From b6bb2ab4de89d12aba2819583a57e664c6a66c19 Mon Sep 17 00:00:00 2001 From: Ulrich Block Date: Sat, 15 Feb 2014 12:57:05 +0100 Subject: [PATCH] #329 Display html title depending on the page --- web/protectioncheck.php | 1 + web/startupdates.php | 2 +- web/stuff/api_users.php | 6 +- web/stuff/imprint.php | 24 ++- web/stuff/init_page.php | 18 +- web/stuff/mysql_functions.php | 44 ++-- web/stuff/page_contact.php | 50 +++-- web/stuff/page_download.php | 8 + web/stuff/page_news.php | 11 +- web/stuff/page_page.php | 270 ++++++++++++++++-------- web/stuff/roots_subnets.php | 5 + web/stuff/userpanel_restartcalendar.php | 5 +- 12 files changed, 305 insertions(+), 139 deletions(-) diff --git a/web/protectioncheck.php b/web/protectioncheck.php index a7b70578..4cd87b29 100644 --- a/web/protectioncheck.php +++ b/web/protectioncheck.php @@ -40,6 +40,7 @@ if (isset($page_include)) { $default_language = $user_language; $reseller_id = 0; + $page_data->title = $page_sprache->protectioncheck; $protection_link = ($page_data->seo == 'N') ? 'protectioncheck.php' : $page_data->pageurl . '/' . $user_language . '/' . $page_category . '/'; } else { diff --git a/web/startupdates.php b/web/startupdates.php index beb5d5c6..339bdebd 100644 --- a/web/startupdates.php +++ b/web/startupdates.php @@ -64,7 +64,7 @@ if (!isset($ip) or $ui->escaped('SERVER_ADDR', 'server') == $ip or in_array($ip, $query = $sql->prepare("SELECT `lastUpdateRun` FROM `settings` WHERE `resellerid`=0 LIMIT 1"); $query->execute(); - $lastUpdateRun= (int) $query->fetchColumn(); + $lastUpdateRun = (int) $query->fetchColumn(); $query = $sql->prepare("UPDATE `settings` SET `lastUpdateRun`=? WHERE `resellerid`=0 LIMIT 1"); $query->execute(array($currentMinute)); diff --git a/web/stuff/api_users.php b/web/stuff/api_users.php index 60183230..e06223b9 100644 --- a/web/stuff/api_users.php +++ b/web/stuff/api_users.php @@ -74,7 +74,7 @@ if (array_value_exists('action', 'add', $data)) { $localID = ''; $userGroupIDs = array(); - $salt = md5(mt_rand().date('Y-m-d H:i:s:u')); + $salt = md5(mt_rand() . date('Y-m-d H:i:s:u')); $email = $data['email']; $identifyBy = $data['identify_by']; @@ -96,6 +96,7 @@ if (array_value_exists('action', 'add', $data)) { } if (!isset($success['false']) and !in_array($externalID, $bad)) { + $query = $sql->prepare("SELECT COUNT(`id`) AS `amount`,`mail`,`cname` FROM `userdata` WHERE `externalID`=? LIMIT 1"); $query->execute(array($externalID)); $amount2 = (int) $query->fetchColumn(); @@ -110,7 +111,9 @@ if (array_value_exists('action', 'add', $data)) { } if (!in_array($username, $bad)) { + $tmpName = $username; + } else { $query = $sql->prepare("SELECT `prefix2` FROM `settings` WHERE `resellerid`=? LIMIT 1"); @@ -449,6 +452,7 @@ if (array_value_exists('action', 'add', $data)) { } $extraUpdate = ''; + foreach($what as $key => $value) { $extraUpdate .= ",`" . $key . "`='" . $value . "'"; } diff --git a/web/stuff/imprint.php b/web/stuff/imprint.php index a135de19..20f25c97 100644 --- a/web/stuff/imprint.php +++ b/web/stuff/imprint.php @@ -36,18 +36,24 @@ * Programm erhalten haben. Wenn nicht, siehe . */ -if (!isset($reseller_id)) $reseller_id = 0; -$sprache=(isset($user_language)) ? getlanguagefile('images',$user_language,$reseller_id) : getlanguagefile('images',$page_language,$reseller_id); -if (isset($admin_id) and $admin_id==$reseller_id) { +if (!isset($reseller_id)) { + $reseller_id = 0; +} + +$sprache = (isset($user_language)) ? getlanguagefile('images', $user_language, $reseller_id) : getlanguagefile('images', $page_language, $reseller_id); + +if (isset($admin_id) and $admin_id == $reseller_id) { $resellerid = 0; } else if (isset($reseller_id)) { $resellerid = $reseller_id; } else { $resellerid = 0; } + $query = $sql->prepare("SELECT `imprint` FROM `imprints` WHERE language=? AND resellerid=? LIMIT 1"); -$query->execute(array($user_language,$resellerid)); +$query->execute(array($user_language, $resellerid)); $imprint = $query->fetchColumn(); + if ($imprint != '') { $query = $sql->prepare("SELECT `language` FROM `settings` WHERE `resellerid`=? LIMIT 1"); $query->execute(array($resellerid)); @@ -56,15 +62,21 @@ if ($imprint != '') { $query->execute(array($defaultlanguage,$resellerid)); $imprint = $query->fetchColumn(); } + if (isset($page_data)) { + $page_data->setCanonicalUrl($s); + $page_data->title = $gsprache->imprint; // https://github.com/easy-wi/developer/issues/62 $langLinks = array(); foreach ($languages as $l) { - $tempLanguage = getlanguagefile('general',$l,0); - $langLinks[$l]=($page_data->seo== 'Y') ? szrp($tempLanguage->$s) : '?s='.