/index.php
PHP | 2445 lines | 2025 code | 288 blank | 132 comment | 352 complexity | 658c32630e345e1bbab4318d9a0b612a MD5 | raw file
Large files files are truncated, but you can click here to view the full file
- <?php
- // Nanote - simple flat-file blog script
- // Š Zorg <ekumena@gmail.com>, 2007-2011
-
- ERROR_REPORTING(E_ALL);
- //date_default_timezone_set('Europe/Moscow');
-
- // ????????? ?????
- $domain = @str_replace(array('www.','-'), array('','_'), strtolower($_SERVER['HTTP_HOST']));
- $_POST['datadir'] = 'data/'.$domain;
-
- // ????????? ??????
- if(!is_dir($_POST['datadir']))
- {
- mkdir($_POST['datadir']);
- chmod($_POST['datadir'], 0777);
- $_install = array('.panel', '.pages', '.login', '.blocks', '.cats', '.error404', '1254942727');
-
- foreach($_install as $_c)
- {
- copy('data/'.$_c, $_POST['datadir'].'/'.$_c);
- chmod($_POST['datadir'].'/'.$_c, 0777);
- }
- }
-
- // ???????? ?????????? ????????
- $_glob = unserialize(file_get_contents('data/.settings.blank.global'));
-
- if(file_exists($_POST['datadir'].'/.settings.global'))
- {
- $_glob = unserialize(file_get_contents($_POST['datadir'].'/.settings.global')) + $_glob;
- }
-
- // ??????????? ?????????????
- $_s['url'] = '';
-
- // ????????? ????????? ???????
- foreach($_glob as $k=>$v)
- {
- $j = substr($k,0,2);
- if($j=='_l') $_l[substr($k,2)] = $v;
- if($j=='_s') $_s[substr($k,2)] = $v;
- if($j=='_d') $_d[substr($k,2)] = $v;
- }
-
- // ????????? ??????
- session_start();
-
- // ???? ?????????? ????????
- if($_SERVER['REQUEST_METHOD']=='POST' && isset($_POST['sett']) && (isset($_SESSION['adm']) || !trim($_s['pass']))) {
-
- // ? ??????? ??????? ???????
- unset($_s['curl']);
- unset($_d['curl']);
- unset($_s['d']);
- unset($_s['pglk']);
- unset($_s['slf']);
- unset($_s['title']);
- unset($_s['plname']);
- unset($_s['lang']);
- unset($_s['sav_dir']);
- unset($_s['ver']);
-
- if(trim($_POST['_spass'])) $_POST['_spass'] = md5($_POST['_spass']);
- else $_POST['_spass'] = $_glob['_spass'];
-
- foreach($_POST as $k=>$v)
- {
- // ????????
- if(stristr($k, 'plugins_'))
- {
- $_glob['plugins'][str_replace('plugins_', '', $k)] = $v;
- }
- else $_glob[$k] = stripslashes(str_replace(array("\r", "\n"), array('',"\n"), $v));
- }
-
- //$_loc['catid'][727] = array('goodcat', '??????? ?????????', 'template', '1-?????????? ? ?????? ?????????', '1-?????????? ? ?????', '1-? ?????????', '1-? rss', '??????');
- //$_loc[cat][id] = array(727, 353);
-
- // ?????? ????????
- if(isset($_glob['plugins']))
- {
- foreach($_glob['plugins'] as $pk=>$pv)
- {
- $_glob['plugins'][$pk] = isset($_POST['plugins_'.$pk]) ? 1 : 0;
- }
- }
-
- fsave($_POST['datadir'].'/.settings.global', 'w+', serialize($_glob));
-
- // ???????? ????????? ?????????
- if(!file_exists($_POST['datadir'].'/.settings.local'))
- {
- copy('data/.settings.blank.local', $_POST['datadir'].'/.settings.local');
- chmod($_POST['datadir'].'/.settings.local', 0777);
- }
-
- // ????????? ?????????
- header('Location: '.$_SERVER['HTTP_REFERER']);
- }
-
- // ???????? ????????? ????????
-
- // ???????? ?????????? ????????
- $lfile = file_exists($_POST['datadir'].'/.settings.local') ? $_POST['datadir'].'/.settings.local' : 'data/.settings.blank.local';
- $_loc = unserialize(file_get_contents($lfile));
-
- $_v = $_GET + $_POST;
- $_c = $_COOKIE;
-
- //
- $_v['ver'] = 0.389;
-
- // ???????? ??????
- if(isset($_FILES['nefis']['name']))
- {
- for ($i=0; $i<sizeof($_FILES['nefis']['name']); $i++)
- {
- if(trim($_FILES['nefis']['tmp_name'][$i]))
- {
- $name = strtolower(basename($_FILES['nefis']['name'][$i]));
- @copy($_FILES['nefis']['tmp_name'][$i], 'files/'.$name);
- $_upfiles[] = $name;
- }
- }
- }
-
- // null
- $_v['pg'] = $_s['d'] = $pst['title'] = $_s['pglk'] = $_intpl['inheader']= $_intpl['infooter'] = '';
-
- // ??????????? ?? magic quotes ??-????????
- if(get_magic_quotes_gpc())
- {
- foreach($_v as $k=>$v)
- {
- @$_v[$k] = stripslashes($v);
- }
- }
-
- // ????????? ?????? (todo: ????? ???????)
- $_error[1] = '?? ?? ?????? ???????????? ??? ??????.';
- $_error[2] = '???????? ??????????? ???.';
- $_error[3] = '??????? ??????????? ???.';
- $_error[4] = '? ????????? ???????????? ?????.';
- $_error[5] = '????????? ?????? ?????????? :)';
- $_error[6] = '?????? ?? ????? ????????? :(';
- $_error[7] = '???????? ?????? ???? ?????? 3 ???????? ? ???????? ?? ?????? ?? ?????!';
-
- $_success[1] = '??????????? ???????????!';
- $_success[2] = '?????? ????????? Nanote.';
- $_success[3] = '????? ????????? ??????? ????????.';
-
- $_title[1] = $_s['bname'].' - ?????';
- $_title[2] = $_s['bname'].' - ????????';
-
- // ?????? ??? ??????? sitemap
- $_urls['sitemap'] = explode("\n", $_s['urlsitemaptx']);
-
- // ?????? ?????
- $_urls['ping'] = explode("\n", $_s['urlpingtx']);
-
- // ??????? .htaccess ? ?????????? - ??? ????????
- if(is_file('.htaccess')) $_s['curl'] = 1;
-
- // ????????? ?????????? ????????
- $_s['slf'] = $_SERVER['PHP_SELF'];
- $_lk['rsslink'] = rsslink();
-
- // ??????? ?????????? base url
- if(!trim($_s['url'])) $_s['url'] = 'http://'.$_SERVER['HTTP_HOST'] . str_replace('index.php','',$_s['slf']);
-
- $s = $_SERVER['QUERY_STRING'];
- $e = explode('/', $s);
-
- if(isset($e[1]) && is_dir($_SERVER['DOCUMENT_ROOT'].'/'.$e[1]))
- {
- $s = str_replace($e[1].'/','',$s);
- }
-
- if(substr($s, (strlen($s)-1), 1)=='/') $s = substr($s, 0, (strlen($s)-1));
- $rq = explode($_s['px'], substr($s,1));
-
- // ???, ?????? ?????, ??????! :)
- if(isset($rq) && isset($_loc['alias'][$rq[0]]))
- {
- $rq[1] = $_loc['alias'][$rq[0]];
- $rq[0] = 'p';
- $direct = 1;
- }
-
- // ??? ?? ?????? ?????? ?????, ? ???? ????????? ??????
- if(isset($_loc['customurl'][$_SERVER['QUERY_STRING']]) || isset($_loc['customurl'][substr($_SERVER['QUERY_STRING'],1)]))
- {
- $rq[0] = 'p';
- $rq[1] = isset($_loc['customurl'][$_SERVER['QUERY_STRING']]) ? $_loc['customurl'][$_SERVER['QUERY_STRING']] : $_loc['customurl'][substr($_SERVER['QUERY_STRING'],1)];
- $direct = 1;
- }
-
- // ?????? ?????? (?????? ?? ????? ?????)
