<?php
######################################################################
# PHP-NUKE: Web Portal System
# ===========================
#
# Copyright (c) 2000 by Francisco Burzi (fburzi@ncc.org.ve)
# http://phpnuke.org
#
# This modules is a collection of some usefull global functions
#
# This program is free software. You can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License.
######################################################################
if (!isset($config)) { include("config.php"); }
include("lang-$language.php");
$mainfile = 1;
function dbconnect() {
if (!isset($config)) { include("config.php"); }
mysql_pconnect($dbhost, $dbuname, $dbpass);
@mysql_select_db("$dbname") or die ("Unable to select database");
}
function ultramode() {
$file = fopen("ultramode.txt", "w");
fwrite($file, "General purpose self-explanatory file with news headlines\n");
$rfile=mysql_query("select sid, aid, title, time, comments, topic from stories order by time DESC limit 0,10");
while(list($sid, $aid, $title, $time, $comments, $topic) = mysql_fetch_row($rfile)) {
$rfile2=mysql_query("select topictext, topicimage from topics where topicid=$topic");
list($topictext, $topicimage) = mysql_fetch_row($rfile2);
$content = "%%\n$title\n/article.php?sid=$sid\n$time\n$aid\n$topictext\n$comments\n$topicimage\n";
fwrite($file, $content);
}
fclose($file);
}
function counter() {
dbconnect();
mysql_query("UPDATE vars SET value=value+1 where name='totalhits'");
}
function cookiedecode($user) {
global $cookie;
$user = base64_decode($user);
$cookie = explode(":", $user);
return $cookie;
}
function getusrinfo($user) {
global $userinfo;
$user2 = base64_decode($user);
dbconnect();
$user3 = explode(":", $user2);
$result = mysql_query("select uid, name, uname, email, femail, url, pass, storynum, umode, uorder, thold, noscore, bio, ublockon, ublock, theme, commentmax from users where uname='$user3[1]' and pass='$user3[2]'");
if(mysql_num_rows($result)==1) {
$userinfo = mysql_fetch_array($result);
} else {
echo "<b>A problem occured</b><br>";
}
return $userinfo;
}
function FixQuotes ($what = "") {
$what = ereg_replace("'","''",$what);
while (eregi("\\\\'", $what)) {
$what = ereg_replace("\\\\'","'",$what);
}
return $what;
}
/*********************************************************/
/* text filter */
/*********************************************************/
function check_words($Message) {
global $EditedMessage, $CensorList, $CensorMode, $CensorReplace;
$EditedMessage = $Message;
if ($CensorMode != 0) {
if (is_array($CensorList)) {
$Replacement = $CensorReplace;
if ($CensorMode == 1) { # Exact match
$RegExPrefix = '([^[:alpha:]]|^)';
$RegExSuffix = '([^[:alpha:]]|$)';
} elseif ($CensorMode == 2) { # Word beginning
$RegExPrefix = '([^[:alpha:]]|^)';
$RegExSuffix = '[[:alpha:]]*([^[:alpha:]]|$)';
} elseif ($CensorMode == 3) { # Word fragment
$RegExPrefix = '([^[:alpha:]]*)[[:alpha:]]*';
$RegExSuffix = '[[:alpha:]]*([^[:alpha:]]*)';
}
for ($i = 0; $i < count($CensorList) && $RegExPrefix != ''; $i++) {
$EditedMessage = eregi_replace($RegExPrefix.$CensorList[$i].$RegExSuffix,"\\1$Replacement\\2",$EditedMessage);
}
}
}
return ($EditedMessage);
}
function delQuotes($string){
# no recursive function to add quote to an HTML tag if needed
# and delete duplicate spaces between attribs.
$tmp=""; # string buffer
$result=""; # result string
$i=0;
$attrib=-1; # Are us in an HTML attrib ? -1: no attrib 0: name of the attrib 1: value of the atrib
$quote=0; # Is a string quote delimited opened ? 0=no, 1=yes
$len = strlen($string);
while ($i<$len) {
switch($string[$i]) { # What car is it in the buffer ?
case "\"": #" # a quote.
if ($quote==0) {
$quote=1;
} else {
$quote=0;
if (($attrib>0) && ($tmp != "")) { $result .= "=\"$tmp\""; }
$tmp="";
$attrib=-1;
}
break;
case "=": # an equal - attrib delimiter
if ($quote==0) { # Is it found in a string ?
