Profile
MAJ is an Open Source, PHP-based content management system (CMS) that can be deployed as a blog, bulletin or message board, Internet forum, and wiki. It is extensible via PHP panels and is HTML5 and CSS3 ready.
Git
This blob has been accessed 880 times via Git panel.

  1. <?php
  2.  
  3.   require("core.php");
  4.  
  5.   if (isset($_POST['title_input']) and isset($_POST['body_input']) and !empty($_POST['title_input']) and !empty($_POST['body_input'])) {
  6.       header("Location: index.php");
  7.   }
  8.  
  9.   if ($maj_logged_in_username == $maj_admin_username) {
  10.       $login_username = $maj_admin_username;
  11.   }
  12.  
  13.   if ($maj_logged_in_username != $maj_admin_username) {
  14.       if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/category.txt")) {
  15.           $bb_cat = file_get_contents("$maj_data_directory/members/active/$maj_logged_in_username/category.txt");
  16.          
  17.           if (!file_exists("$maj_data_directory/categories/$bb_cat") or ($bb_cat == "")) {
  18.               unlink("$maj_data_directory/members/active/$maj_logged_in_username/category.txt");
  19.           }
  20.       }
  21.      
  22.       if ((file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-rw.txt") or file_exists("$maj_data_directory/members/active/$maj_logged_in_username/category.txt")) and file_exists("$maj_data_directory/bb.txt") and !file_exists("$maj_data_directory/noadd.txt")) {
  23.           $login_username = $maj_logged_in_username;
  24.       }
  25.   }
  26.  
  27.   if (!isset($maj_logged_in_username) or ($maj_logged_in_username != $login_username)) {
  28.       exit();
  29.   }
  30.  
  31.   $entry_year = date("Y", time() + $maj_offset);
  32.   $entry_month = date("m", time() + $maj_offset);
  33.   $entry_day = date("d", time() + $maj_offset);
  34.   $entry_hour = date("H", time() + $maj_offset);
  35.   $entry_min = date("i", time() + $maj_offset);
  36.   $entry_sec = date("s", time() + $maj_offset);
  37.  
  38.   include("css.php");
  39.  
  40. echo "\n<style>body { margin: {$maj_wspace}px; } .input, .click { width: 520px; }</style>\n";
  41.  
  42. ?>
  43.  
  44. <title>Add</title>
  45.  
  46. <form enctype="multipart/form-data" action="add.php" method="post">
  47. <p>
  48.  
  49. <?php
  50.   if ($maj_logged_in_username != $maj_admin_username and file_exists("$maj_data_directory/members/active/$maj_logged_in_username") and file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-ul.txt")) {
  51. ?>
  52.  
  53. <p><input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>">
  54. <input autocomplete="off" type="file" name="image_input"> Upload optional GIF, JPG, or PNG entry image.</p>
  55.  
  56. <p><input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>">
  57. <input autocomplete="off" type="file" name="file_input"> Upload optional file. Max size supported by server is <?php echo($max_file_size / (1024 * 1024)); ?>MB.</p>
  58.  
  59. <?php
  60.   }
  61. ?>
  62.  
  63.  
  64. <?php
  65.   if ($maj_logged_in_username == $maj_admin_username) {
  66. ?>
  67.  
  68. <select name="select_year">
  69. <option selected>
  70. <option><?php
  71.       echo $entry_year;
  72. ?>
  73. <option><?php
  74.       $ante_year_1 = $entry_year - 1;
  75.       echo $ante_year_1;
  76. ?>
  77. <option><?php
  78.       $ante_year_2 = $entry_year - 2;
  79.       echo $ante_year_2;
  80. ?>
  81. <option><?php
  82.       $ante_year_3 = $entry_year - 3;
  83.       echo $ante_year_3;
  84. ?>
  85. <option><?php
  86.       $ante_year_4 = $entry_year - 4;
  87.       echo $ante_year_4;
  88. ?>
  89. <option><?php
  90.       $ante_year_5 = $entry_year - 5;
  91.       echo $ante_year_5;
  92. ?>
  93. <option><?php
  94.       $ante_year_6 = $entry_year - 6;
  95.       echo $ante_year_6;
  96. ?>
  97. <option><?php
  98.       $ante_year_7 = $entry_year - 7;
  99.       echo $ante_year_7;
  100. ?>
  101. <option><?php
  102.       $ante_year_8 = $entry_year - 8;
  103.       echo $ante_year_8;
  104. ?>
  105. <option><?php
  106.       $ante_year_9 = $entry_year - 9;
  107.       echo $ante_year_9;
  108. ?>
  109. <option><?php
  110.       $ante_year_10 = $entry_year - 10;
  111.       echo $ante_year_10;
  112. ?>
  113. </select>
  114.  
