+# $Id$
+Version 1.0.4 ()
+------------------------------------------------------------------------
+
+ * Fix local file inclusion bug on systems with two conditions:
+ register_globals=on AND missing .htaccess for restricting access to
+ .inc.php files. (garvinhicking)
+
Version 1.0.3 (November 7th, 2006)
------------------------------------------------------------------------
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
umask(0000);
$umask = 0775;
@define('IN_installer', true);
$permalinkNew[] = $serendipity[$permitem['var']];
}
}
- }
+ }
if (serendipity_checkPermission('siteConfiguration') && serialize($permalinkOld) != serialize($permalinkNew)) {
printf(ATTEMPT_WRITE_FILE, $serendipity['serendipityPath'] . '.htaccess');
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
umask(0000);
$umask = 0775;
@define('IN_installer', true);
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
$serendipity = array();
@ini_set('magic_quotes_runtime', 'off');
static $avail = null;
static $show = true;
static $memUsage = 0;
-
+
if (!$show) {
return false;
}
-
+
if ($avail === false) {
return true;
} elseif ($avail === null) {
return false;
}
}
-
+
if ($memUsage === 0) {
$memUsage = $avail;
}
-
+
$current = memory_get_usage();
echo '[' . date('d.m.Y H:i') . '] ' . number_format($current - $memUsage, 2, ',', '.') . ' label "' . $tshow . '", totalling ' . number_format($current, 2, ',', '.') . '<br />' . "\n";
$memUsage = $current;
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
$serendipity['imageList'] = array();
include_once(S9Y_INCLUDE_PATH . "include/db/db.inc.php");
include_once(S9Y_INCLUDE_PATH . "include/compat.inc.php");
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
/**
* Gregorian to Jalali Convertor
*
function g2j($g_y, $g_m, $g_d){
$g_days_in_month = array(31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31);
$j_days_in_month = array(31, 31, 31, 31, 31, 31, 30, 30, 30, 30, 30, 29);
-
+
$gy = $g_y-1600;
$gm = $g_m-1;
$gd = $g_d-1;
-
+
$g_day_no = 365*$gy+floor(($gy+3)/4)-floor(($gy+99)/100)+floor(($gy+399)/400);
-
+
for ($i=0; $i < $gm; ++$i){
$g_day_no += $g_days_in_month[$i];
}
-
+
if ($gm>1 && (($gy%4==0 && $gy%100!=0) || ($gy%400==0))){
/* leap and after Feb */
++$g_day_no;
}
-
+
$g_day_no += $gd;
$j_day_no = $g_day_no-79;
$j_np = floor($j_day_no/12053);
$j_day_no %= 12053;
$jy = 979+33*$j_np+4*floor($j_day_no/1461);
$j_day_no %= 1461;
-
+
if ($j_day_no >= 366) {
$jy += floor(($j_day_no-1)/365);
$j_day_no = ($j_day_no-1)%365;
}
$j_all_days = $j_day_no+1;
-
+
for ($i = 0; $i < 11 && $j_day_no >= $j_days_in_month[$i]; ++$i) {
$j_day_no -= $j_days_in_month[$i];
}
-
+
$jm = $i+1;
$jd = $j_day_no+1;
-
+
return array($jy, $jm, $jd, $j_all_days);
}
}
$gm = $i+1;
$gd = $g_day_no+1;
-
+
return array($gy, $gm, $gd);
}
-
+
/**
* Format a string according to Jalali calendar (UTF)
*
* @return string Formatted local time/date according to locale settings
*/
function jalali_strftime_utf($format, $timestamp) {
-
+
$g_d=date('j', $timestamp);
$g_m=date('n', $timestamp);
$g_y=date('Y', $timestamp);
'Wed' => '5',
'Thu' => '6',
'Fri' => '7');
-
+
// calculate string
$output_str='';
-
+
for ($i=0; $i<strlen($format); $i++){
-
+
if($format[$i]=='%'){
$i++;
switch($format[$i]){
$output_str.=$format[$i];
}
}
-
+
return $output_str;
}
* @return string Formatted local time/date
*/
function jalali_date_utf($format, $timestamp) {
-
+
$g_d=date('j', $timestamp);
$g_m=date('n', $timestamp);
$g_y=date('Y', $timestamp);
-
+
list($jy, $jm, $jd, $j_all_days) = g2j($g_y, $g_m, $g_d);
-
+
$j_days_in_month = array(0, 31, 31, 31, 31, 31, 31, 30, 30, 30, 30, 30, 29);
if(($g_y % 4) == 3) $j_days_in_month[12]++;
-
+
$j_month_name = array('', 'فروردین', 'اردیبهشت', 'خرداد', 'تیر',