- if(isset($rq) && !isset($direct))
- {
- if(isset($rq[3]) && is_numeric($rq[2]) && is_numeric($rq[1]) && is_numeric($rq[0]))
- {
- $e = explode(':',$rq[3]);
- $rq[1] = mktime($e[0],$e[1],$e[2],$rq[1],$rq[2],$rq[0]);
- $rq[0] = 'p';
- }
- else if(isset($rq[2]) && isset($_loc['alias'][$rq[2]]))
- {
- $rq[0] = 'p'; $rq[1] = $_loc['alias'][$rq[2]];
- }
- else if((isset($rq[1]) && is_numeric($rq[1]) && strlen($rq[1]) == 2 && $rq[0] != 's') || strlen($rq[0]) == 4)
- {
- if(isset($rq[2]) && !is_numeric($rq[2]) && !isset($_loc['alias'][$rq[2]]))
- {
- $_v['pg'] = '.error404';
- }
- else
- {
- $y=(isset($rq[0]) ? $rq[0] : date('Y'));
- $m=(isset($rq[1]) ? $rq[1] : 12);
- $dim=days_in_month($m, $y);
- $mon = (isset($rq[1]) ? $rq[1] : 1);
- $day1 = (isset($rq[2]) ? $rq[2] : 1);
-
- // ?????? ????????? ?????? ? ?????? ???
- $_metatitle = $_title[1].' '.implode('-',$rq);
- $_intpl['inheader'] .= '<meta name="robots" content="noindex,follow,noodp,noydir" />'."\n";
-
- $_s['t_start'] = mktime(0, 0, 1, $mon, $day1, (int) $y) + ($_s['tmset'] * 3600);
- $day2 = (isset($rq[2]) ? $rq[2] : $dim);
- $_s['t_end'] = mktime(23, 59, 59, $m, $day2, (int) $y) + ($_s['tmset'] * 3600);
- }
- unset($rq);
- }
- }
-
- // ?????? ??????????
- if(!trim($_s['pass']))
- {
- $rq[0] = 'pg';
- $rq[1] = '.panel';
-
- // javascript-???????????
- @$_s['pglk'] .=
- '<script>
- var notify_msg = "' . $_success[2] . '";
- </script>';
- }
-
- // ?????? ???????
- $et = explode('-tpl-', $main_template = file_get_contents($_s['tpd'].'/index.php'));
- $se = sizeof($et);
- for($i=0;$i<$se;$i++)
- {
- if($i%2)
- {
- $bn = explode('/-',$et[$i]);
- $_tplin[substr($bn[1],0,strlen($bn[1]))] = $bn[0];
- }
- }
-
- if(isset($_v['ppp'])) $_s['ppp']=$_v['ppp'];
- else if(@trim($rq[0]))
- {
- if($rq[0]=='s')
- {
- $_v['sp'] = $rq[1];
-
- if(isset($rq[2]))
- {
- $_v['sw'] = urldecode($rq[2]);
- $_v['act']='sw';
- }
-
- // ?????? ????????? ? ?????? ???
- $_metatitle = $_title[2].' '.ceil($_v['sp']/$_s['ppp']+1).' '.@$rq[2];
- $_intpl['inheader'] .= '<meta name="robots" content="noindex,follow,noodp,noydir" />'."\n";
- }
- else if($rq[0]=='ep') { $_v['act']=$rq[0]; $_v['pg']=@$rq[1]; }
- else if($rq[0]=='bk') { $_v['act']=$rq[0]; $_v['p']=@$rq[1]; }
- else if($rq[0]=='p') $_v['p']=$rq[1];
- else if($rq[0]=='sw') { $_v['sw']=urldecode($rq[1]); $_v['act']='sw'; }
- else if($rq[0]=='pg') $_v['pg']=str_replace('-','_',$rq[1]);
- else if($rq[0]=='unban') $_v['act']='unban';
- else if(isset($rq[1]) && trim($rq[1])) { $_v['act']=$rq[0]; $_v['p']=$rq[1]; }
- else $_v['act']=$rq[0];
- }
-
- function fsave($f,$m,$t) {
- $fh = fopen($f, $m);
- flock($fh, LOCK_EX);
- fwrite($fh, $t);
- flock($fh, LOCK_UN);
- fclose($fh);
- @chmod($f, 0777);
- }
-
- function _get($s, $a, $b) {
- $z = strpos ($s, $a);
- if ($z !== false) {
- $z += strlen ($a);
- $y = strpos ($s, $b);
- if ($y !== false) return substr ($s, $z, $y - $z);
- }
- return false;
- }
-
- function getposts() {
- global $_loc, $_s;
-
- $d = dir($_POST['datadir']);
-
- while (false !== ($en = $d->read()))
- {
- // ???????? ??? ?????, ??? ??????
- if(is_numeric($en))
- {
- // ????????? ?? ?????? ?? (????????) ? ?? ?????????? ?? ??????????
- $allow = ((!@$_loc['draft'][$en] && $en < time()) || isset($_SESSION['adm'])) ? 1 : 0;
-
- if($allow)
- {
- // ???? ????????? ?? ???????
- if(isset($_s['t_start']) && isset($_s['t_end']))
- {
- if(($en >= $_s['t_start']) && ($en <= $_s['t_end'])) $psts[] = $en;
- }
- else $psts[] = $en;
- }
- }
- }
- $d->close();
-
- if(isset($psts)) return $psts;
- else return false;
- }
-
-
- function posttemplates() {
- global $_loc, $_s;
-
- $d = dir($_s['tpd']);
- while (false !== ($et = $d->read()))
- {
- if (stristr($et, 'post-') && (!stristr($et, 'default') && !stristr($et, 'full')))
- {
- $posttpl[$et] = str_replace('.php', '', $et);
- }
- }
-
- return $posttpl;
- }
-
- // ???????????? ????????? ??????
- function wordsrate($text, $size=6)
- {
- $text = str_replace(array('.',"\n"), ' ', $text);
- $text = preg_replace('| +|', ' ', clean(strip_tags($text)));
- $words = explode(' ', $text);
-
- $num = 0;
- $cword = array();
-
- foreach($words as $word)
- {
- $len = function_exists('mb_strlen') ? mb_strlen($word, 'UTF-8') : strlen($word);
-
- if($len > 4)
- {
- $num++;
- $cword[] = function_exists('mb_strtolower') ? mb_strtolower($word, 'UTF-8') : strtolower($word);
- if($num>$size) break;
- }
- }
-
- return $cword;
- }
-
- /**
- * Description of Image_Processor
- *
- * @author mrak, http://pnk.pp.ua
- */
- class Image_Processor {
-
- protected $contentType = null;
- protected $img = null;
- protected $tmpname = null;
-
- protected function getMime($fileName) {
-
- return mime_content_type($fileName);
- }
-
- public function __construct($fileName) {
- // ???? ???? ? ??? ????????
- if (file_exists('files/'.$fileName))
- {
- $fileName = 'files/'.$fileName;
- }
- else
- {
- // ???????? ???????? ????????? ???????????
- $tmpexp = explode('/', $fileName);
- $this->tmpname = 'files/'.$tmpexp[sizeof($tmpexp)-1];
- copy($fileName, $this->tmpname);
- $fileName = $this->tmpname;
- }
-
- if (is_readable($fileName)) {
-
- if(stristr($fileName,'png')) $this->contentType = 'image/png';
- if(stristr($fileName,'jpg') || stristr($fileName,'jpeg')) $this->contentType = 'image/jpeg';
- if(stristr($fileName,'gif')) $this->contentType = 'image/gif';
-
- switch ($this->contentType) {
- case 'image/png':
- $img = imagecreatefrompng($fileName);
- break;
- case 'image/jpeg':
- $img = imagecreatefromjpeg($fileName);
- break;
- case 'image/gif':
- $img = imagecreatefromgif($fileName);
- break;
- default:
- throw new Exception('Wrong content type "' . $this->contentType . '"');
- break;
- }
- if (!is_resource($img)) {
- throw new Exception('Could not read image');
- }
- $this->img = $img;
- } else {
- throw new Exception('Cannot read file "' . $fileName . '"');
- }
- }
-
- public function resample($newwidth, $newheight, $newFileName) {
- global $_s, $_upfiles;
-
- // ??? ???????? ???? ???? ?????????