$attrib=1;
if ($tmp!="") $result.=" $tmp";
$tmp="";
} else $tmp .= '=';
break;
case " ": # a blank ?
if ($attrib>0) { # add it to the string, if one opened.
$tmp .= $string[$i];
}
break;
default: # Other
if ($attrib<0) # If we weren't in an attrib, set attrib to 0
$attrib=0;
$tmp .= $string[$i];
break;
}
$i++;
}
if (($quote!=0) && ($tmp != "")) {
if ($attrib==1) $result .= "=";
# If it is the value of an atrib, add the '='
$result .= "\"$tmp\"";# Add quote if needed (the reason of the function ;-)
}
# echo $result;echo ".....";
return $result;
}
function check_html ($str, $strip="") {
// The core of this code has been lifted from phpslash
// which is licenced under the GPL.
include("config.php");
if ($strip == "nohtml")
$AllowableHTML=array('');
$str = stripslashes($str);
$str = eregi_replace("<[[:space:]]*([^>]*)[[:space:]]*>",
'<\\1>', $str);
// Delete all spaces from html tags .
$str = eregi_replace("<a[^>]*href[[:space:]]*=[[:space:]]*\"?[[:space:]]*([^\" >]*)[[:space:]]*\"?[^>]*>",
'<a href="\\1">', $str); # "
// Delete all attribs from Anchor, except an href, double quoted.
$tmp = "";
while (ereg("<(/?[[:alpha:]]*)[[:space:]]*([^>]*)>",$str,$reg)) {
$i = strpos($str,$reg[0]);
$l = strlen($reg[0]);
if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1));
else $tag = strtolower($reg[1]);
if ($a = $AllowableHTML[$tag])
if ($reg[1][0] == "/") $tag = "</$tag>";
elseif (($a == 1) || ($reg[2] == "")) $tag = "<$tag>";
else {
# Place here the double quote fix function.
$attrb_list=delQuotes($reg[2]);
$tag = "<$tag" . $attrb_list . ">";
} # Attribs in tag allowed
else $tag = "";
$tmp .= substr($str,0,$i) . $tag;
$str = substr($str,$i+$l);
}
$str = $tmp . $str;
return $str;
exit;
// Squash PHP tags unconditionally
$str = ereg_replace("<\?","",$str);
return $str;
}
function filter_text($Message, $strip="") {
global $EditedMessage;
check_words($Message);
$EditedMessage=check_html($EditedMessage, $strip);
return ($EditedMessage);
}
/*********************************************************/
/* formatting stories */
/*********************************************************/
function formatTimestamp($time) {
include ("config.php");
global $datetime;
setlocale ("LC_TIME", "$locale");
ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime);
$datetime = strftime("".translate("datestring")."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1]));
$datetime = ucfirst($datetime);
return($datetime);
}
function formatAidHeader($aid) {
$holder = mysql_query("SELECT url, email FROM authors where aid='$aid'");
if (!$holder) { echo mysql_errno(). ": ".mysql_error(). "<br>"; exit(); }
list($url, $email) = mysql_fetch_row($holder);
if (isset($url)) { echo "<a href=\"$url\">$aid</a>";
} elseif (isset($email)) { echo "<a href=\"mailto:$email\">$aid</a>";
} else { echo $aid; }
}
function oldNews($storynum) {
include ("config.php");
$boxstuff = "<font size=1>";
$boxTitle = translate("Past Articles");
$result = mysql_query("select sid, title, time, comments from stories order by time desc limit $storynum, $oldnum");
$vari = 0;
while(list($sid, $title, $time, $comments) = mysql_fetch_row($result)) {
setlocale ("LC_TIME", "$locale");
ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime2);
$datetime2 = strftime("".translate("datestring2")."", mktime($datetime2[4],$datetime2[5],$datetime2[6],$datetime2[2],$datetime2[3],$datetime2[1]));
$datetime2 = ucfirst($datetime2);
if($time2==$datetime2) {
$boxstuff .= "<li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
} else {
if($a=="") {
$boxstuff .= "<b>$datetime2</b><br><br><li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
$time2 = $datetime2;
$a = 1;
} else {
