Parašė T-Boy· 2010 Rugp. 7 14:08:34
#1
Atsisiunčiau naujausią versiją ir jau meta error'us.
Pirmassis shoutbox: Warning: mb_substr() [function.mb-substr]: Unknown encoding "windows-1257" in /home/betkoks/domains/puslapis.lt/public_html/infusions/shoutbox_panel/shoutbox_panel.php on line 39
<?php
/*-------------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) 2002 - 2010 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: shoutbox_panel.php
| Author: Nick Jones (Digitanium)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
if (!defined("IN_FUSION")) { die("Access Denied"); }
$link = FUSION_SELF.(FUSION_QUERY ? "?".FUSION_QUERY : "");
$link = preg_replace("^(&|\?)s_action=(edit|delete)&shout_id=\d*^", "", $link);
$sep = stristr($link, "?") ? "&" : "?";
if (iMEMBER && (isset($_GET['s_action']) && $_GET['s_action'] == "delete") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
if ((iADMIN && checkrights("S")) || (iMEMBER && dbcount("(shout_id)", DB_SHOUTBOX, "shout_id='".$_GET['shout_id']."' AND shout_name='".$userdata['user_id']."'"))) {
$result = dbquery("DELETE FROM ".DB_SHOUTBOX." WHERE shout_id='".$_GET['shout_id']."'".(iADMIN ? "" : " AND shout_name='".$userdata['user_id']."'"));
}
redirect($link);
}
function sbwrap($text) {
global $locale;
$i = 0; $tags = 0; $chars = 0; $res = "";
$str_len = strlen($text);
for ($i = 0; $i < $str_len; $i++) {
$chr = mb_substr($text, $i, 1, $locale['charset']);
if ($chr == "<") {
if (mb_substr($text, ($i + 1), 6, $locale['charset']) == "a href" || mb_substr($text, ($i + 1), 3, $locale['charset']) == "img") {
$chr = " ".$chr;
$chars = 0;
}
$tags++;
} elseif ($chr == "&") {
if (mb_substr($text, ($i + 1), 5, $locale['charset']) == "quot;") {
$chars = $chars - 5;
} elseif (mb_substr($text, ($i + 1), 4, $locale['charset']) == "amp;" || mb_substr($text, ($i + 1), 4, $locale['charset']) == "#39;" || mb_substr($text, ($i + 1), 4, $locale['charset']) == "#92;") {
$chars = $chars - 4;
} elseif (mb_substr($text, ($i + 1), 3, $locale['charset']) == "lt;" || mb_substr($text, ($i + 1), 3, $locale['charset']) == "gt;") {
$chars = $chars - 3;
}
} elseif ($chr == ">") {
$tags--;
} elseif ($chr == " ") {
$chars = 0;
} elseif (!$tags) {
$chars++;
}
if (!$tags && $chars == 18) {
$chr .= "<br />";
$chars = 0;
}
$res .= $chr;
}
return $res;
}
openside($locale['global_150']);
if (iMEMBER || $settings['guestposts'] == "1") {
include_once INCLUDES."bbcode_include.php";
if (isset($_POST['post_shout'])) {
$flood = false;
if (iMEMBER) {
$shout_name = $userdata['user_id'];
} elseif ($settings['guestposts'] == "1") {
$shout_name = trim(stripinput($_POST['shout_name']));
$shout_name = preg_replace("(^[0-9]*)", "", $shout_name);
if (isnum($shout_name)) { $shout_name = ""; }
include_once INCLUDES."securimage/securimage.php";
$securimage = new Securimage();
if (!isset($_POST['sb_captcha_code']) || $securimage->check($_POST['sb_captcha_code']) == false) { redirect($link); }
}
$shout_message = str_replace("\n", " ", $_POST['shout_message']);
$shout_message = preg_replace("/^(.{255}).*$/", "$1", $shout_message);
$shout_message = trim(stripinput(censorwords($shout_message)));
if (iMEMBER && (isset($_GET['s_action']) && $_GET['s_action'] == "edit") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
