Subversion Repositories taios

Compare Revisions

Ignore whitespace Rev 446 → Rev 486

/challenge/index.php
File deleted
/challenge/00-do.php
File deleted
/challenge/00.php
File deleted
/challenge/01.php
File deleted
/wiki/edit-do.php
2,6 → 2,22
 
require '../_taios.php';
 
if (get_magic_quotes_gpc()) {
$process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
while (list($key, $val) = each($process)) {
foreach ($val as $k => $v) {
unset($process[$key][$k]);
if (is_array($v)) {
$process[$key][stripslashes($k)] = $v;
$process[] = &$process[$key][stripslashes($k)];
} else {
$process[$key][stripslashes($k)] = stripslashes($v);
}
}
}
unset($process);
}
 
$pageName = $_POST['page'];
if (empty($pageName))
{
14,7 → 30,12
 
if ($page->isUserGM($page->getLoggedInUser()))
{
$pageName = str_replace("../", "/", $pageName);
 
$filename = 'pages/' . $pageName . '.txt';
 
if(!is_dir(dirname($filename)))
mkdir(dirname($filename), 0777, true);
$fp = @fopen($filename, 'w');
if ($fp)
/wiki/edit.php
16,6 → 16,8
 
if ($page->isUserGM($page->getLoggedInUser()))
{
$pageName = str_replace("../", "/", $pageName);
 
$filename = 'pages/' . $pageName . '.txt';
$content = "";
33,7 → 35,7
<input type="hidden" name="page" value="<?php echo $pageName; ?>" />
<table>
<tr>
<td><textarea name="content"><?php echo $content; ?></textarea></td>
<td><textarea name="content"><?php write($content); ?></textarea></td>
</tr>
<tr>
<td><input type="submit" value="Edit" /></td>
/wiki/index.php
45,6 → 45,8
write('<p class="bold"><a href="edit.php?page=' . $pageName . '">Edit Page</a></p><br />');
}
 
$pageName = str_replace("../", "/", $pageName);
 
$filename = 'pages/' . $pageName . '.txt';
 
$fp = @fopen($filename, 'r');
58,6 → 60,26
write('<p>This page is empty.</p>');
}
 
if(is_dir('pages/' . $pageName))
{
write('<p>Directory listing of ' . $pageName . ':</p>');
write('<ul>');
$dir = opendir('pages/' . $pageName);
if($dir)
{
while (($file = readdir($dir)) !== false)
{
if($file != '.' && $file != '..' && (preg_match('/\.txt$/', $file) || is_dir('pages/' . $pageName . '/' . $file)))
{
$file = preg_replace('/\.txt$/', '', $file);
write('<li><a href="index.php?page=' . $pageName . '/' . htmlspecialchars($file) . '">' . htmlspecialchars($file) . '</a></li>');
}
}
}
write('</ul>');
write('<p>End of directory listing</p>');
}
 
$page->drawFooter();
 
?>
/wiki/pages/Index.txt
File deleted
Property changes:
Deleted: svn:executable
## -1 +0,0 ##
-*
\ No newline at end of property
Index: _taios.php
===================================================================
--- _taios.php (revision 446)
+++ _taios.php (revision 486)
@@ -34,12 +34,15 @@
write('');
write('');
write('Tim32 · ' . $this->title . '');
- write('');
+ write('');
+ write('');
+ write('');
+ write('');
write('');
write('');
write('
write('
- write('

Tim32

');
+ write('

Tim32

');
write('');
write('
$this->drawMenuItem('Home', 'index.php');
@@ -49,36 +52,43 @@
$this->drawMenuItem('Wiki', 'wiki/');
$this->drawMenuItem('Photos', 'photos/');
write('
');
- if ($this->isLoggedIn())
- {
+
+ if ($this->isLoggedIn() && $this->isUserNormal($this->getLoggedInUser())) {
$this->drawMenuItem('Administration', 'admin/');
$this->drawMenuItem('Logout', 'logout-do.php');
- }
- else
- {
+ } else if ($this->isLoggedIn()) {
+ $this->drawMenuItem('Logout', 'logout-do.php');
+
+ if ($this->getLoggedInUser()->username != "cake") {
+ $this->drawMenuItem('You are banned', NULL);
+ } else {
+ $this->drawMenuItem('#undefined', '/challenge/cakefolder');
+ }
+ } else {
$this->drawMenuItem('Login', 'login.php');
$this->drawMenuItem('Register', 'register.php');
}
+
write('
');
-
$this->drawnHeader = true;
}
}
- function drawMenuItem($t, $u)
- {
- write('