'مرداد', 'شهریور', 'مهر', 'آبان', 'آذر', 'دی', 'بهمن', 'اسفند');
$j_week_name = array('Saturday' => 'شنبه',
'Wed' => '5',
'Thu' => '6',
'Fri' => '7');
-
+
// calculate string
$output_str='';
-
+
for ($i=0; $i<strlen($format); $i++){
-
+
if($format[$i]!='\\'){
switch($format[$i]){
case 'd':
$output_str.=$format[$i];
}
}
-
+
return $output_str;
}
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
/**
* Store the personal details of a commenting user in a cookie (or delete that cookie)
*
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
/**
* Adds a new author account
*
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
/**
* Delete a category or range of categories
*
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
include_once(S9Y_INCLUDE_PATH . "include/functions_trackbacks.inc.php");
/**
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
/**
* Check if an uploaded file is "evil"
*
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
/**
* Convert a PHP Ini setting to a boolean flag
$htaccess_cgi = '';
}
-
/* Detect comptability with php_value directives */
if ($htaccess_cgi == '') {
$response = '';
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
/**
* Converts a string into a filename that can be used safely in HTTP URLs
*
// Remove excess separators
$str = trim($str, $to[0]);
-
+
if (empty($str)) {
if (isset($GLOBALS['i18n_unknown'])) {
$str = $GLOBALS['i18n_unknown'];
if (!isset($serendipity['permalinkStructure'])) {
$serendipity['permalinkStructure'] = 'archives/%id%-%title%.html';
}
-
+
if (!isset($serendipity['permalinkFeedAuthorStructure'])) {
$serendipity['permalinkFeedAuthorStructure'] = 'feeds/authors/%id%-%realname%.rss';
}
-
+
if (!isset($serendipity['permalinkFeedCategoryStructure'])) {
$serendipity['permalinkFeedCategoryStructure'] = 'feeds/categories/%id%-%name%.rss';
}
-
+
if (!isset($serendipity['permalinkCategoryStructure'])) {
$serendipity['permalinkCategoryStructure'] = 'categories/%id%-%name%';
}
-
+
if (!isset($serendipity['permalinkAuthorStructure'])) {
$serendipity['permalinkAuthorStructure'] = 'authors/%id%-%realname%';
}
-
+
if (!isset($serendipity['permalinkArchivesPath'])) {
$serendipity['permalinkArchivesPath'] = 'archives';
}
-
+
if (!isset($serendipity['permalinkArchivePath'])) {
$serendipity['permalinkArchivePath'] = 'archive';
}
-
+
if (!isset($serendipity['permalinkCategoriesPath'])) {
$serendipity['permalinkCategoriesPath'] = 'categories';
}
-
+
if (!isset($serendipity['permalinkAuthorsPath'])) {
$serendipity['permalinkAuthorsPath'] = 'authors';
}
-
+
if (!isset($serendipity['permalinkUnsubscribePath'])) {
$serendipity['permalinkUnsubscribePath'] = 'unsubscribe';
}
-
+
if (!isset($serendipity['permalinkDeletePath'])) {
$serendipity['permalinkDeletePath'] = 'delete';
}
-
+
if (!isset($serendipity['permalinkApprovePath'])) {
$serendipity['permalinkApprovePath'] = 'approve';
}
-
+
if (!isset($serendipity['permalinkFeedsPath'])) {
$serendipity['permalinkFeedsPath'] = 'feeds';
}
-
+
if (!isset($serendipity['permalinkPluginPath'])) {
$serendipity['permalinkPluginPath'] = 'plugin';
}
-
+
if (!isset($serendipity['permalinkAdminPath'])) {
$serendipity['permalinkAdminPath'] = 'admin';
}
-
+
if (!isset($serendipity['permalinkSearchPath'])) {
$serendipity['permalinkSearchPath'] = 'search';
}
-
+
/* URI paths
* These could be defined in the language headers, except that would break
* backwards URL compatibility
@define('PATH_PLUGIN', $serendipity['permalinkPluginPath']);
@define('PATH_ADMIN', $serendipity['permalinkAdminPath']);
@define('PATH_SEARCH', $serendipity['permalinkSearchPath']);
-
+
/* URI patterns
* Note that it's important to use @ as the pattern delimiter. DO NOT use shortcuts
* like \d or \s, since mod_rewrite will use the regexps as well and chokes on them.