$comment_updated = false;
if ((iADMIN && checkrights("S")) || (iMEMBER && dbcount("(shout_id)", DB_SHOUTBOX, "shout_id='".$_GET['shout_id']."' AND shout_name='".$userdata['user_id']."'"))) {
if ($shout_message) {
$result = dbquery("UPDATE ".DB_SHOUTBOX." SET shout_message='$shout_message' WHERE shout_id='".$_GET['shout_id']."'".(iADMIN ? "" : " AND shout_name='".$userdata['user_id']."'"));
}
}
redirect($link);
} elseif ($shout_name && $shout_message) {
require_once INCLUDES."flood_include.php";
if (!flood_control("shout_datestamp", DB_SHOUTBOX, "shout_ip='".USER_IP."'")) {
$result = dbquery("INSERT INTO ".DB_SHOUTBOX." (shout_name, shout_message, shout_datestamp, shout_ip, shout_hidden) VALUES ('$shout_name', '$shout_message', '".time()."', '".USER_IP."', '0')");
}
}
redirect($link);
}
if (iMEMBER && (isset($_GET['s_action']) && $_GET['s_action'] == "edit") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
$esresult = dbquery(
"SELECT ts.shout_id, ts.shout_name, ts.shout_message, tu.user_id, tu.user_name
FROM ".DB_SHOUTBOX." ts
LEFT JOIN ".DB_USERS." tu ON ts.shout_name=tu.user_id
WHERE ts.shout_id='".$_GET['shout_id']."'"
);
if (dbrows($esresult)) {
$esdata = dbarray($esresult);
if ((iADMIN && checkrights("S")) || (iMEMBER && $esdata['shout_name'] == $userdata['user_id'] && isset($esdata['user_name']))) {
if ((isset($_GET['s_action']) && $_GET['s_action'] == "edit") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
$edit_url = $sep."s_action=edit&shout_id=".$esdata['shout_id'];
} else {
$edit_url = "";
}
$shout_link = $link.$edit_url;
$shout_message = $esdata['shout_message'];
}
} else {
$shout_link = $link;
$shout_message = "";
}
} else {
$shout_link = $link;
$shout_message = "";
}
echo "<a id='edit_shout' name='edit_shout'></a>\n";
echo "<form name='shout_form' method='post' action='".$shout_link."'>\n";
if (iGUEST) {
echo $locale['global_151']."<br />\n";
echo "<input type='text' name='shout_name' value='' class='textbox' maxlength='30' style='width:140px' /><br />\n";
echo $locale['global_152']."<br />\n";
}
echo "<textarea name='shout_message' rows='4' cols='20' class='textbox' style='width:140px'>".$shout_message."</textarea><br />\n";
echo display_bbcodes("150px;", "shout_message", "shout_form", "smiley|b|u|url|color")."\n";
if (iGUEST) {
echo $locale['global_158']."<br />\n";
echo "<img id='sb_captcha' src='".INCLUDES."securimage/securimage_show.php' alt='' /><br />\n";
echo "<a href='".INCLUDES."securimage/securimage_play.php'><img src='".INCLUDES."securimage/images/audio_icon.gif' alt='' class='tbl-border' style='margin-bottom:1px' /></a>\n";
echo "<a href='#' onclick=\"document.getElementById('sb_captcha').src = '".INCLUDES."securimage/securimage_show.php?sid=' + Math.random(); return false\"><img src='".INCLUDES."securimage/images/refresh.gif' alt='' class='tbl-border' /></a><br />\n";
echo $locale['global_159']."<br />\n<input type='text' name='sb_captcha_code' class='textbox' style='width:100px' /><br />\n";
}
echo "<br /><input type='submit' name='post_shout' value='".$locale['global_153']."' class='button' />\n";
echo "</form>\n<br />\n";
} else {
echo "<div style='text-align:center'>".$locale['global_154']."</div><br />\n";
}
$numrows = dbcount("(shout_id)", DB_SHOUTBOX, "shout_hidden='0'");