- if (!file_exists('files/'.$newFileName))
- {
- $tmpexp = explode('/', $newFileName);
- $newFileName = $tmpexp[sizeof($tmpexp)-1];
- }
-
- if($this->tmpname != null && !$_s['grubimg'])
- {
- unlink($this->tmpname);
- }
- else
- {
- $_upfiles[] = str_replace(array('/','files'), '', $this->tmpname);
- }
-
- $height = imagesy($this->img);
- $width = imagesx($this->img);
-
- $k = min($newheight / $height, $newwidth / $width);
- if ($k >= 1) {
- $k = 1;
- }
- $newwidth = $k * $width;
- $newheight = $k * $height;
-
- $thumb = imagecreatetruecolor($newwidth, $newheight);
-
- imagecopyresampled($thumb, $this->img, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
-
- // ???????? ????? ?????????
- $rname = 'files/thumb_'.$newFileName;
-
- switch ($this->contentType) {
- case 'image/png':
- imagepng($thumb, $rname);
- break;
- case 'image/jpeg':
- imagepng($thumb, $rname);
- break;
- case 'image/gif':
- imagepng($thumb, $rname);
- break;
- default:
- throw new Exception('DEATH');
- break;
- }
- }
- }
-
- // ?????? rss (???????? ?? ?????????? ?????)
- function imp_rss($r)
- {
- if(@$f = file_get_contents($r))
- {
- $ex=explode('<item>',$f);
-
- for($i=1; $i<sizeof($ex); $i++)
- {
- $_rss['title'] = _get($ex[$i],'<title>','</title>');
- $_rss['text'] = _get($ex[$i],'<description>','</description>');
- $_rss['time'] = strtotime(_get($ex[$i],'<pubDate>','</pubDate>'));
-
- foreach($_rss as $k=>$v) $_rss[$k] = str_replace(array('<![CDATA[',']]>'),'',$v);
-
- $_rss['text'] = strtr($_rss['text'], array_flip(get_html_translation_table(HTML_SPECIALCHARS)));
- fsave($_POST['datadir'].'/'.$_rss['time'],'w+',$_rss['title']."\n".str_replace(array("\r","\n"),'',$_rss['text'])."\n[comments]\n");
- }
-
- return '????? ????????????? ['.(sizeof($ex)-1).'] ???????.';
- } else return '????? ??????????';
- }
-
- function _curl($url, $time, $nobody=true, $ref=false) {
-
- if(function_exists('curl_init') && $ch = curl_init())
- {
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)');
- if($nobody) curl_setopt($ch, CURLOPT_HEADER, false);
- if($nobody) curl_setopt($ch, CURLOPT_NOBODY, true);
-
- if($ref) curl_setopt($ch, CURLOPT_REFERER, $ref);
- curl_setopt($ch, CURLOPT_TIMEOUT, $time);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, false);
-
- curl_exec($ch);
- curl_close($ch);
-
- return true;
- }
- else return false;
- }
-
- function ping($url, $blogname, $blogurl) {
- global $_s;
-
- $blogname = $blogname ? $blogname : $_s['bname'];
-
- $tb_send='<?xml version="1.0"?>
- <methodCall>
- <methodName>weblogUpdates.ping</methodName>
- <params>
- <param>
- <value>'.$blogname.'</value>
- </param>
- <param>
- <value>'.$blogurl.'</value>
- </param>
- </params>
- </methodCall>';
-
- @$host = explode('/', str_replace('http://', '', $url), 2);
-
- $tb_sock = fsockopen($host[0], 80);
- fputs($tb_sock, "POST /" . @$host[1] . " HTTP/1.1\r\n");
- fputs($tb_sock, "User-Agent: Nanote\r\n");
- fputs($tb_sock, "Host: " . $host[0] . "\r\n");
- fputs($tb_sock, "Content-Type: text/xml\r\n");
- fputs($tb_sock, "Content-length: " . strlen($tb_send) . "\r\n");
- fputs($tb_sock, "Connection: close\r\n\r\n");
- fputs($tb_sock, $tb_send);
-
- while (!feof($tb_sock))
- {
- @$response .= fgets($tb_sock, 128);
- }
-
- fclose($tb_sock);
- strpos($response, '<error>0</error>') ? $return = true : $return = $response;
- return $return;
- }
-
- function days_in_month($a_month, $a_year) {
- return date('t', strtotime($a_year . '-' . $a_month . '-01'));
- }
-
- function rus2lat($str) {
- // ???????? ?????????????? ???? ?? ??????? ??? WP RusToLat, ????? Andrey Serebryakov
- $iso = array(
- "?"=>"YE","?"=>"I","?"=>"G","?"=>"i","?"=>"","?"=>"ye","?"=>"g",
- "?"=>"A","?"=>"B","?"=>"V","?"=>"G","?"=>"D",
- "?"=>"E","?"=>"YO","?"=>"ZH","?"=>"I",
- "?"=>"Z","?"=>"I","?"=>"J","?"=>"K","?"=>"L",
- "?"=>"M","?"=>"N","?"=>"O","?"=>"P","?"=>"R",
- "?"=>"S","?"=>"T","?"=>"U","?"=>"F","?"=>"X",
- "?"=>"C","?"=>"CH","?"=>"SH","?"=>"SHH","?"=>"'",
- "?"=>"Y","?"=>"","?"=>"E","?"=>"YU","?"=>"YA",
- "?"=>"a","?"=>"b","?"=>"v","?"=>"g","?"=>"d",
- "?"=>"e","?"=>"yo","?"=>"zh","?"=>"i",
- "?"=>"z","?"=>"i","?"=>"j","?"=>"k","?"=>"l",
- "?"=>"m","?"=>"n","?"=>"o","?"=>"p","?"=>"r",
- "?"=>"s","?"=>"t","?"=>"u","?"=>"f","?"=>"x",
- "?"=>"c","?"=>"ch","?"=>"sh","?"=>"shh","?"=>"",
- "?"=>"y","?"=>"","?"=>"e","?"=>"yu","?"=>"ya",
- "Ť"=>"","ť"=>"",""=>"",' '=>'_','"'=>'','@'=>'',
- '^'=>'','|'=>'','.'=>'','<'=>'','>'=>'','
'=>''
- );
- return strtolower(strtr($str,$iso));
- }
-
- function resizeimg($arNextMatch)
- {
- global $_s;
-
- $img = $arNextMatch[0];
- preg_match("/src=\"(.*)\/(.*?)\"/i", $img, $arMatch);
- $pefix = $arMatch[1];
- $src = $arMatch[2];
-
- // ????????? ?? ???????????
- if (!file_exists('files/'.$src))
- {
- $src = $pefix . '/' . $src;
- }
-
- $imgProc = new Image_Processor($src);
- $imgProc->resample($_s['thumbsize'], $_s['thumbsize'], $src);
-
- if($_s['grubimg'])
- {
- $tmpexp = explode('/', $src);
- $arNextMatch[0] = str_replace($src, '/files/'.$tmpexp[sizeof($tmpexp)-1], $arNextMatch[0]);
- }
-
- return $arNextMatch[0];
- }
-
- function replacethumbs($arNextMatch)
- {
- global $_s;
-
- $img = $arNextMatch[0];
- preg_match("/src=\"(.*)\/(.*?)\"/i", $img, $arMatch);
- preg_match("/src=\"(.*)\.(.*?)\"/i", $img, $flMatch);
-
- $pefix = $arMatch[1];
- $src = $arMatch[2];
-
- $tmpexp = explode('/', $src);
- $filename = $tmpexp[sizeof($tmpexp)-1];
-
- $img = str_replace($pefix.'/', '', $img);
- $img = str_replace($src, $_s['url'].'files/thumb_'.$src, $img);
-
- if(!stristr($pefix,'http')) $link = $_s['imgtpl'] ? imglk($_s['url'].'files/'.$src) : $_s['url'].'files/'.$src;
- else $link = $_s['imgtpl'] ? imglk($flMatch[1].'.'.$flMatch[2]) : $flMatch[1].'.'.$flMatch[2];
-
- if(file_exists('files/'.$filename)) $link = $_s['imgtpl'] ? imglk($_s['url'].'files/'.$src) : $_s['url'].'files/'.$src;
-
- return '<a href="'.$link.'" rel="nofollow" class="fullsizeimg">'.$img.'</a>';
- }
-
- function plk($p) {
- global $_s, $_loc;
-
- $x = isset($_s['curl']) ? '' : '?/';
- if(isset($_loc['customurl'][$p])) { $l = $_loc['customurl'][$p]; }
- else if(isset($_loc['alias'][$p])) $l = date('Y/m/',$p).$_loc['alias'][$p];
- else $l = date('Y/m/d/H:i:s',$p).'';
-
- return $_s['url'].$x.$l;
- }
-
- function pgk($p) {
- global $_s;
- return isset($_s['curl']) ? $_s['url'].'pg/'.$p : $_s['url'].'?/pg/'.$p;
- }
-
- function alk($p,$a=false) {
- global $_s, $_v;
- $a = $a ? '/'.$a : '';
- return isset($_s['curl']) ? $_s['url'].$p.$a : $_s['url'].'?/'.$p.$a;
- }
-
- function slk($p, $sw=false) {
- global $_s, $_v;
- $a = isset($_v['sw']) ? '/'.$_v['sw'] : '';
- return isset($_s['curl']) ? $_s['url'].'s/'.$p.$a : $_s['url'].'?/s/'.$p.$a;
- }
-
- function swlk($p) {
- global $_s;
- $a = isset($_v['s']) ? '/s/'.$_v['s'] : '';
- return isset($_s['curl']) ? $_s['url'].'sw/'.$p.$a : $_s['url'].'?/sw/'.$p.$a;
- }
-
- function dtlk($p) {
- global $_s;
- return isset($_s['curl']) ? $_s['url'].$p : $_s['url'].'?/'.$p;
- }
-
- function ctlk($p) {
- global $_s, $_loc;
- $alias = $_loc['catid'][$p][0];
- return isset($_s['curl']) ? $_s['url'].'t/'.$p : $_s['url'].'?/t/'.$p;
- }
-
- function uslk($p, $mail) {
- global $_s;
- return $_s['url'].'?unsubscribe='.$p.'&mail='.$mail;
- }
-
- function rsslink() {
- global $_s;
- return alk($_s['rsstpl']);
- }
-
- function imglk($img) {
- global $_s;
- return $_SERVER['PHP_SELF'].'?fullsize='.$img;
- }
-
- // ????????? ?????? ?? ?????