  115. <select name="select_month">
  116. <option selected>
  117. <option><?php
  118.       echo $entry_month;
  119. ?>
  120. <option>01
  121. <option>02
  122. <option>03
  123. <option>04
  124. <option>05
  125. <option>06
  126. <option>07
  127. <option>08
  128. <option>09
  129. <option>10
  130. <option>11
  131. <option>12
  132. </select>
  133.  
  134. <select name="select_day">
  135. <option selected>
  136. <option><?php
  137.       echo $entry_day;
  138. ?>
  139. <option>01
  140. <option>02
  141. <option>03
  142. <option>04
  143. <option>05
  144. <option>06
  145. <option>07
  146. <option>08
  147. <option>09
  148. <option>10
  149. <option>11
  150. <option>12
  151. <option>13
  152. <option>14
  153. <option>15
  154. <option>16
  155. <option>17
  156. <option>18
  157. <option>19
  158. <option>20
  159. <option>21
  160. <option>22
  161. <option>23
  162. <option>24
  163. <option>25
  164. <option>26
  165. <option>27
  166. <option>28
  167. <option>29
  168. <option>30
  169. <option>31
  170. </select>
  171.  
  172. <select name="select_hour">
  173. <option selected>
  174. <option><?php
  175.       echo $entry_hour;
  176. ?>
  177. <option>00
  178. <option>01
  179. <option>02
  180. <option>03
  181. <option>04
  182. <option>05
  183. <option>06
  184. <option>07
  185. <option>08
  186. <option>09
  187. <option>10
  188. <option>11
  189. <option>12
  190. <option>13
  191. <option>14
  192. <option>15
  193. <option>16
  194. <option>17
  195. <option>18
  196. <option>19
  197. <option>20
  198. <option>21
  199. <option>22
  200. <option>23
  201. </select>
  202.  
  203. <select name="select_min">
  204. <option selected>
  205. <option><?php
  206.       echo $entry_min;
  207. ?>
  208. <option>00
  209. <option>01
  210. <option>02
  211. <option>03
  212. <option>04
  213. <option>05
  214. <option>06
  215. <option>07
  216. <option>08
  217. <option>09
  218. <option>10
  219. <option>11
  220. <option>12
  221. <option>13
  222. <option>14
  223. <option>15
  224. <option>16
  225. <option>17
  226. <option>18
  227. <option>19
  228. <option>20
  229. <option>21
  230. <option>22
  231. <option>23
  232. <option>24
  233. <option>25
  234. <option>26
  235. <option>27
  236. <option>28
  237. <option>29
  238. <option>30
  239. <option>31
  240. <option>32
  241. <option>33
  242. <option>34
  243. <option>35
  244. <option>36
  245. <option>37
  246. <option>38
  247. <option>39
  248. <option>40
  249. <option>41
  250. <option>42
  251. <option>43
  252. <option>44
  253. <option>45
  254. <option>46
  255. <option>47
  256. <option>48
  257. <option>49
  258. <option>50
  259. <option>51
  260. <option>52
  261. <option>53
  262. <option>54
  263. <option>55
  264. <option>56
  265. <option>57
  266. <option>58
  267. <option>59
  268. </select>   Enter antedate value in YYYY-MM-DD-HH-MM format.</p>
  269.  
  270. <p><input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>">
  271. <input autocomplete="off" type="file" name="image_input"> Upload optional GIF, JPG, or PNG entry image.</p>
  272. <input autocomplete="off" type="file" name="file_input"> Upload optional file. Max size supported by server is <?php echo($max_file_size / (1024 * 1024)); ?>MB.</p>
  273. <p><input autocomplete="off" type="password" name="passwd"> Enter optional password.</p>
  274.  
  275. <?php
  276.  
  277. if (file_exists("$maj_data_directory/email.txt")) {
  278.  
