Context Navigation

mvblog.php

Revision 779, 51.7 KB (checked in by michiel, 7 months ago)
move captcha stuff to a plugin

Line
1	<?php
2	/**
3	* MvBlog -- An open source no-nosense blogtool
4	*
5	* Copyright (C) 2005-2008, Michiel van Baak
6	* Michiel van Baak <mvanbaak@users.sourceforge.net>
7	*
8	* See http://www.mvblog.org for more information on MvBlog.
9	* That page also provides Bugtrackers, Filereleases etc.
10	*
11	* This program is free software, distributed under the terms of
12	* the GNU General Public License Version 2. See the LICENSE file
13	* at the top of the source tree.
14	*
15	* @package MvBlog
16	* @author Michiel van Baak
17	* @version %%VERSION%%
18	* @copyright 2005-2008 Michiel van Baak
19	*/
20
21	/*
22	* Start the autoloader, so we never have to include anything
23	*/
24	require_once("mvblog_autoloader.php");
25	$mvblog_AutoLoader = new mvblog_AutoLoader();
26
27	$pathInfo = pathinfo(__FILE__);
28	$mvblog_AutoLoader->registerPath($pathInfo["dirname"], "%s.php", mvblog_AutoLoader::OPT_LOWERCASE);
29
30	// Register the AutoLoader object as the autoloader.
31	function __autoload($className) {
32	global $mvblog_AutoLoader;
33	$mvblog_AutoLoader->autoload($className);
34	}
35
36	/* Start heavy error reporting if we're on a dev site */
37	MvBlog_debug::start_development(False);
38
39	/* Read the configuration file */
40	$configfile = dirname(dirname(__FILE__)."../")."/conf/mvblog.ini";
41	$availSettings = array(
42	"general" => array(
43	"debug" => array("type" => mvblog_IniFileReader::TYPE_BOOL, "default" => "no"),
44	),
45	"database" => array(
46	"database" => array("type" => mvblog_IniFileReader::TYPE_STRING, "default" => "mvblog"),
47	"hostname" => array("type" => mvblog_IniFileReader::TYPE_STRING, "default" => "localhost"),
48	"username" => array("type" => mvblog_IniFileReader::TYPE_STRING, "default" => "mvblog"),
49	"password" => array("type" => mvblog_IniFileReader::TYPE_STRING, "default" => "mvblog"),
50	"type" => array("type" => mvblog_IniFileReader::TYPE_STRING, "default" => "mysql"),
51	),
52	);
53	$config = new mvblog_IniFileReader($availSettings, $configfile);
54
55	/**
56	* Class that holds methods to create public site.
57	* @package MvBlog
58	*/
59	Class MvBlog extends MvBlog_common {
60
61	/* contstants */
62
63	/* variables */
64	/**
65	* @var string $lang Language of blog. Can be en_US or nl_NL for now
66	*/
67	public $lang = "en_US";
68	/* }}} */
69
70	/* methods */
71
72	/* __construct {{{ */
73	/**
74	* Constructor to set some defaults
75	*
76	* @param string $basedir If set use this directory where MvBlog is located.
77	*/
78	public function __construct ($basedir="") {
79	parent::__construct($basedir."plugins/");
80	$this->log = new MvBlog_log($basedir, 0);
81	}
82	/* }}} */
83	/* check_admin_logged_in() {{{ */
84	/**
85	* Check to see if the admin session is set
86	*/
87	public function check_admin_logged_in() {
88	if (!$_SESSION["author_id"]) {
89	header("Location: login.php");
90	}
91	}
92	/* }}} */
93	/* blog_get_title() {{{ */
94	/**
95	* get the blog title.
