<<<<<<< HEAD
0 )
{
$nucleus['version'] .= '/' . getNucleusPatchLevel();
}
/* Avoid notices */
if ( !array_key_exists('installscript', $CONF) || empty($CONF['installscript']) )
{
$CONF['installscript'] = 0;
}
if ( !array_key_exists('UsingAdminArea', $CONF) )
{
$CONF['UsingAdminArea'] = 0;
}
if ( !headers_sent() )
{
header('Generator: Nucleus CMS ' . $nucleus['version']);
}
/* TODO: This is for compatibility since 4.0, should be obsoleted at future release. */
if ( !isset($DIR_LOCALES) )
{
$DIR_LOCALES = $DIR_NUCLEUS . 'locales/';
}
global $DIR_LANG;
if ( !isset($DIR_LANG) )
{
$DIR_LANG = $DIR_LOCALES;
}
/* load and initialize i18n class */
if (!class_exists('i18n', FALSE))
{
include($DIR_LIBS . 'i18n.php');
}
if ( !i18n::init('UTF-8', $DIR_LOCALES) )
{
exit('Fail to initialize i18n class.');
}
/* TODO: This is just for compatibility since 4.0, should be obsoleted at future release. */
define('_CHARSET', i18n::get_current_charset());
/*
* NOTE: Since 4.0 release, Entity class becomes to be important class
* with some wrapper functions for htmlspechalchars/htmlentity PHP's built-in function
*/
include($DIR_LIBS . 'ENTITY.php');
/* we will use postVar, getVar, ... methods instead of $_GET, $_POST ... */
if ( $CONF['installscript'] != 1 )
{
/* vars were already included in install.php */
include_once($DIR_LIBS . 'vars4.1.0.php');
/* added for 4.0 DB::* wrapper and compatibility sql_* */
include_once($DIR_LIBS . 'sql/sql.php');
}
/* include core classes that are needed for login & plugin handling */
include($DIR_LIBS . 'MEMBER.php');
include($DIR_LIBS . 'ACTIONLOG.php');
include($DIR_LIBS . 'MANAGER.php');
include($DIR_LIBS . 'PLUGIN.php');
$manager =& MANAGER::instance();
/* only needed when updating logs */
if ( $CONF['UsingAdminArea'] )
{
/* XML-RPC client classes */
include($DIR_LIBS . 'xmlrpc.inc.php');
include($DIR_LIBS . 'ADMIN.php');
}
/* connect to database */
if ( !isset($MYSQL_HANDLER) )
{
$MYSQL_HANDLER = array('mysql','');
}
if ( $MYSQL_HANDLER[0] == '' )
{
$MYSQL_HANDLER[0] = 'mysql';
}
DB::setConnectionInfo($MYSQL_HANDLER[1], $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE);
/* force locale or charset */
$locale = '';
$charset = i18n::get_current_charset();
$data = array(
'locale' => &$locale,
'charset' => &$charset
);
$manager->notify('ForceLocale', $data);
if ( $data['locale'] !== '' )
{
i18n::set_forced_locale($data['locale']);
}
if ( $data['charset'] !== '' )
{
i18n::set_forced_charset($data['charset']);
}
unset($locale);
unset($charset);
/* convert forced charset to current charset */
if ( i18n::get_forced_charset() != i18n::get_current_charset() )
{
$_POST = i18n::convert_array($_POST, i18n::get_forced_charset());
$_GET = i18n::convert_array($_GET, i18n::get_forced_charset());
$_REQUEST = i18n::convert_array($_REQUEST, i18n::get_forced_charset());
$_COOKIE = i18n::convert_array($_COOKIE, i18n::get_forced_charset());
$_FILES = i18n::convert_array($_FILES, i18n::get_forced_charset());
if ( session_id() !== '' )
{
$_SESSION = i18n::convert_array($_SESSION, i18n::get_forced_charset());
}
}
/* sanitize option */
$bLoggingSanitizedResult = 0;
$bSanitizeAndContinue = 0;
$orgRequestURI = serverVar('REQUEST_URI');
sanitizeParams();
/* logs sanitized result if need */
if ( $orgRequestURI !== serverVar('REQUEST_URI') )
{
$msg = "Sanitized [" . serverVar('REMOTE_ADDR') . "] ";
$msg .= $orgRequestURI . " -> " . serverVar('REQUEST_URI');
if ( $bLoggingSanitizedResult )
{
addToLog(WARNING, $msg);
}
if ( !$bSanitizeAndContinue )
{
die("");
}
}
/* get all variables that can come from the request and put them in the global scope */
$blogid = requestVar('blogid');
$itemid = intRequestVar('itemid');
$catid = intRequestVar('catid');
$skinid = requestVar('skinid');
$memberid = requestVar('memberid');
$archivelist = requestVar('archivelist');
$imagepopup = requestVar('imagepopup');
$archive = requestVar('archive');
$query = requestVar('query');
$highlight = requestVar('highlight');
$amount = requestVar('amount');
$action = requestVar('action');
$nextaction = requestVar('nextaction');
$maxresults = requestVar('maxresults');
$startpos = intRequestVar('startpos');
$errormessage = '';
$error = '';
$special = requestVar('special');
/* read config */
getConfig();
/* Properly set $CONF['Self'] and others if it's not set...
