Profile
MAJ is an Open Source, PHP-based content management system (CMS) that can be deployed as a blog, bulletin or message board, Internet forum, and wiki. It is extensible via PHP panels and is HTML5 and CSS3 ready.
Git
This commit has been accessed 1072 times via Git panel.

commit c370cb89311ba2ba44b2e7a632eb7effe2881fdb
tree 8e80c842d7cd721e867a0b75b05ce2f7d0265db3
parent 24cdc052a7bb67900421056e71130ffdfe44d1b8
author Magie Antonio <magie@majcms.org> 1326235488 +0800
committer Magie Antonio <magie@majcms.org> 1326235488 +0800

    Add noquery option for panels

diff --git a/core.php b/core.php
index 36b6752..b7a5c4b 100644
--- a/core.php
+++ b/core.php
@@ -117,6 +117,8 @@ $maj_aimage = $maj_ablock - $maj_wspace;
 
 $maj_eimage = $maj_wentry - $maj_wspace - $maj_ablock;
 
+$maj_uquery = count($_REQUEST) - count($_COOKIE);
+
 if (file_exists("$maj_data_directory/panels-l.txt") or file_exists("$maj_data_directory/panels-r.txt")) {
 
 //     $maj_wentry = $maj_wentry + $maj_space + $maj_wpanel;
diff --git a/index.php b/index.php
index c086a09..5385b9e 100644
--- a/index.php
+++ b/index.php
@@ -941,15 +941,6 @@ else {
        echo "<tr>\r\n<td width=\"$maj_wspace\" rowspan=\"2\"><div style=\"width: {$maj_wspace}px;\"></div></td>\r\n<td width=\"$maj_wpanel\" height=\"$maj_wspace\"><div style=\"width: {$maj_wpanel}px; height: {$maj_wspace}px;\"></div></td>\r\n<td width=\"$maj_wspace\" rowspan=\"2\"><div style=\"width: {$maj_wspace}px;\"></div></td>\r\n<td width=\"$maj_wentry\" height=\"$maj_wspace\"><div style=\"width: {$maj_wentry}px; height: {$maj_wspace}px;\"></div></td>\r\n<td width=\"$maj_wspace\" rowspan=\"2\"><div style=\"width: {$maj_wspace}px;\"></div></td>\r\n<td width=\"$maj_wpanel\" height=\"$maj_wspace\"><div style=\"width: {$maj_wpanel}px; height: {$maj_wspace}px;\"></div></td>\r\n<td width=\"$maj_wspace\" rowspan=\"2\"><div style=\"width: {$maj_wspace}px;\"></div></td>\r\n</tr>\r\n\r\n";
 }
 
-if (!file_exists("$maj_data_directory/panels-r.txt")) {
-
-       echo "<tr><td width=\"$maj_wpanel\" valign=\"top\">\r\n";
-      
-       maj_profile();
-       maj_navigation();
-       maj_quick_links();
-}
-
 if (file_exists("$maj_data_directory/panels")) {
 
        if ($maj_dh_panels = opendir("$maj_data_directory/panels")) {
@@ -962,6 +953,10 @@ if (file_exists("$maj_data_directory/panels")) {
                                        continue;
                                }
 
+                               if (file_exists("$maj_data_directory/panels/$maj_panel/noquery.txt") and ($maj_uquery >= 0) and (!isset($maj_logged_in_username) or ($maj_logged_in_username != $maj_admin_username))) {
+                                       continue;
+                               }
+
                                if (file_exists("$maj_data_directory/panels/$maj_panel/auth.txt") and !isset($maj_logged_in_username)) {
                                        continue;
                                }
@@ -1013,31 +1008,42 @@ if (file_exists("$maj_data_directory/panels")) {
        sort($maj_entry_panels);
 }
 