96	*
97	* @return string title or "blog" if no title set
98	*/
99	public function blog_get_title() {
100	if ($this->settings["blogtitle"]) {
101	$title = stripslashes($this->settings["blogtitle"]);
102	} else {
103	$title = "blog";
104	}
105	return $title;
106	}
107	/* }}} */
108	/* blog_get_description() {{{ */
109	/**
110	* Get blogsetting description from database
111	*
112	* @return string The blogdescription
113	*/
114	public function blog_get_description() {
115	if ($this->settings["blogdescription"]) {
116	$pagedescription = nl2br(stripslashes($this->settings["blogdescription"]));
117	} else {
118	$pagedescription = "";
119	}
120	return $pagedescription;
121	}
122	/* }}} */
123	/* blog_content($start, $limit) {{{ */
124	/**
125	* main function to give user correct html depending on action etc
126	*
127	* @param int $start (optional) Start entry in recordset
128	* @param int $limit (optional) Number of records to show
129	*/
130	public function blog_content($start=0, $limit=0) {
131	/* get limit from database, when no limit given by function call */
132	if (!$limit) {
133	if ($this->settings["postsperpage"]) {
134	$limit = $this->settings["postsperpage"];
135	} else {
136	/* fall back to something sane if none found. fixes issue #25 */
137	/* FB: 20070304: This shouldn't happen anymore, as there are now
138	default settings in MvBlog_common::_get_settings().
139	Keeping it anyway just to be sure/
140	*/
141	$limit = 20;
142	}
143	}
144	// FB: 20070304: Check if key exists and strstr->strpos()
145	// if (strstr($_REQUEST["action"], "view/")) {
146	if (array_key_exists("action", $_REQUEST) && strpos($_REQUEST["action"], "view/") !== false) {
147	$_REQUEST["id"] = (int)substr($_REQUEST["action"],5);
148	$_REQUEST["action"] = "view";
149	}
150
151	// Determine the action.
152	if (array_key_exists("action", $_REQUEST)) {
153	$action = $_REQUEST["action"];
154	} else {
155	$action = ""; // Will be handled by the 'default' case in the switch below.
156	}
157	switch ($action) {
158	/* user related functions */
159	//this one is here for backward compatibiliy. Can be removed in release 4
160	case "register_confirm" : $this->user_confirm(); break;
161	//new user actions
162	case "user_confirm" : $this->user_confirm(); break;
163	case "user_save" : $this->user_save(); break;
164	case "user_new" : $this->user_edit(1); break;
165	case "user_login" :
166	if (array_key_exists("user", $_REQUEST) && $this->user_login($_REQUEST["user"])) {
167	$this->get_articles($start, $limit);
168	} else {
169	echo gettext("wrong username/pass");
170	}
171	break;
172	case "user_settings" : $this->user_edit(0); break;
173	/* article related functions */
174	case "view" : $this->show_article($_REQUEST["id"]); break;
175	case "viewdossier" : $this->get_articles($start, $limit, 0, $_REQUEST["id"]); break;
176	case "post_comment" : $this->post_comment($_POST); break;
177	case "rss" : header("Location: common/rss.php"); break;
178	case "archive" : $this->get_articles($start, $limit, 1); break;
179	case "archive_old" : $this->get_articles($start, $limit, 4); break;
180	case "archive_cat" :
181	if (array_key_exists("c", $_REQUEST) && $_REQUEST["c"] == "aside") {
182	$this->get_articles($start, $limit, 3);
183	} else {
184	$this->get_articles($start, $limit, 2);
185	}
186	break;
187	default : $this->get_articles($start, $limit); break;
188	}
189	}
190	/* }}} */
191	/* get_articles($start, $limit, $archive) {{{ */
192	/**
193	* show posts in pages or the archive
194	*
195	* @param int $start the starting point in the recordset
196	* @param int $limit the ammount of items to show
197	* @param int $archive type of archive. 0 = none, 1 = archive by date, 2 = archive by category, 3 = archive of asides, 4 = old old old
198	* @param int $dossier if not 0 show info about dossier
199	*/
200	public function get_articles($start, $limit, $archive=0, $dossier=0) {
201	// FB: 20070304: Check key and set a default if not set.
