GIT.Harvie.CZ / mirrors / Kyberia-bloodline.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Removed warnings from nodes.php
[mirrors/Kyberia-bloodline.git] / wwwroot / nodes.php
1 <?php
2 // output buffering forcing (mx)
3 if (!empty($_POST['FORCE_OB']) && $_POST['FORCE_OB'] == 'true') ob_start();
4
5 //header("Location: http://web.archive.org/web/20020925021139/http://kyberia.sk");
6 //echo "je to uz uplne v pici. vsetky data su stratene, prajem pekny den :)";
7 //exit;
8
9 //starting timer for benchmarking purposes
10 $timer_start=Time()+SubStr(MicroTime(),0,8);
11
12 //setting PHPSESSID cookie and starting user session
13 session_start();
14
15 error_reporting(1);
16 //$_SESSION['debugging']=1;
17 //exit;
18
19
20 if ($_SESSION['debugging']) {
21
22 error_reporting(E_ALL);
23 echo "GET VARIABLES::<br/>";
24 print_r($_GET);
25 echo "POST VARIABLES::<br/>";
26 print_r($_POST);
27 echo "<b>SESSION VARIABLES::</b><br/>";
28 print_r($_SESSION);
29 }
30
31 //requiring main config file with path/database etc. constants
32 require('config/config.inc');
33 require(INCLUDE_DIR.'senate.inc');
34
35 preg_match("/id\/(.*)\//",$_SERVER['HTTP_REFERER'],$ref_match);
36 $referer_id=$ref_match[1];
37
38 //connecting to database and creating universal $db object
39 require(INCLUDE_DIR.'log.inc');
40 require(INCLUDE_DIR.'ubik.inc');
41 require(INCLUDE_DIR.'nodes.inc');
42 require(INCLUDE_DIR.'error_messages.inc');
43 require(INCLUDE_DIR.'database.inc');
44
45 $db = new CLASS_DATABASE();
46
47 if (!empty($_GET['template_id'])) {
48 $template_id=$_GET['template_id'];
49 }
50 else $template_id=false;
51
52 //initializing node methods
53 if (!empty($_GET['node_name'])) {
54 $node = nodes::redirByName($_GET['node_name']);
55 }
56 elseif (!empty($_GET['node_id'])) {
57 $node = nodes::getNodeById($_GET['node_id'],$_SESSION['user_id']);
58 }
59
60 //XXX Paths are wrong (!)
61 //loading smarty template engine and setting main parameters
62 require(SMARTY_DIR.'Smarty.class.php');
63 $smarty = new Smarty;
64
65 //$smarty->php_handling = SMARTY_PHP_REMOVE; //XXX
66 $smarty->template_dir = TEMPLATE_DIR;
67 //echo TEMPLATE_DIR.TEMPLATE_SET;
68 //echo $smarty->template_dir;
69 $smarty->compile_dir = SYSTEM_DATA."templates_c/";
70 $smarty->config_dir = SMARTY_DIR.'configs/'; //XXX neexistuje
71 $smarty->cache_dir = SMARTY_DIR.'cache/';
72 $smarty->plugins_dir = SMARTY_PLUGIN_DIR ;
73 if ($_SESSION['debugging']) $smarty->debugging=true;
74
75 // initializing variables
76 // preg_replace prevents LFI
77 if (empty($_POST['event'])) $event=false;
78 else $event= preg_replace( "![^a-zA-Z0-9_]+!", "", $_POST['event']);
79
80
81 if ($_SESSION['debugging']) {
82 echo "<pre><b>NODE::";
83 print_r($node);
84 echo "</pre>";
85 }
86
87 if ((isset($_SESSION['user_id']) && ($node['node_creator']==$_SESSION['user_id'])) {
88 $node['node_permission']='owner';
89 }
90
91 if (isset($_SESSION['cube_vector']) && ($_SESSION['cube_vector'])) {
92 if (strpos($node['node_vector'],$_SESSION['cube_vector'])===false) {
93 echo "node::".$node['node_vector'];
94 echo "cube_Vector::".$_SESSION['cube_vector'];
95 echo "you are out of allowed cwbe. access forbidden";
96 die();
97 }
98 }
99
100 //if not existent node show our own 404
101 if (empty($node)) {
102 $nodes= nodes::getNodesByName($_GET['node_name']);
103 if ($nodes) {
104 $smarty->assign('nodes',$nodes);
105 $content=$smarty->display("404.tpl");
106 die();
107 }
108 elseif ($_SESSION['user_id']) {
109 $smarty->assign('node_name',$_GET['node_name']);
110 $content=$smarty->display("modules/addnode.tpl");
111 }
112 }
113
114 //modifying node glass pearl //XXX WTF
115 if (is_array($children_types[$node['node_type']])) {
116 $smarty->assign('children_types',$children_types[$node['node_type']]);
117 }
118 $smarty->assign('types',$types);
119
120
121 //$node['node_type']=$types[$node['node_type']];
