index.php

在综合英文版XOOPS 2.09, 2.091, 2.092 的基础上正式发布XOOPS 2.09中文版 XOOPS 2.09x 版主要是PHP5升级、bug修正和安全补正： 1 全面兼容PHP 5.

            echo "<h5>$pagetitle</h5>";
            echo "<table><tr><td>";
            echo myTextForm("index.php?op=del&CID=" . $CID . "&confirm=1&pagetitle=$pagetitle", _AM_DELETE);
            echo "</td><td>";
            echo myTextForm("index.php", _AM_CANCEL);
            echo "</td></tr></table>";
            echo "</div><br /><br />";
            echo"</td></tr></table>";
        }
        xoops_cp_footer();
        exit();
        break;

    case "save":

        global $xoopsUser, $xoopsDB, $_POST, $xoopsModuleConfig;

        $result = $xoopsDB->query("SELECT CID FROM " . $xoopsDB->prefix("wfschannel") . " WHERE defaultpage = '1'");
        list($CIDOLD) = $xoopsDB->fetchrow($result);

        if ($xoopsDB->getRowsNum($result) >= 1)
        {
            if ($CIDOLD != $_POST['CID'] && $_POST['defaultpage'] == 1)
            {
                $xoopsDB->query("UPDATE " . $xoopsDB->prefix("wfschannel") . " SET defaultpage = '0'");
            }
        }

        $html = (isset($_POST['html']) && $_POST['html'] == 1) ? 1 : 0;
        $smiley = (isset($_POST['smiley']) && $_POST['smiley'] == 1) ? 1 : 0;
        $xcodes = (isset($_POST['xcodes']) && $_POST['xcodes'] == 1) ? 1 : 0;

        $breaks = ($_POST['breaks'] == 1) ? 1 : 0;
        $doctitle = ($_POST['doctitle'] == 1) ? 1 : 0;
        $submenu = ($_POST['submenu'] == 1) ? 1 : 0;
        $mainpage = ($_POST['mainpage'] == 1) ? 1 : 0;

        if ($defaultpage == 1)
        {
            $submenu = 0;
            $mainpage = 0;
        }
        $weight = ($_POST['weight']) && is_numeric($_POST['weight']) ? intval($_POST['weight']) : 1;
        $defaultpage = ($_POST['defaultpage']) ? 1 : 0;
        $allowcomments = ($_POST['allowcomments']) ? 1 : 0;

        //$pagetitle = wfc_removeShouting($myts->addSlashes($_POST['pagetitle'], 0, 0, 0));
        //$pageheadline = wfc_removeShouting($myts->addSlashes($_POST['pageheadline'], 0, 0, 0));

        $pagetitle = $myts->addSlashes($_POST['pagetitle'], 0, 0, 0);
        $pageheadline = $myts->addSlashes($_POST['pageheadline'], 0, 0, 0);

        $CID = intval($_POST['CID']);
        $indeximage = ($_POST["indeximage"] != "blank.png") ? $myts->addSlashes($_POST["indeximage"]) : '';
        $publishdate = ($_POST['publishdate'] > 0) ? $_POST['publishdate'] : time();
        $expiredate = ($_POST['expiredate'] > 0) ? $_POST['publishdate'] : 0;
        $page = "";
        $htmlfile = "";

        if (isset($_POST['publishdateactivate']))
        {
            $publishdate = strtotime($_POST['publishdates']['date']) + $_POST['publishdates']['time'];
        }
        if ($_POST['clearpublish'])
        {
            $publishdate = time();
        }

        if (isset($_POST['expiredateactivate']))
        {
            $expiredate = strtotime($_POST['expiredates']['date']) + $_POST['expiredates']['time'];
        }
        if ($_POST['clearexpire'])
        {
            $expiredate = 0;
        }

        if (intval($doctitle) == 1)
        {
            $GLOBALS['fileedit'] = loadfile($_POST["htmlfile"]);
            if (preg_match('_<title>(.*)</title>_is', $GLOBALS['fileedit'], $tmp))
            {
                $pageheadline = wfc_removeShouting($myts->addslashes(xoops_trim($tmp[1])));
                unset($tmp);
            }
        }