* usually when we are access from admin menu
*/
if ( !array_key_exists('Self', $CONF) )
{
$CONF['Self'] = $CONF['IndexURL'];
/* strip trailing */
if ( $CONF['Self'][i18n::strlen($CONF['Self']) -1] == "/" )
{
$CONF['Self'] = i18n::substr($CONF['Self'], 0, i18n::strlen($CONF['Self']) -1);
}
}
$CONF['ItemURL'] = $CONF['Self'];
$CONF['ArchiveURL'] = $CONF['Self'];
$CONF['ArchiveListURL'] = $CONF['Self'];
$CONF['MemberURL'] = $CONF['Self'];
$CONF['SearchURL'] = $CONF['Self'];
$CONF['BlogURL'] = $CONF['Self'];
$CONF['CategoryURL'] = $CONF['Self'];
/* automatically use simpler toolbar for mozilla */
if ( ($CONF['DisableJsTools'] == 0)
&& i18n::strpos(serverVar('HTTP_USER_AGENT'), 'Mozilla/5.0') !== FALSE
&& i18n::strpos(serverVar('HTTP_USER_AGENT'), 'Gecko') !== FALSE )
{
$CONF['DisableJsTools'] = 2;
}
/* login processing */
$member = new Member();
if ( $action == 'login' )
{
$login = postVar('login');
$password = postVar('password');
$shared = intPostVar('shared');
$member->login($login, $password, $shared);
}
elseif ( ($action == 'logout') )
{
$member->logout();
}
else
{
$member->cookielogin();
}
/* TODO: This is for backward compatibility, should be obsoleted near future. */
if ( !preg_match('#^(.+)_(.+)_(.+)$#', $CONF['Locale'])
&& ($CONF['Locale'] = i18n::convert_old_language_file_name_to_locale($CONF['Locale'])) === FALSE )
{
$CONF['Locale'] = 'en_Latn_US';
}
if ( !array_key_exists('Language', $CONF) )
{
$CONF['Language'] = i18n::convert_locale_to_old_language_file_name($CONF['Locale']);
}
$locale = $CONF['Locale'];
/* NOTE: include translation file and set locale */
if ( $member->isLoggedIn() )
{
if ( $member->getLocale() )
{
$locale = $member->getLocale();
}
}
else
{
if ( i18n::get_forced_locale() !== '' )
{
$locale = i18n::get_forced_locale();
}
}
include_translation($locale);
i18n::set_current_locale($locale);
/* login completed */
$manager->notify('PostAuthentication', array('loggedIn' => $member->isLoggedIn() ) );
/* next action */
if ( $member->isLoggedIn() && $nextaction )
{
$action = $nextaction;
}
/* first, let's see if the site is disabled or not. always allow admin area access. */
if ( $CONF['DisableSite'] && !$member->isAdmin() && !$CONF['UsingAdminArea'] )
{
redirect($CONF['DisableSiteURL']);
exit;
}
/* load other classes */
include($DIR_LIBS . 'PARSER.php');
include($DIR_LIBS . 'SKIN.php');
include($DIR_LIBS . 'TEMPLATE.php');
include($DIR_LIBS . 'BLOG.php');
include($DIR_LIBS . 'BODYACTIONS.php');
include($DIR_LIBS . 'COMMENTS.php');
include($DIR_LIBS . 'COMMENT.php');
include($DIR_LIBS . 'NOTIFICATION.php');
include($DIR_LIBS . 'BAN.php');
include($DIR_LIBS . 'PAGEFACTORY.php');
include($DIR_LIBS . 'SEARCH.php');
include($DIR_LIBS . 'LINK.php');
/* set lastVisit cookie (if allowed) */
if ( !headers_sent() )
{
if ( $CONF['LastVisit'] )
{
setcookie($CONF['CookiePrefix'] . 'lastVisit', time(), time() + 2592000, $CONF['CookiePath'], $CONF['CookieDomain'], $CONF['CookieSecure']);
}
else
{
setcookie($CONF['CookiePrefix'] . 'lastVisit', '', (time() - 2592000), $CONF['CookiePath'], $CONF['CookieDomain'], $CONF['CookieSecure']);
}
}
if ( !defined('_ARCHIVETYPE_MONTH') )
{
define('_ARCHIVETYPE_DAY', 'day');
define('_ARCHIVETYPE_MONTH', 'month');
define('_ARCHIVETYPE_YEAR', 'year');
}
/* for path resolving */
$virtualpath = getVar('virtualpath');
if ( getVar('virtualpath') == '' )
{
$virtualpath = serverVar('PATH_INFO');
}
/*
* switch URLMode back to normal when $CONF['Self'] ends in .php
* this avoids urls like index.php/item/13/index.php/item/15
*/
if ( !array_key_exists('URLMode', $CONF) || ($CONF['URLMode'] != 'pathinfo') )
{
$CONF['URLMode'] = 'normal';