122 $node['node_content']= StripSlashes($node['node_content']);
123 $node['node_name']= StripSlashes($node['node_name']);
124
125 //checking permissions
126 function _checkPermissions()
127 {
128 global $permissions, $node;
129
130 require(INCLUDE_DIR.'permissions.inc');
131 $permissions=permissions::checkPermissions($node);
132 $permissions['h']=permissions::isHierarch($node);
133 }
134
135 // mail rss
136 if ($template_id=='rss')
137 {
138 $_feedType = "RSS0.91";
139 if (!is_numeric($_SESSION['user_id']))
140 {
141 if (!isset($_SERVER['PHP_AUTH_USER'])) {
142 header('WWW-Authenticate: Basic realm="Kyberia"');
143 header('HTTP/1.0 401 Unauthorized');
144 echo 'Cancel button';
145 exit;
146 }
147 else
148 {
149 require_once(EVENT_DIR.'/login.inc');
150 $_POST['login'] = $_SERVER['PHP_AUTH_USER'];
151 $_POST['password'] = $_SERVER['PHP_AUTH_PW'];
152 $_POST['login_type'] = "name";
153 if (!login())
154 {
155 echo "Zle meno/heslo.";
156 exit();
157 }
158 }
159 }
160
161 _checkPermissions();
162
163 // Mail
164 if ($_GET['node_id']==='24' && $permissions['r'])
165 {
166 require_once(INCLUDE_DIR.'/feedcreator.class.php');
167
168 $rss = new UniversalFeedCreator();
169 $rss->title = "Kyberia mail";
170 $rss->description = "";
171 $rss->link = "https://". SYSTEM_URL . "/id/24";
172
173 $query = "select date_format(mail.mail_timestamp,\"%e.%c. %k:%i:%s\") as cas,
174 userfrom.user_action as locationfrom_action,
175 userfrom.user_action_id as locationfrom_action_id,
176 userto.user_action as locationto_action,
177 userto.user_action_id as locationto_action_id,
178 userto.login as mail_to_name, userfrom.login as mail_from_name,
179 mail.* from mail left join users as userfrom on
180 mail_from=userfrom.user_id left join users as userto on mail_to=userto.user_id
181 where mail_user='$_SESSION[user_id]' and mail_to='$_SESSION[user_id]' order by mail_id desc limit 0,10";
182
183 $set = $db->query($query);
184
185 while($set->next()) {
186 $m = $set->getRecord();
187 if ($m['mail_to'] != $_SESSION['user_id'])
188 continue;
189 $item = new FeedItem();
190 $item->title = $m['mail_from_name'];
191 $item->link = "https://".SYSTEM_URL."/id/24";
192 $item->description = $m['mail_text'];
193 $rss->addItem($item);
194 }
195 }
196 // bookmarks
197 elseif ($_GET['node_id']=='19' && $permissions['r'])
198 {
199 require_once(INCLUDE_DIR.'/feedcreator.class.php');
200
201 $rss = new UniversalFeedCreator();
202 $rss->title = "Kyberia bookmarks";
203 $rss->link = "http://".SYSTEM_URL."/id/19";
204
205 require_once(SMARTY_PLUGIN_DIR.'/function.get_bookmarks.php');
206 smarty_function_get_bookmarks(array(), $smarty);
207 $_items = $smarty->get_template_vars('get_bookmarks');
208 foreach ($_items as $_item)
209 {
210 if (is_array($_item['children']))
211 foreach ($_item['children'] as $_b)
212 {
213 $item = new FeedItem();
214 $item->title = $_b['node_name'];
215 $item->link = "http://".SYSTEM_URL."/id/".$_b['node_id']."/rss";
216 $rss->addItem($item);
217 }
218 }
219 $_feedType = 'OPML';
220 }
221 elseif ($permissions['r'])
222 {
223 require_once(INCLUDE_DIR.'/feedcreator.class.php');
224
225 $rss = new UniversalFeedCreator();
226 $rss->title = $node['node_name'];
227 $rss->description = "";
228 $rss->link = "http://".SYSTEM_URL."/id/".$node['node_id'];
229
230 // K list
231 if ($_GET['node_id']=='15')
232 {
233 require_once(SMARTY_PLUGIN_DIR.'/function.get_k.php');
234 smarty_function_get_k(array(), $smarty);
235 $_items = $smarty->get_template_vars('get_k');
236 }
237 else
238 {
239 require_once(SMARTY_PLUGIN_DIR.'/function.get_children.php');
240 smarty_function_get_children(
241 array('orderby' => 'desc', 'orderby_type' => 'time'), $smarty);
242 $_items = $smarty->get_template_vars('get_children');
243 }
244
245 foreach ($_items as $_item)
246 {
247 $item = new FeedItem();
248 $item->title = $_item['node_name'];
