sibtracker/system/preview.php

238 lines
8.7 KiB
PHP
Raw Permalink Normal View History

2019-05-18 13:46:03 +08:00
<?php
@error_reporting( E_ALL ^ E_NOTICE );
@ini_set( 'display_errors', true );
@ini_set( 'html_errors', false );
@ini_set( 'error_reporting', E_ALL ^ E_NOTICE );
if ( !count($_POST) ) die("Hacking attempt!");
define( 'DATALIFEENGINE', true );
define( 'ROOT_DIR', substr( dirname( __FILE__ ), 0, -7 ) );
define( 'SYSTEM_DIR', ROOT_DIR . '/system' );
require SYSTEM_DIR . '/data/config.php';
require_once SYSTEM_DIR . '/classes/mysql.php';
require_once SYSTEM_DIR . '/data/dbconfig.php';
require_once SYSTEM_DIR . '/modules/functions.php';
require_once SYSTEM_DIR . '/classes/templates.class.php';
check_xss();
$user_group = $cache->get( "usergroup" );
if( ! $user_group ) {$user_group = array ();
$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row() ) {$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {$user_group[$row['id']][$key] = stripslashes($value);}
}
$cache->set( "usergroup", $user_group );
$db->free();
}
if( $_COOKIE['dle_skin'] ) {if( @is_dir( ROOT_DIR . '/templates/' . $_COOKIE['dle_skin'] ) ) {$config['skin'] = $_COOKIE['dle_skin'];}}
include_once ROOT_DIR . '/language/' . $config['langs'] . '/website.lng';
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
include_once SYSTEM_DIR . '/modules/sitelogin.php';
if (!$is_logged) $member_id['user_group'] = 5;
$tpl = new dle_template( );
$tpl->allow_php_include = false;
$tpl->dir = ROOT_DIR . '/templates/' . $config['skin'];
@header( "Cache-Control: no-cache, must-revalidate, max-age=0" );
@header( "Expires: 0" );
@header( "Content-type: text/html; charset=" . $config['charset'] );
$tpl->load_template( 'preview.css' );
echo <<<HTML
<html><title><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD></title>
<style type="text/css">
{$tpl->copy_template}
</style>
<body>
<script type="text/javascript" src="{$config['http_home_url']}system/js/highslide.js"></script>
<script type="text/javascript">
hs.graphicsDir = '{$config['http_home_url']}templates/default/images/';
hs.align = 'center';
hs.outlineType = 'rounded-white';
hs.numberOfImagesToPreload = 0;
hs.showCredits = false;
</script>
HTML;
$tpl->clear();
echo <<<HTML
<script language="javascript" type="text/javascript">
<!--
function ShowBild(sPicURL) {window.open('{$config['http_home_url']}system/modules/imagepreview.php?image='+sPicURL, '', 'resizable=1,HEIGHT=200,WIDTH=200, scrollbars=yes');};
function ShowOrHide(d1) {if (d1 != '') DoDiv(d1);};
function DoDiv(id) {
var item = null;
if (document.getElementById) {
item = document.getElementById(id);
} else if (document.all){
item = document.all[id];
} else if (document.layers){
item = document.layers[id];
}
if (!item) {
}
else if (item.style) {
if (item.style.display == "none"){ item.style.display = ""; }
else {item.style.display = "none"; }
}else{ item.visibility = "show"; }
};
//-->
</script>
HTML;
//####################################################################################################################
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
//####################################################################################################################
$result_cat = $db->query( "SELECT * FROM " . PREFIX . "_category ORDER BY posi ASC" );
while ( $row = $db->get_row( $result_cat ) ) {
$cat[$row['id']] = $row['name'];
$cat_alt_name[$row['id']] = $row['alt_name'];
$cat_parentid[$row['id']] = $row['parentid'];
}$db->free( $result_cat );
include_once SYSTEM_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( Array (), Array (), 1, 1 );
$full_story = $parse->process( $_POST['full_story'] );
$short_story = $parse->process( $_POST['short_story'] );
$title = stripslashes( $parse->process( $_POST['title'] ) );
$full_story = $parse->BB_Parse( $full_story, false );
$short_story = $parse->BB_Parse( $short_story, false );
if( is_array( $_REQUEST['catlist'] ) ) $catlist = $_REQUEST['catlist']; else $catlist = array ();
if( ! count( $catlist ) ) {
$my_cat = "---";
$my_cat_link = "---";
} else {
$my_cat = array ();
$my_cat_link = array ();
foreach ( $catlist as $element ) {
if( $element ) {
$my_cat[] = $cat[$element];
$my_cat_link[] = "<a href=\"#\">{$cat[$element]}</a>";
}}
$my_cat = stripslashes( implode( ', ', $my_cat ) );
