Profile
MAJ is an Open Source, PHP-based content management system (CMS) that can be deployed as a blog, bulletin or message board, Internet forum, and wiki. It is extensible via PHP panels and is HTML5 and CSS3 ready.
Git
This commit has been accessed 920 times via Git panel.

commit 2a33a33f235bbc25203d0be6a29909b25a8ec96d
tree 6aa872a844a79fb7e48d9fcf38e0ce3b34dcb112
parent df9599ce96985335aa01963b7e25ecd03829a65a
author Engels Antonio <engels@majcms.org> 1277314200 +0800
committer Engels Antonio <engels@majcms.org> 1277314200 +0800

    maj-0.14-20081020-bb.zip

diff --git a/index.php b/index.php
index 3375bad..426fc3d 100644
--- a/index.php
+++ b/index.php
@@ -1278,6 +1278,17 @@ if (file_exists("data/center.txt")) {
 if (file_exists("header.php")) {
        include("header.php");
 }
+
+if (file_exists("data/header.txt")) {
+
+       $header_panel = file_get_contents("data/header.txt");
+
+       if (file_exists("data/panels/$header_panel") and (!file_exists("data/panels/$header_panel/private.txt") or isset($_SESSION['logged_in']))) {
+               include("data/panels/$header_panel/panel.php");
+       }
+
+}
+
 ?>
 
 <table border=0 cellspacing=10 cellpadding=0>
@@ -1510,6 +1521,14 @@ if (file_exists("data/panels")) {
                                continue;
                        }
 
+                       if (file_exists("data/header.txt") and (file_get_contents("data/header.txt") == $entry_panel_list)) {
+                               continue;
+                       }
+
+                       if (file_exists("data/footer.txt") and (file_get_contents("data/footer.txt") == $entry_panel_list)) {
+                               continue;
+                       }
+
                        if ($entry_panel_list != "." && $entry_panel_list != ".." && fnmatch("*", $entry_panel_list)) {
                                $show_panel_list[] = $entry_panel_list;
                        }
@@ -4733,6 +4752,17 @@ if ($count_latest_items > 0) {
 </table>
 
 <?php
+
+if (file_exists("data/footer.txt")) {
+
+       $footer_panel = file_get_contents("data/footer.txt");
+
+       if (file_exists("data/panels/$footer_panel") and (!file_exists("data/panels/$footer_panel/private.txt") or isset($_SESSION['logged_in']))) {
+               include("data/panels/$footer_panel/panel.php");
+       }
+
+}
+
 if (file_exists("footer.php")) {
        include("footer.php");
 }
diff --git a/panels.php b/panels.php
index 37f03d4..524facd 100644
--- a/panels.php
+++ b/panels.php
@@ -1,12 +1,15 @@
 <?php
 
 session_start();
+
 header("Cache-control: private");
 
 error_reporting(E_ERROR);
 
 if (get_magic_quotes_gpc()) {
+
        function stripslashes_array($data) {
+
                if (is_array($data)){
                         foreach ($data as $key => $value){
                                  $data[$key] = stripslashes_array($value);
@@ -29,26 +32,26 @@ if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username
 
 function rmdirr($recurse_dirname) {
 
-    if (!file_exists($recurse_dirname)) {
-        return false;
-    }
+       if (!file_exists($recurse_dirname)) {
+               return false;
+       }
 
-    if (is_file($recurse_dirname)) {
-        return unlink($recurse_dirname);
-    }
+       if (is_file($recurse_dirname)) {
+               return unlink($recurse_dirname);
+       }
 
-    $recurse_dir = dir($recurse_dirname);
-    while (false !== $recurse_entry = $recurse_dir->read()) {
+       $recurse_dir = dir($recurse_dirname);
 
-        if ($recurse_entry == '.' || $recurse_entry == '..') {
-            continue;
-        }
+       while (false !== $recurse_entry = $recurse_dir->read()) {
 
-        rmdirr("$recurse_dirname/$recurse_entry");
-    }
+               if ($recurse_entry == '.' || $recurse_entry == '..') {
+                       continue;
+               }
+               rmdirr("$recurse_dirname/$recurse_entry");
+       }
 