}
else
{
if ( i18n::substr($CONF['Self'], i18n::strlen($CONF['Self']) - 4) != '.php' )
{
decodePathInfo($virtualpath);
}
}
/*
* PostParseURL is a place to cleanup any of the path-related global variables before the selector function is run.
* It has 2 values in the data in case the original virtualpath is needed, but most the use will be in tweaking
* global variables to clean up (scrub out catid or add catid) or to set someother global variable based on
* the values of something like catid or itemid
* New in 3.60
*/
$data = array(
'type' => basename(serverVar('SCRIPT_NAME')),
'info' => $virtualpath
);
$manager->notify('PostParseURL', $data);
/*
* NOTE: Here is the end of initialization
*/
/**
* include_libs()
* This function includes or requires the specified library file
*
* @param string $file
* @param boolean $once use the _once() version
* @param boolean $require use require() instead of include()
* @return void
*/
function include_libs($file, $once = TRUE, $require = TRUE)
{
global $DIR_LIBS;
// $DIR_LIBS isn't a directory
if ( !is_dir($DIR_LIBS) )
{
exit;
}
$lib_path = $DIR_LIBS . $file;
if ( $once && $require )
{
require_once($lib_path);
}
else if ( $once && !$require )
{
include_once($lib_path);
}
else if ( $require )
{
require($lib_path);
}
else
{
include($lib_path);
}
return;
}
/**
* include_plugins()
* This function includes or requires the specified plugin file
*
* @param string $file
* @param boolean $once use the _once() version
* @param boolean $require use require() instead of include()
* @return
*/
function include_plugins($file, $once = TRUE, $require = TRUE)
{
global $DIR_PLUGINS;
// begin if: $DIR_LIBS isn't a directory
if ( !is_dir($DIR_PLUGINS) )
{
exit;
}
$plugin_path = $DIR_PLUGINS . $file;
// begin if:
if ( $once && $require )
{
require_once($plugin_path);
}
else if ( $once && !$require )
{
include_once($plugin_path);
}
elseif ( $require )
{
require($plugin_path);
}
else
{
include($plugin_path);
}
return;
}
/**
* include_translation()
* This function decide which locale is used and include translation
*
* @param string &$locale locale name referring to 'language tags' defined in RFC 5646
* @return void
*/
function include_translation(&$locale)
{
global $DIR_LOCALES;
$translation_file = $DIR_LOCALES . $locale . '.' . i18n::get_current_charset() . '.php';
if ( !file_exists($translation_file) )
{
$locale = 'en_Latn_US';
$translation_file = $DIR_LOCALES . 'en_Latn_US.ISO-8859-1.php';
}
include($translation_file);
return;
}
/**
* intPostVar()
* This function returns the integer value of $_POST for the variable $name
*
* @param string $name field to get the integer value of
* @return integer
*/
function intPostVar($name)
{
return (integer) postVar($name);
}
/**
* intGetVar()
* This function returns the integer value of $_GET for the variable $name
*
* @param string $name field to get the integer value of
* @return integer
*/
function intGetVar($name)
{
return (integer) getVar($name);
}
/**
* intRequestVar()
* This function returns the integer value of $_REQUEST for the variable $name. Also checks $_GET and $_POST if not found in $_REQUEST
*
* @param string $name field to get the integer value of
* @return int
*/
function intRequestVar($name)
{
return (integer) requestVar($name);
}
/**
* intCookieVar()
* This function returns the integer value of $_COOKIE for the variable $name
*
* @param string $name field to get the integer value of
* @return integer
*/
function intCookieVar($name)
{
return (integer) cookieVar($name);
}
/**
* getNucleusVersion()
* This function returns the current Nucleus version (100 = 1.00, 101 = 1.01, etc...)