249 $item->link = "http://".SYSTEM_URL."/id/".$_item['node_id'];
250 $item->description = $_item['node_content'];
251 $rss->addItem($item);
252 }
253 }
254
255 if ($permissions['r']) $rss->showFeed($_feedType);
256 exit();
257 }
258
259 _checkPermissions();
260
261 //entering the node
262
263 //sventest
264 if (($permissions['r']) || ($event != 'register')) {
265
266 //performing node_events (based on update/insert/delete db queries)
267 if ($event) {
268 require(INCLUDE_DIR.'eventz.inc');
269 }
270
271 elseif ($transaction) {
272 require(INCLUDE_DIR.'transaction.inc');
273 }
274 //end of performing node events
275
276 //sventest
277 }
278
279
280 if ($permissions['r']) {
281
282 //these 4 lines are not the source of kyberia lagging problems. leave them. started on the 10.4. data gained will be used for scientific purposes
283 if ($_SESSION['user_id']) {
284 $q="insert delayed into levenshtein set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."'";
285 $db->update($q);
286 }
287
288 //if node is css
289 if ($node['template_id']!='2019721'){
290
291 logger::log('enter',$node['node_id'],'ok',$node['node_user_subchild_count']);
292 if (!empty($_SESSION['user_id']) && is_numeric($node['node_id'])) {
293 $q="update node_access set visits=visits+1,node_user_subchild_count='0',last_visit=NOW() where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'";
294 // echo $q;
295 $result=$db->update($q);
296
297 if (!$result) {
298 $q="insert into node_access set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."',last_visit=NOW()";
299 $db->query($q);
300 }
301 }//end of if node os css
302 }
303
304
305 }
306 // DO NOT MESS WITH THIS !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
307 //creating neural network
308 $db->update("update nodes set node_views=node_views+1 where node_id='".$node['node_id']."'");
309 if (is_numeric($referer_id)) {
310 $q="update neurons set synapse=synapse+1 where dst='".$node['node_id']."' and src='$referer_id'";
311 $result=$db->update($q);
312 if (!$result) {
313 $q="insert into neurons set synapse_creator='".$_SESSION['user_id']."',dst='".$node['node_id']."',src='$referer_id',synapse=1";
314 $db->query($q);
315 }
316 }
317
318
319 elseif (!$permissions['r'] && $_GET['magic_word']) {
320 $magic_word_big=$_GET['magic_word'];
321
322 if ( preg_match("/(\d+)-(.+)/",$_GET['magic_word'],$mu)) {
323 $magic_uid=$mu['1'];
324 $magic_word=addslashes($mu['2']);
325 $q="select login from users where user_id='$magic_uid' and magic_word='$magic_word'";
326 $set=$db->query($q);
327 if ($set->getNumRows()) {
328 $permissions['r']=true;
329 }
330 }
331 }
332
333
334
335
336
337 else {
338 logger::log('enter',$node['node_id'],'failed');
339 }
340
341
342
343 //assigning user data to smarty if user logged in
344 if ($user_id=$_SESSION['user_id']) {
345 $smarty->assign('_POST',$_POST);
346 $smarty->assign('bookmarks',$_SESSION['bookmarks']);
347 $smarty->assign('ignore',$_SESSION['ignore']);
348 $smarty->assign('bookstyl',$_SESSION['bookstyl']);
349 $smarty->assign('fook',$_SESSION['fook']);
350 $smarty->assign('user_id',$_SESSION['user_id']);
351 if (!empty($_SESSION['cube_vector']))
352 $smarty->assign('cube_vector',$_SESSION['cube_vector']);
353 $smarty->assign('friends',$_SESSION['friends']); //req by freezy, done by darkaural
354 $smarty->assign('user_quota',$_SESSION['user_quota']);
355
356 $newmail_q = sprintf('select u.user_mail_id
357 , u.user_k
358 , u.k_wallet
359 , u.user_mail
360 , ms.user_id as mail_sender_id
361 , ms.login as mail_sender
362 from users u
363 left join users ms on ms.user_id = u.user_mail_id
364 where u.user_id = %d',
365 $user_id);
366 $newmailset = $db->query($newmail_q);
367
368 //$newmailset=$db->query("select user_mail,user_mail_name,user_k,k_wallet from users where user_id='$user_id'");
369
370 $newmailset->next();
371 $new_mail=$newmailset->getString('user_mail');