- function datelinks($time, $sufx = '-', $hours = false)
- {
- // ???? = ?????? ?? ?????
- $d = date('d', $time);
- $m = date('m', $time);
- $y = date('Y', $time);
- $Hi = date('H:i', $time);
-
- $_hi = $hours ? ' '.$Hi : '';
-
- // ?????????? ?????? ?? ?????
- return '<a href="' . dtlk($y.'/'.$m.'/'.$d) . '" rel="nofollow">' . $d .
- '</a>'.$sufx.'<a href="' . dtlk($y.'/'.$m) . '" rel="nofollow">' . $m .
- '</a>'.$sufx.'<a href="' . dtlk($y) . '" rel="nofollow">' . $y . '</a> '.$_hi;
- }
-
- function cd($f) {
- return 'onClick="return confirm(\'??????????? ???????? ['.htmlspecialchars($f).']\')"';
- }
-
- function postdata($from, $move = false)
- {
- global $_loc;
-
- if(isset($_loc['alias'][$from]))
- {
- if($move) $_loc['alias'][$_loc['alias'][$from]] = $move;
- unset($_loc['alias'][$_loc['alias'][$from]]);
- }
- if(isset($_loc['alias'][$from]))
- {
- if($move) $_loc['alias'][$move] = $_loc['alias'][$from];
- unset($_loc['alias'][$from]);
- }
- if(isset($_loc['customurl'][$from]))
- {
- if($move)
- {
- $_loc['customurl'][$_loc['customurl'][$from]] = $move;
- $_loc['customurl'][$move] = $_loc['customurl'][$from];
- }
- unset($_loc['customurl'][$_loc['customurl'][$from]]);
- unset($_loc['customurl'][$from]);
- }
- if(isset($_loc['subs'][$from]))
- {
- if($move) $_loc['subs'][$move] = $_loc['subs'][$from];
- unset($_loc['subs'][$from]);
- }
- if(isset($_loc['seelog'][$from]))
- {
- if($move) $_loc['seelog'][$move] = $_loc['seelog'][$from];
- unset($_loc['seelog'][$from]);
- }
- if(isset($_loc['template'][$from]))
- {
- if($move) $_loc['template'][$move] = $_loc['template'][$from];
- unset($_loc['template'][$from]);
- }
- if(isset($_loc['draft'][$from]))
- {
- if($move) $_loc['draft'][$move] = $_loc['draft'][$from];
- unset($_loc['draft'][$from]);
- }
- if(isset($_loc['comments'][$from]))
- {
- if($move) $_loc['comments'][$move] = $_loc['comments'][$from];
- unset($_loc['comments'][$from]);
- }
- if(isset($_loc['cat'][$from]))
- {
- if($move) $_loc['cat'][$move] = $_loc['cat'][$from];
- unset($_loc['cat'][$from]);
- }
- }
-
- function savepost($title = false, $text = false)
- {
- global $_loc, $_s, $_v, $_l, $_lk, $plugins, $pst, $extra_options, $_urls, $_upfiles;
-
- // ??????????
- if($text)
- {
- $_v['title'] = $title;
- $_v['text'] = $text;
- }
-
- if (!isset($_v['title']) || !isset($_v['text']))
- {
- // ?????? ????
- @$extra_options = $_loc['fields'][$_loc['template'][$_v['p']]];
-
- if (isset($_v['p']))
- {
- $pst = ptinfo($_v['p']);
- $pst['text'] = htmlspecialchars(str_replace(array("\r", "\n"), array('',"\n"), $pst['text']), ENT_QUOTES);
-
- // ???????? ?????????
- if(isset($plugins['template.form-post']))
- {
- rsort($plugins['template.form-post']);
- foreach($plugins['template.form-post'] as $func)
- {
- if(function_exists($func)) $func();
- }
- }
-
- include $_s['tpd'].'/form-post.php';
- exit();
- }
- else
- {
- // ???????? ?????????
- if(isset($plugins['template.form-post']))
- {
- rsort($plugins['template.form-post']);
- foreach($plugins['template.form-post'] as $func)
- {
- if(function_exists($func)) $func();
- }
- }
-
- include $_s['tpd'].'/form-post.php';
- exit();
- }
- }
- else
- {
- if(!@trim($_v['p']))
- {
- $_v['p'] = time();
- $_new = true;
- }
-
- @$newdate = strtotime($_v['dated']);
-
- if(!isset($_new) && $newdate && $newdate != $_v['p'])
- {
- postdata($_v['p']);
- @unlink($_POST['datadir'].'/'.$_v['p']);
- $_v['p'] = $newdate;
- }
-
- if(isset($_new) && $newdate && $newdate > time())
- {
- $_v['p'] = $newdate;
- }
-
- if(trim($_v['title']))
- {
- $lat = str_replace('_','-',rus2lat(clean($_v['title'])));
-
- // ?????? ?? ????????????? url (???????? ?????????? ??????????)
- $num = 2;
- while(isset($_loc['alias'][$lat.'-'.$num])) $num++;
- $lat = isset($_loc['alias'][$lat]) ? $lat . '-' . $num : $lat;
-
- $_loc['alias'][$lat] = $_v['p'];
- $_loc['alias'][$_v['p']] = $lat;
- }
-
- // ???????? url
- if(@trim($_v['alias']))
- {
- if(isset($_loc['customurl'][$_v['p']]))
- {
- unset($_loc['customurl'][$_loc['customurl'][$_v['p']]]);
- unset($_loc['customurl'][$_v['p']]);
- }
- $_loc['customurl'][$_v['alias']] = $_v['p'];
- $_loc['customurl'][$_v['p']] = $_v['alias'];
- }
-
- // ??????????? ???/????
- if(isset($_v['comments'])) $_loc['comments'][$_v['p']] = 1;
- else $_loc['comments'][$_v['p']] = 0;
-
- // ?????? ??????
- $_loc['template'][$_v['p']] = isset($_v['template']) ? $_v['template'] : '';
-
- // ????????
- $_loc['draft'][$_v['p']] = isset($_v['draft']) ? 1 : 0;
-
- // ?????????(?)
- $_loc['cat'][$_v['p']] = array(explode(',', $_v['category']));
-
- // ????????? ????
- foreach($_v as $ke=>$va)
- {
- if(strstr($ke, 'input_'))
- {
- @$_loc[$ke][$_v['p']] = $va;
- }
- }
-
- // ??????