202	if (array_key_exists("top", $_REQUEST))
203	$top = $_REQUEST["top"];
204
205	if (!isset($top) \|\| empty($top))
206	$top = 1;
207
208	//article url base
209	if ($this->settings["cleanurl"])
210	$link = "post/%d#READMORE";
211	else
212	$link = "index.php?action=view&id=%d#READMORE";
213
214	//category url base
215	if ($this->settings["cleanurl"])
216	$catlink = "category/%d";
217	else
218	$catlink = "index.php?action=archive_cat&c=%d";
219
220	$start = $top-1;
221
222	$max_time = mktime(0, 0, 0, date("m"), date("d")+1, date("Y"));
223
224	$options = array(
225	"start" => $start,
226	"limit" => $limit,
227	"max_time" => $max_time,
228	"top" => $top,
229	"archive" => $archive,
230	"dossier" => $dossier,
231	"replace_references" => 1
232	);
233	foreach ($_REQUEST as $k=>$v)
234	$options["urlparams"][$k] = $v;
235
236	$posts = $this->_get_posts($options);
237
238	echo $posts["title"];
239
240	if (array_key_exists("desc", $posts))
241	echo $posts["desc"];
242
243	if ($posts["total_count"]) {
244	foreach ($posts["posts"] as $row) {
245	//get number of comments
246	$ccquery = sprintf("SELECT COUNT(*) FROM comments WHERE articles_id = %d", $row["id"]);
247	$ccq =& $this->db->query($ccquery);
248	$comments_count = $ccq->fetchRow();
249	?>
250	<div class="log_post">
251	<?php if ($row["aside"] !=1) { ?>
252	<div class="log_post_head">
253	<h1 class="log_post_h1"><a href="<?php echo sprintf($link, $row["id"]); ?>"><?php echo htmlspecialchars(stripslashes($row["title"])); ?></a></h1>
254	<h2 class="log_post_h2"><?php echo gettext("category"); ?>:
255	<?php
256	$categories = explode(",", $row["categories_ids"]);
257	foreach ($categories as $v) {
258	if (array_key_exists($v, $this->categories) && $this->categories[$v]["icon"] && $this->settings["show_cat_icons"])
259	echo "<a href=\"".sprintf($catlink, $v)."\"><img src=\"images/categories/".$this->categories[$v]["icon"]."\" title=\"".htmlspecialchars($this->categories[$v]["name"])."\" alt=\"".htmlspecialchars($this->categories[$v]["name"])."\" class=\"category_icon\" /></a> ";
260	elseif (array_key_exists($v, $this->categories))
261	echo "<a href=\"".sprintf($catlink, $v)."\">".htmlspecialchars($this->categories[$v]["name"])."</a> ";
262	}
263	?>
264	</h2>
265	</div>
266	<?php } ?>
267	<div class="log_post_body">
268	<?php if ($row["aside"]) { ?>
269	<div class="log_post_aside">
270	<?php } else { ?>
271	<div class="log_post_normal">
272	<?php } ?>
273	<?php
274	$text = $this->plugman->run_hooks("text_output", $row["body_formatted"]);
275	if ($this->limit_text($text)) {
276	echo $text;
277	?><br /><br /><a href="<?php echo sprintf($link, $row["id"]); ?>" class="link_readmore"><?php echo gettext("read more"); ?></a><?php
278	} else {
279	echo $text;
280	}
281	?>
282	</div>
283	</div>
284	<div class="log_post_foot">
285	<?php if ($row["aside"] !=1) { ?>
286	<span class="log_post_commentslink"><a href="<?php echo sprintf($link, $row["id"]); ?>#comments"><?php echo sprintf(ngettext("%d Comment", "%d Comments", $comments_count[0]), $comments_count[0]); ?></a><br /></span>
