Profile
MAJ is an Open Source, PHP-based content management system (CMS) that can be deployed as a blog, bulletin or message board, Internet forum, and wiki. It is extensible via PHP panels and is HTML5 and CSS3 ready.
Git
This commit has been accessed 918 times via Git panel.

commit 03c46636ebc8009045987886bb5ccd167b7dd1cc
tree 25e3c4cf2244b314f1d718bf32c0719742a004cd
parent bdfbfda438421cd407a8c38eb1992df95261e557
author Engels Antonio <engels@majcms.org> 1277314210 +0800
committer Engels Antonio <engels@majcms.org> 1277314210 +0800

    maj-1.0-20090210-bb.zip

diff --git a/edit.php b/edit.php
index 944a671..eb4c29b 100644
--- a/edit.php
+++ b/edit.php
@@ -45,12 +45,15 @@ if (!isset($_SESSION['logged_in'])) {
 
 $do = 0;
 
-if ($_SESSION['logged_in'] == $login_username) {
+if (file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt") and file_exists("data/wiki.txt") and (file_exists("data/items/{$_REQUEST['entry']}/edit.txt") or (file_get_contents("data/items/{$_REQUEST['entry']}/author.txt") == $_SESSION['logged_in']))) {
        $do = 1;
 }
 
+if (file_exists("data/items/{$_REQUEST['entry']}/lock.txt")) {
+       $do = 0;
+}
 
-if (file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt") and file_exists("data/wiki.txt") and (file_exists("data/items/{$_REQUEST['entry']}/edit.txt") or (file_get_contents("data/items/{$_REQUEST['entry']}/author.txt") == $_SESSION['logged_in']))) {
+if ($_SESSION['logged_in'] == $login_username) {
        $do = 1;
 }
 
@@ -430,6 +433,25 @@ if ($_SESSION['logged_in'] == $login_username) {
        }
        ?></td></tr>
 
+       <tr><td><input autocomplete="off" type="text" name="maxlines" <?php
+
+       if (file_exists("data/items/{$_REQUEST['entry']}/maxlines.txt")) {
+               echo "value=\"";
+               readfile("data/items/{$_REQUEST['entry']}/maxlines.txt");
+               echo "\"";
+       }
+       ?>
+
+       > <?php
+
+       if (file_exists("data/items/{$_REQUEST['entry']}/maxlines.txt")) {
+               echo "Enter new maximum lines for initial display or clear field to disable.";
+       }
+       else {
+               echo "Enter optional maximum lines for initial display.";
+       }
+       ?></td></tr>
+
        <tr><td><input type="checkbox" name="sticky" <?php $sticky_sem = 'data/sticky/' . $_REQUEST['entry']; if (file_exists($sticky_sem)) { echo checked; } ?>>Put entry title in Quick Links box.</td></tr>
        <tr><td><input type="checkbox" name="pdf" <?php if (file_exists("data/items/{$_REQUEST['entry']}/pdf/file")) { echo checked; } ?>>Allow PDF generation for this entry.</td></tr>
        <tr><td><input type="checkbox" name="display" <?php $display_sem = "data/items/{$_REQUEST['entry']}/cat.txt"; if (file_exists($display_sem)) { echo checked; } ?>>Always display. If this is not a private entry, it will be displayed even if its category is hidden or isolated.</td></tr>
@@ -446,6 +468,7 @@ if ($_SESSION['logged_in'] == $login_username) {
        if (file_exists("data/bb.txt") and file_exists("data/wiki.txt")) { ?>
 
        <tr><td><input type="checkbox" name="edit" <?php $edit_sem = "data/items/{$_REQUEST['entry']}/edit.txt"; if (file_exists($edit_sem)) { echo checked; } ?>>Registered members can edit this entry.</td></tr>
+       <tr><td><input type="checkbox" name="lock" <?php if (file_exists("data/items/{$_REQUEST['entry']}/lock.txt")) { echo checked; } ?>>Only the administrator can edit this entry. </td></tr>
 
        <?php
 
@@ -964,6 +987,7 @@ if (file_exists("data/wiki.txt") and (file_exists("data/items/{$_REQUEST['entry'
 if ($_SESSION['logged_in'] == $login_username) {
 