$result = dbquery(
"SELECT ts.shout_id, ts.shout_name, ts.shout_message, ts.shout_datestamp, tu.user_id, tu.user_name, tu.user_status
FROM ".DB_SHOUTBOX." ts
LEFT JOIN ".DB_USERS." tu ON ts.shout_name=tu.user_id
WHERE shout_hidden='0'
ORDER BY ts.shout_datestamp DESC LIMIT 0,".$settings['numofshouts']
);
if (dbrows($result)) {
$i = 0;
while ($data = dbarray($result)) {
echo "<div class='shoutboxname'>";
if ($data['user_name']) {
echo "<span class='side'>".profile_link($data['shout_name'], $data['user_name'], $data['user_status'])."</span>\n";
} else {
echo $data['shout_name']."\n";
}
echo "</div>\n";
echo "<div class='shoutboxdate'>".showdate("shortdate", $data['shout_datestamp'])."</div>";
echo "<div class='shoutbox'>".sbwrap(parseubb(parsesmileys($data['shout_message']), "b|i|u|url|color"))."</div>\n";
if ((iADMIN && checkrights("S")) || (iMEMBER && $data['shout_name'] == $userdata['user_id'] && isset($data['user_name']))) {
echo "[<a href='".$link.$sep."s_action=edit&shout_id=".$data['shout_id']."#edit_shout"."' class='side'>".$locale['global_076']."</a>]\n";
echo "[<a href='".$link.$sep."s_action=delete&shout_id=".$data['shout_id']."' class='side'>".$locale['global_157']."</a>]<br />\n";
}
$i++;
if ($i != $numrows) { echo "<br />\n"; }
}
if ($numrows > $settings['numofshouts']) {
echo "<div style='text-align:center'>\n<a href='".INFUSIONS."shoutbox_panel/shoutbox_archive.php' class='side'>".$locale['global_155']."</a>\n</div>\n";
}
} else {
echo "<div>".$locale['global_156']."</div>\n";
}
closeside();
?>
Kitas, ten kur Admin panel - saugumas: Notice: Undefined index: 682 in /home/betkoks/domains/puslapis.lt/public_html/administration/settings_security.php on line 54
Notice: Undefined index: 680 in /home/betkoks/domains/puslapis.lt/public_html/administration/settings_security.php on line 59
Notice: Undefined index: 681 in /home/betkoks/domains/puslapis.lt/public_html/administration/settings_security.php on line 65
<?php
/*-------------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) 2002 - 2010 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: settings_security.php
| Author: Paul Beuk (muscapaul)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../maincore.php";
require_once THEMES."templates/admin_header.php";
include LOCALE.LOCALESET."admin/settings.php";
if (!checkrights("S9") || !defined("iAUTH") || $_GET['aid'] != iAUTH) { redirect("../index.php"); }
if (isset($_POST['savesettings'])) {
$error = 0;
$result = dbquery("UPDATE ".DB_SETTINGS." SET settings_value='".(isnum($_POST['flood_interval']) ? $_POST['flood_interval'] : "15")."' WHERE settings_name='flood_interval'");
$result = dbquery("UPDATE ".DB_SETTINGS." SET settings_value='".(isnum($_POST['flood_autoban']) ? $_POST['flood_autoban'] : "1")."' WHERE settings_name='flood_autoban'");
if (!$result) { $error = 1; }
$result = dbquery("UPDATE ".DB_SETTINGS." SET settings_value='".(isnum($_POST['maintenance_level']) ? $_POST['maintenance_level'] : "102")."' WHERE settings_name='maintenance_level'");
if (!$result) { $error = 1; }
$result = dbquery("UPDATE ".DB_SETTINGS." SET settings_value='".(isnum($_POST['maintenance']) ? $_POST['maintenance'] : "0")."' WHERE settings_name='maintenance'");
if (!$result) { $error = 1; }