' . $t . '

');
+ function drawMenuItem($t, $u) {
+ if ($u == NULL) {
+ write('

' . $t . '

');
+ } else {
+ write('

' . $t . '

');
+ }
}
function drawMiddle()
{
- if (!$this->drawnMiddle)
- {
- write('
');
+ if (!$this->drawnMiddle) {
write('');
write('');
write('
');
- write('

' . $this->title . '

');
+ write('

' . $this->title . '

');
$this->drawnMiddle = true;
}
@@ -88,7 +98,6 @@
{
if (!$this->drawnFooter)
{
- write('
');
write('');
write('');
write('');
@@ -138,7 +147,7 @@
write('


');
}
- $ids = $this->findIDs('BlogPosts', 'WHERE ParentID=' . $id);
+ $ids = $this->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"');
for ($i = 0; $i < count($ids); $i++)
{
write('
');
@@ -155,7 +164,7 @@
for ($i = 0; $i < count($ids); $i++)
{
$cat = $this->getBlogPost($ids[$i])->category;
- if (!in_array($cat, $cats))
+ if (!in_array($cat, $cats) && ($cat != "Drafts" || $this->isUserGM($this->getLoggedInUser())))
{
array_push($cats, $cat);
}
@@ -170,62 +179,46 @@
function replaceBBCode($str)
{
- /*$newstrarray = explode("\n", $str);
- $newstr = "";
- foreach ($newstrarray as $line)
- {
- if ($line == "\n" || $line == " \n" || $line == "\n " || $line == "\n\r")
- {
- $line = "

";

- }
-
- $newstr .= ($line . "\n");
- }*/
-
$newstr = $str;
- $newstr = str_replace("<", "[", $newstr);
- $newstr = str_replace(">", "]", $newstr);
- $newstr = str_replace("\n", "

", $newstr);

+ $newstr = str_replace("<", "<", $newstr);
+ $newstr = str_replace(">", ">", $newstr);
+ $newstr = str_replace("\n", "
", $newstr);
$newstr = str_replace("\\'", "'", $newstr);
$newstr = str_replace("\\\"",'"', $newstr);
$newstr = str_replace(' ', '  ', $newstr);
- $newstr = str_replace(' :)', ' ', $newstr);
- $newstr = str_replace(' :p', ' ', $newstr);
- $newstr = str_replace(' :P', ' ',$newstr);
- $newstr = str_replace(' :|', ' ',$newstr);
- $newstr = str_replace(' :D', ' ',$newstr);
- $newstr = str_replace(' =D', ' ',$newstr);
- $newstr = str_replace(' :(', ' ',$newstr);
- $newstr = str_replace(' :0', ' ',$newstr);
- $newstr = str_replace(' :o', ' ',$newstr);
- $newstr = str_replace(' :O', ' ',$newstr);
- $newstr = str_replace(' :/', ' ',$newstr);
- $newstr = str_replace(' ;)', ' ',$newstr);
$bbcode = array(
- '/\[b\](.+?)\[\/b\]/is',
- '/\[i\](.+?)\[\/i\]/is',
- '/\[u\](.+?)\[\/u\]/is',
- '/\[url\](.+?)\[\/url\]/is',
- '/\[url=(.+?)\](.+?)\[\/url\]/is',
- '/\[code\](.+?)\[\/code\]/is',
- '/\[img\](.+?)\[\/img\]/is',
- '/\[ul\](.+?)\[\/ul\]/is',
- '/\[ol\](.+?)\[\/ol\]/is',
- '/\[li\](.+?)\[\/li\]/is'
+ '/\[b\](.+?)\[\/b\]/is',
+ '/\[i\](.+?)\[\/i\]/is',
+ '/\[u\](.+?)\[\/u\]/is',
+ '/\[url\](.+?)\[\/url\]/is',
+ '/\[w\](.+?)\[\/w\]/is',
+ '/\[url=(?:")?(.+?)(?:")?\](.+?)\[\/url\]/is',
+ '/\[w=(?:")?(.+?)(?:")?\](.+?)\[\/w\]/is',
+ '/\[code\](.+?)\[\/code\]/is',
+ '/\[img\](.+?)\[\/img\]/is',
+ '/\[ul\](.+?)\[\/ul\]/is',
+ '/\[ol\](.+?)\[\/ol\]/is',
+ '/\[li\](.+?)\[\/li\]/is',
+ '/\[mono\](.+?)\[\/mono\]/is',
+ '/\[tcp\](.+?)\[\/tcp\]/is'
);
$html = array(
- '$1',
- '$1',
- '$1',
- '$1',
- '$2',
- '
$1
',
- '',
- '
    $1
',
- '
    $1
',
- '
  • $1
  • '
    + '$1',
    + '$1',
    + '$1',
    + '$1',
    + '$1',
    + '$2',
    + '$2',
    + '