        $sticky_sem = 'data/sticky/' . $_REQUEST['entry'];
+
        if (isset($_POST['sticky']) and !empty($_POST['sticky']) and ($_POST['sticky'] == "on")) {
                if (!file_exists("data/sticky")) {
                        mkdir("data/sticky");
@@ -992,6 +1016,7 @@ if ($_SESSION['logged_in'] == $login_username) {
        }
 
        $private_sem = "data/items/{$_REQUEST['entry']}/private.txt";
+
        if (isset($_POST['private']) and !empty($_POST['private']) and ($_POST['private'] == "on")) {
                if (!file_exists($private_sem)) {
                        touch($private_sem);
@@ -1004,6 +1029,7 @@ if ($_SESSION['logged_in'] == $login_username) {
        }
 
        $member_sem = "data/items/{$_REQUEST['entry']}/member.txt";
+
        if (isset($_POST['member']) and !empty($_POST['member']) and ($_POST['member'] == "on")) {
                if (!file_exists($member_sem)) {
                        touch($member_sem);
@@ -1016,23 +1042,43 @@ if ($_SESSION['logged_in'] == $login_username) {
        }
       
        $edit_sem = "data/items/{$_REQUEST['entry']}/edit.txt";
+
        if (isset($_POST['edit']) and !empty($_POST['edit']) and ($_POST['edit'] == "on")) {
                if (!file_exists($edit_sem)) {
                        touch($edit_sem);
                }
        }
+
        if (!isset($_POST['edit']) or empty($_POST['edit'])) {
                if (file_exists($edit_sem)) {
                        unlink($edit_sem);
                }
        }
+
+       if (isset($_POST['lock']) and !empty($_POST['lock']) and ($_POST['lock'] == "on")) {
+
+               if (file_exists("data/items/{$_REQUEST['entry']}/edit.txt")) {
+                       unlink("data/items/{$_REQUEST['entry']}/edit.txt");
+               }
+
+               if (!file_exists("data/items/{$_REQUEST['entry']}/lock.txt")) {
+                       touch("data/items/{$_REQUEST['entry']}/lock.txt");
+               }
+       }
+       if (!isset($_POST['lock']) or empty($_POST['lock'])) {
+               if (file_exists("data/items/{$_REQUEST['entry']}/lock.txt")) {
+                       unlink("data/items/{$_REQUEST['entry']}/lock.txt");
+               }
+       }
       
        $lastmod_sem = "data/items/{$_REQUEST['entry']}/lastmod.txt";
+
        if (isset($_POST['lastmod']) and !empty($_POST['lastmod']) and ($_POST['lastmod'] == "on")) {
                if (!file_exists($lastmod_sem)) {
                        touch($lastmod_sem);
                }
        }
+
        if (!isset($_POST['lastmod']) or empty($_POST['lastmod'])) {
                if (file_exists($lastmod_sem)) {
                        unlink($lastmod_sem);
@@ -1040,12 +1086,15 @@ if ($_SESSION['logged_in'] == $login_username) {
        }
       
        if (isset($_POST['pdf']) and !empty($_POST['pdf']) and ($_POST['pdf'] == "on")) {
+
                if (!file_exists("data/items/{$_REQUEST['entry']}/pdf")) {
                        mkdir("data/items/{$_REQUEST['entry']}/pdf");
                }
+
                if (!file_exists("data/items/{$_REQUEST['entry']}/pdf/file")) {
                        mkdir("data/items/{$_REQUEST['entry']}/pdf/file");
                }
+
                if (!file_exists("data/items/{$_REQUEST['entry']}/pdf/count")) {
                        mkdir("data/items/{$_REQUEST['entry']}/pdf/count");
                }
@@ -1194,6 +1243,18 @@ if ($_SESSION['logged_in'] == $login_username) {
                        unlink($passwd_file);
                }
        }
+
+       if (isset($_POST['maxlines']) and !empty($_POST['maxlines']) and is_numeric($_POST['maxlines'])) {
+               $fp_maxlines_txt = fopen("data/items/{$_REQUEST['entry']}/maxlines.txt","w");
+               fwrite($fp_maxlines_txt, $_POST['maxlines']);
+               fclose($fp_maxlines_txt);
+       }
+
+       if (!isset($_POST['maxlines']) or empty($_POST['maxlines'])) {
+               if (file_exists("data/items/{$_REQUEST['entry']}/maxlines.txt")) {
+                       unlink("data/items/{$_REQUEST['entry']}/maxlines.txt");
+               }
+       }
 }
 