*
* @param void
* @return integer
*/
function getNucleusVersion()
{
return 400;
}
/**
* getNucleusPatchLevel()
* TODO: Better description of this function.
*
* Power users can install patches in between nucleus releases. These patches
* usually add new functionality in the plugin API and allow those to
* be tested without having to install CVS.
*
*@param void
* @return integer
*/
function getNucleusPatchLevel()
{
return 0;
}
/**
* getLatestVersion()
* This function returns the latest Nucleus version available for download from nucleuscms.org or FALSE if unable to attain data
* Format will be major.minor/patachlevel e.g. 3.41 or 3.41/02
*
* @param void
* @return mixed
*/
function getLatestVersion()
{
// begin if: cURL is not available in this PHP installation
if ( !function_exists('curl_init') )
{
return FALSE;
}
$curl = curl_init();
$timeout = 5;
curl_setopt ($curl, CURLOPT_URL, 'http://nucleuscms.org/version_check.php');
curl_setopt ($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($curl, CURLOPT_CONNECTTIMEOUT, $timeout);
$return = curl_exec($curl);
curl_close($curl);
return $return;
}
/**
* sql_table()
* This function returns a Nucleus table name with the appropriate prefix
* @param string $name
* @return string
*/
function sql_table($name)
{
global $MYSQL_PREFIX;
// begin if: no MySQL prefix
if ( empty($MYSQL_PREFIX) )
{
return 'nucleus_' . $name;
}
// else: use MySQL prefix
else
{
return $MYSQL_PREFIX . 'nucleus_' . $name;
}
return;
}
/**
* sendContentType()
* This function sends the Content-Type header if headers have not already been sent
* It also determines if the browser can accept application/xhtml+xml and sends it only to those that can.
*
* if content type is application/xhtml+xml, only send it to browsers
* that can handle it (IE6 cannot). Otherwise, send text/html
*
* v2.5:
* For admin area pages, keep sending text/html (unless it's a debug version)
* application/xhtml+xml still causes too much problems with the javascript implementations
*
* v3.3:
* ($CONF['UsingAdminArea'] && !$CONF['debug']) gets removed,
* application/xhtml+xml seems to be working, so we're going to use it if we can.
*
* @param string $content_type MIME media type registered to IANA, http://www.iana.org/assignments/media-types/index.html
* @param string $page_type
* @param string $charset Deprecated. This has no meaning.