        if (isset($_POST["connect"]))
        {
            $htmlfile = trim($_POST["htmlfile"]);
            $page = '';
        }
        else
        {
            $page = trim($_POST['page']);
            if ($_POST["cleanhtml2"])
            {
                $page = htmlcleaner::cleanup($page);
            }
            if ($_POST["striptags2"])
            {
                include XOOPS_ROOT_PATH . '/modules/' . $xoopsModule->dirname() . '/class/html2text.inc';
                $htmlToText = new Html2Text ($page, 200);
                $page = $htmlToText->convert();
                $page = $myts->displayTarea(xoops_trim($page), 1, 1, 1, 1, 1);
                $page = xoops_trim($page);
            }
            $page = $myts->addslashes(xoops_trim($page));
            $htmlfile = '';
        }
        // $docpath = $_POST['worddoc'];
        // $_POST["htmlfile"] = convertword(trim($docpath));
        if ($_POST["htmldb"] == 1)
        {
            $htmlfile = '';
            $page = '';
            // if (preg_match("/\.doc$/", $HTTP_POST_FILES['worddoc']))
            // {
            // $_POST["htmlfile"] = convertword(trim($HTTP_POST_FILES['worddoc']));
            // }
            $GLOBALS['fileedit'] = loadfile($_POST["htmlfile"]);

            if (preg_match('_<body>(.*)</body>_is', $GLOBALS['fileedit'], $tmp))
            {
                $tmp[0] = preg_replace('/\<script[\w\W]*?\<\/script\>/i', '', $GLOBALS['fileedit']);
                $tmp[0] = str_replace('<P>&nbsp;</P>', '', $tmp[0]);
                $tmp[0] = str_replace("<img src=\"", "<img src=\"html/images/", $tmp[0]);
                $tmp[0] = preg_replace(array('/[ \t]{2,}/', '/(\n|\r|\r\n){2,}/'), array('', ''), trim($tmp[0]));

                if ($_POST["cleanhtml"])
                {
                    $tmp[0] = htmlcleaner::cleanup($tmp[0]);
                }
                if ($_POST["striptags"])
                {
                    include XOOPS_ROOT_PATH . '/modules/' . $xoopsModule->dirname() . '/class/html2text.inc';
                    $htmlToText = new Html2Text ($tmp[0], 200);
                    $tmp[0] = $htmlToText->convert();
                    $tmp[0] = $myts->displayTarea(trim($tmp[0]), 1, 1, 1, 1, 1);
                }
                $page = $myts->addslashes($tmp[0]);
            }
            else
            {
                $tmp[0] = preg_replace('/\<script[\w\W]*?\<\/script\>/i', '', $GLOBALS['fileedit']);
                $tmp[0] = str_replace('<P>&nbsp;</P>', '', $tmp[0]);
                $tmp[0] = str_replace("<img src=\"", "<img src=\"html/images/", $tmp[0]);
                $tmp[0] = preg_replace(array('/[ \t]{2,}/', '/(\n|\r|\r\n){2,}/'), array('', ''), trim($tmp[0]));

                if ($_POST["cleanhtml"])
                {
                    $tmp[0] = htmlcleaner::cleanup($tmp[0]);
                }
                if ($_POST["striptags"])
                {
                    include XOOPS_ROOT_PATH . '/modules/' . $xoopsModule->dirname() . '/class/html2text.inc';
                    $htmlToText = new Html2Text ($tmp[0], 200);
                    $tmp[0] = $htmlToText->convert();
                    $tmp[0] = $myts->displayTarea(trim($tmp[0]), 1, 1, 1, 1, 1);
                }
                $page = $myts->addslashes($tmp[0]);
            }
            // unlink( $htmlfile );
            clearstatcache();
            $htmlfile = '';
        }

        if (!$CID)
        {
            $created = time();