287	<span class="log_post_author"><?php echo gettext("By").": <i>".htmlspecialchars($this->authors[$row["authors_id"]]["fullname"]); ?></i></span>
288	<span class="log_post_date">\| <?php echo gettext("On").": <i>".date("d-m-Y H:i", $row["date"]); ?></i></span>
289	<?php if ($row["last_modified"]) { ?>
290	<span class="log_post_author"><br /><?php echo gettext("Last modified by").": <i>".htmlspecialchars($this->authors[$row["modified_by"]]["fullname"]); ?></i></span>
291	<span class="log_post_date">\| <?php echo gettext("Last modified on").": <i>".date("d-m-Y H:i", $row["last_modified"]); ?></i></span>
292	<?php } ?>
293	<?php } ?>
294	</div>
295	</div>
296	<?php
297	}
298	if ($limit) {
299	echo "<div class=\"log_nextprev_container\">";
300	if ($top > 1)
301	echo "<a href=\"".$posts["url_prev"]."\" class=\"link_prev\">".gettext("previous")."</a>  ";
302
303	if (($start+$limit) > $posts["total_count"])
304	$end = $posts["total_count"];
305	else
306	$end = ($start+$limit);
307
308	echo " ".($start+1)."-".$end." (".$posts["total_count"]." ".gettext("total").") ";
309	if (($start+$limit) < $posts["total_count"])
310	echo "<a href=\"".$posts["url_next"]."\" class=\"link_next\">".gettext("next")."</a>";
311
312	echo "</div>";
313	}
314	} else {
315	$adminpage = "http://".$_SERVER["SERVER_NAME"].substr($_SERVER["REQUEST_URI"],0,strrpos($_SERVER["REQUEST_URI"],"/"))."/admin/";
316	?>
317	<div class="log_post">
318	<div class="log_post_head">
319	<h1 class="log_post_h1">Welcome to MvBlog.</h1>
320	</div>
321	<div class="log_post_body">
322	<div class="log_post_normal">
323	<?php if (array_key_exists("action", $_REQUEST) && !empty($_REQUEST["action"])) { ?>
324	There are no posts to show here.
325	<?php } else { ?>
326	If you see this your install of MvBlog has been succesfull. Congratulations!<br />
327	You can now add your posts etc via de Admin Interface.<br /> Login at <a href="<?php echo $adminpage; ?>"><?php echo $adminpage; ?></a>
328	<?php } ?>
329	</div>
330	</div>
331	<div class="log_post_foot">
332	<span class="log_post_author"><i>MvBlog system</i></span>
333	</div>
334	</div>
335	<?php
336	}
337	}
338	/* }}} */
339	/* limit_text($text) {{{ */
340	/**
341	* limit the length of a message
342	*
343	* @param string &$text the text to limit in length
344	* @return int 1 if truncated, 0 if original string is within limits
345	*/
346	public function limit_text(&$text) {
347	if (strstr($text, "##BREAKPOINT##")) {
348	$text = substr($text, 0, strpos($text, "##BREAKPOINT##"));
349	return 1;
350	} else {
351	return 0;
352	}
353	}
354	/* }}} */
355	/* show_article($id) {{{ */
356	/**
357	* Show an article with all comments etc
358	*
359	* @param int $id The article id to show
360	* @param int $captcha_error if 1 it shows an error
361	*/
362	public function show_article($id, $captcha_error = 0) {
363	//category url base
364	if ($this->settings["cleanurl"])
365	$catlink = "category/%d";
366	else
367	$catlink = "index.php?action=archive_cat&c=%d";
368
369	if ($id == "httperror") {
370	$row = array(
371	"title" => $_REQUEST["error"],
372	"body" => "The requested URL (".$_SERVER["REQUEST_URI"].") was not found.