  279.         echo "<p>Send a copy of this entry to one email address or to a comma-separated list of email addresses:<br>";
  280.         echo "<input autocomplete=\"on\" type=\"text\" name=\"notify\" class=\"input\"></p>";
  281. }
  282.  
  283.  
  284.       if (file_exists("$maj_data_directory/categories")) {
  285.           if ($dh_cat = opendir("$maj_data_directory/categories")) {
  286.               while (($entry_cat = readdir($dh_cat)) !== false) {
  287.                   if ($entry_cat != "." && $entry_cat != ".." && fnmatch("*", $entry_cat)) {
  288.                       $show_cat[] = $entry_cat;
  289.                   }
  290.               }
  291.               closedir($dh_cat);
  292.           }
  293.          
  294.           sort($show_cat);
  295.  
  296.           $count_cat = count($show_cat);
  297.          
  298.           if ($count_cat > 0) {
  299.               echo "<p><select name=\"category\"><option value=\"\" selected>unfiled";
  300.              
  301.               foreach ($show_cat as $category) {
  302.                   echo "<option value=\"";
  303.                   echo mb_strtolower($category);
  304.                   echo "\">";
  305.                  
  306.                   if (file_exists("$maj_data_directory/categories/$category/title.txt")) {
  307.                       readfile("$maj_data_directory/categories/$category/title.txt");
  308.                   } else {
  309.                       echo mb_strtolower($category);
  310.                   }
  311.               }
  312.              
  313.               echo "</select> Select category.</p>";
  314.           }
  315.       }
  316. ?>
  317.  
  318. <p><input type="checkbox" name="sticky">Put entry title in Quick Links box.<br>
  319. <input type="checkbox" name="display">Always display. If this is not a private entry, it will be displayed even if its category is hidden or isolated.<br>
  320. <input type="checkbox" name="private" <?php if (file_exists("$maj_data_directory/ml.txt")) { echo checked; } ?>>Private entry. This entry will unconditionally be invisible to visitors<?php if (file_exists("$maj_data_directory/ml.txt")) { echo " and to the mailing list"; } ?>, even if always display is set.
  321.  
  322. <?php
  323.       if (file_exists("$maj_data_directory/bb.txt")) {
  324.  
  325.                 echo "<br><input type=\"checkbox\" name=\"member\"";
  326.                
  327.                 if (file_exists("$maj_data_directory/member.txt")) {
  328.                         echo " checked";
  329.                 }
  330.  
  331.                 echo ">Only registered members can view this entry.";
  332.       }
  333. ?>
  334.  
  335. </p>
  336.  
  337. <?php
  338.   }
  339. ?>
  340.  
  341. <table border="0" cellspacing="0" cellpadding="0"><tr><td>
  342.  
  343. <table border="0" cellspacing="2" cellpadding="0">
  344. <tr><td><input autocomplete="off" class="input" type="text" name="title_input" autofocus required></td></tr>
  345. <tr><td><textarea class="input" name="body_input" rows="15" required></textarea></td></tr>
  346. <tr><td><input class="click" type="submit" value="click here to post this new entry"></td></tr>
  347. </form>
  348.  
  349. <form enctype="multipart/form-data" action="index.php" method="post">
  350. <tr><td><input class="click" type="submit" value="click here to go to the index page"></td></tr>
  351. </form>
  352. </table>
  353.  
  354. </td><td width="10"></td><td>
  355.  
  356. <table border="0" cellspacing="1" cellpadding="2">
  357. <tr><td><img src="<?php echo $maj_image_directory; ?>/smileys/crying.png" border="0"></td><td><p>:((</p></td><td ><p>crying</p></td></tr>
  358. <tr><td><img src="<?php echo $maj_image_directory; ?>/smileys/frown.png" border="0"></td><td><p>:(</p></td><td><p>frown</p></td></tr>
  359. <tr><td><img src="<?php echo $maj_image_directory; ?>/smileys/indifferent.png" border="0"></td><td><p>:|</p></td><td><p>indifferent</p></td></tr>
  360. <tr><td><img src="<?php echo $maj_image_directory; ?>/smileys/laughing.png" border="0"></td><td><p>:D</p></td><td><p>laughing</p></td></tr>
  361. <tr><td><img src="<?php echo $maj_image_directory; ?>/smileys/lick.png" border="0"></td><td><p>:P</p></td><td><p>lick</p></td></tr>
  362. <tr><td><img src="<?php echo $maj_image_directory; ?>/smileys/ohno.png" border="0"></td><td><p>:O</p></td><td><p>oh no!</p></td></tr>
  363. <tr><td><img src="<?php echo $maj_image_directory; ?>/smileys/smile.png" border="0"></td><td><p>:)</p></td><td><p>smile</p></td></tr>
  364. <tr><td><img src="<?php echo $maj_image_directory; ?>/smileys/surprised.png" border="0"></td><td><p>=)</p></td><td><p>surprised</p></td></tr>
  365. <tr><td><img src="<?php echo $maj_image_directory; ?>/smileys/undecided.png" border="0"></td><td><p>:\</p></td><td><p>undecided</p></td></tr>
  366. <tr><td><img src="<?php echo $maj_image_directory; ?>/smileys/wink.png" border="0"></td><td><p>;)</p></td><td><p>wink</p></td></tr>
  367. </td></tr>
  368. </table>
  369.  