 if (file_exists("data/items/{$_REQUEST['entry']}/title.old")) {
diff --git a/index.php b/index.php
index 0bee35b..84e8bd7 100644
--- a/index.php
+++ b/index.php
@@ -3178,14 +3178,17 @@ foreach ($disp as $d) {
 
        readfile("data/items/$d/title.txt");
 
-       if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != $login_username) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/wiki.txt") and (file_exists("data/items/$d/edit.txt") or (file_get_contents("data/items/$d/author.txt") == $_SESSION['logged_in'])) and file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt") and !file_exists("data/items/$d/passwd.txt")) {
+       if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != $login_username) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/wiki.txt") and (file_exists("data/items/$d/edit.txt") or (file_get_contents("data/items/$d/author.txt") == $_SESSION['logged_in'])) and file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt") and !file_exists("data/items/$d/passwd.txt") and !file_exists("data/items/$d/lock.txt")) {
 
                if (file_exists("data/items/$d/wiki/delta") and (count(glob("data/items/$d/wiki/delta/*")) > 0)) {
                        echo "<a href=\"wiki.php?entry=$d\">";
                        echo "<img src=\"images/widget.back.png\" border=\"0\" width=\"11\" height=\"11\" align=\"right\" alt=\"revisions\">";
                        echo "</a>";
                }
-               echo "<a href=\"edit.php?entry=$d\"><img src=\"images/widget.edit.png\" border=\"0\" width=\"11\" height=\"11\" align=\"right\" alt=\"edit entry\"></a>";
+
+               if (!file_exists("data/items/$d/lock.txt")) {
+                       echo "<a href=\"edit.php?entry=$d\"><img src=\"images/widget.edit.png\" border=\"0\" width=\"11\" height=\"11\" align=\"right\" alt=\"edit entry\"></a>";
+               }
        }
 
        if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
@@ -3536,14 +3539,15 @@ foreach ($disp as $d) {
                        $entry_body = preg_replace("/\b($badwords)\b/i",$censor,$entry_body);
                }
 
-               if (file_exists("data/items/$d/shorten.txt")) {
+               if (file_exists("data/items/$d/maxlines.txt") and (!isset($_REQUEST['view']) or ($_REQUEST['view'] != "full"))) {
 
-                       $entry_shorten = file_get_contents("data/items/$d/shorten.txt");
+                       $entry_shorten = file_get_contents("data/items/$d/maxlines.txt");
 
                        $entry_lines = explode("\r",$entry_body);
 
                        if (count($entry_lines) > $entry_shorten) {
                                $entry_body = implode("",array_slice($entry_lines,0,$entry_shorten));
+                               $entry_body = $entry_body . "<br><br><a href=\"index.php?entry=$d&view=full\">read more</a>";
                        }
                }
 
@@ -4849,7 +4853,7 @@ foreach ($disp as $d) {
                                echo "<p>Fill out the form below";
 
                                if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
-                                       echo " and enter <b>$captcha_rand</b> in the anti-spam field";
+                                       echo " and enter <b>$captcha_rand</b> in the CAPTCHA field";
                                }
 
                                echo " to add your comment.";
@@ -4892,7 +4896,7 @@ foreach ($disp as $d) {
                                }
                                else {
                                        ?>
-                                       <td width=75>First Name*</td><td width=300><input class=input type=text autocomplete=off name=firstname maxlength=30></td>
+                                       <td width=75><nobr>First Name*</nobr></td><td width=300><input class=input type=text autocomplete=off name=firstname maxlength=30></td>
                                        <?php
                                }
                                ?>
@@ -4924,7 +4928,7 @@ foreach ($disp as $d) {
                                }
                                else {
                                        ?>
-                                       <tr><td>Last Name*</td><td><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
+                                       <tr><td><nobr>Last Name*</nobr></td><td><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
                                        <?php
                                }
 