-if (file_exists("$maj_data_directory/panels-l.txt")) {
-      
-       maj_pending_comments();
-       maj_unread_comments();
-       maj_pending_members();
-       maj_bb_stats();
-       maj_search();
-       maj_find();
-       maj_categories();
-       maj_statistics();
-       maj_recent();
-       maj_albums();
-       maj_random();
-       maj_archives();
-}
+echo "<tr>";
 
 if (!file_exists("$maj_data_directory/panels-r.txt")) {
+
+       echo "<td width=\"$maj_wpanel\" valign=\"top\">\r\n";
+      
+       maj_profile();
+       maj_navigation();
+       maj_quick_links();
+      
+       if (file_exists("$maj_data_directory/panels-l.txt")) {
+      
+               maj_pending_comments();
+               maj_unread_comments();
+               maj_pending_members();
+               maj_bb_stats();
+               maj_search();
+               maj_find();
+               maj_categories();
+               maj_statistics();
+               maj_recent();
+               maj_albums();
+               maj_random();
+               maj_archives();
+       }
+
        maj_panels($maj_left_panels);
-}
       
-if (file_exists("$maj_data_directory/panels-l.txt")) {
-       maj_panels($maj_right_panels);
-       maj_badges();
-}
+       if (file_exists("$maj_data_directory/panels-l.txt")) {
 
+               maj_panels($maj_right_panels);
+               maj_badges();
+       }
+
+       echo "</td>";
+}
 
 // main
 
@@ -1045,7 +1051,7 @@ echo "\r\n\r\n<td valign=\"top\" width=\"$maj_wentry\">\r\n\r\n";
 
 maj_panels($maj_top_panels);
 
-if (file_exists("$maj_data_directory/bb.txt") and file_exists("$maj_data_directory/bb-summary.txt") and !file_exists("$maj_data_directory/lite.txt") and !isset($maj_req_entry) and !isset($maj_req_category) and !isset($_REQUEST['start']) and !isset($maj_req_author) and !isset($maj_req_archive) and !isset($maj_req_find)) {
+if (file_exists("$maj_data_directory/bb.txt") and file_exists("$maj_data_directory/bb-summary.txt") and !file_exists("$maj_data_directory/lite.txt") and ($maj_uquery < 0)) {
 
        if ($maj_count_latest > 0) {
 
@@ -1205,8 +1211,6 @@ $maj_disp = array_slice($maj_items,$maj_start,$maj_increase);
 
 foreach ($maj_disp as $maj_d) {
 
-       echo "\t<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" bgcolor=\"#cccccc\" style=\"background-color: transparent;\"><tr><td width=\"$maj_wentry\">\r\n\r\n\t";
-
        if (file_exists("$maj_data_directory/items/$maj_d/border.txt")) {
                $maj_d_border = file_get_contents("$maj_data_directory/items/$maj_d/border.txt");
        }
@@ -1431,14 +1435,12 @@ foreach ($maj_disp as $maj_d) {
 
        echo '>';
 
-       echo "\r\n\t\t\t\t<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr>";
-
        if (file_exists("$maj_data_directory/bb.txt") and file_exists("$maj_data_directory/avatar.txt") and file_exists("$maj_data_directory/items/$maj_d/author.txt") and !file_exists("$maj_data_directory/items/$maj_d/xavatar.txt")) {
 
-               echo "<td width=\"90\" valign=\"top\">";
-
                $maj_author = file_get_contents("$maj_data_directory/items/$maj_d/author.txt");
 
+               echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td width=\"$maj_ablock\" valign=\"top\">";
+
                maj_avatar_image($maj_author,$maj_aimage);
 
                if ($maj_dh_author_posts = opendir("$maj_data_directory/items")) {
@@ -1526,7 +1528,7 @@ foreach ($maj_disp as $maj_d) {
                        $maj_xavatar_author = file_get_contents("$maj_data_directory/items/$maj_d/author.txt");
 
                        if (!file_exists("$maj_data_directory/items/$maj_d/xauthor.txt") or (file_exists("$maj_data_directory/items/$maj_d/xauthor.txt") and ($maj_logged_in_username == $maj_admin_username))) {
-                               echo "$maj_xavatar_author - ";
+                               echo "<a href=\"member.php?id=$maj_xavatar_author\" style=\"font-size: $maj_font_Spx;\">$maj_xavatar_author</a> - ";
                        }
                }
 
@@ -1616,7 +1618,9 @@ foreach ($maj_disp as $maj_d) {
                echo "</font>";
        }
 