            $sql = "INSERT INTO " . $xoopsDB->prefix("wfschannel") . " (pagetitle, pageheadline, page, weight, html, smiley, xcodes, breaks, defaultpage, indeximage, htmlfile, mainpage, submenu, created, allowcomments, usedoctitle, publishdate, expiredate) VALUES ('$pagetitle', '$pageheadline', '$page', '$weight','$html', '$smiley', '$xcodes', $breaks, $defaultpage, '$indeximage', '$htmlfile', '$mainpage', '$submenu', '$created', '$allowcomments', '$doctitle', '$publishdate', '$expiredate')";
            $result = $xoopsDB->query($sql);
            $error = _AM_WF_ERROR_CREATCHANNEL . $sql;
            if (!$result)
            {
                trigger_error($error, E_USER_ERROR);
            }
            else
            {
                redirect_header("index.php", '1' , _AM_CHANCREATED);
            }
        }
        else
        {
            $sql = "UPDATE " . $xoopsDB->prefix("wfschannel") . " SET pagetitle = '$pagetitle', pageheadline = '$pageheadline', page = '$page', weight = '$weight', html ='$html', smiley ='$smiley', xcodes ='$xcodes', breaks ='$breaks', defaultpage ='$defaultpage', indeximage = '$indeximage', htmlfile = '$htmlfile', mainpage = '$mainpage', submenu = '$submenu', allowcomments = '$allowcomments', usedoctitle = '$doctitle', publishdate = '$publishdate', expiredate = '$expiredate' WHERE CID = $CID";
            $result = $xoopsDB->query($sql);
            $error = _AM_WF_ERROR_UPDATCHANNEL . $sql;
            if (!$result)
            {
                trigger_error($error, E_USER_ERROR);
            }
            else
            {
                redirect_header("index.php", '1' , _AM_CHANMODIFY);
            }
        }
        exit();
        break;

    case "create":
        edittopic();
        break;

    case "savelink":

        global $xoopsDB, $myts;

        $titlelink = $myts->addSlashes($_POST['titlelink']);
        $textlink = $myts->addSlashes($_POST['textlink']);
        $linkpagelogo = $myts->addSlashes($_POST['linkpagelogo']);
        $button = $myts->addSlashes($_POST['button']);
        $logo = $myts->addSlashes($_POST['logo']);
        $banner = $myts->addSlashes($_POST['banner']);

        // hack for banner80x15 by phppp
        $banner80x15 = $myts->addSlashes($_POST['banner80x15']);
        // hack for banner80x15 by phppp

        $newsfeedjs = $myts->addSlashes($_POST['newsfeedjs']);
        $newstitle = $myts->addSlashes($_POST['newstitle']);

        $submenuitem = $myts->addSlashes($_POST['submenuitem']);
        $mainpage = $myts->addSlashes($_POST['mainpage']);
        $newsfeed = $myts->addSlashes($_POST['newsfeed']);
        $linkintro = $myts->addSlashes($_POST['linkintro']);

        // hack for banner80x15 by phppp
        $sql = sprintf("UPDATE " . $xoopsDB->prefix("wfslinktous") . " SET textlink = '$textlink', titlelink = '$titlelink', banner80x15 = '$banner80x15', button = '$button', logo = '$logo', banner = '$banner', linkpagelogo = '$linkpagelogo', newsfeed = '$newsfeed', submenuitem = '$submenuitem', mainpage = '$mainpage', newsfeedjs = '$newsfeedjs', newstitle = '$newstitle', linkintro = '$linkintro'");
        // hack for banner80x15 by phppp
        $result = $xoopsDB->query($sql);
        $error = _AM_WF_ERROR_UPDATLINK . $sql;
        if (!$result)
        {
            trigger_error($error, E_USER_ERROR);
        }
        else
        {
            redirect_header("index.php?op=links", '1' , _AM_CHANMODIFY);
        }

        exit();
        break;

    case "links":

        xoops_cp_header();

        wfc_adminmenu(_AM_CHANADMIN, $extra = '');

        global $xoopsModuleConfig, $xoopsDB, $xoopsConfig;