$boxstuff .= "<br><br><b>$datetime2</b><br><br><li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
$time2 = $datetime2;
}
}
$vari++;
if ($vari==$oldnum) {
if (isset($cookie[3])) $storynum = $cookie[3]; else $storynum = $storyhome;
$min = $oldnum + $storynum;
$boxstuff .= "<br><p align=right><font size=1><a href=search.php?min=$min&type=stories><b>".translate("Older Articles")."</b></a>";
}
}
themesidebox($boxTitle, $boxstuff);
}
function mainblock() {
$result = mysql_query("select title, content from mainblock");
while(list($title, $content) = mysql_fetch_array($result)) {
$content = nl2br($content);
themesidebox($title, $content);
}
}
function rightblocks() {
$result = mysql_query("select title, content from rblocks");
while(list($title, $content) = mysql_fetch_array($result)) {
$content = nl2br($content);
themesidebox($title, $content);
}
}
function leftblocks() {
$result = mysql_query("select title, content from lblocks");
while(list($title, $content) = mysql_fetch_array($result)) {
$content = nl2br($content);
themesidebox($title, $content);
}
}
function adminblock() {
$result = mysql_query("select title, content from adminblock");
while(list($title, $content) = mysql_fetch_array($result)) {
$content = nl2br($content);
themesidebox($title, $content);
}
}
function ephemblock() {
$today = getdate();
$eday = $today[mday];
$emonth = $today[mon];
$result = mysql_query("select yid, content from ephem where did='$eday' AND mid='$emonth'");
$title = "".translate("Ephemerids")."";
$boxstuff = "<center><b>".translate("One Day like Today...")."</b></center><br>";
while(list($yid, $content) = mysql_fetch_array($result)) {
if ($cnt==1) {
$boxstuff .= "<br><br>";
}
$boxstuff .= "<b>$yid</b><br>";
$boxstuff .= "$content";
$cnt = 1;
}
themesidebox($title, $boxstuff);
}
function loginbox() {
$title = "$sitename Login";
$boxstuff .= "<form action=user.php method=post>";
$boxstuff .= "<font size=1><center>".translate("Nickname")."<br>";
$boxstuff .= "<input type=text name=uname size=15 maxlength=25><br>";
$boxstuff .= "".translate("Password")."<br>";
$boxstuff .= "<input type=password name=pass size=15 maxlength=20><br>";
$boxstuff .= "<input type=hidden name=op value=login>";
$boxstuff .= "<input type=submit value=".translate("Login")."></form>";
$boxstuff .= "".translate("Don't have an account yet? You can")."";
$boxstuff .= " <a href=user.php>".translate("create one")."</a>.";
//$boxstuff .= " ".translate("As registered")."";
//$boxstuff .= " ".translate("user you have some advantages like theme manager,")."";
//$boxstuff .= " ".translate("comments configuration and post comments with your name.")."";
$boxstuff .= "</center>";
themesidebox($title, $boxstuff);
}
function loginbar() {
echo "<form action=user.php method=post> <font size=1>Nickname<br>
<input type=text name=uname size=20 maxlength=25><br>
Password<br>
<input type=password name=pass size=20 maxlength=20><br>
<input type=hidden name=op value=login>
<input type=submit value=Login></form>
<a href=user.php>Register</a>";
}
/*********************************************************/
/* poll functions */
/*********************************************************/
function pollMain($pollID) {
global $maxOptions, $boxTitle, $boxContent, $uimages;
if($pollsAreOn) {
if (!isset($config)) { include("config.php"); }
dbconnect();
if(!isset($pollID))
$pollID = 1;
if(!isset($url))
$url = sprintf("pollBooth.php?op=results&pollID=%d", $pollID);
$boxContent .= "<form action=\"pollBooth.php\" method=\"post\">";
$boxContent .= "<input type=\"hidden\" name=\"pollID\" value=\"".$pollID."\">";
$boxContent .= "<input type=\"hidden\" name=\"forwarder\" value=\"".$url."\">";
$result = mysql_query("SELECT pollTitle, voters FROM poll_desc WHERE pollID=$pollID");