  370. </td></tr></table>
  371.  
  372. <?php
  373.   if (!isset($_POST['title_input']) or !isset($_POST['body_input']) or empty($_POST['title_input']) or empty($_POST['body_input'])) {
  374.       exit();
  375.   }
  376.  
  377.   if (!isset($_POST['select_year']) or !isset($_POST['select_month']) or !isset($_POST['select_day']) or !isset($_POST['select_hour']) or !isset($_POST['select_min']) or empty($_POST['select_year']) or empty($_POST['select_month']) or empty($_POST['select_day']) or empty($_POST['select_hour']) or empty($_POST['select_min'])) {
  378.       $entry = date("YmdHis", time() + $maj_offset);
  379.       $timestamp = date("l, M j, Y, g:i A", time() + $maj_offset);
  380.   } else {
  381.       $entry = $_POST['select_year'] . $_POST['select_month'] . $_POST['select_day'] . $_POST['select_hour'] . $_POST['select_min'] . $entry_sec;
  382.       $timestamp = date("l, M j, Y, g:i A", mktime($_POST['select_hour'], $_POST['select_min'], $entry_sec, $_POST['select_month'], $_POST['select_day'], $_POST['select_year']));
  383.   }
  384.  
  385.   if (!file_exists("$maj_data_directory/items")) {
  386.       mkdir("$maj_data_directory/items");
  387.   }
  388.  
  389.   if (!file_exists("images")) {
  390.       mkdir("images");
  391.   }
  392.  
  393.   mkdir("$maj_data_directory/items/$entry");
  394.  
  395.   $title_write_content = format_title_put($_POST['title_input']);
  396.   $body_write_content = format_body_put($_POST['body_input']);
  397.  
  398.   $fp_title_txt = fopen("$maj_data_directory/items/$entry/title.txt", "w");
  399.   fwrite($fp_title_txt, $title_write_content);
  400.   fclose($fp_title_txt);
  401.  
  402.   $fp_author_txt = fopen("$maj_data_directory/items/$entry/author.txt", "w");
  403.   fwrite($fp_author_txt, $maj_logged_in_username);
  404.   fclose($fp_author_txt);
  405.  
  406.   if ($maj_admin_username == $maj_logged_in_username) {
  407.       $post_file = "$maj_data_directory/lastpost.txt";
  408.   } elseif (file_exists("$maj_data_directory/members/active/$maj_logged_in_username")) {
  409.       $post_file = "$maj_data_directory/members/active/$maj_logged_in_username/bb-post.txt";
  410.   }
  411.  
  412.   $fp_post_txt = fopen($post_file, "w");
  413.   fwrite($fp_post_txt, $entry);
  414.   fclose($fp_post_txt);
  415.  
  416.   $fp_date_txt = fopen($maj_data_directory/items/$entry/date.txt, "w");
  417.   fwrite($fp_date_txt, $timestamp);
  418.   fclose($fp_date_txt);
  419.  
  420. if (isset($_FILES['image_input']) and !empty($_FILES['image_input'])) {
  421.  
  422.         if (is_uploaded_file($_FILES['image_input']['tmp_name'])) {
  423.  
  424.                 if ($_FILES['image_input']['size'] <= $max_file_size) {
  425.  
  426.                         if (($_FILES['image_input']['type'] == "image/gif") || ($_FILES['image_input']['type'] == "image/pjpeg") || ($_FILES['image_input']['type'] == "image/jpeg") || ($_FILES['image_input']['type'] == "image/png")) {
  427.  