372 $newmailset2 = $db->query("select users.user_mail_id,mailsender.login
373 from users left join users as mailsender on users.user_mail_id = mailsender.user_id where users.user_id = '$user_id'");
374 $newmailset2->next();
375 $smarty->assign('new_mail',$new_mail);
376 $smarty->assign('new_mail_name',$newmailset->getString('mail_sender'));
377 $smarty->assign('new_mail_name2',$newmailset2->getString('login'));
378 $user_k=$newmailset->getString('user_k');
379 $smarty->assign('user_k',$user_k);
380 $k_wallet=$newmailset->getString('k_wallet');
381 $smarty->assign('k_wallet',$k_wallet);
382 $user_id=$_SESSION['user_id'];
383
384 //mail node
385 if ($node['node_name']=='mail') {
386
387 //clear new mail message
388 if ($new_mail) $db->query("update users set user_mail=0 where user_id='$user_id'");
389
390 //set messages as delivered to recipient
391 $set=$db->query("select mail_id,mail_duplicate_id from mail where mail_user='$user_id' and mail_to='$user_id' and mail_read='no'");
392 while($set->next()) {
393 $db->query("update mail set mail_read='yes' where mail_id='".$set->getString('mail_duplicate_id')."'");
394 $db->query("update mail set mail_read='yes' where mail_id='".$set->getString('mail_id')."'");
395
396 $new_messages[$set->getString('mail_id')]=true;
397 }
398 /*
399 if (count($new_messages)) {
400 $db->query("update mail set mail_read='yes' where mail_user='$user_id' and mail_user=mail_to and mail_read='no'");
401 $smarty->assign('new_messages',$new_messages);
402
403 }
404 */
405 }
406 }
407
408
409
410 if ($node['node_system_access']=='crypto') {
411 $smarty->assign('crypto_pass',$_SESSION['crypto'][$node['node_id']]);
412 }
413
414 $smarty->assign('error',$error);
415 $smarty->assign('permissions',$permissions);
416 $smarty->assign('current_vector',$node['node_vector']);
417 if ($permissions['r']) $smarty->assign('node',$node);
418 else {
419
420 $smarty->assign('node',$node);
421 //new templates by Dark matter
422 $smarty->template_dir=OWN_TEMPLATE_DIR;
423
424 $smarty->display('1549864.tpl');
425 $smarty->display('1549885.tpl');
426 $smarty->display('630526.tpl');
427 die();
428
429 //redirect to mainpage
430 // looks like poeple totaly hate this redirect!
431 // header("Location: /id/1");
432 }
433
434
435 if ($node['template_id']!='2019721'){
436 //setting user location
437 $q="update users set last_action=NOW(),user_location_vector='".$node['node_vector']."',user_action='".addslashes($node['node_name'])."',user_action_id='".$node['node_id']."' where user_id='".$_SESSION['user_id']."'";
438 $db->executequery($q);
439 }
440
441 $whole_time=SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7);
442 $smarty->assign('whole_time',$whole_time);
443
444
445 if ($template_id=='download' OR $template_id=='download.jpg') {
446 if ($permissions['r']) {
447 $linkname = SYSTEM_ROOT."/files/".$node['node_id'];
448 $filename= readlink($linkname);
449 $suffix=preg_replace("/(.*?)\.(.*?)/i","$2",$filename);
450
451 $ext = substr( $filename,-3 );
452 if( $filename == "" ) {
453 echo "ERROR: Empty file to download. ";
454 exit;
455 } elseif ( ! file_exists( $filename ) ) {
456 exit;
457 };
458 switch( strtolower($ext) ){
459 case "pdf": $ctype="application/pdf"; break;
460 case "exe": $ctype="application/octet-stream"; break;
461 case "zip": $ctype="application/zip"; break;
462 case "doc": $ctype="application/msword"; break;
463 case "xls": $ctype="application/vnd.ms-excel"; break;
464 case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
465 case "gif": $ctype="image/gif"; break;
466 case "png": $ctype="image/png"; break;
467 case "jpg": $ctype="image/jpg"; break;
468 default: $ctype="application/force-download";
469 }
470 $file=str_replace(" ","_",$node['node_name']).".$ext";
471 header("Pragma: public");
472 header("Expires: 0");
473 header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