-       echo "</td></tr></table>";
+        if (file_exists("$maj_data_directory/bb.txt") and file_exists("$maj_data_directory/avatar.txt") and file_exists("$maj_data_directory/items/$maj_d/author.txt") and !file_exists("$maj_data_directory/items/$maj_d/xavatar.txt")) {
+               echo "</td></tr></table>";
+       }
 
        echo "\r\n\t\t\t</div>";
 
@@ -1975,8 +1979,6 @@ foreach ($maj_disp as $maj_d) {
 
        echo "\r\n\t\t\t</div>\r\n\t\t</div>\r\n\r\n";
 
-       echo "\t</td></tr></table>\r\n\r\n";
-      
        maj_panels($maj_entry_panels);
 
        if (file_exists("images/$maj_d/album") and (file_exists("$maj_data_directory/items/$maj_d/auto-album.txt") or (isset($maj_req_entry) and !empty($maj_req_entry) and isset($maj_req_show) and !empty($maj_req_show) and ($maj_req_show == album)))) {
@@ -2305,7 +2307,7 @@ foreach ($maj_disp as $maj_d) {
                               
                                if (file_exists("$maj_data_directory/bb.txt") and file_exists("$maj_data_directory/avatar.txt") and file_exists("$maj_data_directory/items/$maj_d/comments/live/$maj_comment/author.txt")) {
 
-                                       echo "<td width=\"90\" valign=\"top\">";
+                                       echo "<td width=\"$maj_ablock\" valign=\"top\">";
                               
                                        $maj_c_author = file_get_contents("$maj_data_directory/items/$maj_d/comments/live/$maj_comment/author.txt");
 
@@ -2378,7 +2380,7 @@ foreach ($maj_disp as $maj_d) {
 
                                if ((file_exists("$maj_data_directory/items/$maj_d/comments/live/$maj_comment/author.txt") and (file_exists("$maj_data_directory/bb.txt") and !file_exists("$maj_data_directory/avatar.txt")) or (file_exists("$maj_data_directory/items/$maj_d/comments/live/$maj_comment/author.txt") and (isset($maj_logged_in_username) and ($maj_logged_in_username == $maj_admin_username) and !file_exists("$maj_data_directory/avatar.txt"))))) {
                                        $maj_cxavatar_author = file_get_contents("$maj_data_directory/items/$maj_d/comments/live/$maj_comment/author.txt");
-                                       echo "<a href=member.php?id=$maj_cxavatar_author>$maj_cxavatar_author</a> - ";
+                                       echo "<a href=\"member.php?id=$maj_cxavatar_author\" style=\"font-size: $maj_font_Spx;\">$maj_cxavatar_author</a> - ";
                                }
 
                                entry2date($maj_comment);
@@ -2475,7 +2477,7 @@ foreach ($maj_disp as $maj_d) {
 
                                ?>
                       
-                               <table border=0 cellspacing=2 cellpadding=0 width=500>
+                               <table border=0 cellspacing=2 cellpadding=0>
                                <form enctype="multipart/form-data" action="index.php?entry=<?php echo $maj_d; ?>&show=comments" method="post">
                                <input type=hidden name=captcha_get value="<?php echo $maj_captcha_show; ?>">
                                <tr>
@@ -2684,7 +2686,7 @@ foreach ($maj_disp as $maj_d) {
       
                                if (file_exists("$maj_data_directory/bb.txt") and file_exists("$maj_data_directory/avatar.txt") and file_exists("$maj_data_directory/items/$maj_d/comments/pending/$maj_pending_comment/author.txt")) {
       
-                                       echo "<td width=\"90\" valign=\"top\">";
+                                       echo "<td width=\"$maj_ablock\" valign=\"top\">";
       
                                        $maj_pc_author = file_get_contents("$maj_data_directory/items/$maj_d/comments/pending/$maj_pending_comment/author.txt");
                                       