@@ -4936,7 +4940,7 @@ foreach ($disp as $d) {
                                                <?php
                                        }
                                        else {
-                                               echo "<tr><td>E-mail*</td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>";
+                                               echo "<tr><td><nobr>E-mail*</nobr></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>";
                                        }
                                }
                                elseif (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")) and file_exists("data/members/active/{$_SESSION['logged_in']}") and file_exists("data/bb.txt")) {
@@ -4946,7 +4950,7 @@ foreach ($disp as $d) {
                                }
                                else {
                                        ?>
-                                       <tr><td>E-mail*</td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
+                                       <tr><td><nobr>E-mail*</nobr></td><td colspan=2><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
                                        <?php
                                }
 
@@ -4962,18 +4966,18 @@ foreach ($disp as $d) {
                                }
                                else {
                                        ?>
-                                       <tr><td>Website</td><td colspan=2><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
+                                       <tr><td><nobr>Website</nobr></td><td colspan=2><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
                                        <?php
                                }
                                ?>
-                               <tr><td>Comment*</td><td><textarea class=input name=new_comment rows=15></textarea></td></tr>
+                               <tr><td><nobr>Comment*</nobr></td><td><textarea class=input name=new_comment rows=15></textarea></td></tr>
                                <?php
 
                                if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
                                        echo "<input type=hidden name=captcha_put value=\"$captcha_rand\">";
                                }
                                else {
-                                       echo "<tr><td>Anti-Spam*</td><td><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>";
+                                       echo "<tr><td><nobr>CAPTCHA*</nobr></td><td><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>";
                                }
 
                                ?>
diff --git a/rel.txt b/rel.txt
index cab0f10..8b28649 100644
--- a/rel.txt
+++ b/rel.txt
@@ -1 +1 @@
-20090205
\ No newline at end of file
+20090210
\ No newline at end of file
diff --git a/wiki.php b/wiki.php
index 04e6bd1..c8c576a 100644
--- a/wiki.php
+++ b/wiki.php
@@ -39,11 +39,14 @@
                exit();
        }
        $do = 0;
-       if ($_SESSION['logged_in'] == $login_username)
+       if (file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt") and file_exists("data/wiki.txt") and (file_exists("data/items/{$_REQUEST['entry']}/edit.txt") or (file_get_contents("data/items/{$_REQUEST['entry']}/author.txt") == $_SESSION['logged_in'])))
        {
                $do = 1;
        }
-       if (file_exists("data/members/active/{$_SESSION['logged_in']}/rw.txt") and file_exists("data/wiki.txt") and (file_exists("data/items/{$_REQUEST['entry']}/edit.txt") or (file_get_contents("data/items/{$_REQUEST['entry']}/author.txt") == $_SESSION['logged_in'])))
+       if (file_exists("data/items/{$_REQUEST['entry']}/lock.txt")) {
+               $do = 0;
+       }
+       if ($_SESSION['logged_in'] == $login_username)
        {
                $do = 1;
        }
 
Credits
Sunday, Sep 18, 2005, 12:00 AM (Revision 11 - Thursday, Jul 14, 2011, 7:30 PM)
Open Source enables software developers to stand on the shoulders of giants instead of reinventing the wheel, so to speak. Kudos and many thanks to the folks who made their work freely available for reuse in MAJ.

read more
Bugs and Exploits
Friday, Aug 26, 2005, 12:00 AM (Revision 23 - Wednesday, May 29, 2013, 5:25 AM)
Although MAJ started as a family project, care has been taken to make it as "safe" as possible. With more people now working on MAJ, bugs and exploitable code may sometimes slip in. We invite you to poke around and see if you can find any. Generally, there are two things you can do when you find a MAJ or PHP-related bug or exploit:

1. Take advantage of it. But hey, what's so exciting about messing up someone's blog? Ho-hum, right?
2. Report it here so that we can work on a fix and make MAJ better.

read more
Search
Download
MAJ 2.0
75 files
33087 downloads
MAJ 1.0
26 files
13170 downloads
MAJ 0.14
45 files
35071 downloads