373	<br /><br />If you got here from a link on another page please contact that webmaster.<br />
374	If it was in your bookmarks, please update them.<br /><br />
375	My best guess is you came from: ".$_SERVER['HTTP_REFERER']."<br /><br />
376	In the meantime you might be interested in:<br />
377	<a href=\"index.php\" title=\"homepage\">Homepage</a><br />
378	<a href=\"common/rss.php\" title=\"rss feed\">RSS feed</a><br />",
379	"date" => time()
380	);
381	$errormode = 1;
382	} else {
383
384	$res =& $this->db->query(sprintf("SELECT * FROM articles WHERE id = %d", $id));
385
386	if (PEAR::isError($res))
387	die($res->getMessage());
388	$row = $res->fetchRow(MDB2_FETCHMODE_ASSOC);
389	$anoncomments = $row["allowanoncomments"];
390	/* we can have a global overwrite for the anon comments */
391	if ($this->settings["allowanoncomments"] != 1)
392	$anoncomments = 0;
393	$errormode = 0;
394	}
395	?>
396	<div class="log_post">
397	<div class="log_post_head">
398	<?php if ($errormode) { ?>
399	<h1 class="log_post_h1_error">
400	<?php } else { ?>
401	<h1 class="log_post_h1">
402	<?php } ?>
403	<?php echo htmlspecialchars(stripslashes($row["title"])); ?>
404	</h1>
405	<?php if (!$errormode) { ?>
406	<h2 class="log_post_h2">
407	<?php echo gettext("category").": "; ?>
408	<?php
409	$categories = explode(",", $row["categories_ids"]);
410	foreach ($categories as $v) {
411	if (array_key_exists($v, $this->categories) && $this->categories[$v]["icon"] && $this->settings["show_cat_icons"])
412	echo "<a href=\"".sprintf($catlink, $v)."\"><img src=\"images/categories/".$this->categories[$v]["icon"]."\" title=\"".htmlspecialchars($this->categories[$v]["name"])."\" alt=\"".htmlspecialchars($this->categories[$v]["name"])."\" class=\"category_icon\" /></a> ";
413	elseif (array_key_exists($v, $this->categories))
414	echo "<a href=\"".sprintf($catlink, $v)."\">".htmlspecialchars($this->categories[$v]["name"])."</a> ";
415	}
416	?>
417	</h2>
418	<?php } ?>
419	</div>
420	<div class="log_post_body">
421	<?php if ($errormode) { ?>
422	<div class="log_post_error">
423	<?php } else { ?>
424	<div class="log_post_normal">
425	<?php } ?>
426	<?php
427	$text = $this->parse_body($row["body"], $row["postformat"]);
428	$text = stripslashes(str_replace("##BREAKPOINT##", "<a name=\"READMORE\"></a>", $text));
429	$text = $this->replace_num_ref($text);
430	$text = $this->replace_dossier_ref($text);
431	$text = $this->plugman->run_hooks("text_output", $text);
432	echo $text;
433	if ($errormode) {
434	echo "search ";
435	$this->blog_show_search();
436	}
437	?>
438	</div>
439	</div>
440	<div class="log_post_foot">
441	<?php if (!$errormode) { ?>
442	<span class="log_post_author"><?php echo htmlspecialchars($this->authors[$row["authors_id"]]["fullname"]); ?></span><br />
443	<?php } ?>
444	<span class="log_post_date"><?php echo date("d-m-Y H:i", $row["date"]); ?></span><br />
445	<?php
446	if (!$errormode) {
447	$tburi = $this->webroot.sprintf("common/tb.php?id=%d", $row["id"]);
448	$rssuri = $this->webroot.sprintf("common/rss.php?mode=comments&articleid=%d", $row["id"]);
449	?>
450	<span class="log_post_commentsrss"><a href="<?php echo $rssuri; ?>"><?php echo gettext("RSS for comments"); ?></a></span><br />
451	<span class="log_post_trackbacklink"><?php echo gettext("URL for trackback"); ?>: <a href="<?php echo $tburi; ?>" title="<?php echo gettext("Copy this link for trackbacs"); ?>"><?php echo $tburi; ?></a></span>
452	<?php } ?>
453	</div>
454	</div>
455	<div class="log_dossierinfo">
456	<?php
457	if ($row["dossier_id"]) {
458	echo $this->dossiers[$row["dossier_id"]]["name"];
459	$dossierrssuri = $this->webroot.sprintf("common/rss.php?mode=dossier&dossier_id=%d", $row["dossier_id"]);
460	echo "  <a href=\"".$dossierrssuri."\" class=\"dossier_rss_link\">rss</a>";
461	echo "<br />";
462	//get dossier articles
463	$dq = sprintf("SELECT id, title FROM articles WHERE active=1 AND public=1 AND dossier_id = %d ORDER BY date", $row["dossier_id"]);
464	$dr = $this->db->query($dq);
465	while ($dossieritem = $dr->fetchRow(MDB2_FETCHMODE_ASSOC)) {
466	if ($dossieritem["id"] == $row["id"])
467	echo $dossieritem["title"]."<br />";
468	else
469	ec