    $1

    ',

    + 'BBCode-included image',
    + '
      $1
    ',
    + '
      $1
    ',
    + '
  • $1
  • ',
    + '$1',
    + '$1Open TCP Editor'
    );
    $newstr = preg_replace($bbcode, $html, $newstr);
    @@ -297,6 +290,19 @@
    return false;
    }
    + function isUserBanned()
    + {
    + if ($this->isLoggedIn())
    + {
    + if ($this->getLoggedInUser()->accessID >= 3)
    + {
    + return true;
    + }
    + }
    +
    + return false;
    + }
    +
    function checkChallengeStatus($challengeID, $previous, $next)
    {
    $currentChallengeID = $this->getLoggedInUser()->challengeID;
    @@ -349,7 +355,7 @@
    function getUserByID($id)
    {
    - $result = $this->query('SELECT * FROM Users WHERE ID = ' . $id);
    + $result = $this->query('SELECT * FROM Users WHERE ID = "' . $id . '"');
    while ($row = mysql_fetch_array($result))
    {
    $user = new User;
    @@ -391,7 +397,7 @@
    function getBlogPost($id)
    {
    - $result = $this->query('SELECT * FROM BlogPosts WHERE ID = ' . $id);
    + $result = $this->query('SELECT * FROM BlogPosts WHERE ID = "' . $id . '"');
    while ($row = mysql_fetch_array($result))
    {
    $post = new BlogPost;
    @@ -406,8 +412,8 @@
    }
    $post->author = $this->getUserByID($row['AuthorID']);
    $post->user = $this->getUserByID($row['AuthorID']); // For some older pages
    - $post->title = $row['Title'];
    - $post->content = $row['Content'];
    + $post->title = htmlspecialchars($row['Title']);
    + $post->content = htmlspecialchars($row['Content']);
    $post->datePosted = strtotime($row['DatePosted']);
    $post->category = $row['Category'];
    $post->spam = $row['Spam'];
    @@ -420,7 +426,7 @@
    function getProject($id)
    {
    - $result = $this->query('SELECT * FROM Projects WHERE ID = ' . $id);
    + $result = $this->query('SELECT * FROM Projects WHERE ID = "' . $id . '"');
    while ($row = mysql_fetch_array($result))
    {
    $project = new Project;
    @@ -443,7 +449,7 @@
    function getForumCategory($id)
    {
    - $result = $this->query('SELECT * FROM ForumCategories WHERE ID = ' . $id);
    + $result = $this->query('SELECT * FROM ForumCategories WHERE ID = "' . $id . '"');
    while ($row = mysql_fetch_array($result))
    {
    $f = new ForumCategory;
    @@ -461,7 +467,7 @@
    function getForumPost($id)
    {
    - $result = $this->query('SELECT * FROM ForumPosts WHERE ID = ' . $id);
    + $result = $this->query('SELECT * FROM ForumPosts WHERE ID = "' . $id . '"');
    while ($row = mysql_fetch_array($result))
    {
    $f = new ForumPost;
    @@ -483,13 +489,13 @@
    function delBlogPost($id)
    {
    - $ids = $this->findIDs('BlogPosts', 'WHERE ParentID=' . $id);
    + $ids = $this->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"');
    for ($i = 0; $i < count($ids); $i++)
    {
    $this->delBlogPost($ids[$i]);
    }
    - $this->query('DELETE FROM BlogPosts WHERE ID=' . $id);
    + $this->query('DELETE FROM BlogPosts WHERE ID="' . $id . '"');
    }
    function getGetID()
    /admin/nowify.php
    0,0 → 1,68
    <?php
     
    require '../_taios.php';
     
    $page = new Taios_Page('Nowify', '../');
     
    if (isset($_GET['id']))
    {
    $id = $_GET['id'];
    }
    else if (isset($_POST['id']))
    {
    $id = $_POST['id'];
    }
    else
    {
    $page->drawError('No ID set.');
    }
     
    $page->checkLoggedIn();
     
    $post = $page->getBlogPost($id);
    if ((!$page->isUserAdmin($page->getLoggedInUser()) && $page->getLoggedInUser()->ID != $post->author->ID) || !$page->isUserNormal($page->getLoggedInUser()))
    {
    $page->drawError('You do not have permission to access this page.');
    }
     