$s; + $tempLanguage = getlanguagefile('general', $l, 0); + $langLinks[$l] = ($page_data->seo == 'Y') ? szrp($tempLanguage->$s) : '?s=' . $s; } + $page_data->langLinks($langLinks); + } + $template_file = "imprint.tpl"; \ No newline at end of file diff --git a/web/stuff/init_page.php b/web/stuff/init_page.php index 979efb91..f1b999c5 100644 --- a/web/stuff/init_page.php +++ b/web/stuff/init_page.php @@ -135,16 +135,16 @@ if (isset($page_active) and $page_active == 'Y') { } if ($easywiModules['ip'] === true) { - $page_data->SetMenu($gsprache->imprint, $gsprache->imprint,'imprint'); + $page_data->SetMenu($gsprache->imprint, $gsprache->imprint, 'imprint'); } - $page_data->SetMenu($gsprache->downloads, $gsprache->downloads,'downloads'); - $page_data->SetMenu($page_sprache->about, $page_sprache->about,'about'); - $page_data->SetMenu($page_sprache->sitemap, $page_sprache->sitemap,'sitemap'); - $page_data->SetMenu($page_sprache->gallery, $page_sprache->gallery,'gallery'); - $page_data->SetMenu($page_sprache->contact, $page_sprache->contact,'contact'); - $page_data->SetMenu($page_sprache->search, $page_sprache->search,'search'); - $page_data->SetMenu($page_sprache->register, $page_sprache->register,'register'); + $page_data->SetMenu($gsprache->downloads, $gsprache->downloads, 'downloads'); + $page_data->SetMenu($page_sprache->about, $page_sprache->about, 'about'); + $page_data->SetMenu($page_sprache->sitemap, $page_sprache->sitemap, 'sitemap'); + $page_data->SetMenu($page_sprache->gallery, $page_sprache->gallery, 'gallery'); + $page_data->SetMenu($page_sprache->contact, $page_sprache->contact, 'contact'); + $page_data->SetMenu($page_sprache->search, $page_sprache->search, 'search'); + $page_data->SetMenu($page_sprache->register, $page_sprache->register, 'register'); foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) { if ($row['naviDisplay'] == 'Y') { @@ -154,7 +154,7 @@ if (isset($page_active) and $page_active == 'Y') { } } - if (isset($admin_id) and $ui->smallletters('preview',4, 'get') == 'true') { + if (isset($admin_id) and $ui->smallletters('preview', 4, 'get') == 'true') { $preview = 1; } else if (count($ui->get)>0 and isset($s) and isset($page_data->pages[$s])) { diff --git a/web/stuff/mysql_functions.php b/web/stuff/mysql_functions.php index 6504a972..3da81849 100644 --- a/web/stuff/mysql_functions.php +++ b/web/stuff/mysql_functions.php @@ -37,10 +37,11 @@ */ class ExternalSQL { - function __construct($ip,$port,$user,$password) { + + function __construct($ip, $port, $user, $password) { try { - $this->remotesql = new PDO('mysql:host=' .$ip . ';' . $port . '=' . $port,$user,$password); + $this->remotesql = new PDO('mysql:host=' .$ip . ';' . $port . '=' . $port, $user, $password); $this->remotesql->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION); } catch(PDOException $error) { @@ -51,7 +52,8 @@ class ExternalSQL { $this->error='ok'; } } - function AddUser ($username,$password,$max_queries_per_hour,$max_connections_per_hour,$max_updates_per_hour,$max_userconnections_per_hour) { + + function AddUser ($username, $password, $max_queries_per_hour, $max_connections_per_hour, $max_updates_per_hour, $max_userconnections_per_hour) { if ($this->error!='ok') { return $this->error; @@ -60,10 +62,10 @@ class ExternalSQL { try { $query = $this->remotesql->prepare("CREATE USER ?@'' IDENTIFIED BY ?"); - $query->execute(array($username,$password)); + $query->execute(array($username, $password)); $query = $this->remotesql->prepare("GRANT USAGE ON *.* TO ?@'' IDENTIFIED BY ? WITH MAX_QUERIES_PER_HOUR $max_queries_per_hour MAX_CONNECTIONS_PER_HOUR $max_connections_per_hour MAX_UPDATES_PER_HOUR $max_updates_per_hour MAX_USER_CONNECTIONS $max_userconnections_per_hour"); - $query->execute(array($username,$password)); + $query->execute(array($username, $password)); $this->remotesql->exec("FLUSH PRIVILEGES; FLUSH HOSTS;"); @@ -73,21 +75,23 @@ class ExternalSQL { return $error->getMessage(); } } - function AddDB ($dbname,$password,$ips,$max_queries_per_hour,$max_connections_per_hour,$max_updates_per_hour,$max_userconnections_per_hour) { - if ($this->error!='ok') { + + function AddDB ($dbname, $password, $ips, $max_queries_per_hour, $max_connections_per_hour, $max_updates_per_hour, $max_userconnections_per_hour) { + + if ($this->error != 'ok') { return $this->error; } try { $query = $this->remotesql->prepare("CREATE USER ?