-    $recurse_dir->close();
-    return rmdir($recurse_dirname);
+       $recurse_dir->close();
+       return rmdir($recurse_dirname);
 }
 
 if (isset($_POST['new_id']) and !empty($_POST['new_id']) and isset($_POST['new_title']) and !empty($_POST['new_title']) and isset($_POST['new_content']) and !empty($_POST['new_content']) and !file_exists("data/panels/{$_POST['new_id']}")) {
@@ -164,6 +167,76 @@ if (isset($_POST['panel_entry']) and !empty($_POST['panel_entry']) and ($_POST['
        if (file_exists("data/panels/{$_POST['panel_id']}/center.txt")) {
                unlink("data/panels/{$_POST['panel_id']}/center.txt");
        }
+
+       if (file_exists("data/panels/{$_POST['panel_id']}/top.txt")) {
+               unlink("data/panels/{$_POST['panel_id']}/top.txt");
+       }
+}
+
+if ((!isset($_POST['panel_header']) or !empty($_POST['panel_header'])) and ($_POST['panel_edit'] == "on")) {
+       if (file_exists("data/header.txt") and (file_get_contents("data/header.txt") == $_POST['panel_id'])) {
+               unlink("data/header.txt");
+       }
+}
+
+if (isset($_POST['panel_header']) and !empty($_POST['panel_header']) and ($_POST['panel_header'] == "on")) {
+
+       if (file_exists("data/panels/{$_POST['panel_id']}/free.txt")) {
+               unlink("data/panels/{$_POST['panel_id']}/free.txt");
+       }
+
+       if (file_exists("data/panels/{$_POST['panel_id']}/right.txt")) {
+               unlink("data/panels/{$_POST['panel_id']}/right.txt");
+       }
+
+       if (file_exists("data/panels/{$_POST['panel_id']}/center.txt")) {
+               unlink("data/panels/{$_POST['panel_id']}/center.txt");
+       }
+
+       if (file_exists("data/panels/{$_POST['panel_id']}/top.txt")) {
+               unlink("data/panels/{$_POST['panel_id']}/top.txt");
+       }
+
+       if (file_exists("data/panels/{$_POST['panel_id']}/entry.txt")) {
+               unlink("data/panels/{$_POST['panel_id']}/entry.txt");
+       }
+
+       $new_header_file = fopen("data/header.txt","w");
+       fwrite($new_header_file,$_POST['panel_id']);
+       fclose($new_header_file);
+}
+
+if ((!isset($_POST['panel_footer']) or !empty($_POST['panel_footer'])) and ($_POST['panel_edit'] == "on")) {
+       if (file_exists("data/footer.txt") and (file_get_contents("data/footer.txt") == $_POST['panel_id'])) {
+               unlink("data/footer.txt");
+       }
+}
+
+if (isset($_POST['panel_footer']) and !empty($_POST['panel_footer']) and ($_POST['panel_footer'] == "on")) {
+
+       if (file_exists("data/panels/{$_POST['panel_id']}/free.txt")) {
+               unlink("data/panels/{$_POST['panel_id']}/free.txt");
+       }
+
+       if (file_exists("data/panels/{$_POST['panel_id']}/right.txt")) {
+               unlink("data/panels/{$_POST['panel_id']}/right.txt");
+       }
+
+       if (file_exists("data/panels/{$_POST['panel_id']}/center.txt")) {
+               unlink("data/panels/{$_POST['panel_id']}/center.txt");
+       }
+
+       if (file_exists("data/panels/{$_POST['panel_id']}/top.txt")) {
+               unlink("data/panels/{$_POST['panel_id']}/top.txt");
+       }
+
+       if (file_exists("data/panels/{$_POST['panel_id']}/entry.txt")) {
+               unlink("data/panels/{$_POST['panel_id']}/entry.txt");
+       }
+
+       $new_footer_file = fopen("data/footer.txt","w");
+       fwrite($new_footer_file,$_POST['panel_id']);
+       fclose($new_footer_file);
 }
 
 if (isset($_POST['panel_title']) and !empty($_POST['panel_title'])) {
@@ -188,6 +261,16 @@ if (isset($_POST['panel_content']) and !empty($_POST['panel_content'])) {
        }
 }
 
+if (isset($_POST['move_id']) and !empty($_POST['move_id']) and isset($_POST['old_id']) and !empty($_POST['old_id']) and isset($_POST['panel_edit']) and !empty($_POST['panel_edit']) and ($_POST['panel_edit'] == "on")) {
+
+       $move_id = trim(strip_tags(strtolower(str_replace(" ", "_", $_POST['move_id']))));
+       $move_id = str_replace(",","_",$move_id);
+
+       if (!file_exists("data/panels/$move_id")) {
+               rename("data/panels/{$_POST['old_id']}","data/panels/$move_id");
+       }
+}
+
 ?>
 