* @return void
*
*/
function sendContentType($content_type, $page_type = '', $charset = '')
{
global $manager, $CONF;
if ( headers_sent() )
{
return;
}
/* NOTE: MIME Media Type */
if ( ($content_type == 'application/xhtml+xml')
&& (!stristr(serverVar('HTTP_ACCEPT'), 'application/xhtml+xml') ) )
{
$content_type = 'text/html';
}
/* NOTE: generate event */
$data = array(
'pageType' => $page_type,
'contentType' => &$content_type
);
$manager->notify('PreSendContentType', $data);
/* NOTE: confirm MIME Media Type */
$content_type = preg_replace('#[^a-zA-Z0-9-+./]#', '', $content_type);
/* NOTE: confirm character set */
$charset = i18n::get_current_charset();
if ( i18n::get_forced_charset() !== '' )
{
$charset = i18n::get_forced_charset();
}
/* NOTE: send HTTP 1.1 header */
header("Content-Type: {$content_type}; charset={$charset}");
/* NOTE: set handler for translating character set */
if ( $charset != i18n::get_current_charset() )
{
ob_start(array('i18n', 'convert_handler'));
}
return;
}
/**
* parseHighlight()
* This function parses a query into an array of expressions that can be passed on to the highlight method
* @param string $query
* @return void
*/
function parseHighlight($query)
{
// TODO: add more intelligent splitting logic
// get rid of quotes
$query = preg_replace('/\'|"/', '', $query);
if ( !$query )
{
return array();
}
$aHighlight = preg_split('# #', $query);
for ( $i = 0; $i < count($aHighlight); $i++ )
{
$aHighlight[$i] = trim($aHighlight[$i]);
if ( i18n::strlen($aHighlight[$i]) < 3 )
{
unset($aHighlight[$i]);
}
}
if ( count($aHighlight) == 1 )
{
return $aHighlight[0];
}
else
{
return $aHighlight;
}
return;
}
/**
* getConfig()
*
* @param void
* @return void
*/
function getConfig()
{
global $CONF;
$query = sprintf('SELECT * FROM %s', sql_table('config'));
$res = DB::getResult($query);
foreach ( $res as $row )
{
$CONF[$row['name']] = $row['value'];
}
return;
}
/**
* This function gets the blog ID from the blog name
* @param string $name
* @return
*/
function getBlogIDFromName($name)
{
$query = sprintf('SELECT bnumber AS result FROM %s WHERE bshortname=%s', sql_table('blog'), DB::quoteValue($name));
return DB::getValue($query);
}
/**
* This function gets the blog name from the blog ID
* @param int $id
* @return object
*/
function getBlogNameFromID($id)
{
$query = sprintf('SELECT bname AS result FROM %s WHERE bnumber=%d', sql_table('blog'), intval($id));
return DB::getValue($query);
}
/**
* This function gets the blog ID from the item ID
* @param int $item_id
* @return object
*/
function getBlogIDFromItemID($item_id)
{
$query = sprintf('SELECT iblog AS result FROM %s WHERE inumber=%d', sql_table('item'), intval($item_id));
return DB::getValue($query);
}
/**
* This function gets the blog ID from the comment ID
* @param int $comment_id
* @return object
*/
function getBlogIDFromCommentID($comment_id)
{
$query = sprintf('SELECT cblog AS result FROM %s WHERE cnumber=%d', sql_table('comment'), intval($comment_id));
return DB::getValue($query);
}
/**
* This function gets the blog ID from the category ID
* @param int $category_id
* @return object
*/
function getBlogIDFromCatID($category_id)
{
$query = sprintf('SELECT cblog AS result FROM %s WHERE catid=%d', sql_table('category'), intval($category_id));
return DB::getValue($query);
}
/**
* This function gets the category ID from the category name
* @param int $name
* @return object
*/
function getCatIDFromName($name)
{
$query = sprintf('SELECT catid AS result FROM %s WHERE cname=%s', sql_table('category'), DB::quoteValue($name));
return DB::getValue($query);
}
/**
* functions to be used in index.php to select something
*/
function selectBlog($shortname)
{