@'' IDENTIFIED BY ?"); - $query->execute(array($dbname,$password)); + $query->execute(array($dbname, $password)); $query = $this->remotesql->prepare("GRANT USAGE ON *.* TO ?@'' IDENTIFIED BY ? WITH MAX_QUERIES_PER_HOUR $max_queries_per_hour MAX_CONNECTIONS_PER_HOUR $max_connections_per_hour MAX_UPDATES_PER_HOUR $max_updates_per_hour MAX_USER_CONNECTIONS $max_userconnections_per_hour"); - $query->execute(array($dbname,$password)); + $query->execute(array($dbname, $password)); $query = $this->remotesql->prepare("GRANT USAGE ON *.* TO ?@'localhost' IDENTIFIED BY ? WITH MAX_QUERIES_PER_HOUR $max_queries_per_hour MAX_CONNECTIONS_PER_HOUR $max_connections_per_hour MAX_UPDATES_PER_HOUR $max_updates_per_hour MAX_USER_CONNECTIONS $max_userconnections_per_hour"); - $query->execute(array($dbname,$password)); + $query->execute(array($dbname, $password)); $query = $this->remotesql->prepare("SELECT `host` FROM `mysql`.`host` WHERE `host`='localhost' AND `db`='%' LIMIT 1"); $query->execute(array()); @@ -105,10 +109,10 @@ class ExternalSQL { $query2 = $this->remotesql->prepare("INSERT INTO `mysql`.`host` (`host`,`db`,`Select_priv`,`Insert_priv`,`Update_priv`,`Delete_priv`,`Create_priv`,`Drop_priv`,`Alter_priv`) VALUES (?,?,'Y','Y','Y','Y','Y','Y','Y')"); foreach (ipstoarray($ips) as $ip) { - $query->execute(array($ip,$dbname)); + $query->execute(array($ip, $dbname)); if ($query->rowCount()==0) { - $query2->execute(array($ip,$dbname)); + $query2->execute(array($ip, $dbname)); } } $this->remotesql->exec("FLUSH PRIVILEGES; FLUSH HOSTS;"); @@ -119,7 +123,8 @@ class ExternalSQL { return 'ok'; } - function ModDB ($dbname,$password,$ips,$max_queries_per_hour,$max_connections_per_hour,$max_updates_per_hour,$max_userconnections_per_hour) { + + function ModDB ($dbname, $password, $ips, $max_queries_per_hour, $max_connections_per_hour, $max_updates_per_hour, $max_userconnections_per_hour) { if ($this->error!='ok') { return $this->error; @@ -128,14 +133,14 @@ class ExternalSQL { try { $query = $this->remotesql->prepare("SET PASSWORD FOR ?@'' = PASSWORD(?)"); - $query->execute(array($dbname,$password)); + $query->execute(array($dbname, $password)); $this->remotesql->exec("GRANT USAGE ON * . * TO '$dbname'@'' WITH MAX_QUERIES_PER_HOUR $max_queries_per_hour MAX_CONNECTIONS_PER_HOUR $max_connections_per_hour MAX_UPDATES_PER_HOUR $max_updates_per_hour MAX_USER_CONNECTIONS $max_userconnections_per_hour"); $query = $this->remotesql->prepare("GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,REFERENCES,INDEX,ALTER,CREATE TEMPORARY TABLES,LOCK TABLES,CREATE VIEW,SHOW VIEW,CREATE ROUTINE,ALTER ROUTINE,EXECUTE ON `$dbname`.* TO ?@''"); $query->execute(array($dbname)); - $iparray=ipstoarray($ips); + $iparray = ipstoarray($ips); $allowedips = array(); $query = $this->remotesql->prepare("SELECT `host` FROM `mysql`.`host` WHERE `db`=?"); @@ -146,15 +151,15 @@ class ExternalSQL { $query = $this->remotesql->prepare("INSERT INTO `mysql`.`host` (`host`,`db`,`Select_priv`,`Insert_priv`,`Update_priv`,`Delete_priv`,`Create_priv`,`Drop_priv`,`Alter_priv`) VALUES (?,?,'Y','Y','Y','Y','Y','Y','Y')"); foreach ($iparray as $ip) { - if (!in_array($ip,$allowedips)) { - $query->execute(array($ip,$dbname)); + if (!in_array($ip, $allowedips)) { + $query->execute(array($ip, $dbname)); } } $query = $this->remotesql->prepare("DELETE FROM `mysql`.`host` WHERE `host`=? AND `db`=? LIMIT 1"); foreach ($allowedips as $ip) { - if (!in_array($ip,$iparray)) { - $query->execute(array($ip,$dbname)); + if (!in_array($ip, $iparray)) { + $query->execute(array($ip, $dbname)); } } @@ -166,6 +171,7 @@ class ExternalSQL { return 'ok'; } + function DelDB ($dbname) { if ($this->error!='ok') { diff --git a/web/stuff/page_contact.php b/web/stuff/page_contact.php index 79422796..a00557c5 100644 --- a/web/stuff/page_contact.php +++ b/web/stuff/page_contact.php @@ -1,4 +1,5 @@ . */ - $name = $ui->names('name',255, 'post'); $email = $ui->ismail('email', 'post'); -$comments=nl2br(htmlentities(trim($ui->escaped('comments', 'post')),ENT_QUOTES,'UTF-8')); +$comments = nl2br(htmlentities(trim($ui->escaped('comments', 'post')), ENT_QUOTES, 'UTF-8')); + if ($ui->escaped('email', 'post')) { + $error = array(); - if (!$ui->ismail('email', 'post'))$error[] = 'Mail'; + + if (!$ui->ismail('email', 'post')) { + $error[] = 'Mail'; + } + if (!$ui->names('name',255, 'post')) $error[] = 'Name'; - if (!isset($_SESSION['token'])) $error[] = 'No Token'; - else if ($_SESSION['token'] != $ui->escaped('token', 'post')) $error[] = 'Spamprotect'; - if (isset($_SESSION['token'])) unset($_SESSION['token']); - if (count($error)>0) { - $token=md5(passwordgenerate(32)); + + if (!isset($_SESSION['token'])) { + $error[] = 'No Token'; + } else if ($_SESSION['token'] != $ui->escaped('token', 'post')) { + $error[] = 'Spamprotect'; + } + + if (isset($_SESSION['token'])) { + unset($_SESSION['token']); + } + + if (count($error) > 0) { + + $token = md5(passwordgenerate(32)); $_SESSION['token'] = $token; - $comments=str_replace('