    $error = '';
     
    if (isset($_POST['id']))
    {
    $title = $_POST['title'];
     
    $page->query('UPDATE BlogPosts SET DatePosted = NOW() WHERE ID = "' . $id . '"');
    $page->redirect('/blog/post.php?id=' . $id);
    }
     
    $page->drawHeader();
    $page->drawBlogCategoriesMenu();
    $page->drawMiddle();
     
    if (!empty($error))
    {
    $page->drawError($error, false);
    }
     
    ?>
     
    <form action="nowify.php" method="post">
    Press Sumbit if you wish to nowify post <?php echo $post->title; ?>.<br /><br />
     
    <?php
    write('<input type="hidden" name="id" value="' . $id . '" />');
    ?>
     
    <tr>
    <td class="bold"></td>
    <td><input type="submit" value="Submit" /></td>
    </tr>
    </table>
    </form>
     
    <?php
     
    $page->drawFooter();
     
    ?>
     
    /admin/account-do.php
    13,26 → 13,26
    $name = $_POST['name'];
     
    $user = $page->getUserByID($userID);
    if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user)
    if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser()))
    {
    if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser()))
    {
    $page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = ' . $userID);
    $page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = "' . $userID . '"');
    }
    if (!empty($password))
    {
    $page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = ' . $userID);
    $page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = "' . $userID . '"');
    }
    if (!empty($email))
    {
    $page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = ' . $userID);
    $page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = "' . $userID . '"');
    }
    if (!empty($name))
    {
    $page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = ' . $userID);
    $page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = "' . $userID . '"');
    }
    }
    else
    /admin/all-blog-posts.php
    27,24 → 27,28
    $ids = $page->findIDs('BlogPosts', 'ORDER BY DatePosted DESC');
    for ($i = 0; $i < count($ids); $i++)
    {
    $post = $page->getBlogPost($ids[$i]);
    write('<tr>');
    write('<td><a href="../blog/edit-post.php?id=' . $post->ID . '">' . $post->ID . '</a></td>');
    if ($post->parent == -1)
    $id_str = $ids[$i];
    if (!empty($id_str))
    {
    write('<td style="color: #444444;">No Parent</td>');
    $post = $page->getBlogPost($id_str);
    write('<tr>');
    write('<td><a href="../blog/edit-post.php?id=' . $post->ID . '">' . $post->ID . '</a></td>');
    if ($post->parent == -1)
    {
    write('<td style="color: #444444;">No Parent</td>');
    }
    else
    {
    write('<td>' . $post->parent->title . '</td>');
    }
    write('<td><a href="account.php?id=' . $post->author->ID . '">' . $post->author->name . '</a></td>');
    write('<td>' . $post->title . '</td>');
    write('<td>' . str_replace("\n", '<br />', $post->content) . '</td>');
    write('<td>' . date('j/m/Y H:i', $post->datePosted) . ' <a href="nowify.php?id=' . $post->ID . '">Nowify</a></td>');
    write('<td>' . $post->category . '</td>');
    write('<td>' . $post->spam . '</td>');
    write('</tr>');
    }
    else
    {
    write('<td>' . $post->parent->title . '</td>');
    }
    write('<td><a href="account.php?id=' . $post->author->ID . '">' . $post->author->name . '</a></td>');
    write('<td>' . $post->title . '</td>');
    write('<td>' . str_replace("\n", '<br />', $post->content) . '</td>');
    write('<td>' . date('j/m/Y H:i', $post->datePosted) . '</td>');
    write('<td>' . $post->category . '</td>');
    write('<td>' . $post->spam . '</td>');
    write('</tr>');
    }
    write('</table>');
    /admin/account.php
    11,7 → 11,7
    $userID = $page->getGetID();
    $user = $page->getUserByID($userID);
     
    if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user)
    if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser()))
    {
    ?>
     