global $blogid, $archivelist;
$blogid = getBlogIDFromName($shortname);
// also force archivelist variable, if it is set
if ( $archivelist )
{
$archivelist = $blogid;
}
return;
}
function selectSkin($skinname)
{
global $skinid;
$skinid = SKIN::getIdFromName($skinname);
return;
}
function selectCategory($cat)
{
global $catid;
if ( is_numeric($cat) )
{
$catid = (integer) $cat;
}
else
{
$catid = getCatIDFromName($cat);
}
return;
}
function selectItem($id)
{
global $itemid;
$itemid = (integer) $id;
return;
}
function selectSpecialSkinType($id)
{
global $special;
$special = strtolower($id);
return;
}
function selector()
{
global $archive, $archivelist, $archivenext, $archivenextexists, $archiveprev, $archiveprevexists, $archivetype;
global $blog, $blogid;
global $catid;
global $itemid, $itemidnext, $itemidprev, $itemtitlenext, $itemtitleprev;
global $CONF, $DIR_LIBS, $amount, $errormessage, $imagepopup;
global $manager, $maxresults, $query;
global $member, $memberid, $memberinfo;
global $skinid, $skinpart, $special;
$actionNames = array('addcomment', 'sendmessage', 'createaccount', 'forgotpassword', 'votepositive', 'votenegative', 'plugin');
$action = requestVar('action');
if ( in_array($action, $actionNames) )
{
include_once($DIR_LIBS . 'ACTION.php');
$a = new Action();
$errorInfo = $a->doAction($action);
if ( $errorInfo )
{
$errormessage = $errorInfo['message'];
}
}
// show error when headers already sent out
if ( headers_sent() && $CONF['alertOnHeadersSent'] )
{
// try to get line number/filename (extra headers_sent params only exists in PHP 4.3+)
if ( function_exists('version_compare') && version_compare('4.3.0', phpversion(), '<=') )
{
headers_sent($hsFile, $hsLine);
$extraInfo = ' in ' . $hsFile . ' line ' . $hsLine . '';
}
else
{
$extraInfo = '';
}
startUpError(
"
The page headers have already been sent out{$extraInfo}. This could cause Nucleus not to work in the expected way.
"
. "
Usually, this is caused by spaces or newlines at the end of the config.php file, "
. "at the end of the translation file or at the end of a plugin file.
"
. "
Please check this and try again.
"
. "
If you don't want to see this error message again, without solving the problem, "
. "set {$CONF['alertOnHeadersSent']} in globalfunctions.php to 0
"
. "Page headers already sent"
);
exit;
}
// make is so ?archivelist without blogname or blogid shows the archivelist
// for the default weblog
if ( serverVar('QUERY_STRING') == 'archivelist' )
{
$archivelist = $CONF['DefaultBlog'];
}
// now decide which type of skin we need
if ( $itemid )
{
// itemid given -> only show that item
$type = 'item';
if ( !$manager->existsItem($itemid,intval($CONF['allowFuture']),intval($CONF['allowDrafts'])) )
{
doError(_ERROR_NOSUCHITEM);
}
// 1. get timestamp, blogid and catid for item
$query = 'SELECT itime, iblog, icat FROM %s WHERE inumber=%d';
$query = sprintf($query, sql_table('item'), intval($itemid));
$row = DB::getRow($query);
// if a different blog id has been set through the request or selectBlog(),
// deny access
if ( $blogid && (intval($blogid) != $row['iblog']) )
{
doError(_ERROR_NOSUCHITEM);
}
// if a category has been selected which doesn't match the item, ignore the
// category. #85
if ( ($catid != 0) && ($catid != $row['icat']) )
{
$catid = 0;
}
$blogid = $row['iblog'];
$timestamp = strtotime($row['itime']);
$b =& $manager->getBlog($blogid);
if ( !$b->isValidCategory($catid) )
{
$query = "SELECT inumber, ititle FROM %s WHERE itime<%s AND idraft=0 AND iblog=%d ORDER BY itime DESC LIMIT 1";
$query = sprintf($query, sql_table('item'), DB::formatDateTime($timestamp), intval($blogid));
}
else
{
$query = "SELECT inumber, ititle FROM %s WHERE itime<%s AND idraft=0 AND iblog=%d AND icat=%d ORDER BY itime DESC LIMIT 1";