','',$comments); + $comments = str_replace('
', '', $comments); + } else { + unset($error); $success = true; - $comments = $name.' ('.$email.'):
'.$comments; - sendmail('contact',$name,$comments,$rSA['email']); + $comments = $name . ' (' . $email . '):
' . $comments; + sendmail('contact', $name, $comments, $rSA['email']); + } + } else { - $token=md5(passwordgenerate(32)); + $token = md5(passwordgenerate(32)); $_SESSION['token'] = $token; } + +$page_data->title = $page_sprache->contact; $page_data->setCanonicalUrl($s); // https://github.com/easy-wi/developer/issues/62 $langLinks = array(); foreach ($languages as $l) { - $tempLanguage = getlanguagefile('page',$l,0); - $langLinks[$l]=($page_data->seo== 'Y') ? szrp($tempLanguage->$s) : '?s='.$s; + $tempLanguage = getlanguagefile('page', $l, 0); + $langLinks[$l]=($page_data->seo == 'Y') ? szrp($tempLanguage->$s) : '?s=' . $s; } + $page_data->langLinks($langLinks); $template_file = 'contact.tpl'; \ No newline at end of file diff --git a/web/stuff/page_download.php b/web/stuff/page_download.php index cb1bcfd7..ee94c0df 100644 --- a/web/stuff/page_download.php +++ b/web/stuff/page_download.php @@ -51,6 +51,7 @@ if (isset($page_name) and isid($page_name,10)) { } else if ($ui->id('id', 10, 'get')) { $downloadID = $ui->id('id', 10, 'get'); } + if (!isset($user_language) or $user_language == '') { $user_language=(isset($page_detect_language)) ? $page_detect_language : $rSA['language']; } @@ -69,18 +70,23 @@ if (isset($downloadID)) { if (($row['show'] == 'E' or ($row['show'] == 'A' and isset($admin_id)) or ($row['show'] == 'R' and (isset($user_id) or isset($admin_id)))) and file_exists(EASYWIDIR . "/downloads/${row['fileID']}.${row['fileExtension']}")) { if (isset($startDownload)) { + $fileWithPath = EASYWIDIR . "/downloads/${row['fileID']}.${row['fileExtension']}"; $finfo = finfo_open(FILEINFO_MIME_TYPE); $contentType = finfo_file($finfo, $fileWithPath); + finfo_close($finfo); header("Content-Type: ${contentType}"); + if (strpos(strtolower($ui->server['SERVER_SOFTWARE']),'nginx') !== false) { + header('Content-Length: ' . (string) (filesize($fileWithPath))); header('Cache-Control: public, must-revalidate'); header('Pragma: no-cache'); header("Content-Disposition: attachment; filename=\"${row['fileName']}.${row['fileExtension']}\""); header('Content-Transfer-Encoding: binary'); header("X-Accel-Redirect: /downloads/${row['fileID']}.${row['fileExtension']}"); + } else { header("Content-Disposition: attachment; filename=\"${row['fileName']}.${row['fileExtension']}\""); set_time_limit(0); @@ -98,6 +104,7 @@ if (isset($downloadID)) { $query2->execute(array($downloadID, $loguserip, $userHostname)); die; + } else { $template_file = 'page_downloads_detail.tpl'; } @@ -127,6 +134,7 @@ if (isset($downloadID)) { $langLinks[$l]=($page_data->seo== 'Y') ? szrp($tempLanguage->$s) : '?s=' . $s; } + $page_data->title = $gsprache->downloads; $page_data->langLinks($langLinks); $template_file = 'page_downloads_list.tpl'; diff --git a/web/stuff/page_news.php b/web/stuff/page_news.php index fccc44ff..410b3578 100644 --- a/web/stuff/page_news.php +++ b/web/stuff/page_news.php @@ -68,6 +68,8 @@ if ((isset($page_name) and $page_name != szrp($page_sprache->older) and isset($p $allTags = array(); $allCategories = array(); + $page_data->title = $row['title']; + $page_title = $row['title']; $page_text = nl2br($row['text']); $comments = $row['comments']; @@ -243,13 +245,19 @@ if ((isset($page_name) and $page_name != szrp($page_sprache->older) and isset($p } else if (isset($admin_id) and $ui->smallletters('preview',4, 'get') == 'true') { if (is_array($ui->escaped('text', 'post')) or is_object($ui->escaped('text', 'post'))) { + foreach ($ui->escaped('text', 'post') as $key=>$value) { $page_title = $ui->htmlcode('title', 'post',$key); - $page_text=nl2br($value); + $page_data->title = $ui->htmlcode('title', 'post',$key); + $page_text = nl2br($value); } + } else { + $page_title = $ui->escaped('title', 'post'); + $page_data->title = $ui->escaped('title', 'post'); $page_text=nl2br($ui->escaped('text', 'post')); + } $allTags = array(); @@ -362,6 +370,7 @@ if ((isset($page_name) and $page_name != szrp($page_sprache->older) and isset($p } $page_data->langLinks($langLinks); + $page_data->title = $gsprache->news; $page_data->setCanonicalUrl($s); $template_file = 'page_news.tpl'; diff --git a/web/stuff/page_page.php b/web/stuff/page_page.php index 7035d046..43a13f82 100644 --- a/web/stuff/page_page.php +++ b/web/stuff/page_page.php @@ -40,6 +40,7 @@ if (!isset($page_include)) { header('Location: index.php'); die; } + if (isset($default_page_id)) { $page_id = $default_page_id; } else if (isset($page_category,$page_data->pages_array['pages']) and in_array($page_category,$page_data->pages_array['pages'])) { @@ -47,204 +48,299 @@ if (isset($default_page_id)) { } else { $page_id = $ui->id('id',19, 'get'); } + if (isset($page_id) and is_numeric($page_id)) { + function pre_replace($m) { - return str_replace($m[1],htmlentities($m[1]),$m[0]); + return str_replace($m[1], htmlentities($m[1]), $m[0]); } + $query = $sql->prepare("SELECT t.`title`,t.`text`,t.`id`,p.`subpage` FROM `page_pages` p LEFT JOIN `page_pages_text` t ON p.`id`=t.`pageid` WHERE p.`id`=? AND `type`='page' AND t.`language`=? AND p.`released`='1' AND p.`resellerid`='0' LIMIT 1"); - $query->execute(array($page_id,$user_language)); + $query->execute(array($page_id ,$user_language)); foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) { + + $page_keywords = array(); + $tag_tags = array(); + + $page_data->title = $row['title']; $page_title = $row['title']; - $page_text=str_replace('%url%',$page_data->pageurl, $row['text']); - $page_text=preg_replace_callback('/(.*?)<\/pre>/imsu','pre_replace',$page_text); - $page_keywords = array(); - $tag_tags = array(); $breadcrumbID = $row['subpage']; $breadcrumbPageID = $page_id; + + $page_text = str_replace('%url%', $page_data->pageurl, $row['text']); + $page_text = preg_replace_callback('/(.*?)<\/pre>/imsu', 'pre_replace', $page_text); + + $query2 = $sql->prepare("SELECT t.`name` FROM `page_terms_used` u LEFT JOIN `page_terms` t ON u.`term_id`=t.`id` WHERE u.`language_id`=? AND u.`resellerid`='0' ORDER BY t.`name` DESC"); $query2->execute(array($row['id'])); foreach ($query2->fetchAll(PDO::FETCH_ASSOC) as $row2) { $page_data->AddData('keywords', $row2['name']); - $tag_tags[]=($seo== 'Y') ? 'tag . '/' . strtolower(szrp($row2['name'])).'/>'.$row2['name'].'' : ''.$row2['name'].''; + $tag_tags[] = ($seo == 'Y') ? 'tag . '/' . strtolower(szrp($row2['name'])) . '/>' . $row2['name'] . '' : '' . $row2['name'] . ''; } } + $breadcrumbs = array(); + $query = $sql->prepare("SELECT p.`id`,p.`subpage`,t.`title` FROM `page_pages` p LEFT JOIN `page_pages_text` t ON p.`id`=t.`pageid` WHERE p.`id`=? AND t.`language`=? AND `type`='page' AND p.`released`='1' AND p.`resellerid`='0' LIMIT 1"); - while (isset($breadcrumbID) and isid($breadcrumbID,19) and $breadcrumbID != $breadcrumbPageID) { - $query->execute(array($breadcrumbID,$user_language)); + + while (isset($breadcrumbID) and isid($breadcrumbID, 19) and $breadcrumbID != $breadcrumbPageID) { + + $query->execute(array($breadcrumbID, $user_language)); unset($breadcrumbID); + foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) { - $link=(isset($seo) and $seo== 'Y') ? $page_data->pageurl. '/' . $user_language . '/' . szrp($row['title']).'/' : $page_data->pageurl.'?s=page&l='.$user_language.'&id='.$row['id']; - $breadcrumbs[] = array('href' => ''.$row['title'].'','link' => $link); + + $link = (isset($seo) and $seo == 'Y') ? $page_data->pageurl . '/' . $user_language . '/' . szrp($row['title']) . '/' : $page_data->pageurl . '?s=page&l=' . $user_language . '&id=' . $row['id']; + + $breadcrumbs[] = array('href' => '' . $row['title'] . '', 'link' => $link); $breadcrumbID = $row['subpage']; $breadcrumbPageID = $row['id']; } + } - $breadcrumbs=array_reverse($breadcrumbs); + + $breadcrumbs = array_reverse($breadcrumbs); $template_file = (isset($page_title)) ? 'page_page.tpl' : 'page_404.tpl'; + } else if ($s == 'about') { - $query = $sql->prepare("SELECT t.`text` FROM `page_pages` p LEFT JOIN `page_pages_text` t ON p.`id`=t.`pageid` WHERE `type`='about' AND t.`language`=? AND p.`resellerid`='0' LIMIT 1"); - $query->execute(array($user_language)); - $page_text=nl2br($query->fetchColumn()); - $page_title = $page_sprache->about; + $page_keywords = array(); $tag_tags = array(); + + $query = $sql->prepare("SELECT t.`text` FROM `page_pages` p LEFT JOIN `page_pages_text` t ON p.`id`=t.`pageid` WHERE `type`='about' AND t.`language`=? AND p.