 <style>
@@ -196,6 +279,7 @@ body {
        margin: 10px;
        padding: 0px;
        text-align: left;
+       font-size: 11px;
        font-family: <?php
                                if (file_exists("data/fonts/body.txt")) {
                                        $font_body = file_get_contents("data/fonts/body.txt");
@@ -205,7 +289,7 @@ body {
        background-color: #FFFFFF;
 }
 
-p {
+p, td {
        font-size: 11px;
 }
 
@@ -230,7 +314,7 @@ a:active {
        color: #666666;
        background: #ffffff;
        border: #999999 solid 1px;
-       width: 300px;
+       width: 350px;
        font-family: <?php
                                if (file_exists("data/fonts/input.txt")) {
                                        $font_input = file_get_contents("data/fonts/input.txt");
@@ -241,17 +325,17 @@ a:active {
 }
 </style>
 
-<p><b>Add Panel</b></p><p>Enter a unique panel ID, the panel title, and panel contents. Use <a href=http://php.net target=_maj>PHP</a> and <a href=http://www.w3.org/MarkUp/ target=_maj>HTML</a> with care!</p>
+<p><b>Add Panel</b><br>Enter a unique panel ID, the panel title, and panel contents. Use <a href=http://php.net target=_maj>PHP</a> and <a href=http://www.w3.org/MarkUp/ target=_maj>HTML</a> with care!</p>
 
-<table border=0 cellspacing=1 cellpadding=2>
+<table border="0" cellspacing="1" cellpadding="1">
 <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
-<tr><td><p>panel id*</p></td><td><input type=text class=input name=new_id autocomplete=off maxlength=30></td></tr>
-<tr><td><p>title*</p></td><td><input type=text class=input name=new_title autocomplete=off maxlength=90></td></tr>
-<tr><td><p>content*</p></td><td><textarea class=input name=new_content rows=15></textarea></td></tr>
-<tr><td><p></p></td><td><input type=submit class=input value="click here to add a new panel"></td></tr>
+<tr><td><input type="text" class="input" name="new_id" autocomplete="off" maxlength="30"></td><td>panel id*</td></tr>
+<tr><td><input type="text" class="input" name="new_title" autocomplete="off" maxlength="90"></td><td>panel title*</td></tr>
+<tr><td><textarea class="input" name="new_content" rows="15"></textarea></td><td valign="top">content*</td></tr>
+<tr><td><input type="submit" class="input" value="click here to add new panel"></td><td></td></tr>
 </form>
 <form enctype="multipart/form-data" action="<?php echo 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); ?>" method="post">
-<tr><td><p></p></td><td><input class=input type=submit value="click here to go to the index page"></td></tr>
+<tr><td><input class="input" type="submit" value="click here to go to the index page"></td><td></td></tr>
 </form>
 </table>
 
@@ -273,51 +357,72 @@ a:active {
 
                if ($count_panel > 0) {
 
-                       echo "<p><br><b>Panel Management</b></p><p>Hiding a panel will make it invisible to visitors. Deleting a panel will remove all its contents.</p>";
+                       echo "<br><p><b>Panel Management</b><br>Hiding a panel will make it invisible to visitors. Deleting a panel will remove all its contents.</p>";
 
-                       echo "<table border=0 cellspacing=1 cellpadding=2>";
+                       echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"1\">";
 