$query = sprintf($query, sql_table('item'), DB::formatDateTime($timestamp), intval($blogid), intval($catid));
}
$row = DB::getRow($query);
if ( $row )
{
$itemidprev = $row['inumber'];
$itemtitleprev = $row['ititle'];
}
// get next itemid and title
if ( !$b->isValidCategory($catid) )
{
$query = "SELECT inumber, ititle FROM %s WHERE itime>%s AND itime<=%s AND idraft=0 AND iblog=%d ORDER BY itime ASC LIMIT 1";
$query = sprintf($query, sql_table('item'), DB::formatDateTime($timestamp), DB::formatDateTime($b->getCorrectTime()), intval($blogid));
}
else
{
$query = "SELECT inumber, ititle FROM %s WHERE itime>%s AND itime<=%s AND idraft=0 AND iblog=%d AND icat=%d ORDER BY itime ASC LIMIT 1";
$query = sprintf($query, sql_table('item'), DB::formatDateTime($timestamp), DB::formatDateTime($b->getCorrectTime()), intval($blogid), intval($catid));
}
$row = DB::getRow($query);
if ( $row )
{
$itemidnext = $row['inumber'];
$itemtitlenext = $row['ititle'];
}
}
elseif ( $archive )
{
// show archive
$type = 'archive';
// sql queries for the timestamp of the first and the last published item
$query = sprintf('SELECT UNIX_TIMESTAMP(itime) as result FROM %s WHERE idraft=0 ORDER BY itime ASC', sql_table('item'));
$first_timestamp = DB::getValue($query);
$query = sprintf('SELECT UNIX_TIMESTAMP(itime) as result FROM %s WHERE idraft=0 ORDER BY itime DESC', sql_table('item'));
$last_timestamp = DB::getValue($query);
sscanf($archive, '%d-%d-%d', $y, $m, $d);
if ( $d != 0 )
{
$archivetype = _ARCHIVETYPE_DAY;
$t = mktime(0, 0, 0, $m, $d, $y);
// one day has 24 * 60 * 60 = 86400 seconds
$archiveprev = i18n::formatted_datetime('%Y-%m-%d', $t - 86400 );
// check for published items
if ( $t > $first_timestamp )
{
$archiveprevexists = true;
}
else
{
$archiveprevexists = false;
}
// one day later
$t += 86400;
$archivenext = i18n::formatted_datetime('%Y-%m-%d', $t);
if ( $t < $last_timestamp )
{
$archivenextexists = true;
}
else
{
$archivenextexists = false;
}
}
elseif ( $m == 0 )
{
$archivetype = _ARCHIVETYPE_YEAR;
$t = mktime(0, 0, 0, 12, 31, $y - 1);
// one day before is in the previous year
$archiveprev = i18n::formatted_datetime('%Y', $t);
if ( $t > $first_timestamp )
{
$archiveprevexists = true;
}
else
{
$archiveprevexists = false;
}
// timestamp for the next year
$t = mktime(0, 0, 0, 1, 1, $y + 1);
$archivenext = i18n::formatted_datetime('%Y', $t);
if ( $t < $last_timestamp )
{
$archivenextexists = true;
}
else
{
$archivenextexists = false;
}
}
else
{
$archivetype = _ARCHIVETYPE_MONTH;
$t = mktime(0, 0, 0, $m, 1, $y);
// one day before is in the previous month
$archiveprev = i18n::formatted_datetime('%Y-%m', $t - 86400);
if ( $t > $first_timestamp )
{
$archiveprevexists = true;
}
else
{
$archiveprevexists = false;
}
// timestamp for the next month
$t = mktime(0, 0, 0, $m+1, 1, $y);
$archivenext = i18n::formatted_datetime('%Y-%m', $t);
if ( $t < $last_timestamp )
{
$archivenextexists = true;
}
else
{
$archivenextexists = false;
}
}
}
elseif ( $archivelist )
{
$type = 'archivelist';
if ( is_numeric($archivelist) )
{
$blogid = intVal($archivelist);
}
else
{
$blogid = getBlogIDFromName($archivelist);
}
if ( !$blogid )
{
doError(_ERROR_NOSUCHBLOG);
}
}
elseif ( $query )
{
global $startpos;
$type = 'search';
$query = stripslashes($query);
if ( is_numeric($blogid) )
{
$blogid = intVal($blogid);
}
else
{
$blogid = getBlogIDFromName($blogid);
}
if ( !$blogid )
{
doError(_ERROR_NOSUCHBLOG);
}
}
elseif ( $memberid )
{
$type = 'member';
if ( !Member::existsID($memberid) )
{
doError(_ERROR_NOSUCHMEMBER);
}
$memberinfo = $manager->getMember($memberid);
}
elseif ( $imagepopup )
{
// media object (images etc.)