- if($_s['thumbson'])
- {
- $_v['text'] = preg_replace_callback("/<img(.*?)>/i", "resizeimg", $_v['text']);
- }
-
- // ???????? ?????????
- if(isset($plugins['post.save']))
- {
- rsort($plugins['post.save']);
- foreach($plugins['post.save'] as $func)
- {
- if(function_exists($func)) $func();
- }
- }
-
- // ????????????? ?????
- if(isset($_upfiles))
- {
- foreach($_upfiles as $vf) $_atfiles[$_v['p']][] = $vf;
- }
-
- @fsave($_POST['datadir'].'/'.$_v['p'],'w+',$_v['title']."\n".trim($_v['text']).(trim($_v['comm']) ? "[comments]\n" : '[comments]').trim($_v['comm'])."\n");
- @fsave($_POST['datadir'].'/.settings.local', 'w+', serialize($_loc));
-
- // ???? ???? ????? ????????????? ?????
- if(isset($_atfiles))
- {
- if(is_file($_POST['datadir'].'/.se.files'))
- {
- $allfiles = unserialize(file_get_contents($_POST['datadir'].'/.se.files'));
- }
-
- $newfiles = isset($allfiles) ? ($_atfiles + $allfiles) : $_atfiles;
- @fsave($_POST['datadir'].'/.se.files', 'w+', serialize($newfiles));
- }
-
- // ????? ??????, ping, ?????? sitemap
- if(isset($_new))
- {
- if(isset($_urls['sitemap']) && trim($_urls['sitemap'][0]))
- {
- foreach($_urls['sitemap'] as $sp)
- {
- _curl(trim($sp).urlencode(alk('sitemap.xml')), 10);
- }
- }
-
- if(isset($_urls['ping']) && trim($_urls['ping'][0]))
- {
- foreach($_urls['ping'] as $pn)
- {
- ping(trim($pn), $_v['title'], $_lk['rsslink']);
- }
- }
- }
-
- if(!$text)
- {
- header('Location: '.plk($_v['p']));
- }
- else
- {
- return $_v['p'];
- }
- }
- }
-
- function ptinfo($ide)
- {
- global $_s, $_v, $_l, $_glob, $plugins, $_loc, $anons;
-
- $pst['ed']='';
-
- // ????????? ?? ?????? ?? (????????) ? ?? ?????????? ?? ??????????
- $allow = ((!@$_loc['draft'][$ide] && $ide < time()) || isset($_SESSION['adm'])) ? 1 : 0;
-
- if(!isset($ide) || !trim($ide) || !file_exists($_POST['datadir'].'/'.$ide) || !$allow) return 0;
-
- // ?????????
- if(isset($_loc['cat'][$ide]))
- {
- $pst['cats'] = $_loc['cat'][$ide];
- } else $pst['cats'] = '';
-
- // ????????, ?????? ??????
- if(@$_loc['draft'][$ide] && !$_SESSION['adm']) return 0;
-
- $inon = explode('[comments]',$dt = file_get_contents($_POST['datadir'].'/'.$ide));
-
- @list($pst['title'], $pst['raw']) = explode("\n", $dt, 2);
- @list($pst['title'], $pst['text']) = explode("\n", $inon[0], 2);
-
- $pst['fulltext'] = $pst['text'];
-
- $pst['id'] = $ide;
- $pst['timestamp'] = $ide + $_s['tmset'] * 3600;
-
- $tx = explode("\n", $pst['text']);
-
- $pst['link'] = plk($ide);
-
- if(@$_v['act'] != 'ed')
- {
- // ???????????? ??????????? :j
- // $pst['text'] = '<p>'.str_replace("\r\n\r\n", '</p><p>', trim($pst['text'])).'</p>';
- // ?????? ?????????
- $pst['title'] = trim($pst['title']) ? trim($pst['title']) : $_l['nosubj'];
-
- // ?????? ?? ?????????
- if($_s['thumbson'])
- {
- $pst['text'] = preg_replace_callback("/<img(.*?)>/i", "replacethumbs", $pst['text']);
- }
-
- // ?????????? ? ??????
- if(trim($_s['replacetx']))
- {
- $replace = explode("\n", $_s['replacetx']);
- foreach ($replace as $v)
- {
- if(trim($v))
- {
- $ex = explode('=>', trim($v));
- $from = trim($ex[0]);
- $to = trim($ex[1]);
-
- if(!is_array($pst))
- {
- foreach($pst as $ptkey => $ptval) $to = str_replace('%'.$ptkey.'%', $ptval, $to);
- }
-
- $pst['text'] = preg_replace('/'.$from.'/ui', $to, $pst['text']);
- }
- }
- }
-
- }
-
- if(!isset($_v['p']))
- {
- // ????? ?????? ?????? (cut), ?????????
- if($s = strpos($pst['text'], $_s['cut']))
- {
- $srt = substr($pst['text'], 0, $s);
- }
- // ?????????? ???? ?????? ???? ???????? ??????
- else if((sizeof($tx)>2) && $_s['autocut'])
- {
- $srt = $tx[0];
- }
-
- if(isset($srt))
- {
- $pst['text'] = $srt.str_replace(array('%link%','%title%'), array($pst['link'], $pst['title']), $_l['more']);
- }
- }
-
- $pst['date'] = date('d-m-Y, H:i', $ide + $_s['tmset'] * 3600);
-
- // ?????????? ?????? ?? ?????
- $pst['datelink'] = datelinks($ide + $_s['tmset'] * 3600, '-', true);
-
- @$pst['commts'] = explode("\n", $inon[1]);
-
- //???????? ????????????, ??????? ?????? ????????
- $comment_num = $pst['comtnhd'] = 0;
-
- if(!isset($_SESSION['adm']))
- {
- foreach($pst['commts'] as $v)
- {
- if(!stristr($v, '@@'.$_s['aname'])) $comment_num++;
- else $pst['comtnhd']++;
- }
- }
- else
- {
- $comment_num = sizeof($pst['commts']);
- }
-
- @$pst['comtn'] = $comment_num;
-
- if(isset($_SESSION['adm']))
- {
- $pst['ed']='<div class="edpanel"><a id="ed" href='.alk('ed',$pst['id']).' title="?????????????">E</a> <a id="de" title="???????" href='.alk('de',$pst['id']).' '.cd($pst['title']).'>X</a></div>';
- }
-
- $pst['template'] = @$_loc['template'][$pst['id']] ? $_loc['template'][$pst['id']] : $_s['tpp'];
- $pst['template'] = isset($_s['post.tpl.hold']) ? $_s['post.tpl.hold'] : $pst['template'];
-
- // ???????? ?????????
- if(isset($plugins['post.get.'.$pst['id']]))
- {
- rsort($plugins['post.get.'.$pst['id']]);
- foreach($plugins['post.get.'.$pst['id']] as $func)
- {
- if(function_exists($func)) $pst = $func($pst);
- }
- }
-
- // ???????? ?????????
- if(isset($plugins['post.get']))
- {
- rsort($plugins['post.get']);
- foreach($plugins['post.get'] as $func)
- {
- if(function_exists($func)) $pst = $func($pst);
- }
- }
-
- if($_s['autometa'])
- {
- $anons['title'] = $pst['title'];
- $anons['text'] = $pst['text'];
- }
-
- return $pst;
- }
-
- function pginfo($f) {
- global $_s, $plugins;
-
- $d['ed'] = $d['comtn'] = '';
-
- $f = str_replace('-', '_', $f);
- $fname = str_replace($_POST['datadir'].'/', '', $f);
-
- if(strstr($f, '.se') || !$fc = @file_get_contents($f)) return false;
-
- $e1 = explode('</'.$_s['pgt'].'>',$fc);
- $e2 = explode('<'.$_s['pgt'].'>',$e1[0]);
-
- $d['title'] = isset($e2[1]) ? $e2[1] : $fname;
- $d['text'] = isset($e1[1]) ? $e1[1] : $fc;
- $d['link'] = pgk(str_replace('_', '-', $fname));
- $d['timestamp'] = filemtime($f) + $_s['tmset'] * 3600;
- $d['date'] = date('d-m-Y', $d['timestamp']);
- $d['datexml'] = date('Y-m-d', $d['timestamp']);
-
- $d['template'] = $_s['tpp'];
-
- // ???????? ?????????
