Profile
MAJ is an Open Source, PHP-based content management system (CMS) that can be deployed as a blog, bulletin or message board, Internet forum, and wiki. It is extensible via PHP panels and is HTML5 and CSS3 ready.
Git
This commit has been accessed 958 times via Git panel.

commit c191ce955207a003078f0afac3c7441c8873d4c1
tree b8b49c163b00c189e86ea3035259c21647696153
parent 4ffa965447386331d537098b8dffe7789dafe862
author Engels Antonio <engels@majcms.org> 1277314190 +0800
committer Engels Antonio <engels@majcms.org> 1277314190 +0800

    maj-0.14-20071026-bb.zip

diff --git a/images/widget.move.png b/images/widget.move.png
new file mode 100644
index 0000000..3c06959
Binary files /dev/null and b/images/widget.move.png differ
diff --git a/index.php b/index.php
index b4f632d..4fe379d 100644
--- a/index.php
+++ b/index.php
@@ -1804,6 +1804,13 @@ foreach ($disp as $d) {
                echo '<a href=del.php?entry=';
                echo $d;
                echo '><img src=images/widget.del.png border=0 width=11 height=11 align=right alt="delete entry"></a>';
+
+               if (!file_exists("$dir/$d/private.txt") and !file_exists("$dir/$d/category.txt") and file_exists("data/bb.txt") and (count(glob("$dir/$d/comments/live/*")) === 0) and (count(glob("$dir/$d/comments/pending/*")) === 0)) {
+                       echo '<a href=move.php?entry=';
+                       echo $d;
+                       echo '><img src=images/widget.move.png border=0 width=11 height=11 align=right alt="move to comment"></a>';
+               }
+
                echo '<a href=edit.php?entry=';
                echo $d;
                echo '><img src=images/widget.edit.png border=0 width=11 height=11 align=right alt="edit entry"></a>';
@@ -2756,6 +2763,7 @@ if (file_exists("data/panels")) {
       
                                if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
                                        echo '<a href=del.php?entry=' . $d . '&comment=' . $comment . '&type=live><img src=images/widget.del.png width=11 height=11 border=0 align=right alt="delete comment"></a>';
+                                       echo '<a href=move.php?entry=' . $d . '&comment=' . $comment . '&type=live><img src=images/widget.move.png width=11 height=11 border=0 align=right alt="move comment"></a>';
                                        echo '<a href=edit.php?entry=' . $d . '&comment=' . $comment . '><img src=images/widget.edit.png width=11 height=11 border=0 align=right alt="edit comment"></a>';
                                }
                                echo '</div><div id=panel_body><table border=0 cellspacing=0 cellpadding=0><tr>';
@@ -3230,6 +3238,7 @@ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username
                        readfile("$dir/$d/comments/pending/$pending_comment/email.txt");
                        echo '&gt;';
                        echo '<a href=del.php?entry=' . $d . '&comment=' . $pending_comment . '&type=pending><img src=images/widget.del.png width=11 height=11 border=0 align=right alt="delete comment"></a>';
+                       echo '<a href=move.php?entry=' . $d . '&comment=' . $pending_comment . '&type=pending><img src=images/widget.move.png width=11 height=11 border=0 align=right alt="move comment"></a>';
 