@@ -2758,7 +2760,7 @@ foreach ($maj_disp as $maj_d) {
       
                                if ((file_exists("$maj_data_directory/items/$maj_d/comments/pending/$maj_pending_comment/author.txt") and (file_exists("$maj_data_directory/bb.txt") and !file_exists("$maj_data_directory/avatar.txt")) or (file_exists("$maj_data_directory/items/$maj_d/comments/pending/$maj_pending_comment/author.txt") and (isset($maj_logged_in_username) and ($maj_logged_in_username == $maj_admin_username) and !file_exists("$maj_data_directory/avatar.txt"))))) {
                                        $maj_pxavatar_author = file_get_contents("$maj_data_directory/items/$maj_d/comments/pending/$maj_pending_comment/author.txt");
-                                       echo "<a href=member.php?id=$maj_pxavatar_author>$maj_pxavatar_author</a> - ";
+                                       echo "<a href=\"member.php?id=$maj_pxavatar_author\" style=\"font-size: $maj_font_Spx;\">$maj_pxavatar_author</a> - ";
                                }
                                readfile("$maj_data_directory/items/$maj_d/comments/pending/$maj_pending_comment/timestamp.txt");
       
@@ -2904,13 +2906,10 @@ if (!file_exists("$maj_data_directory/panels-l.txt")) {
        maj_albums();
        maj_random();
        maj_archives();
-}
-
-if (file_exists("$maj_data_directory/panels-r.txt")) {
-       maj_panels($maj_left_panels);
-}
 
-if (!file_exists("$maj_data_directory/panels-l.txt")) {
+       if (file_exists("$maj_data_directory/panels-r.txt")) {
+               maj_panels($maj_left_panels);
+       }
 
        maj_panels($maj_right_panels);
        maj_badges();
diff --git a/panels.php b/panels.php
index ffe913d..cc3cc60 100644
--- a/panels.php
+++ b/panels.php
@@ -48,6 +48,18 @@ if (isset($_POST['panel_hide']) and !empty($_POST['panel_hide']) and ($_POST['pa
        }
 }
 
+if ((!isset($_POST['panel_noquery']) or empty($_POST['panel_noquery'])) and ($_POST['panel_edit'] == "on")) {
+       if (file_exists("$maj_data_directory/panels/{$_POST['panel_id']}/noquery.txt")) {
+               unlink("$maj_data_directory/panels/{$_POST['panel_id']}/noquery.txt");
+       }
+}
+
+if (isset($_POST['panel_noquery']) and !empty($_POST['panel_noquery']) and ($_POST['panel_noquery'] == "on")) {
+       if (!file_exists("$maj_data_directory/panels/{$_POST['panel_id']}/noquery.txt")) {
+               touch("$maj_data_directory/panels/{$_POST['panel_id']}/noquery.txt");
+       }
+}
+
 if ((!isset($_POST['panel_auth']) or empty($_POST['panel_auth'])) and ($_POST['panel_edit'] == "on")) {
        if (file_exists("$maj_data_directory/panels/{$_POST['panel_id']}/auth.txt")) {
                unlink("$maj_data_directory/panels/{$_POST['panel_id']}/auth.txt");
@@ -469,6 +481,12 @@ a:active {
                                        echo " checked";
                                }
                                echo "> hide<br>";
+
+                               echo "<input type=\"checkbox\" name=\"panel_noquery\"";
+                               if (file_exists("$maj_data_directory/panels/$panel/noquery.txt")) {
+                                       echo " checked";
+                               }
+                               echo "> noquery<br>";
                               
                                echo "<input type=\"checkbox\" name=\"panel_auth\"";
                                if (file_exists("$maj_data_directory/panels/$panel/auth.txt")) {
 
Credits
Sunday, Sep 18, 2005, 12:00 AM (Revision 11 - Thursday, Jul 14, 2011, 7:30 PM)
Open Source enables software developers to stand on the shoulders of giants instead of reinventing the wheel, so to speak. Kudos and many thanks to the folks who made their work freely available for reuse in MAJ.

read more
Bugs and Exploits
Friday, Aug 26, 2005, 12:00 AM (Revision 23 - Wednesday, May 29, 2013, 5:25 AM)
Although MAJ started as a family project, care has been taken to make it as "safe" as possible. With more people now working on MAJ, bugs and exploitable code may sometimes slip in. We invite you to poke around and see if you can find any. Generally, there are two things you can do when you find a MAJ or PHP-related bug or exploit:

1. Take advantage of it. But hey, what's so exciting about messing up someone's blog? Ho-hum, right?
2. Report it here so that we can work on a fix and make MAJ better.

read more
Search
Download
MAJ 2.0
75 files
33241 downloads
MAJ 1.0
26 files
13223 downloads
MAJ 0.14
45 files
35161 downloads