_search_entries]/date.txt");
  268.                 echo "<br>";
  269.  
  270.                 $body = file_get_contents("$maj_data_directory/items/$show_search_items[$increment_search_entries]/body.txt");
  271.                 $body = strip_tags($body);
  272.                 $body = trim($body);
  273.                 // comment out next line for _long_ quote
  274.                 $body = str_replace(".","<br />", $body);
  275.  
  276.                 if (file_exists("$maj_data_directory/pf.txt") and file_exists("$maj_data_directory/pf-badwords.txt")) {
  277.                         $badwords = file_get_contents("$maj_data_directory/pf-badwords.txt");
  278.  
  279.                         if (file_exists("$maj_data_directory/pf-censor.txt")) {
  280.                                 $censor = file_get_contents("$maj_data_directory/pf-censor.txt");
  281.                         }
  282.                         else {
  283.                                 $censor = "[expletive]";
  284.                         }
  285.                         $body = preg_replace("/\b($badwords)\b/i",$censor,$body);
  286.                 }
  287.  
  288.                 $body = nl2br($body);
  289.                 $body = explode("<br />", $body);
  290.                 foreach ($body as $line) {
  291.                         if (preg_match("/\b$search\b/i", $line)) {
  292.                                 $line = str_replace($search, "<span style=\"background-color: #ffff00;\">$search</span>", $line);
  293.                                 $ucfirst_line = ucfirst($search);
  294.                                 $line = str_replace($ucfirst_line, "<span style=\"background-color: #ffff00;\">$ucfirst_line</span>", $line);
  295.  
  296.                                 $strtoupper_line = mb_strtoupper($search);
  297.                                 $line = str_replace($strtoupper_line, "<span style=\"background-color: #ffff00;\">$strtoupper_line</span>", $line);
  298.  
  299.                                 $ucwords_line = ucwords($search);
  300.                                 $line = str_replace($ucwords_line, "<span style=\"background-color: #ffff00;\">$ucwords_line</span>", $line);
  301.  
  302.                                 echo "$line ...<br>";
  303.                         }
  304.                 }
  305.  
  306.                 echo str_replace("http://","",$link);
  307.  
  308.                 $size = filesize("$maj_data_directory/items/$show_search_items[$increment_search_entries]/body.txt");
  309.                 $size_string = ($size > 512)?(  ($size/1024 > 512)  ?sprintf("%.02f MB",($size/1024)/1024)  :sprintf("%.02f KB",$size/1024))  :sprintf("%d B",$size);
  310.                 echo " - $size_string";
  311.                 echo "</p>";
  312.                 $increment_search_entries = $increment_search_entries + 1;
  313.         }
  314. echo "<p>Click <a href=http://google.com/search?q=$google target=_maj>here</a> to search for <b>$search</b> with Google.<br>Click <a href=index.php>here</a> to go to the index page.</p>";
  315. }
  316. else {
  317.         echo "<p>Search string not found in $count_total_items ";
  318.         if ($count_total_items == 1) {
  319.                 echo "entry";
  320.         }
  321.         if ($count_total_items > 1) {
  322.                 echo "entries";
  323.         }
  324.  
  325.         if ($count_total_comments > 0) {
  326.                 echo " and $count_total_comments ";
  327.  
  328.                 if ($count_total_comments == 1) {
  329.                         echo "comment";
  330.                 }
  331.  
  332.                 if ($count_total_comments > 1) {
  333.                         echo "comments";
  334.                 }
  335.         }
  336.         echo " ($generation_time_item seconds).<br><br>Click <a href=http://google.com/search?q=$google target=_maj>here</a> to search for <b>$search</b> with Google.<br>Click <a href=index.php>here</a> to go to the index page.</p>";
  337. }
  338.  
  339. ?>
  340.  
Credits
Sunday, Sep 18, 2005, 12:00 AM (Revision 11 - Thursday, Jul 14, 2011, 7:30 PM)
Open Source enables software developers to stand on the shoulders of giants instead of reinventing the wheel, so to speak. Kudos and many thanks to the folks who made their work freely available for reuse in MAJ.

read more
Bugs and Exploits
Friday, Aug 26, 2005, 12:00 AM (Revision 23 - Wednesday, May 29, 2013, 5:25 AM)
Although MAJ started as a family project, care has been taken to make it as "safe" as possible. With more people now working on MAJ, bugs and exploitable code may sometimes slip in. We invite you to poke around and see if you can find any. Generally, there are two things you can do when you find a MAJ or PHP-related bug or exploit:

1. Take advantage of it. But hey, what's so exciting about messing up someone's blog? Ho-hum, right?
2. Report it here so that we can work on a fix and make MAJ better.

read more
Search
Download
MAJ 2.0
75 files
33449 downloads
MAJ 1.0
26 files
13526 downloads
MAJ 0.14
45 files
35642 downloads