474 header("Content-Type: $ctype");
475 $user_agent = strtolower ($_SERVER["HTTP_USER_AGENT"]);
476 if ((is_integer (strpos($user_agent, "msie"))) && (is_integer
477 (strpos($user_agent, "win")))) {
478 header( "Content-Disposition: filename=$file;" );
479 } else {
480 header( "Content-Disposition: attachment;
481 filename=$file;" );
482 }
483 header("Content-Transfer-Encoding: binary");
484 header("Content-Length: ".filesize($filename));
485 readfile("$filename");
486 exit();
487 }
488 else { echo "you don't have permissions for downloading this data"; die(); }
489 }
490
491 if ($node['template_id']=='2019721'){
492 Header("Cache-control: max-age=3600");
493 }else{
494 Header("Cache-control: no-cache");
495 Header("Expires:".gmdate("D, d M Y H:i:s")." GMT");
496 header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
497 }
498
499
500 //for cases like search & preview
501 $smarty->assign('post_vars',$_POST);
502 if (!empty($_POST['template_event'])) {
503 $smarty->assign('template_event',$_POST['template_event']);
504
505 }
506
507 //setting listing parameters
508 $children_count=$node['node_children_count'];
509 $descendant_count=$node['node_descendant_count'];
510
511 if (is_numeric($_POST['listing_amount'])) $listing_amount=$_POST['listing_amount'];
512 elseif (!empty($_SESSION['listing_amount'])) $listing_amount=$_SESSION['listing_amount'];
513 else $listing_amount=DEFAULT_LISTING_AMOUNT;
514 $smarty->assign('listing_amount',$listing_amount);
515
516 if ($_POST['listing_order']) $listing_order=$_POST['listing_order'];
517 elseif (!empty($_SESSION['listing_order'])) $listing_order=$_SESSION['listing_order'];
518 else $listing_order=DEFAULT_LISTING_ORDER;
519 $smarty->assign('listing_order',$listing_order);
520
521 if (is_numeric($_POST['get_children_offset'])) $offset=$_POST['get_children_offset'];
522 else $offset=0;
523
524
525 //movement forward and backward
526 // if ($listing_order=='asc' && !$offset) $offset=$descendant_count-$listing_amount;
527
528 if ($_POST['get_children_move']=='<') {
529 $offset=$offset-$listing_amount;
530 if ($offset<0) $offset=0;
531 }
532 elseif ($_POST['get_children_move']=='>') {
533 $offset=$offset+$listing_amount;
534 }
535 elseif ($_POST['get_children_move']=='>>') {
536 $offset=$descendant_count-$listing_amount;
537 }
538
539 elseif ($_POST['get_children_move']=='<<') {
540 $offset=0;
541 }
542 if ($offset<0) $offset=0;
543 $_POST['offset']=$offset;
544 $smarty->assign('offset',$offset);
545
546
547 if ($node['external_link']=='header://svg' && !is_numeric($template_id)) {
548 header("Content-Type: image/svg+xml");
549 }
550
551 //show own header
552 elseif ($_SESSION['header_id']==true) {
553 $smarty->assign('header_id',$_SESSION['header_id']);
554 $smarty->template_dir=OWN_TEMPLATE_DIR;
555 $content=$smarty->fetch($_SESSION['header_id'].".tpl");
556 $smarty->template_dir = TEMPLATE_DIR.TEMPLATE_SET;
557 //not registered user
558 if ($_SESSION['header_id']==2091520) {
559 echo $content;
560 session_destroy();
561 die();
562 }
563 }
564
565 $smarty->template_dir=OWN_TEMPLATE_DIR;
566
567 if (is_numeric($template_id)) {
568 $content.=$smarty->fetch($template_id.".tpl");
569 }
570
571 else {
572 $template_id=$node['template_id'];
573 $content.=$smarty->fetch($node['template_id'].".tpl");
574 }
575
576 if ($template_id=='2019721'){
577 $content=$smarty->fetch($template_id.".tpl");
578 echo $content;
579 }else{
580 $time=SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7);
581 echo $content;
582 // echo "<center>page generation took: $time second</center>";
583 }
584 //end of displaying
585
586 // output buffering forcing (mx)
587 if (!empty($_POST['FORCE_OB']) && $_POST['FORCE_OB'] == 'true') ob_end_flush();
588
589 ?>
https://github.com/Kyberia/Kyberia-bloodline.git (mirrored @ Sat, 01 Jun 2024 16:00:17 +0200)
This page took 0.708243 seconds and 5 git commands to generate.