  428.                                 if (!file_exists("$maj_image_directory/$entry")) {
  429.                                         mkdir("$maj_image_directory/$entry");
  430.                                 }
  431.                  
  432.                                 $image_input_name = str_replace(" ", "_", $_FILES['image_input']['name']);
  433.                  
  434.                                 if (!file_exists("$maj_image_directory/$entry/$image_input_name")) {
  435.                                         copy($_FILES['image_input']['tmp_name'], "$maj_image_directory/$entry/$image_input_name");
  436.                                         unlink($_FILES['image_input']['tmp_name']);
  437.                                 }
  438.                                 else {
  439.                                         unlink($_FILES['image_input']['tmp_name']);
  440.                                 }
  441.                         }
  442.                         else {
  443.                                 unlink($_FILES['image_input']['tmp_name']);
  444.                         }
  445.                 }
  446.                 else {
  447.                         unlink($_FILES['image_input']['tmp_name']);
  448.                 }
  449.         }
  450.         else {
  451.                 unlink($_FILES['image_input']['tmp_name']);
  452.         }
  453. }
  454.  
  455. if (isset($_FILES['file_input']) and !empty($_FILES['file_input'])) {
  456.  
  457.         if (is_uploaded_file($_FILES['file_input']['tmp_name'])) {
  458.  
  459.                 if ($_FILES['file_input']['size'] <= $max_file_size) {
  460.              
  461.                         if (!file_exists($maj_data_directory/items/$entry/filedrop)) {
  462.                                 mkdir("$maj_data_directory/items/$entry/filedrop/files",0700,true);
  463.                         }
  464.              
  465.                         $file_input_name = str_replace(" ", "_", $_FILES['file_input']['name']);
  466.              
  467.                         if (!file_exists("$maj_data_directory/items/$entry/filedrop/files/$file_input_name")) {
  468.                                 copy($_FILES['file_input']['tmp_name'], "$maj_data_directory/items/$entry/filedrop/files/$file_input_name");
  469.                                 unlink($_FILES['file_input']['tmp_name']);
  470.                         }
  471.                         else {
  472.                                 unlink($_FILES['file_input']['tmp_name']);
  473.                         }
  474.                 }
  475.                 else {
  476.                         unlink($_FILES['file_input']['tmp_name']);
  477.                 }
  478.         }
  479.         else {
  480.                 unlink($_FILES['file_input']['tmp_name']);
  481.         }
  482. }
  483.  
  484.   $fp_body_txt = fopen("$maj_data_directory/items/$entry/body.txt", "w");
  485.  
  486.   if (isset($_FILES['image_input']) and !empty($_FILES['image_input'])) {
  487.       if (file_exists("$maj_image_directory/$entry/$image_input_name")) {
  488.           $entry_image_size = getimagesize("$maj_image_directory/$entry/$image_input_name");
  489.           $entry_image_width = $entry_image_size[0];
  490.           $entry_image_height = $entry_image_size[1];
  491.          
  492.           if ($entry_image_width > $maj_eimage) {
  493.               $sizefactor = (double)($maj_eimage / $entry_image_width);
  494.               $entry_image_width = (int)($entry_image_width * $sizefactor);
  495.               $entry_image_height = (int)($entry_image_height * $sizefactor);
  496.           }
  497.          
  498.           $body_write_content = "<img src=\"$maj_image_directory/$entry/$image_input_name\" border=\"0\" width=\"$entry_image_width\" height=\"$entry_image_height\"><br>$body_write_content";
  499.       }
  500.   }
  501.  
  502.   fwrite($fp_body_txt, $body_write_content);
  503.   fclose($fp_body_txt);
  504.  
  505.   if (isset($_POST['sticky']) and !empty($_POST['sticky']) and ($_POST['sticky'] == "on")) {
  506.       if (!file_exists("$maj_data_directory/sticky")) {
  507.           mkdir("$maj_data_directory/sticky");
  508.       }
  509.       if (!file_exists("$maj_data_directory/sticky/$entry")) {
  510.           touch("$maj_data_directory/sticky/$entry");
  511.       }
  512.   }
  513.  
  514.   if (isset($_POST['display']) and !empty($_POST['display']) and ($_POST['display'] == "on")) {
  515.       if (!file_exists("$maj_data_directory/items/$entry/cat.txt")) {
  516.           touch("$maj_data_directory/items/$entry/cat.txt");
  517.       }
  518.   }
  519.  