*/
function &serendipity_permalinkPatterns($return = false) {
global $serendipity;
-
+
$PAT = array();
$PAT['UNSUBSCRIBE'] = '@/' . $serendipity['permalinkUnsubscribePath'].'/(.*)/([0-9]+)@';
if (is_array($permalink)) {
return $permalink['entry_id'];
}
- }
+ }
return $default;
}
case 'category':
return serendipity_categoryURL($data, '', false);
break;
-
+
case 'author':
return serendipity_authorURL($data, '', false);
break;
}
-
+
return false;
}
case 'entry':
$idfield = 'id';
break;
-
+
case 'author':
$idfield = 'authorid';
break;
-
+
case 'category':
$idfield = 'categoryid';
break;
}
-
+
return(serendipity_db_query(sprintf("INSERT INTO {$serendipity['dbPrefix']}permalinks
(permalink, entry_id, type)
VALUES ('%s', '%s', '%s')",
$data['entry']['timestamp'] = time();
}
}
-
+
$ts = serendipity_serverOffsetHour($data['entry']['timestamp']);
-
+
$replacements =
array(
(int)$data['id'],
);
return str_replace($entryKeys, $replacements, $format);
break;
-
+
case 'author':
$replacements =
array(
);
return str_replace($authorKeys, $replacements, $format);
break;
-
+
case 'category':
$replacements =
array(
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)\r
# All rights reserved. See LICENSE file for licensing details\r
\r
+if (IN_serendipity !== true) {\r
+ die ("Don't hack!");\r
+}\r
+\r
/**\r
* Returns the name of a usergroup.\r
*\r
$value = $plugin->get_config($config_item, false, true);\r
}\r
}\r
- \r
+\r
if (isset($_POST['serendipity'][$postkey][$config_item])) {\r
if (is_array($_POST['serendipity'][$postkey][$config_item])) {\r
$hvalue = $_POST['serendipity'][$postkey][$config_item];\r
} else {\r
$selected_options = array($hvalue => $hvalue);\r
}\r
- \r
+\r
$pre_selected = (array)$cbag->get('select_preselected');\r
$select_size = $cbag->get('select_size');\r
$select = $cbag->get('select_values');\r
case 'hidden':\r
?><tr><td colspan="2"><input class="direction_<?php echo $lang_direction; ?>" type="hidden" name="serendipity[<?php echo $postKey; ?>][<?php echo $config_item; ?>]" value="<?php echo $cbag->get('value'); ?>" /></td></tr><?php\r
break;\r
- \r
+\r
default:\r
// Unknown configuration key. Let the plugin handle it.\r
$addData = func_get_args();\r
<br />\r
<?php\r
}\r
- \r
- if ($showSubmit) { \r
+\r
+ if ($showSubmit) {\r
?>\r
<div style="padding-left: 20px">\r
<input type="submit" name="SAVECONF" value="<?php echo SAVE; ?>" class="serendipityPrettyButton" />\r
<?php\r
}\r
}\r
- \r
+\r
return true;\r
}\r
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
/**
* Parses entries to display them for RSS/Atom feeds to be passed on to generic Smarty templates
*
$cat['feed_category_name'] = serendipity_utf8_encode(htmlspecialchars($cat['category_name']));
}
}
-
+
// Prepare variables
// 1. UTF8 encoding + htmlspecialchars.