$result = dbquery("UPDATE ".DB_SETTINGS." SET settings_value='".addslash(descript($_POST['maintenance_message']))."' WHERE settings_name='maintenance_message'");
if (!$result) { $error = 1; }
redirect(FUSION_SELF.$aidlink."&error=".$error);
}
if (isset($_GET['error']) && isnum($_GET['error']) && !isset($message)) {
if ($_GET['error'] == 0) {
$message = $locale['900'];
} elseif ($_GET['error'] == 1) {
$message = $locale['901'];
}
if (isset($message)) {
echo "<div id='close-message'><div class='admin-message'>".$message."</div></div>\n";
}
}
opentable($locale['683']);
echo "<form name='settingsform' method='post' action='".FUSION_SELF.$aidlink."'>\n";
echo "<table cellpadding='0' cellspacing='0' width='500' class='center'>\n<tr>\n";
echo "<td class='tbl2' align='center' colspan='2'>".$locale['682']."</td>\n";
echo "</tr>\n<tr>\n";
echo "<td width='50%' class='tbl'>".$locale['660']."</td>\n";
echo "<td width='50%' class='tbl'><input type='text' name='flood_interval' value='".$settings['flood_interval']."' maxlength='2' class='textbox' style='width:50px;' /></td>\n";
echo "</tr>\n<tr>\n";
echo "<td width='50%' class='tbl'>".$locale['680']."</td>\n";
echo "<td width='50%' class='tbl'><select name='flood_autoban' class='textbox'>\n";
echo "<option value='1'".($settings['flood_autoban'] == "1" ? " selected='selected'" : "").">".$locale['502']."</option>\n";
echo "<option value='0'".($settings['flood_autoban'] == "0" ? " selected='selected'" : "").">".$locale['503']."</option>\n";
echo "</select></td>\n";
echo "</tr>\n<tr>\n";
echo "<td class='tbl2' align='center' colspan='2'>".$locale['681']."</td>\n";
echo "</tr>\n<tr>\n";
echo "<td width='50%' class='tbl'>".$locale['675']."</td>\n";
echo "<td width='50%' class='tbl'><select name='maintenance_level' class='textbox'>\n";
echo "<option value='102'".($settings['maintenance_level'] == "102" ? " selected='selected'" : "").">".$locale['676']."</option>\n";
echo "<option value='103'".($settings['maintenance_level'] == "103" ? " selected='selected'" : "").">".$locale['677']."</option>\n";
echo "<option value='1'".($settings['maintenance_level'] == "1" ? " selected='selected'" : "").">".$locale['678']."</option>\n";
echo "</select></td>\n";
echo "</tr>\n<tr>\n";
echo "<td width='50%' class='tbl'>".$locale['657']."</td>\n";
echo "<td width='50%' class='tbl'><select name='maintenance' class='textbox' style='width:50px;'>\n";
echo "<option value='1'".($settings['maintenance'] == "1" ? " selected='selected'" : "").">".$locale['502']."</option>\n";
echo "<option value='0'".($settings['maintenance'] == "0" ? " selected='selected'" : "").">".$locale['503']."</option>\n";
echo "</select></td>\n";
echo "</tr>\n<tr>\n";
echo "<td valign='top' width='50%' class='tbl'>".$locale['658']."</td>\n";
echo "<td width='50%' class='tbl'><textarea name='maintenance_message' cols='50' rows='5' class='textbox' style='width:200px;'>".stripslashes($settings['maintenance_message'])."</textarea></td>\n";
echo "</tr>\n<tr>\n";
echo "<td align='center' colspan='2' class='tbl'><br />\n";
echo "<input type='submit' name='savesettings' value='".$locale['750']."' class='button' /></td>\n";
echo "</tr>\n</table>\n</form>\n";
closetable();
require_once THEMES."templates/footer.php";
?>
Gal galit ištaisyti?