list($pollTitle, $voters) = mysql_fetch_row($result);
$boxTitle = translate("Survey");
$boxContent .= "<font size=2><b>$pollTitle</b><br><br>";
for($i = 1; $i <= $maxOptions; $i++) {
$result = mysql_query("SELECT pollID, optionText, optionCount, voteID FROM poll_data WHERE (pollID=$pollID) AND (voteID=$i)");
$object = mysql_fetch_object($result);
if(is_object($object)) {
$optionText = $object->optionText;
if($optionText != "") {
$boxContent .= "<input type=\"radio\" name=\"voteID\" value=\"".$i."\"><font size=1> $optionText <br>";
}
}
}
$boxContent .= "<br><center><table cellspacing=0 cellpadding=5 border=0 width=111><tr><td align=center> <input type=image src=$uimages/vote.gif border=0></td><td align=center></form>";
$boxContent .= "<a href=\"pollBooth.php?op=results&pollID=$pollID\"><img src=$uimages/result.gif border=0></a></td></tr></table><font size=1><b><a href=\"pollBooth.php\">".translate("Past Surveys")."</a></b><br>";
if ($pollcomm) {
list($numcom) = mysql_fetch_row(mysql_query("select count(*) from pollcomments where pollID=$pollID"));
$boxContent .= "<br>".translate("Votes: ")."<b>$voters</b> | ".translate("comments:")." <b>$numcom</b></fonts>";
} else {
$boxContent .= "<br>".translate("Votes: ")."<b>$voters</b></font>";
}
$boxContent .= "</font></center>";
themesidebox($boxTitle, $boxContent);
}
}
function pollLatest() {
dbconnect();
$result = mysql_query("SELECT pollID FROM poll_data ORDER BY pollID DESC");
$pollID = mysql_fetch_row($result);
return($pollID[0]);
}
function pollNewest() {
$pollID = pollLatest();
pollMain($pollID);
}
function pollCollector($pollID, $voteID, $forwarder) {
global $maxOptions, $setCookies, $cookiePrefix, $HTTP_COOKIE_VARS;
dbconnect();
$voteValid = "1";
if($setCookies>0) {
// we have to check for cookies, so get timestamp of this poll
$result = mysql_query("SELECT timeStamp FROM poll_desc WHERE pollID=$pollID");
$object = mysql_fetch_object($result);
$timeStamp = $object->timeStamp;
$cookieName = $cookiePrefix.$timeStamp;
// check if cookie exists
if($HTTP_COOKIE_VARS["$cookieName"] == "1") {
// cookie exists, invalidate this vote
$warn = "You already voted today!";
$voteValid = "0";
} else {
// cookie does not exist yet, set one now
$cvalue = "1";
setcookie("$cookieName",$cvalue,time()+86400);
}
}
// update database if the vote is valid
if($voteValid>0) {
@mysql_query("UPDATE poll_data SET optionCount=optionCount+1 WHERE (pollID=$pollID) AND (voteID=$voteID)");
@mysql_query("UPDATE poll_desc SET voters=voters+1 WHERE pollID=$pollID");
Header("Location: $forwarder");
} else {
Header("Location: $forwarder");
}
// a lot of browsers can't handle it if there's an empty page
echo "<html><head></head><body></body></html>";
}
function pollList() {
dbconnect();
$result = mysql_query("SELECT pollID, pollTitle, timeStamp, voters FROM poll_desc ORDER BY timeStamp");
$counter = 0;
echo "<table border=0 cellpadding=8><tr><td>";
echo "<font size=3>";
while($object = mysql_fetch_object($result)) {
$resultArray[$counter] = array($object->pollID, $object->pollTitle, $object->timeStamp, $object->voters);
$counter++;
}
for ($count = 0; $count < count($resultArray); $count++) {
$id = $resultArray[$count][0];
$pollTitle = $resultArray[$count][1];
$voters = $resultArray[$count][3];
echo("<li> <a href=\"pollBooth.php?pollID=$id\">$pollTitle</a> ");
echo("(<a href=\"pollBooth.php?op=results&pollID=$id\">".translate("Results")."</a> - $voters ".translate("votes").")\n");
}
echo "</td></tr></table>";
}
function pollResults($pollID) {
global $maxOptions, $BarScale, $resultTableBgColor, $resultBarFile, $setCookies;
if(!isset($pollID)) $pollID = 1;
dbconnect();
$result = mysql_query("SELECT pollID, pollTitle, timeStamp FROM poll_desc WHERE pollID=$pollID");