  520.   if (isset($_POST['private']) and !empty($_POST['private']) and ($_POST['private'] == "on")) {
  521.       if (!file_exists("$maj_data_directory/items/$entry/private.txt")) {
  522.           touch("$maj_data_directory/items/$entry/private.txt");
  523.       }
  524.   }
  525.  
  526.   if (file_exists("$maj_data_directory/bb.txt") and file_exists("$maj_data_directory/member.txt") and (($maj_logged_in_username != $maj_admin_username) or (isset($_POST['member']) and !empty($_POST['member']) and ($_POST['member'] == "on")))) {
  527.       touch("$maj_data_directory/items/$entry/member.txt");
  528.   }
  529.  
  530.   if (file_exists("$maj_data_directory/members/active") and file_exists("$maj_data_directory/ml.txt") and file_exists("$maj_data_directory/email.txt") and !file_exists("$maj_data_directory/items/$entry/private.txt") and !file_exists("$maj_data_directory/categories/{$_POST['category']}/private.txt")) {
  531.       if (file_exists("$maj_data_directory/ml-reply2.txt")) {
  532.           $ml_reply2 = file_get_contents("$maj_data_directory/ml-reply2.txt");
  533.       }
  534.      
  535.       if ($maj_logged_in_username == $maj_admin_username) {
  536.           $ml_author = file_get_contents("$maj_data_directory/author.txt");
  537.          
  538.           if (file_exists("$maj_data_directory/ml-from.txt")) {
  539.               $ml_from = $ml_reply2;
  540.           } else {
  541.               $ml_from = file_get_contents("$maj_data_directory/email.txt");
  542.           }
  543.          
  544.           $ml_from = "\"$ml_author\" <$ml_from>";
  545.       }
  546.      
  547.       if ($maj_logged_in_username != $maj_admin_username) {
  548.           if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-rw.txt") and file_exists("$maj_data_directory/bb.txt")) {
  549.               $ml_from_firstname = file_get_contents("$maj_data_directory/members/active/$maj_logged_in_username/firstname.txt");
  550.               $ml_from_lastname = file_get_contents("$maj_data_directory/members/active/$maj_logged_in_username/lastname.txt");
  551.              
  552.               if (file_exists("$maj_data_directory/ml-from.txt")) {
  553.                   $ml_from = $ml_reply2;
  554.               } else {
  555.                   $ml_from = file_get_contents("$maj_data_directory/members/active/$maj_logged_in_username/email.txt");
  556.               }
  557.              
  558.               $ml_from = "\"$ml_from_firstname $ml_from_lastname\" <$ml_from>";
  559.           }
  560.       }
  561.      
  562.       $ml_subject = ucfirst($_POST['title_input']);
  563.       if (file_exists("$maj_data_directory/ml-prepend.txt")) {
  564.           $ml_subject = file_get_contents("$maj_data_directory/ml-prepend.txt") . " " . $ml_subject;
  565.       }
  566.      
  567.       $ml_body = ucfirst($_POST['body_input']);
  568.       $ml_body = str_replace('<br />', "\n", $ml_body);
  569.       $ml_body = str_replace("<img src=\"$maj_image_directory/smileys/crying.png\" border=\"0\">", ':((', $ml_body);
  570.       $ml_body = str_replace("<img src=\"$maj_image_directory/smileys/frown.png\" border=\"0\">", ':(', $ml_body);
  571.       $ml_body = str_replace("<img src=\"$maj_image_directory/smileys/indifferent.png\" border=\"0\">", ':|', $ml_body);
  572.       $ml_body = str_replace("<img src=\"$maj_image_directory/smileys/laughing.png\" border=\"0\">", ':D', $ml_body);
  573.       $ml_body = str_replace("<img src=\"$maj_image_directory/smileys/lick.png\" border=\"0\">", ':P', $ml_body);
  574.       $ml_body = str_replace("<img src=\"$maj_image_directory/smileys/ohno.png\" border=\"0\">", ':O', $ml_body);
  575.       $ml_body = str_replace("<img src=\"$maj_image_directory/smileys/smile.png\" border=\"0\">", ':)', $ml_body);
  576.       $ml_body = str_replace("<img src=\"$maj_image_directory/smileys/surprised.png\" border=\"0\">", '=)', $ml_body);
  577.       $ml_body = str_replace("<img src=\"$maj_image_directory/smileys/undecided.png\" border=\"0\">", ':\\', $ml_body);
  578.       $ml_body = str_replace("<img src=\"$maj_image_directory/smileys/wink.png\" border=\"0\">", ';)', $ml_body);
  579.       $ml_body = str_replace('&amp;', '&', $ml_body);
  580.       $ml_body = str_replace('&reg;', '(R)', $ml_body);
  581.       $ml_body = strip_tags($ml_body);
  582.      