$my_cat_link = stripslashes( implode( ', ', $my_cat_link ) );
}
$dle_module = "main";
$tpl->load_template( 'shortstory.tpl' );
if ( $parse->not_allowed_text ) $tpl->copy_template = $lang['news_err_39'];
$tpl->set( '{title}', $title );
$tpl->set( '{views}', 0 );
$date = time();
$tpl->set( '{date}', langdate( $config['timestamp_active'], $date ) );
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$date}')", $tpl->copy_template );
$tpl->set( '[link]', "<a href=#>" );
$tpl->set( '[/link]', "</a>" );
$tpl->set( '{comments-num}', 0 );
$tpl->set( '[full-link]', "<a href=#>" );
$tpl->set( '[/full-link]', "</a>" );
$tpl->set( '[com-link]', "<a href=#>" );
$tpl->set( '[/com-link]', "</a>" );
$tpl->set( '[day-news]', "<a href=#>");
$tpl->set( '[/day-news]', "</a>");
$tpl->set( '{rating}', "" );
$tpl->set( '{author}', "--" );
$tpl->set( '{approve}', "" );
$tpl->set( '{category}', $my_cat );
$tpl->set( '{favorites}', '' );
$tpl->set( '{link-category}', $my_cat_link );
$tpl->set_block( "'\\[tags\\](.*?)\\[/tags\\]'si", "" );
$tpl->set( '{tags}', "" );
$tpl->set( '[mail]', "" );
$tpl->set( '[/mail]', "" );
$tpl->set( '{news-id}', "ID Unknown" );
$tpl->set( '{php-self}', $PHP_SELF );
$tpl->set( '{date-day}', '' );
$tpl->set( '{date-month}', '' );
$tpl->copy_template = preg_replace( "#\\[category=(.+?)\\](.*?)\\[/category\\]#is", "\\2", $tpl->copy_template );
$tpl->set_block( "'\\[edit\\].*?\\[/edit\\]'si", "" );
$tpl->set( '{short-story}', stripslashes( $short_story ) );
$tpl->set( '{full-story}', stripslashes( $full_story ) );
$tpl->copy_template = "<fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 10px; font-family: Verdana\"><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>:</span> </legend>" . $tpl->copy_template . "</fieldset>";
$tpl->compile( 'shortstory' );
$tpl->result['shortstory'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['shortstory']);
$tpl->result['shortstory'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['shortstory'] );
echo $tpl->result['shortstory'];
$dle_module = "showfull";
$tpl->load_template( 'fullstory.tpl' );
if ( $parse->not_allowed_text ) $tpl->copy_template = $lang['news_err_39'];
if( strlen( $full_story ) < 13 AND strpos( $tpl->copy_template, "{short-story}" ) === false ) {
$full_story = $short_story;
}
$tpl->set( '{title}', $title );
$tpl->set( '{views}', 0 );
$tpl->set( '{poll}', '' );
$tpl->set( '{date}', langdate( $config['timestamp_active'], $date ) );
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$date}')", $tpl->copy_template );
$tpl->set( '[link]', "<a href=#>" );
$tpl->set( '[/link]', "</a>" );
$tpl->set( '{comments-num}', 0 );
$tpl->set( '[full-link]', "<a href=#>" );
$tpl->set( '[/full-link]', "</a>" );
$tpl->set( '[com-link]', "<a href=#>" );
$tpl->set( '[/com-link]', "</a>" );
$tpl->set( '[day-news]', "<a href=#>");
$tpl->set( '[/day-news]', "</a>");
$tpl->set( '{rating}', "" );
$tpl->set( '{author}', "--" );
$tpl->set( '{category}', $my_cat );
$tpl->set( '{link-category}', $my_cat_link );
$tpl->set( '{related-news}', "" );
$tpl->set( '{pages}', '' );
$tpl->set( '{favorites}', '' );
$tpl->set( '[mail]', "" );
$tpl->set( '[/mail]', "" );
$tpl->set( '{news-id}', "ID Unknown" );
$tpl->set( '{php-self}', $PHP_SELF );
$tpl->set_block( "'\\[tags\\](.*?)\\[/tags\\]'si", "" );
$tpl->set( '{tags}', "" );
$tpl->set( '{silkvivs}', "" );
$tpl->set( '{thx_sayed}', "" );
$tpl->set( '{date-month}', "" );
$tpl->set( '{date-day}', "" );
$tpl->set_block( "'\\[allow_add\\].*?\\[/allow_add\\]'si", "" );
$tpl->copy_template = preg_replace( "#\\[category=(.+?)\\](.*?)\\[/category\\]#is", "\\2", $tpl->copy_template );
$tpl->set_block( "'\\[edit\\].*?\\[/edit\\]'si", "" );
$tpl->set( '{short-story}', stripslashes( $short_story ) );
$tpl->set( '{full-story}', stripslashes( $full_story ) );
$tpl->copy_template = "<fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 10px; font-family: Verdana\"><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>:</span> </legend>" . $tpl->copy_template . "</fieldset>";
$tpl->compile( 'fullstory' );
$tpl->result['fullstory'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['fullstory']);
$tpl->result['fullstory'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['fullstory'] );
echo $tpl->result['fullstory'];
echo <<<HTML
</body></html>
HTML;
?>