`resellerid`='0' LIMIT 1"); + $query->execute(array($user_language)); + $page_text = nl2br($query->fetchColumn()); + $page_title = $page_sprache->about; + $page_data->title = $page_sprache->about; $page_data->setCanonicalUrl($s); $template_file = 'page_page.tpl'; + } else if ($s == 'search') { - $searchStringValue=htmlentities($ui->escaped('search', 'post'),ENT_QUOTES,'UTF-8'); + + $searchStringValue = htmlentities($ui->escaped('search', 'post'), ENT_QUOTES, 'UTF-8'); + if ($ui->escaped('search', 'post')) { $results = array(); - $searchFor=array('general' => array(),'exact' => array()); - $searchString=preg_replace("/\s+/",' ',$ui->escaped('search', 'post')); + $searchFor = array('general' => array(),'exact' => array()); + $searchString = preg_replace("/\s+/",' ', $ui->escaped('search', 'post')); $searchFor['exact'][]=strtolower($searchString); + if (strpos($searchString,'"') === false) { - foreach (preg_split('/\s+/',$searchString,-1,PREG_SPLIT_NO_EMPTY) as $v) $searchFor['general'][]=strtolower($v); + + foreach (preg_split('/\s+/', $searchString, -1, PREG_SPLIT_NO_EMPTY) as $v) { + $searchFor['general'][] = strtolower($v); + } + } else { + $checkForEnd = false; - $split=explode('"',$searchString); + $split = explode('"', $searchString); + foreach ($split as $v) { if ($v != '' and $checkForEnd == false) { - foreach (preg_split('/\s+/',$v,-1,PREG_SPLIT_NO_EMPTY) as $v2) $searchFor['general'][]=strtolower($v2); + + foreach (preg_split('/\s+/', $v, -1, PREG_SPLIT_NO_EMPTY) as $v2) { + $searchFor['general'][]=strtolower($v2); + } + $checkForEnd = true; + } else if ($v != '' and $checkForEnd == true) { - $searchFor['exact'][]=strtolower($v); + + $searchFor['exact'][] = strtolower($v); $checkForEnd = false; + } else if ($v== '' and $checkForEnd == false) { $checkForEnd = true; } } } + $searchFor['exact'] = array_unique($searchFor['exact']); $searchFor['general'] = array_unique($searchFor['general']); - function returnRating ($value,$exact=false) { - global $sql,$newssidebar_textlength,$page_data,$results,$seo; + + function returnRating ($value, $exact = false) { + + global $sql, $newssidebar_textlength, $page_data, $results, $seo; + $query = $sql->prepare("SELECT t.`id`,p.`id` AS `pageID`,p.`type`,t.`shortlink`,t.`title`,t.`text`,t.`language` FROM `page_pages` p LEFT JOIN `page_pages_text` t ON p.`id`=t.`pageid` WHERE p.`released`=1 AND p.`resellerid`=0 AND (LOWER(t.`shortlink`) LIKE :search OR LOWER(t.`title`) LIKE :search OR LOWER(t.`text`) LIKE :search)"); - $query->execute(array(':search' => '%'.$value.'%')); + $query->execute(array(':search' => '%' . $value . '%')); foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) { + if (!isset($titleLanguages[$row['language']])) { - $titleLanguages[$row['language']] = array('page' => getlanguagefile('page', $row['language'],0),'general' => getlanguagefile('general', $row['language'],0)); - } - if (strlen($row['text'])<=$newssidebar_textlength) { - $text = $row['text']; - } else { - $text=substr($row['text'],0,$newssidebar_textlength).' ...'; + $titleLanguages[$row['language']] = array('page' => getlanguagefile('page', $row['language'], 0), 'general' => getlanguagefile('general', $row['language'], 0)); } + + $text = (strlen($row['text']) <= $newssidebar_textlength) ? $row['text'] : substr($row['text'], 0, $newssidebar_textlength) . ' ...'; + $title = $row['title']; - if ($row['type'] == 'news' and isset($seo) and $seo== 'Y') { - $type=(string)$titleLanguages[$row['language']]['general']->news; - $link = $page_data->pageurl. '/' . $row['language'] . '/' . szrp($titleLanguages[$row['language']]['general']->news) . '/' . szrp($row['title']) . '/'; + + if ($row['type'] == 'news' and isset($seo) and $seo == 'Y') { + + $type = (string) $titleLanguages[$row['language']]['general']->news; + $link = $page_data->pageurl . '/' . $row['language'] . '/' . szrp($titleLanguages[$row['language']]['general']->news) . '/' . szrp($row['title']) . '/'; + } else if ($row['type'] == 'news') { - $type=(string)$titleLanguages[$row['language']]['general']->news; - $link = $page_data->pageurl.'?s=news&l='.$row['language'].'&id='.$row['pageID']; - } else if ($row['type'] == 'page' and isset($seo) and $seo== 'Y') { - $type=(string)$titleLanguages[$row['language']]['general']->page; - $link = $page_data->pageurl. '/' . $row['language'] . '/' . szrp($row['title']) . '/'; + + $type = (string) $titleLanguages[$row['language']]['general']->news; + $link = $page_data->pageurl . '?s=news&l=' . $row['language'] . '&id=' . $row['pageID']; + + } else if ($row['type'] == 'page' and isset($seo) and $seo == 'Y') { + + $type = (string) $titleLanguages[$row['language']]['general']->page; + $link = $page_data->pageurl . '/' . $row['language'] . '/' . szrp($row['title']) . '/'; + } else if ($row['type'] == 'page') { - $type=(string)$titleLanguages[$row['language']]['general']->page; - $link = $page_data->pageurl.'