                        $pending_comment_key_file = "$dir/$d/comments/pending/$pending_comment/key.txt";
                        $open_pending_comment_key_file = fopen($pending_comment_key_file,"r");
diff --git a/move.php b/move.php
new file mode 100644
index 0000000..2f6fd76
--- /dev/null
+++ b/move.php
@@ -0,0 +1,214 @@
+<?php
+
+session_start();
+header("Cache-control: private");
+
+error_reporting(E_ERROR);
+
+if (get_magic_quotes_gpc()) {
+       function stripslashes_array($data) {
+               if (is_array($data)){
+                        foreach ($data as $key => $value){
+                                 $data[$key] = stripslashes_array($value);
+                        }
+                        return $data;
+               }
+               else{
+                        return stripslashes($data);
+               }
+       }
+
+       $_REQUEST = stripslashes_array($_REQUEST);
+}
+
+$login_username = file_get_contents("data/username.txt");
+
+if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
+       exit();
+}
+
+?>
+
+<style>
+body {
+       color: #666666;
+       margin: 10px;
+       padding: 0px;
+       text-align: left;
+       font-family: <?php
+                               if (file_exists("data/fonts/body.txt")) {
+                                       $font_body = file_get_contents("data/fonts/body.txt");
+                                       echo "{$font_body},";
+                               }
+       ?> arial, helvetica, sans-serif;
+       background-color: #ffffff;
+}
+
+p, td {
+       font-size: 11px;
+}
+
+a {
+       font-weight: bold;
+       text-decoration: none;
+}
+
+a:link, a:visited {
+       color: #666666;
+}
+
+a:hover {
+       color: #336699;
+}
+
+a:active {
+       color: #336699;
+}
+
+.input {      
+       color: #666666;
+       background: #ffffff;
+       border: #999999 solid 1px;
+       width: 200px;
+       font-family: <?php
+                               if (file_exists("data/fonts/input.txt")) {
+                                       $font_input = file_get_contents("data/fonts/input.txt");
+                                       echo "{$font_input},";
+                               }
+       ?> arial, helvetica, sans-serif;
+       font-size: 11px
+}
+</style>
+
+<table border=0 cellspacing=1 cellpadding=1>
+<form action=move.php method=post>
+<tr><td>entry</td><td><input type=text class=input name=entry maxlength=14 <?php
+
+       if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry'])) {
+               echo "value=";
+               echo trim($_REQUEST['entry']);
+               echo " ";
+       }
+
+?>autocomplete=off></td></tr>
+
+<?php
+       if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment']) and isset($_REQUEST['type']) and !empty($_REQUEST['type'])) {
+               echo "<tr><td>comment&nbsp;</td><td><input type=text class=input name=comment maxlength=14 value=";
+               echo trim($_REQUEST['comment']);
+               echo " autocomplete=off><input type=hidden name=type value={$_REQUEST['type']}></td></tr>";
+       }
+?>
+
+<tr><td>target&nbsp;</td><td><input type=text class=input name=target maxlength=14 autocomplete=off></td></tr>
+<tr><td></td><td><input type=submit class=input value="click here to move <?php
+       if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment'])) {
+               echo "comment";
+       }
+       else {
+               echo "entry";
+       }
+?>"></td></tr>
+</form>
+<form action=index.php method=post>
+<tr><td></td><td><input type=submit class=input value="click here to go to the index page"></td></tr>
+</form>
+</table>
+
+<?php
+
+if (!isset($_REQUEST['entry']) or empty($_REQUEST['entry']) or !isset($_REQUEST['target']) or empty($_REQUEST['target'])) {
+       exit();
+}
+
+$entry = trim($_REQUEST['entry']);
+$target = trim($_REQUEST['target']);
+
+if (!file_exists("data/items/$entry") or !file_exists("data/items/$target")) {
+       exit();
+}
+
+if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment']) and isset($_REQUEST['type']) and !empty($_REQUEST['type']) and ($_REQUEST['type'] == "live")) {
+
+       $comment = trim($_REQUEST['comment']);
+
+       if (!file_exists("data/items/$entry/comments/live/$comment")) {
+               exit();
+       }
+
+       if (!file_exists("data/items/$target/comments/live/$entry")) {
+
+               if (!file_exists("data/items/$target/comments")) {
+                       mkdir("data/items/$target/comments");
+               }
+
+               if (!file_exists("data/items/$target/comments/live")) {
+                       mkdir("data/items/$target/comments/live");
+               }
+
+               rename("data/items/$entry/comments/live/$comment","data/items/$target/comments/live/$comment");
+
+       header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?entry=' . $target . '&show=comments');
+
+               exit();
+       }
+
+       exit();
+}
+
+if (isset($_REQUEST['comment']) and !empty($_REQUEST['comment']) and isset($_REQUEST['type']) and !empty($_REQUEST['type']) and ($_REQUEST['type'] == "pending")) {
+
+       $comment = trim($_REQUEST['comment']);
+
+       if (!file_exists("data/items/$entry/comments/pending/$comment")) {
+               exit();
+       }
+
+       if (!file_exists("data/items/$target/comments/pending/$entry")) {
+
+               if (!file_exists("data/items/$target/comments")) {
+                       mkdir("data/items/$target/comments");
+               }
+
+               if (!file_exists("data/items/$target/comments/pending")) {
+                       mkdir("data/items/$target/comments/pending");
+               }
+
+               rename("data/items/$entry/comments/pending/$comment","data/items/$target/comments/pending/$comment");
+
+       header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?entry=' . $target . '&show=comments');
+
+               exit();
+       }
+
+       exit();
+}
+
+if ((!isset($_REQUEST['comment']) or empty($_REQUEST['comment'])) and (!isset($_REQUEST['type']) or empty($_REQUEST['type'])) and !file_exists("data/items/$target/comments/live/$entry")) {
+
+       if (!file_exists("data/items/$target/comments")) {
+               mkdir("data/items/$target/comments");
+       }
+
+       if (!file_exists("data/items/$target/comments/live")) {
+               mkdir("data/items/$target/comments/live");
+       }
+
+       rename("data/items/$entry","data/items/$target/comments/live/$entry");
+       rename("data/items/$target/comments/live/$entry/body.txt","data/items/$target/comments/live/$entry/comment.txt");
+       rename("data/items/$target/comments/live/$entry/date.txt","data/items/$target/comments/live/$entry/timestamp.txt");
+
+       $author = file_get_contents(data/items/$target/comments/live/$entry/author.txt);
+
+       copy("data/members/active/$author/firstname.txt","data/items/$target/comments/live/$entry/firstname.txt");
+       copy("data/members/active/$author/lastname.txt","data/items/$target/comments/live/$entry/lastname.txt");
+       copy("data/members/active/$author/email.txt","data/items/$target/comments/live/$entry/email.txt");
+
+       if (file_exists("data/members/active/$author/url.txt")) {
+               copy("data/members/active/$author/url.txt","data/items/$target/comments/live/$entry/url.txt");
+       }
+
+       header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '?entry=' . $target . '&show=comments');
+}
+
+?>
 
Credits
Sunday, Sep 18, 2005, 12:00 AM (Revision 11 - Thursday, Jul 14, 2011, 7:30 PM)
Open Source enables software developers to stand on the shoulders of giants instead of reinventing the wheel, so to speak. Kudos and many thanks to the folks who made their work freely available for reuse in MAJ.

read more
Bugs and Exploits
Friday, Aug 26, 2005, 12:00 AM (Revision 23 - Wednesday, May 29, 2013, 5:25 AM)
Although MAJ started as a family project, care has been taken to make it as "safe" as possible. With more people now working on MAJ, bugs and exploitable code may sometimes slip in. We invite you to poke around and see if you can find any. Generally, there are two things you can do when you find a MAJ or PHP-related bug or exploit:

1. Take advantage of it. But hey, what's so exciting about messing up someone's blog? Ho-hum, right?
2. Report it here so that we can work on a fix and make MAJ better.

read more
Search
Download
MAJ 2.0
75 files
32977 downloads
MAJ 1.0
26 files
13132 downloads
MAJ 0.14
45 files
35010 downloads