  583.       if (file_exists("$maj_data_directory/ml-header.txt")) {
  584.           $ml_header = file_get_contents("$maj_data_directory/ml-header.txt");
  585.           $ml_body = $ml_header . "\n\n" . $ml_body;
  586.       }
  587.      
  588.       $ml_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/";
  589.       $ml_url = str_replace('//', '/', $ml_url);
  590.       $ml_url = "http://" . $ml_url . "index.php?entry={$entry}&show=comments";
  591.      
  592.       $ml_body = $ml_body . "\n\nPlease visit the following URL for the online version of this message:\n\n" . $ml_url;
  593.      
  594.       if (file_exists("$maj_data_directory/items/$entry/member.txt")) {
  595.           $ml_body = $ml_body . "\n\nYou need to login first to view the entry or to add a comment.";
  596.       }
  597.      
  598.       if (file_exists("$maj_data_directory/ml-footer.txt")) {
  599.           $ml_footer = file_get_contents("$maj_data_directory/ml-footer.txt");
  600.           $ml_body = $ml_body . "\n\n" . $ml_footer;
  601.       }
  602.      
  603.       if ($dh_ml_member = opendir("$maj_data_directory/members/active")) {
  604.           while (($ml_member = readdir($dh_ml_member)) !== false) {
  605.               if ($ml_member != "." && $ml_member != ".." && fnmatch("*", $ml_member)) {
  606.          
  607.                   if (file_exists("$maj_data_directory/members/active/$ml_member/bb-noml.txt")) {
  608.                       continue;
  609.                   }
  610.                  
  611.                   if (file_exists("$maj_data_directory/members/active/$ml_member/bb-vacation.txt")) {
  612.                       continue;
  613.                   }
  614.                  
  615.                   $ml_to_firstname = file_get_contents("$maj_data_directory/members/active/$ml_member/firstname.txt");
  616.                   $ml_to_lastname = file_get_contents("$maj_data_directory/members/active/$ml_member/lastname.txt");
  617.                   $ml_to = file_get_contents("$maj_data_directory/members/active/$ml_member/email.txt");
  618.                   $ml_to = '"' . "$ml_to_firstname $ml_to_lastname" . '" <' . $ml_to . '>';
  619.                  
  620.                   if (file_exists("$maj_data_directory/ml-reply2.txt")) {
  621.                       mb_send_mail($ml_to, $ml_subject, $ml_body, "From: $ml_from\n" . "Reply-To: $ml_reply2\n" . "References: $entry\n" . "X-Mailer: $maj_mailer\n" . "Precedence: bulk");
  622.                   } else {
  623.                       mb_send_mail($ml_to, $ml_subject, $ml_body, "From: $ml_from\n" . "References: $entry\n" . "X-Mailer: $maj_mailer\n" . "Precedence: bulk");
  624.                   }
  625.               }
  626.           }
  627.           closedir($dh_ml_member);
  628.       }
  629.   }
  630.  
  631.   if (isset($_POST['category']) and !empty($_POST['category']) and file_exists("$maj_data_directory/categories/{$_POST['category']}")) {
  632.       if (!file_exists("$maj_data_directory/items/$entry/categories")) {
  633.           mkdir("$maj_data_directory/items/$entry/categories");
  634.       }
  635.      
  636.       if (!file_exists("$maj_data_directory/items/$entry/categories/{$_POST['category']}")) {
  637.           mkdir("$maj_data_directory/items/$entry/categories/{$_POST['category']}");
  638.       }
  639.   }
  640.  
  641.  
  642.   if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/category.txt") and file_exists("$maj_data_directory/bb.txt")) {
  643.       $bb_cat = file_get_contents("$maj_data_directory/members/active/$maj_logged_in_username/category.txt");
  644.      