        // hack for banner80x15 by phppp
        $result = $xoopsDB->query("SELECT submenuitem, textlink, linkpagelogo, banner80x15, button, logo, banner, mainpage, newsfeed,titlelink, newsfeedjs, newstitle, linkintro  FROM " . $xoopsDB->prefix("wfslinktous") . "");
        list($submenuitem, $textlink, $linkpagelogo, $banner80x15, $button, $logo, $banner, $mainpage, $newsfeed, $titlelink, $newsfeedjs, $newstitle, $linkintro) = $xoopsDB->fetchrow($result);
        // hack for banner80x15 by phppp

        include_once XOOPS_ROOT_PATH . '/class/xoopsformloader.php';
        $sform = new XoopsThemeForm(_AM_CMODIFYLINK, "op", xoops_getenv('PHP_SELF'));

        if (!$linkpagelogo) $linkpagelogo = "blank.png";
        $graph_array = &XoopsLists::getImgListAsArray(XOOPS_ROOT_PATH . "/" . $xoopsModuleConfig['linkimages']);
        $linkpage_select = new XoopsFormSelect('', 'linkpagelogo', $linkpagelogo);
        $linkpage_select->addOptionArray($graph_array);
        $linkpage_select->setExtra("onchange='showImgSelected(\"image1\", \"linkpagelogo\", \"" . $xoopsModuleConfig['linkimages'] . "\", \"\", \"" . XOOPS_URL . "\")'");
        $linkpage_tray = new XoopsFormElementTray(_AM_LINKPAGELOGO, '&nbsp;');
        $linkpage_tray->addElement($linkpage_select);
        $linkpage_tray->addElement(new XoopsFormLabel('', "<br /><br /><img src='" . XOOPS_URL . "/" . $xoopsModuleConfig['linkimages'] . "/" . $linkpagelogo . "' name='image1' id='image1' alt='' />"));
        $sform->addElement($linkpage_tray);

        $sform->addElement(new XoopsFormText(_AM_CHANQ, 'titlelink', 50, 255, $titlelink), true);

        if (!$xoopsModuleConfig['usespaw'] || !strstr($_SERVER["HTTP_USER_AGENT"], "MSIE"))
        {
            $sform->addElement(new XoopsFormDhtmlTextArea(_AM_CHANA, 'linkintro', $linkintro, 15, 60), false);
        }
        else
        {
            ob_start();
            $sw = new SPAW_Wysiwyg('linkintro', $linkintro, 'en', 'full', 'default', '99%', '600px');
            $sw->show();
            $sform->addElement(new XoopsFormLabel(_AM_CREFERINTRO , ob_get_contents(), 1));
            ob_end_clean();
        }

        $sform->insertBreak("<b>" . _AM_LOGONNEWSFEED . "</b>", 'bg3');

        if (empty($textlink)) $textlink = $xoopsConfig['slogan'];
        $sform->addElement(new XoopsFormText(_AM_TEXTLINK, 'textlink', 50, 255, $textlink), true);

        // hack for banner80x15 by phppp
        if (!$banner80x15) $banner80x15 = "blank.png";
        $graph_array = &XoopsLists::getImgListAsArray(XOOPS_ROOT_PATH . "/" . $xoopsModuleConfig['linkimages']);
        $banner80x15_select = new XoopsFormSelect('', 'banner80x15', $banner80x15);
        $banner80x15_select->addOptionArray($graph_array);
        $banner80x15_select->setExtra("onchange='showImgSelected(\"image1b\", \"banner80x15\", \"" . $xoopsModuleConfig['linkimages'] . "\", \"\", \"" . XOOPS_URL . "\")'");
        $banner80x15_tray = new XoopsFormElementTray(_AM_BANNER80X15, '&nbsp;');
        $banner80x15_tray->addElement($banner80x15_select);
        $banner80x15_tray->addElement(new XoopsFormLabel('', "<br /><br /><img src='" . XOOPS_URL . "/" . $xoopsModuleConfig['linkimages'] . "/" . $banner80x15 . "' name='image1b' id='image1b' alt='' />"));
        $sform->addElement($banner80x15_tray);
        // hack for banner80x15 by phppp