$type = 'imagepopup';
// TODO: check if media-object exists
// TODO: set some vars?
}
else
{
// show regular index page
global $startpos;
$type = 'index';
}
// any type of skin with catid
if ( $catid && !$blogid )
{
$blogid = getBlogIDFromCatID($catid);
}
// decide which blog should be displayed
if ( !$blogid )
{
$blogid = $CONF['DefaultBlog'];
}
$b =& $manager->getBlog($blogid);
$blog = $b; // references can't be placed in global variables?
if ( !$blog->isValid )
{
doError(_ERROR_NOSUCHBLOG);
}
// set catid if necessary
if ( $catid )
{
// check if the category is valid
if ( !$blog->isValidCategory($catid) )
{
doError(_ERROR_NOSUCHCATEGORY);
}
else
{
$blog->setSelectedCategory($catid);
}
}
if ( !$skinid )
{
$skinid = $blog->getDefaultSkin();
}
if ( !empty($special) && isValidShortName($special) )
{
$type = strtolower($special);
}
$skin = new SKIN($skinid);
if ( !$skin->isValid() )
{
doError(_ERROR_NOSUCHSKIN);
}
// set global skinpart variable so can determine quickly what is being parsed from any plugin or phpinclude
$skinpart = $type;
// parse the skin
$skin->parse($type);
// check to see we should throw JustPosted event
$blog->checkJustPosted();
return;
}
/**
* doError()
* Show error skin with given message. An optional skin-object to use can be given
*
* @param string $msg
* @param string $skin
* @return void
*/
function doError($msg, $skin = '')
{
global $errormessage, $CONF, $skinid, $blogid, $manager;
if ( $skin == '' )
{
if ( Skin::existsID($skinid) )
{
$id = $skinid;
}
elseif ( $manager->existsBlogID($blogid) )
{
$blog =& $manager->getBlog($blogid);
$id = $blog->getDefaultSkin();
}
elseif ($CONF['DefaultBlog'] )
{
$blog =& $manager->getBlog($CONF['DefaultBlog']);
$id = $blog->getDefaultSkin();
}
else
{
// this statement should actually never be executed
$id = $CONF['BaseSkin'];
}
$skin = new Skin($id);
}
$errormessage = $msg;
$skin->parse('error');
return;
}
/**
* Errors before the database connection has been made
*
* @param string $msg message to notify
* @param string $title page title
* @return void
*/
function startUpError($msg, $title)
{
header('Content-Type: text/xml; charset=' . i18n::get_current_charset());
echo "\n";
echo "\n";
echo "{$title}\n";
echo "\n";
echo "
{$title}
\n";
echo $msg;
echo "\n";
echo "\n";
exit;
}
function isValidShortName($name)
{
return preg_match('#^[a-z0-9]+$#i', $name);
}
function isValidDisplayName($name)
{
return preg_match('#^[a-z0-9]+[a-z0-9 ]*[a-z0-9]+$#i', $name);
}
function isValidCategoryName($name)
{
return 1;
}
function isValidTemplateName($name)
{
return preg_match('#^[a-z0-9/_\-]+$#i', $name);
}
function isValidSkinName($name)
{
return preg_match('#^[a-z0-9/_\-]+$#i', $name);
}
// add and remove linebreaks
function addBreaks($var)
{
return nl2br($var);
}
function removeBreaks($var)
{
return preg_replace("/ ([\r\n])/", "$1", $var);
}
/**
* parseFile()
*
* @param string $filename
* @param string $includeMode
* @param string $includePrefix
* @return void
*/
function parseFile($filename, $includeMode = 'normal', $includePrefix = '')
{
global $skinid;
if ( !$skinid || !existsID($skinid) )
{
$skin = new Skin($CONF['BaseSkin']);
}
else
{
$skin = new Skin($skinid);
}
$oldIncludeMode = Parser::getProperty('IncludeMode');
$oldIncludePrefix = Parser::getProperty('IncludePrefix');
$skin->parse('fileparse', $filename);
Parser::setProperty('IncludeMode', $oldIncludeMode);
Parser::setProperty('IncludePrefix', $oldIncludePrefix);
return;
}
/**
* debug()
* Outputs a debug message
*
* @param string $msg
* @return void
*/
function debug($msg)
{
echo '