  645.       if (file_exists("$maj_data_directory/categories/$bb_cat")) {
  646.           if (!file_exists("$maj_data_directory/items/$entry/categories")) {
  647.               mkdir("$maj_data_directory/items/$entry/categories");
  648.           }
  649.          
  650.           if (!file_exists("$maj_data_directory/items/$entry/categories/$bb_cat")) {
  651.               mkdir("$maj_data_directory/items/$entry/categories/$bb_cat");
  652.           }
  653.       }
  654.   }
  655.  
  656. if (isset($_POST['passwd']) and !empty($_POST['passwd'])) {
  657.  
  658.         if (empty($_POST['passwd'])) {
  659.                 unlink("$maj_data_directory/items/$entry/passwd.txt");
  660.         }
  661.         else {
  662.                 $passwd_crypt = sha1($_POST['passwd']);
  663.                 $passwd_crypt = md5($passwd_crypt);
  664.                 $passwd_crypt = crypt($passwd_crypt, $passwd_crypt);
  665.          
  666.                 $fp_passwd_txt = fopen("$maj_data_directory/items/$entry/passwd.txt", "w");
  667.                 fwrite($fp_passwd_txt, $passwd_crypt);
  668.                 fclose($fp_passwd_txt);
  669.         }
  670. }
  671.  
  672. if (file_exists("$maj_data_directory/ping.txt")) {
  673.  
  674.         $ping_urls = file_get_contents("$maj_data_directory/ping.txt");
  675.      
  676.         $get_ping_urls = explode("|", $ping_urls);
  677.      
  678.         foreach ($get_ping_urls as $ping_url) {
  679.                 $ping = file_get_contents($ping_url);
  680.                 unset($ping);
  681.         }
  682. }
  683.  
  684. if (isset($_POST['notify']) and !empty($_POST['notify']) and file_exists("$maj_data_directory/email.txt") and !file_exists("$maj_data_directory/items/$entry/private.txt")) {
  685.  
  686.         $notify_from = file_get_contents("$maj_data_directory/email.txt");
  687.        
  688.         $notify = explode(",",$_POST['notify']);
  689.        
  690.         foreach ($notify as $notify_to) {
  691.  
  692.                 $notify_check = strpos($notify_to,"<");
  693.  
  694.                 if ($notify_check) {
  695.  
  696.                         $notify_to = substr($notify_to,$notify_check+1);
  697.                         $notify_to = substr($notify_to,0,-1);
  698.                 }
  699.                
  700.                 mb_strtolower($notify_to);
  701.                 trim($notify_to);
  702.        
  703.                 if (mb_ereg("@", $notify_to) and mb_ereg("\.", $notify_to) and (substr_count($notify_to,"@") == "1")) {
  704.  
  705.                         if (isset($_POST['category']) and !empty($_POST['category']) and file_exists("$maj_data_directory/categories/{$_POST['category']}/private.txt")) {
  706.                                 continue;
  707.                         }
  708.                        
  709.                         mb_send_mail($notify_to, $title_write_content, $body_write_content, "From: $notify_from\n" . "References: $entry\n" . "X-Mailer: $maj_mailer\n" . "Precedence: bulk");
  710.                 }
  711.         }
  712. }
  713.  
  714. ?>
  715.  
Credits
Sunday, Sep 18, 2005, 12:00 AM (Revision 11 - Thursday, Jul 14, 2011, 7:30 PM)
Open Source enables software developers to stand on the shoulders of giants instead of reinventing the wheel, so to speak. Kudos and many thanks to the folks who made their work freely available for reuse in MAJ.

read more
Bugs and Exploits
Friday, Aug 26, 2005, 12:00 AM (Revision 23 - Wednesday, May 29, 2013, 5:25 AM)
Although MAJ started as a family project, care has been taken to make it as "safe" as possible. With more people now working on MAJ, bugs and exploitable code may sometimes slip in. We invite you to poke around and see if you can find any. Generally, there are two things you can do when you find a MAJ or PHP-related bug or exploit:

1. Take advantage of it. But hey, what's so exciting about messing up someone's blog? Ho-hum, right?
2. Report it here so that we can work on a fix and make MAJ better.

read more
Search
Download
MAJ 2.0
75 files
33012 downloads
MAJ 1.0
26 files
13144 downloads
MAJ 0.14
45 files
35026 downloads