$holdtitle = mysql_fetch_row($result);
echo "<br><b>$holdtitle[1]</b><br><br>";
mysql_free_result($result);
$result = mysql_query("SELECT SUM(optionCount) AS SUM FROM poll_data WHERE pollID=$pollID");
$sum = (int)mysql_result($result, 0, "SUM");
mysql_free_result($result);
echo "<table>";
// cycle through all options
for($i = 1; $i <= $maxOptions; $i++) {
// select next vote option
$result = mysql_query("SELECT pollID, optionText, optionCount, voteID FROM poll_data WHERE (pollID=$pollID) AND (voteID=$i)");
$object = mysql_fetch_object($result);
if(is_object($object)) {
$optionText = $object->optionText;
$optionCount = $object->optionCount;
echo "<tr>";
if($optionText != "") {
echo "<td>";
echo "$optionText";
echo "</td>";
if($sum) {
$percent = 100 * $optionCount * $BarScale / $sum;
} else {
$percent = 0;
}
echo "<td>";
$percentInt = (int)$percent * 4;
$percent2 = (int)$percent;
if ($percent > 0) {
echo "<img src=\"images/leftbar.gif\" height=14 width=7>";
echo "<img src=\"images/mainbar.gif\" height=14 width=$percentInt Alt=\"$percent2 %\">";
echo "<img src=\"images/rightbar.gif\" height=14 width=7>";
} else {
echo "<img src=\"images/leftbar.gif\" height=14 width=7 Alt=\"$percent2 %\">";
echo "<img src=\"images/mainbar.gif\" height=14 width=3 Alt=\"$percent2 %\">";
echo "<img src=\"images/rightbar.gif\" height=14 width=7 Alt=\"$percent2 %\">";
}
printf(" %.2f %% (%d)", $percent, $optionCount);
echo "</td>";
}
}
echo "</tr>";
}
echo "</td></tr></table><br>";
echo "<center><b>".translate("Total Votes: ")."$sum</b><br>";
if($setCookies>0) {
echo "<font size=1>".translate("We allow just one vote per day")."<br><br><font size=3>";
} else {
echo "<br><br>";
}
$booth = $pollID;
echo("[ <a href=\"pollBooth.php?pollID=$booth\">".translate("Voting Booth")."</a> | ");
echo("<a href=\"pollBooth.php\">".translate("Other Polls")."</a> ]");
return(1);
}
function getTopics($s_sid) {
global $topicname, $topicimage, $topictext;
$sid = $s_sid;
dbconnect();
$result=mysql_query("SELECT topic FROM stories where sid=$sid");
list($topic) = mysql_fetch_row($result);
$result=mysql_query("SELECT topicid, topicname, topicimage, topictext FROM topics where topicid=$topic");
list($topicid, $topicname, $topicimage, $topictext) = mysql_fetch_row($result);
}
function headlines() {
$result = mysql_query("select sitename, url, headlinesurl from headlines where status=1");
while (list($sitename, $url, $headlinesurl) = mysql_fetch_row($result)) {
$boxtitle = "$sitename";
$separ = "<li>";
$cache_file = "cache/$sitename.cache";
$cache_time = 3600;
$max_items = 10;
$target = "new";
$items = 0;
$time = split(" ", microtime());
srand((double)microtime()*1000000);
$cache_time_rnd = 300 - rand(0, 600);
if ( (!(file_exists($cache_file))) || ((filectime($cache_file) + $cache_time - $time[1]) + $cache_time_rnd < 0) || (!(filesize($cache_file))) ) {
$fpread = fopen($headlinesurl, 'r');
if(!$fpread) {
} else {
$fpwrite = fopen($cache_file, 'w');
if(!$fpwrite) {
} else {
while(! feof($fpread) ) {
$buffer = ltrim(Chop(fgets($fpread, 256)));
if (($buffer == "<item>") && ($items < $max_items)) {
$title = ltrim(Chop(fgets($fpread, 256)));
$link = ltrim(Chop(fgets($fpread, 256)));
$title = ereg_replace( "<title>", "", $title );
$title = ereg_replace( "</title>", "", $title );
$title = ereg_replace( "\"", "\\\"", $title );
$link = ereg_replace( "<link>", "", $link );
$link = ereg_replace( "</link>", "", $link );
fputs($fpwrite, "<?php \$boxstuff .= \"$separ<A HREF=$link TARGET=$target>$title</A>\"; ?>\n");
$items++;
}
}
}
fclose($fpread);
}
fclose($fpwrite);
}
if (file_exists($cache_file)) {
include($cache_file);
}
themesidebox($boxtitle, $boxstuff);
$boxstuff = "";
}
}
?>