- if(isset($plugins['page.get']))
- {
- rsort($plugins['post.get']);
- foreach($plugins['page.get'] as $func)
- {
- if(function_exists($func)) $d = $func($d);
- }
- }
-
- return $d;
- }
-
- function catslist($cats=false, $td='<a href="%link%" rel="nofollow">%name%</a>', $i=',') {
- global $_s, $_l, $_v, $_loc;
-
- if(is_array($cats))
- {
- foreach($cats as $v)
- {
- if(isset($_loc['catid'][$v[0]]))
- {
- $pst['cats_links'][] = str_replace(array('%link%', '%name%'), array(ctlk($v[0]), $_loc['catid'][$v[0]][1]), $td);
- }
- }
- if(isset($pst['cats_links'])) return implode($i, $pst['cats_links']);
- }
-
- return '';
- }
-
- function catlist($td='<a href="%link%" rel="nofollow">%name%</a>', $i='<br>') {
- global $_s, $_l, $_v, $_loc;
-
- if(isset($_loc['catid']))
- {
- foreach($_loc['catid'] as $k=>$v)
- {
- $_cats[] = str_replace(array('%link%', '%name%'), array(ctlk($k), $v[1]), $td);
- }
- if(isset($_cats)) return implode($i, $_cats);
- }
-
- return '';
- }
-
- function pglist($c=0, $td=0) {
- global $_s, $_l, $_v;
-
- $d = dir($_POST['datadir']);
-
- while (false !== ($et = $d->read()))
- {
- if (!is_numeric($et))
- {
- // ???? ?? ????????? ? ?? ??????????, ?? ??????? ????????
- if(substr($et,0,1) != '.' && !is_dir($_POST['datadir'].'/'.$et) && $et != $_s['index']) $docs[filemtime($_POST['datadir'].'/'.$et)] = $et;
- // ???????? ????????-??????????
- else if(substr($et,0,2) == '._') include_once($_POST['datadir'].'/'.$et);
- }
- }
-
- $out=false;
-
- if(isset($docs))
- {
- krsort($docs);
- $dn=0;
-
- foreach($docs as $et)
- {
- if(!$c) $c = sizeof($docs);
-
- if($dn<$c)
- {
- $doc = pginfo($_POST['datadir'].'/'.$et);
- $dc = $td ? $td : $_l['pglist'];
- // ????????? ??????
- if($doc)
- {
- foreach($doc as $k=>$v) $dc = str_replace('%'.$k.'%', $v, $dc);
- $dn++;
- $out .= $dc;
- }
- }
- }
- }
-
- $d->close();
-
- return $out;
- }
-
- // ????? ??????
- function blocks($place) {
- global $_s, $_l, $_lk, $_loc, $_tplin, $plugins;
-
- // ???? ???? ?????? ??????????
- if(isset($_loc['block'][$place]))
- {
- $blocks = $_loc['block'][$place];
- $template = $_tplin[$place . '-block'];
-
- ksort($blocks);
-
- foreach($blocks as $k=>$v)
- {
-
- $prepare = str_replace('%title%', $v[0], $template);
- $prepare = str_replace('%content%', $v[1], $prepare);
-
- // ???????? ?????????
- if(isset($plugins['block.get']))
- {
- rsort($plugins['block.get']);
- foreach($plugins['block.get'] as $func)
- {
- if(function_exists($func)) $prepare = $func($prepare);
- }
- }
-
- // ???????? ?????????
- if(isset($plugins['block.get.'.$place.'_'.$k]))
- {
- rsort($plugins['block.get.'.$place.'_'.$k]);
- foreach($plugins['block.get.'.$place.'_'.$k] as $func)
- {
- if(function_exists($func)) $prepare = $func($prepare);
- }
- }
-
- // ?? ?????? ??????? ??????? ??? ?????????? (?? ???????: ??? ?????? ?????)
- if(strstr($prepare, '%pglist%'))
- {
- $prepare = str_replace('%pglist%', pglist(8), $prepare);
- }
-
- if(strstr($prepare, '%cmtlist%'))
- {
- $prepare = str_replace('%cmtlist%', cmtlist(8), $prepare);
- }
-
- if(strstr($prepare, '%catlist%'))
- {
- $prepare = str_replace('%catlist%', catlist(), $prepare);
- }
-
- // ?????? ????????? ??????????
- foreach($_s as $sk=>$sv) $prepare = str_replace('%'.$sk.'%', $sv, $prepare);
- // ?????? ??????
- foreach($_lk as $lk=>$lv) $prepare = str_replace('%'.$lk.'%', $lv, $prepare);
-
- // ??????? ??????
- if(isset($_SESSION['adm'])) $prepare = str_replace(array('<!--is_admin-', '-is_admin-->'), '', $prepare);
-
- // ???? ?????: ???? ??????????????
- $prepare = isset($_SESSION['adm']) ? str_replace('%edit%', '<div class="edpanel"><a id="ed" href='.alk('bk', $place.'_'.$k).' title="?????????????">E</a> <a id="de" title="???????" href='.alk('de', $place.'_'.$k).' '.cd($v[0]).'>X</a></div>', $prepare) : str_replace('%edit%', '', $prepare);
-
- // ???????? ?????????
- if(isset($plugins['block.output']))
- {
- rsort($plugins['block.output']);
- foreach($plugins['block.output'] as $func)
- {
- if(function_exists($func)) $prepare = $func($prepare);
- }
- }
-
- echo $prepare;
- }
- }
- }
-
- // ?????? ????????? ?????????? (?? ?????????? ??????, ?? ????????????!)
- function cmtlist($c=0, $td=0, $lm=0) {
- global $_s, $_l, $_loc;
-
- $d = dir($_POST['datadir']);
- while (false !== ($et = $d->read()))
- {
- if (substr($et,0,1) != '.' && is_numeric($et))
- {
- // ????????? ?? ?????? ?? (????????)
- $allow = (!@$_loc['draft'][$et] || isset($_SESSION['adm'])) ? 1 : 0;
-
- if($allow)
- {
- $cmts[filemtime($_POST['datadir'].'/'.$et)] = $et;
- }
- }
- }
- $d->close();
-
- if(isset($cmts))
- {
- krsort($cmts);
- $out=false;
- $dn=0;
-
- foreach($cmts as $et)
- {
- if(!$c) $c=10;
- $cmt = ptinfo($et);
-
- if(($cmt['comtn']-2)>0 && $dn<$c)
- {
- list($cmt['nick'], $cmt['ip'], $cmt['date'], $cmt['text']) = explode('ť', $cmt['commts'][($cmt['comtn']-2)]);
-
- $cmt['cmtlink'] = $cmt['link'].'#cmt-'.($cmt['comtn']-2);
- $e = explode('<',$cmt['text']);
- $cmt['text'] = strip_tags($e[0]);
- $s = strpos($cmt['nick'], '@');
-
- if($s) $cmt['nick'] = substr($cmt['nick'],0,$s);
-
- $cmt['nick'] = (@trim($cmt['nick']) ? $cmt['nick'] : $_l['anonym']);
- $dc = $td ? $td : $_l['cmtlist'];
-
- foreach($cmt as $k=>$v) @$dc = str_replace('%'.$k.'%',$v,$dc);
-
- $dn++;
- $out .= $dc;
- }
- }
-
- }
-
- if(isset($out)) return $out;
- else return false;
- }
-
- // ??????????/????????? ??????
- function ptnext($p) {
- global $_s, $_l;
-
- $allp = getposts();
- rsort($allp);
-
- $s = sizeof($allp);
- $nx['p']['sub'] = $nx['p']['lnk'] = $nx['n']['sub'] = $nx['n']['lnk'] = '';
-
- for($i=0;$i<$s;$i++)
- {
- if($allp[$i] == $p)
- {
- if(@$n = ptinfo($allp[$i+1]))
- {
- $nx['p']['sub'] = $n['title'];
- $nx['p']['lnk'] = $n['link'];
- }
- if(@$p = ptinfo($allp[$i-1]))
- {
- $nx['n']['sub'] = $p['title'];
- $nx['n']['lnk'] = $p['link'];
- }
- return @$nx;
- }
- }
- }
-
- function clean($t) {
- return str_replace(array('"','<','>','\"','$','(','(','*','+','%','$','#',':','[',']','&','!','?','~','=','+','?',':',';','{','}','`','/','\\',"\r","\n",',',')','\'','- ',' -'),'',$t);
- }
-
- // ????????? ????????