                        foreach ($show_panel as $panel) {
-                               echo '<form enctype="multipart/form-data" action="';
-                               echo $_SERVER['PHP_SELF'];
-                               echo '" method="post">';
-                               echo "<tr><td><p><b><a name=\"";
-                               echo strtolower(str_replace("_", " ", $panel));
-                               echo "\">";
+                               echo "<form enctype=\"multipart/form-data\" action=\"{$_SERVER['PHP_SELF']}\" method=\"post\">";
+
+                               echo "<tr><td colspan=\"2\"><a name=\"";
                                echo strtolower(str_replace("_", " ", $panel));
-                               echo '</a></b></p></td><td><p><input type=text class=input name=panel_title value="';
-                               readfile("data/panels/$panel/title.txt");
-                               echo '" autocomplete=off maxlength=90></p></td></tr><tr><td valign=top><p><input type=checkbox name=panel_hide';
+                               echo "\"></a></td></tr>";
+
+                               echo "<tr><td><input type=\"text\" class=\"input\" name=\"move_id\" value=\"$panel\" autocomplete=\"off\" maxlength=\"30\"></td>";
+                               echo "<input type=\"hidden\" name=\"old_id\" value=\"$panel\">";
+
+                               echo "<td valign=\"top\" rowspan=\"5\"><input type=\"checkbox\" name=\"panel_hide\"";
                                if (file_exists("data/panels/$panel/private.txt")) {
                                        echo " checked";
                                }
-                               echo '> hide<br><input type=checkbox name=panel_free';
+                               echo "> hide<br><input type=\"checkbox\" name=\"panel_free\"";
                                if (file_exists("data/panels/$panel/free.txt")) {
                                        echo " checked";
                                }
-                               echo '> free<br><input type=checkbox name=panel_right';
+                               echo "> free<br><input type=\"checkbox\" name=\"panel_header\"";
+                               if (file_exists("data/header.txt") and (file_get_contents("data/header.txt") == $panel)) {
+                                       echo " checked";
+                               }
+                               echo "> header<br><input type=\"checkbox\" name=\"panel_footer\"";
+                               if (file_exists("data/footer.txt") and (file_get_contents("data/footer.txt") == $panel)) {
+                                       echo " checked";
+                               }
+                               echo "> footer<br><input type=\"checkbox\" name=\"panel_right\"";
                                if (file_exists("data/panels/$panel/right.txt")) {
                                        echo " checked";
                                }
-                               echo '> right<br><input type=checkbox name=panel_center';
+                               echo "> right<br><input type=\"checkbox\" name=\"panel_center\"";
                                if (file_exists("data/panels/$panel/center.txt")) {
                                        echo " checked";
                                }
-
-                               echo '> center<br><input type=checkbox name=panel_top';
+                               echo "> center<br><input type=\"checkbox\" name=\"panel_top\"";
                                if (file_exists("data/panels/$panel/top.txt")) {
                                        echo " checked";
                                }
-
-                               echo '> top<br><input type=checkbox name=panel_entry';
+                               echo "> top<br><input type=\"checkbox\" name=\"panel_entry\"";
                                if (file_exists("data/panels/$panel/entry.txt")) {
                                        echo " checked";
                                }
+                               echo "> entry<br><input type=\"checkbox\" name=\"panel_del\"";
+                               echo "> delete&nbsp;</td></tr>";
 
-                               echo '> entry<br><input type=checkbox name=panel_del> delete&nbsp;</p></td><td><textarea class=input name=panel_content rows=10>';
+                               echo "<tr></td><td><input type=\"text\" class=\"input\" name=\"panel_title\" value=\"";
+                               readfile("data/panels/$panel/title.txt");
+                               echo "\" autocomplete=\"off\" maxlength=\"90\"></td></tr>";
+
+                               echo "<tr><td><textarea class=\"input\" name=\"panel_content\" rows=\"10\">";
                                readfile("data/panels/$panel/panel.php");
-                               echo "</textarea></td></tr><tr><td></td><td><input type=hidden name=panel_id value=$panel><input type=hidden name=panel_edit value=on><input type=submit class=input value=submit></p></td>";
-                               echo "</tr><tr><td></td><td><p>&nbsp;</p></td></tr></form>";
+                               echo "</textarea></td></tr>";
+
+                               echo "<tr><td>";
+                               echo "<input type=\"hidden\" name=\"panel_id\" value=\"$panel\">";
+                               echo "<input type=\"hidden\" name=\"panel_edit\" value=\"on\">";
+                               echo "<input type=\"submit\" class=\"input\" value=\"click here to update panel\">";
+                               echo "</td></tr>";
+
+                               echo "<tr><td>&nbsp;</td></tr>";
+
+                               echo "</form>";
                        }
 
                        echo "</table>";
 
Credits
Sunday, Sep 18, 2005, 12:00 AM (Revision 11 - Thursday, Jul 14, 2011, 7:30 PM)
Open Source enables software developers to stand on the shoulders of giants instead of reinventing the wheel, so to speak. Kudos and many thanks to the folks who made their work freely available for reuse in MAJ.

read more
Bugs and Exploits
Friday, Aug 26, 2005, 12:00 AM (Revision 23 - Wednesday, May 29, 2013, 5:25 AM)
Although MAJ started as a family project, care has been taken to make it as "safe" as possible. With more people now working on MAJ, bugs and exploitable code may sometimes slip in. We invite you to poke around and see if you can find any. Generally, there are two things you can do when you find a MAJ or PHP-related bug or exploit:

1. Take advantage of it. But hey, what's so exciting about messing up someone's blog? Ho-hum, right?
2. Report it here so that we can work on a fix and make MAJ better.

read more
Search
Download
MAJ 2.0
75 files
33012 downloads
MAJ 1.0
26 files
13143 downloads
MAJ 0.14
45 files
35025 downloads