?s=page&l='.$row['language'].'&id='.$row['pageID']; - } else if ($row['type'] == 'about' and isset($seo) and $seo== 'Y') { - $type=(string)$titleLanguages[$row['language']]['page']->about; - $title=(string)$titleLanguages[$row['language']]['page']->about; - $link = $page_data->pageurl. '/' . $row['language'] . '/' . szrp($titleLanguages[$row['language']]['page']->about) . '/'; + + $type = (string) $titleLanguages[$row['language']]['general']->page; + $link = $page_data->pageurl . '?s=page&l=' . $row['language'] . '&id=' . $row['pageID']; + + } else if ($row['type'] == 'about' and isset($seo) and $seo == 'Y') { + + $type = (string) $titleLanguages[$row['language']]['page']->about; + $title = (string) $titleLanguages[$row['language']]['page']->about; + $link = $page_data->pageurl . '/' . $row['language'] . '/' . szrp($titleLanguages[$row['language']]['page']->about) . '/'; + } else if ($row['type'] == 'about') { - $type=(string)$titleLanguages[$row['language']]['page']->about; - $title=(string)$titleLanguages[$row['language']]['page']->about; - $link = $page_data->pageurl.'/?s=news&l='.$row['language']; + + $type = (string) $titleLanguages[$row['language']]['page']->about; + $title = (string) $titleLanguages[$row['language']]['page']->about; + $link = $page_data->pageurl . '/?s=news&l=' . $row['language']; + } + if (!isset($link)) { $link='#'; } + if ($exact == true) { - $worth=substr_count(strtolower($row['title']),strtolower($value))*16; - $worth+=substr_count(strtolower($row['text']),strtolower($value))*2; + $worth = substr_count(strtolower($row['title']), strtolower($value)) * 16; + $worth += substr_count(strtolower($row['text']), strtolower($value)) * 2; } else { - $worth=substr_count(strtolower($row['title']),strtolower($value))*12; - $worth+=substr_count(strtolower($row['text']),strtolower($value)); + $worth = substr_count(strtolower($row['title']), strtolower($value)) * 12; + $worth += substr_count(strtolower($row['text']), strtolower($value)); } - $href=''.$title.''; + + $href = '' . $title.''; + if (isset($results[$row['id']])) { $oldWorth = $results[$row['id']]['worth']; $hits = $results[$row['id']]['hits']; $hits[] = $value; - $hits=array_unique($hits); - $worth+=$oldWorth; + $hits = array_unique($hits); + $worth += $oldWorth; unset($results[$row['id']]); } else { $hits=array($value); } - $results[$row['id']] = array('textID' => $row['id'], 'pageID' => $row['pageID'], 'language' => $row['language'], 'type' => $type,'worth' => $worth,'href' => $href,'title' => $title,'link' => $link,'text' => str_replace('%url%',$page_data->pageurl,$text),'hits' => $hits); + + $results[$row['id']] = array('textID' => $row['id'], 'pageID' => $row['pageID'], 'language' => $row['language'], 'type' => $type, 'worth' => $worth, 'href' => $href, 'title' => $title, 'link' => $link, 'text' => str_replace('%url%', $page_data->pageurl, $text), 'hits' => $hits); + } + return $results; } - foreach ($searchFor['general'] as $v) { - foreach (returnRating($v) as $key=>$val) { - $results[$key] = $val; - } - } - foreach ($searchFor['exact'] as $v) { - foreach (returnRating($v) as $key=>$val) { - $results[$key] = $val; - } - } + $resultsArray = array(); + + foreach ($searchFor['general'] as $v) { + foreach (returnRating($v) as $key => $val) { + $results[$key] = $val; + } + } + + foreach ($searchFor['exact'] as $v) { + foreach (returnRating($v) as $key => $val) { + $results[$key] = $val; + } + } foreach ($results as $k => $v) { unset($results[$k]); $resultsArray[$v['worth']][$v['textID']] = $v; } + krsort($resultsArray); $results = array(); $exists = array(); - foreach ($resultsArray as $key=>$val) { + + foreach ($resultsArray as $key => $val) { foreach ($val as $k => $v) { - if (!in_array($key,$exists)) { + if (!in_array($key, $exists)) { unset($resultsArray[$key][$k]); $results[] = $v; $exists[] = $key; } } } - unset($resultsArray,$searchFor,$searchString,$exists); + + unset($resultsArray, $searchFor, $searchString, $exists); + } + $page_data->setCanonicalUrl($s); + $page_data->title = $page_sprache->search; $template_file = 'page_search.tpl'; + } else if ($s == 'home') { + $page_data->setCanonicalUrl(); $template_file = 'page_home.tpl'; + } else if ($s == 'sitemap') { + $page_data->setCanonicalUrl($s); + $page_data->title = $page_sprache->sitemap; $template_file = 'page_sitemap.tpl'; + } else if ($s == 'gallery') { + $page_data->setCanonicalUrl($s); + $page_data->title = $page_sprache->gallery; $template_file = 'page_gallery.tpl'; -} else if (isset($admin_id) and $ui->smallletters('preview',4, 'get') == 'true') { + +} else if (isset($admin_id) and $ui->smallletters('preview', 4, 'get') == 'true') { + + $page_keywords = array(); + $tag_tags = array(); + if (is_array($ui->escaped('text', 'post')) or is_object($ui->escaped('text', 'post'))) { - foreach ($ui->escaped('text', 'post') as $key=>$value) { - $page_title = $ui->htmlcode('title', 'post',$key); - $page_text=str_replace('%url%',$page_data->pageurl,$value); + + foreach ($ui->escaped('text', 'post') as $key => $value) { + $page_title = $ui->htmlcode('title', 'post', $key); + $page_data->title = $ui->htmlcode('title', 'post', $key); + $page_text=str_replace('%url%', $page_data->pageurl, $value); } + } else { $page_title = $ui->escaped('title', 'post'); - $page_text=str_replace('%url%',$page_data->pageurl,$ui->escaped('text', 'post')); + $page_data->title = $ui->escaped('title', 'post'); + $page_text=str_replace('%url%', $page_data->pageurl, $ui->escaped('text', 'post')); } - $page_keywords = array(); - $tag_tags = array(); - if (isset($page_title)) { - $template_file = 'page_page.tpl'; - } else { - $template_file = 'page_404.tpl'; - } + + $template_file = (isset($page_title)) ? 'page_page.tpl' : 'page_404.tpl'; } + // https://github.com/easy-wi/developer/issues/62 $langLinks = array(); + if (isset($s) and $s == 'page') { + $query = $sql->prepare("SELECT `title`,`language` FROM `page_pages_text` WHERE `pageid`=?"); $query->execute(array($page_id)); - foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) $langLinks[$row['language']]=($page_data->seo== 'Y') ? szrp($row['title']) : '?s=page&id='.$page_id; -} else if (isset($s)) { - foreach ($languages as $l) { - $tempLanguage = getlanguagefile('page',$l,0); - $langLinks[$l]=($page_data->seo== 'Y') ? szrp($tempLanguage->$s) : '?s='.$s; + foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) { + $langLinks[$row['language']] = ($page_data->seo == 'Y') ? szrp($row['title']) : '?s=page&id=' . $page_id; } + +} else if (isset($s)) { + + foreach ($languages as $l) { + + $tempLanguage = getlanguagefile('page', $l, 0); + + $langLinks[$l] = ($page_data->seo== 'Y') ? szrp($tempLanguage->$s) : '?s=' . $s; + + } + } + $page_data->langLinks($langLinks); \ No newline at end of file diff --git a/web/stuff/roots_subnets.php b/web/stuff/roots_subnets.php index 7fb92b44..458d25ea 100644 --- a/web/stuff/roots_subnets.php +++ b/web/stuff/roots_subnets.php @@ -54,6 +54,7 @@ $id = $ui->id('id', 10, 'get'); // CSFR protection with hidden tokens. If token(true) returns false, we likely have an attack if ($ui->w('action',4, 'post') and !token(true)) { + $template_file = $spracheResponse->token; // Add and modify entries. Same validation can be used. @@ -190,6 +191,10 @@ option domain-name-servers 1.1.1.1;'; $rowCount = $query->rowCount(); $loguseraction = '%mod% %subnets% ' . $subnet; + + if ($rowCount > 0) { + # insert job to change dhcp server config + } } // Check if a row was affected during insert or update diff --git a/web/stuff/userpanel_restartcalendar.php b/web/stuff/userpanel_restartcalendar.php index 3c66bf5d..8acd0840 100644 --- a/web/stuff/userpanel_restartcalendar.php +++ b/web/stuff/userpanel_restartcalendar.php @@ -299,11 +299,14 @@ if ($ui->smallletters('edit',4, 'post') == 'edit' and isset($serverip) and isset $pupdate->execute(array($template, $anticheat, $protected, $gsswitch, $map, $ui->mapname('mapGroup', 'post'), $restart, $backup, $worldsafe, $stvupload, $date, $id, $user_id, $reseller_id)); } $template_file = $spracheResponse->table_add; -} else if ($ui->smallletters('delete',6, 'post') == 'delete' and $ui->gamestring('date', 'post') and isset($serverip) and isset($port)) { + +} else if ($ui->smallletters('delete', 6, 'post') == 'delete' and $ui->gamestring('date', 'post') and isset($serverip) and isset($port)) { + $date = $ui->gamestring('date', 'post'); $pdelete = $sql->prepare("DELETE FROM `gserver_restarts` WHERE `restarttime`=? AND `switchID`=? AND `resellerid`=? LIMIT 1"); $pdelete->execute(array($date, $id, $reseller_id)); $template_file = $spracheResponse->table_del;; + } else if (isset($serverip) and isset($port)){ $backup = 'N';