- function retex($t) {
- return preg_replace('#\B(@[_?-???-??0-9a-zA-Z]+)#u', '<a href="'.swlk('\\1').'" rel="nofollow">\\1</a>',$t);
- }
-
- // ????????? ????????? nick
- if(@trim($_v['nick']))
- {
- setcookie('nnk', $_v['nick'], time() + 604800);
- }
-
- // ?????? ??????????, ????????? ??????
- if (isset($_v['passwd']) && md5($_v['passwd']) == $_s['pass'])
- {
- $_SESSION['adm'] = 1;
- }
-
- // ????????, ?????????????? ???????????
- if(isset($_v['fullsize']))
- {
- if(is_file($_POST['datadir'].'/.se.files'))
- {
- $allfiles = unserialize(file_get_contents($_POST['datadir'].'/.se.files'));
- }
-
- $_intpl['inheader'] .= '<meta name="robots" content="noindex,follow,noodp,noydir" />'."\n";
-
- $tmpexp = explode('/', $_v['fullsize']);
- $filename = $tmpexp[sizeof($tmpexp)-1];
-
- $_s['title'] = @$pst['title'] ? $pst['title'] : $filename;
-
- include $_s['tpd'].'/image-fullsize.php';
- exit();
- }
-
- // ?????????? ??? ?????? ??????????
- if(isset($_v['majax']))
- {
- header("Content-type: text/javascript");
-
- if($_v['majax'] == 'makethumbs')
- {
- $psts = getposts();
- $total = 0;
-
- if($psts && $pz = sizeof($psts))
- {
- rsort($psts);
-
- for ($i=0; $i<sizeof($psts); $i++)
- {
- $pst = ptinfo($psts[$i]);
-
- $images = explode('src', $pst['text']);
-
- // ??????
- if($_s['thumbson'])
- {
- $pst['raw'] = preg_replace_callback("/<img(.*?)>/i", "resizeimg", $pst['raw']);
- }
-
- $total += sizeof($images)-1;
- }
- }
-
- $_msg = '??????????? '.$total.' ????????.';
- }
-
- if($_v['majax'] == 'checkup')
- {
-
- if(!@$f = file_get_contents('http://code.google.com/feeds/p/nanote/downloads/basic'))
- {
- $_msg = '?? ??????? ???????????.';
- }
- else
- {
- $ex = explode('<entry>', $f);
-
- foreach($ex as $entry)
- {
- $id = explode('<id>', $entry);
-
- if(strstr($id[1], 'nanote-v-'))
- {
- $vers = _get($id[1], 'nanote-v-', '.zip');
- $desc = trim(_get($id[1], '<content type="html">', '</content>'));
- $dex = explode("\n\n", str_replace('<pre>','',$desc));
- $info_link = trim(_get($id[1], '<link rel="alternate" type="text/html" href="', '" />'));
- $download_link = 'http://nanote.googlecode.com/files/nanote-v-'.$vers.'.zip';
-
- break;
- }
- }
-
- $_msg = '?? ??????????? ??????? ?????????? ??????? <b>' . $_v['ver'] . '</b>';
-
- if($_v['ver']<$vers)
- {
- @$_msg = '???????? ?????? <b>' . $vers . '</b> : <a href="'.$link.'">???????</a><hr>' . trim($dex[0]);
- }
- if($_v['ver']>$vers)
- {
- $_msg = '?? ??????????? ????????????????? ??????? <b><a href="http://nanote.googlecode.com/svn/trunk/">' . $_v['ver'] . '</a></b> (?????????? - <a href="'.$info_link.'">'.$vers.'</a>)';
- }
- }
- }
-
- if($_v['majax'] == 'doping')
- {
- $pingsuccess = 0;
-
- if(isset($_urls['ping']))
- {
- foreach($_urls['ping'] as $pn)
- {
- if(ping(trim($pn), $_s['bname'], $_lk['rsslink']))
- {
- $pingsuccess++;
- }
- }
- }
-
- $_msg = '??????? ???????????? '.$pingsuccess.' ????????.';
- }
-
- if($_v['majax'] == 'addsitemap')
- {
- $sitemapsuccess = 0;
-
- if(isset($_urls['sitemap']))
- {
- foreach($_urls['sitemap'] as $sp)
- {
- $sp = str_replace('%url%', urlencode(alk('sitemap.xml')), trim($sp));
-
- if(_curl($sp, 10))
- {
- $sitemapsuccess++;
- }
- }
- }
-
- $_msg = '?????????? '.$sitemapsuccess.' ??????????? ? sitemap.';
- }
-
- exit('document.getElementById(\''.$_v['majax'].'\').innerHTML = \''.$_msg.'\'; ');
- }
-
- // ???????
- if(isset($_v['unsubscribe']))
- {
- if(in_array($_v['mail'], $_loc['subs'][$_v['unsubscribe']]))
- {
- $key = array_search($_v['mail'], $_loc['subs'][$_v['unsubscribe']]);
- unset($_loc['subs'][$_v['unsubscribe']][$key]);
- if(@fsave($_POST['datadir'].'/.settings.local', 'w+', serialize($_loc)))
- {
- header('Location: '.$_s['url']);
- }
- }
- }
-
- // ????????? ??-?????????
- $_s['title'] = $_s['bname'];
-
- if(isset($_glob['plugins']))
- {
- foreach($_glob['plugins'] as $plugin => $status)
- {
- if($status) include('plugins/'.$plugin);
- }
- }
-
- // ???????? ?????????
- if(isset($plugins['main']))
- {
- rsort($plugins['main']);
- foreach($plugins['main'] as $func)
- {
- if(function_exists($func)) $func();
- }
- }
-
- // actions
- if(isset($_v['act']))
- {
-
- if(isset($plugins['action.'.$_v['act']]))
- {
- foreach($plugins['action.'.$_v['act']] as $func)
- {
- if(function_exists($func)) $func();
- }
- }
-
- // ????????????? rss
- if(strstr($_v['act'], 'rss'))
- {
- header('Content-type: application/xml');
-
- echo "<?xml version=\"1.0\" encoding=\"".$_s['enc']."\"?>\n<rss version=\"2.0\">\n<channel>\n<title>".$_s['bname']."</title>\n<link>".$_s['url']."</link>\n<description></description>\n<language>ru</language>\n";
-
- $_s['post.tpl.hold'] = $_v['act'];
-
- unset($_v['act']);
- blog();
-
- echo "\n</channel>\n</rss>";
- exit();
- }
-
- switch($_v['act']) {
-
- case 't':
- $_v['act'] = $_v['pg'] = $_v['p'] = null;
- $tags = explode(',', $rq[1]);
-
- $_v['sw'] = $_v['act'] = null;
-
- // ?????? ????? ?????/?????????
- for ($i=0; $i<sizeof($tags); $i++) $tnames[] = $_loc['catid'][$tags[$i]][1];
-
- foreach ($_loc['cat'] as $k=>$v)
- {
- foreach($v[0] as $incat)
- {
- if(in_array($incat, $tags))
- {
- // ????????? ?? ?????? ?? (????????)
- $allow = ((!@$_loc['draft'][$k] && $k < time()) || isset($_SESSION['adm'])) ? 1 : 0;
-
- $psts[] = $k;
- }
- }
- }
-
- // javascript ??????????? ? ????????? ??????????
- @$_s['pglk'] .=
- '<script>
- var search = \''.$_v['sw'].'\';
- var searchtpl = \'' . $_l['search'] . '\';
- var notify_msg = "??????? ' . sizeof($psts) . ' ???????.";
- </script>';
-
- // ?????? ????????? ? ?????? ???