$entry['feed_title'] = serendipity_utf8_encode(htmlspecialchars($entry['title']));
case 'opml1.0':
$entry_hook = 'frontend_display:opml-1.0:per_entry';
break;
-
+
case '0.91':
$entry_hook = 'frontend_display:rss-0.91:per_entry';
break;
-
+
case '1.0':
$entry_hook = 'frontend_display:rss-1.0:per_entry';
break;
-
+
case '2.0':
$entry_hook = 'frontend_display:rss-2.0:per_entry';
break;
-
+
case 'atom0.3':
$entry_hook = 'frontend_display:atom-0.3:per_entry';
break;
-
+
case 'atom1.0':
$entry_hook = 'frontend_display:atom-1.0:per_entry';
break;
}
-
+
serendipity_plugin_api::hook_event($entry_hook, $entry);
$entry['per_entry_display_dat'] = $entry['display_dat'];
}
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
/**
* Fetch a list of trackbacks for an entry
*
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
/**
* Check a HTTP response if it is a valid XML trackback response
*
'serendipity_event_searchhighlight',
'serendipity_event_textile'
);
-
+
$elements = array(
'ENTRY_BODY',
'EXTENDED_BODY',
$where[] = "name LIKE '$plugin:%'";
}
- $rows = serendipity_db_query("SELECT name, value, authorid
- FROM {$serendipity['dbPrefix']}config
+ $rows = serendipity_db_query("SELECT name, value, authorid
+ FROM {$serendipity['dbPrefix']}config
WHERE " . implode(' OR ', $where));
if (!is_array($rows)) {
return false;
}
-
+
foreach($rows AS $row) {
if (preg_match('@^(serendipity_event_.+):([a-z0-9]+)/(.+)@i', $row['name'], $plugin_data)) {
foreach($elements AS $element) {
if ($plugin_data[3] != constant($element)) {
continue;
}
-
+
$new = $plugin_data[1] . ':' . $plugin_data[2] . '/' . $element;
serendipity_db_query("UPDATE {$serendipity['dbPrefix']}config
SET name = '$new'
- WHERE name = '{$row['name']}'
+ WHERE name = '{$row['name']}'
AND value = '{$row['value']}'
AND authorid = '{$row['authorid']}'");
}
include_once(S9Y_INCLUDE_PATH . 'include/plugin_api.inc.php');
include_once(S9Y_INCLUDE_PATH . 'include/plugin_internal.inc.php');
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
$uri_addData = array(
'startpage' => false,
'uriargs' => implode('/', serendipity_getUriArguments($uri, true)),
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
if (!defined('serendipity_LANG_LOADED') || serendipity_LANG_LOADED !== true) {
// Try and include preferred language from the configurated setting
if (@include(S9Y_INCLUDE_PATH . 'lang/' . $serendipity['charset'] . 'serendipity_lang_'. $serendipity['lang'] .'.inc.php') ) {
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
class serendipity_calendar_plugin extends serendipity_plugin {
var $title = CALENDAR;
-<?php # $Id: $\r
+<?php # $Id: $\r
##########################################################################\r
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity #\r
# Developer Team) All rights reserved. See LICENSE file for licensing #\r
-<?php # $Id: $\r
+<?php # $Id: $\r
##########################################################################\r
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity #\r
# Developer Team) All rights reserved. See LICENSE file for licensing #\r
<?php # $Id$
+if (IN_serendipity !== true) {
+ die ("Don't hack!");
+}
+
$probelang = dirname(__FILE__) . '/lang_' . $serendipity['lang'] . '.inc.php';
if (file_exists($probelang)) {
include $probelang;
projects / s9y.git / commitdiff