- $_s['title'] = $_s['bname'].' - '.implode(', ', $tnames);
- $_intpl['inheader'] .= '<meta name="robots" content="noindex,follow,noodp,noydir" />'."\n";
-
- include $_s['tpd'].'/index.php';
- exit();
- break;
-
- case 'ban':
- $ip = trim($_v['p']);
-
- if(strstr($_s['stop_word_ip'], $ip))
- {
- $_glob['_sstop_word_ip'] = str_replace(array(','.$ip, $ip), '', $_s['stop_word_ip']);
- }
- else
- {
- $_glob['_sstop_word_ip'] = $_s['stop_word_ip'].','.$ip;
- }
-
- fsave($_POST['datadir'].'/.settings.global','w+',serialize($_glob));
-
- header('Location: '.$_SERVER['HTTP_REFERER']);
- break;
-
- case 'lgout':
- if ($_SESSION['adm'])
- {
- unset($_SESSION['adm']);
- header('Location: '.$_s['url']);
- }
- break;
-
- case 'comm':
- if(isset($_v['p']) && is_numeric($_v['p']) && file_exists($_POST['datadir'].'/'.$_v['p']))
- {
- if ($_s['cmton'] || isset($_SESSION['adm']))
- {
- $postinfo = ptinfo($_v['p']);
-
- //
- for ($i=1; $i<($postinfo['comtn']-1)+$postinfo['comtnhd']; $i++)
- {
- list($cmt['nick'], $cmt['ip'], $cmt['date'], $cmt['text']) = explode('ť', $postinfo['commts'][$i]);
- $md5[] = md5(trim($cmt['text']));
- }
- //
-
- if (@trim($_v['text']))
- {
- $exw = explode(',', $_s['stop_word_ip']);
-
- $txt = substr(trim($_v['text']), 0, 4096);
- @$nick = substr(clean(strip_tags($_v['nick'])), 0, 69);
- $_v['ip'] = getenv('REMOTE_ADDR');
-
- if(isset($_SESSION['adm']))
- {
- $nick = $_s['aname'];
- }
- else if(stristr($nick, $_s['aname']))
- {
- $_s['err'] = 1;
- }
-
- $txt = str_replace(array("\r", "\n",'ť'), array("", "\r", '»'), $txt);
-
- // capcha
- if(!isset($_SESSION['adm']) && $_s['cmtspam']!=0)
- {
- // ??????? ?????????
- if($_s['cmtspam'] == 2)
- {
- $uniq = md5($_s['pass'] + $_v['p']);
-
- if (!trim($_v[$uniq]) || trim($_v['text'.$_v['p']]))
- {
- $_s['err'] = 2;
- }
-
- }
-
- // ?????? ????????
- if($_s['cmtspam'] == 1)
- {
- if (isset($_v['answer']) && $_v['answer'])
- {
- $answer = preg_replace('/[^a-z0-9]+/i', '', $_v['answer']);
-
- if (implode(file('http://captchator.com/captcha/check_answer/'.session_id().'/'.$answer)) != '1')
- {
- $_s['err'] = 2;
- }
- } else $_s['err'] = 3;
- }
- }
-
- if(!isset($_SESSION['adm']))
- {
- $txt = str_replace(array('<', '>'), array('<', '>'), $txt);
- $txt = str_replace('"', '"', $txt);
- }
-
- $txt = str_replace("\r", "\n", $txt);
- $txt = str_replace("\n", ' <br /> ', $txt);
-
- // ????????
- if(isset($md5) && in_array(md5(trim($txt)), $md5))
- {
- $_s['err'] = 6;
- }
-
- // ???????? ?? ????-?????
- foreach($exw as $v)
- {
- if($v = trim($v) && (stristr($txt.' '.$nick,$v) || strstr($_v['ip'],$v)))
- {
- $_s['err'] = 4;
- }
- }
-
- $mfrom = strstr($nick, '@') ? $nick : "noreply-$_s[email]";
-
- if((!isset($_s['err']) && $_loc['comments'][$_v['p']]) || isset($_SESSION['adm']))
- {
-
- // ???????? ?????????
- if(isset($plugins['comment.save']))
- {
- rsort($plugins['comment.save']);
- foreach($plugins['comment.save'] as $func)
- {
- if(function_exists($func)) $func();
- }
- }
-
- fsave($_POST['datadir'].'/'.$_v['p'], 'a+',$nick.'ť'.$_v['ip'].'ť'.date('d-m-y, H:i', time() + $_s['tmset'] * 3600).'ť'.$txt."\n");
-
- // email-??????????? ??????
- if($_s['email'] && !isset($_SESSION['adm']))
- {
- mail($_s['email'], 'comment '.$nick,
- $nick." (".$_v['ip'].")\n---\n".$_v['text']."\n---\n".plk($_v['p']),
- 'Content-Type: text/plain; charset='.$_s['enc']."\nFrom: ".$nick."<$mfrom>\r\n"
- );
- }
-
- // email-??????????? ?????????????
- if(isset($_loc['subs'][$_v['p']]) && !isset($_SESSION['adm']))
- {
- @$partnick = explode('@', $nick);
- foreach($_loc['subs'][$_v['p']] as $mail)
- {
- if($mail != $nick)
- {
- mail($mail, 'comment '.$partnick[0],
- $partnick[0]."\n---\n".$_v['text']."\n---\n??????: ".plk($_v['p'])."\n??????????: ".uslk($_v['p'], $mail),
- 'Content-Type: text/plain; charset='.$_s['enc']."\nFrom: ".$partnick[0]."<noreply-".$_s['email'].">\r\n"
- );
- }
- }
- }
-
- $_s['succ'] = 1;
- $_v['text'] = '';
- }
- } else $_s['err'] = 5;
-
- // ???????????
- $notify_msg = isset($_s['err']) ? $_error[$_s['err']] : $_success[$_s['succ']];
-
- // ???????? ?? email-???????????
- if((isset($nick) && strstr($nick, '@')) && !isset($_SESSION['adm']) && @!in_array($nick, $_loc['subs'][$_v['p']]))
- {
- $_loc['subs'][$_v['p']][] = $nick;
- @fsave($_POST['datadir'].'/.settings.local', 'w+', serialize($_loc));
- }
-
- // javascript-???????????
- @$_s['pglk'] .=
- '<script>
- var notify_msg = "' . $notify_msg . '";
- </script>';
- }
- }
- break;
-
- case 'de':
- if(isset($_SESSION['adm']))
- {
- // ?????? ?????: left_1 : left - place, 1 - sort
- if(strstr($_v['p'], '_')) $xpos = explode('_', $_v['p']);
-
- // ???????? ?????
- if(isset($xpos) && isset($_loc['block'][$xpos[0]]))
- {
- array_splice($_loc['block'][$xpos[0]], $xpos[1], 1);
- fsave($_POST['datadir'].'/.settings.local', 'w+', serialize($_loc));
- // ???????? ??????/????????
- }
- else if($xpos[0] == 'cat' && isset($_loc['catid'][$xpos[1]]))
- {
- unset($_loc['catid'][$xpos[1]]);
- fsave($_POST['datadir'].'/.settings.local', 'w+', serialize($_loc));
- header('Location: '.$_SERVER['HTTP_REFERER']);
- }
- else
- {
- //exit();
- @unlink($_POST['datadir'].'/'.$_v['p']);
- postdata($_v['p']);
- fsave($_POST['datadir'].'/.settings.local', 'w+', serialize($_loc));
- }
-
- header('Location: '.$_s['url']);
- }
- break;
-
- case 'ep':
- if(isset($_SESSION['adm']))
- {
- if (@trim($n = $_v['title']) && @trim($t = $_v['text']))
- {
- if($_v['p'])
- {
- $n = $_v['p'];
- $t = '<'.$_s['pgt'].'>'.$_v['title'].'</'.$_s['pgt'].'>'.$t;
- }
- else
- {
- $t = '<'.$_s['pgt'].'>'.$n.'</'.$_s['pgt'].'>'.$t;
- $n = rus2lat($n);//date('dMY_hmi');
- }
-
- // ???????? ?????????
- if(isset($plugins['page.save']))
- {
- rsort($plugins['page.save']);
- foreach($plugins['page.save'] as $func)
- {
- if(function_exists($func)) $func();
- }
- }
-
- @fsave($_POST['datadir'].'/'.$n, 'w+', $t);
- header('Location: '.pgk($n));
- }
- else
- {
- if(isset($_v['pg']) && trim($_v['pg']))
- {
- @$po = str_replace(array("\r", "\n"), array("", "\r"), htmlspecialchars(file_get_contents($_POST['datadir'].'/'.@$_v['pg']), ENT_QUOTES));
- @$pst['text'] = str_replace("\r", "\n", $po);
- $px = 1;
- }
-
- @$pst['title'] = $_v['p'] = $_v['pg'];
-
- if(isset($px))
- {
- $pst = pginfo($_POST['datadir'].'/'.$_v['p']);
- }
-
- // ???????? ?????????
- if(isset($plugins['template.form-post']))
- {
- rsort($plugins['t…
Large files files are truncated, but you can click here to view the full file