    /admin/index.php
    9,7 → 9,14
    $page->checkLoggedIn();
    $user = $page->getLoggedInUser();
     
    write('<h4><a href="account.php?id=' . $user->ID. '">Manage Account</a></h4>');
    if ($page->isUserNormal($user))
    {
    write('<h4><a href="account.php?id=' . $user->ID. '">Manage Account</a></h4>');
    }
    else
    {
    $page->drawError('You do not have permission to access this page.');
    }
     
    if ($page->isUserAdmin($user))
    {
    /projects/index.php
    22,7 → 22,7
    write('<h3>' . $project->title . '</h3>');
    write('<table style="border: 0px;">');
    write('<tr>');
    write('<td style="border: 0px; vertical-align: top;"><img class="smiley" src="' . $project->logoURL . '" /></td>');
    write('<td style="border: 0px; vertical-align: top;"><img class="smiley" src="' . $project->logoURL . '" alt="' . $project->title . ' logo" /></td>');
    write('<td style="border: 0px;">');
    if (empty($project->latestVersion))
    {
    /projects/edit-project-do.php
    24,30 → 24,30
    {
    if (!empty($title))
    {
    $page->query('UPDATE Projects SET Title = "' . $title . '" WHERE ID = ' . $project->ID);
    $page->query('UPDATE Projects SET Title = "' . $title . '" WHERE ID = "' . $project->ID . '"');
    }
    if (!empty($description))
    {
    $page->query('UPDATE Projects SET Description = "' . $description . '" WHERE ID = ' . $project->ID);
    $page->query('UPDATE Projects SET Description = "' . $description . '" WHERE ID = "' . $project->ID . '"');
    }
    if (!empty($logoURL))
    {
    $page->query('UPDATE Projects SET LogoURL = "' . $logoURL . '" WHERE ID = ' . $project->ID);
    $page->query('UPDATE Projects SET LogoURL = "' . $logoURL . '" WHERE ID = "' . $project->ID . '"');
    }
    if (!empty($websiteURL))
    {
    $page->query('UPDATE Projects SET WebsiteURL = "' . $websiteURL . '" WHERE ID = ' . $project->ID);
    $page->query('UPDATE Projects SET WebsiteURL = "' . $websiteURL . '" WHERE ID = "' . $project->ID . '"');
    }
    if (!empty($downloadURL))
    {
    $page->query('UPDATE Projects SET DownloadURL = "' . $downloadURL . '" WHERE ID = ' . $project->ID);
    $page->query('UPDATE Projects SET DownloadURL = "' . $downloadURL . '" WHERE ID = "' . $project->ID . '"');
    }
    if (!empty($latestVersion))
    {
    $page->query('UPDATE Projects SET LatestVersion = "' . $latestVersion . '" WHERE ID = ' . $project->ID);
    $page->query('UPDATE Projects SET LatestVersion = "' . $latestVersion . '" WHERE ID = "' . $project->ID . '"');
    }
    $page->query('UPDATE Projects SET LastUpdate = NOW() WHERE ID = ' . $project->ID);
    $page->query('UPDATE Projects SET LastUpdate = NOW() WHERE ID = "' . $project->ID . '"');
     
    $page->redirect('index.php');
    }
    /projects/add-project-do.php
    25,7 → 25,7
     
    if ($page->isUserGM($user))
    {
    $page->query('INSERT INTO Projects VALUES (0, ' . $user->ID . ', "' . $title . '", "' . $description . '", "' . $logoURL . '", "' . $downloadURL . '", "' . $websiteURL . '", "' . $latestVersion . '", NOW())');
    $page->query('INSERT INTO Projects VALUES (0, "' . $user->ID . '", "' . $title . '", "' . $description . '", "' . $logoURL . '", "' . $downloadURL . '", "' . $websiteURL . '", "' . $latestVersion . '", NOW())');
    $page->redirect('index.php');
    }
    else
    /projects/delete-project-do.php
    10,7 → 10,7
     
    if (($page->isUserAdmin($page->getLoggedInUser()) || $page->getLoggedInUser()->ID == $project->author->ID) && $project)
    {
    $page->query('DELETE FROM Projects WHERE ID = ' . $id);
    $page->query('DELETE FROM Projects WHERE ID = "' . $id . '"');
    $page->redirect('index.php');
    }
    else
    /index.php
    4,19 → 4,16
     
    $page = new Taios_Page('Home');
    $page->drawHeader();
    write('<h3>Pages</h3>');
    $page->drawMenuItem('Biggles', '/~biggles/');
    $page->drawMenuItem('Freddie (FredFace)', '/~freddie/');
    $page->drawMenuItem('Muzer', '/~muzer/');
    $page->drawMenuItem('Tom (TomMan)', '/~tom/');
    write('<br /><h3>Downtime-o-meter</h3>');
    write('<p>No planned down.</p>');
    $page->drawMiddle();
     
    ?>
     
    <p class="bold">Welcome to Tim32!</p>
    <p>Tim32 is a 10 year-old laptop running Ubuntu Server Edition 10.04.</p>
    <?php
    write('<p>Tim32 is a ' . (date("Y") - 2000) . '-year-old laptop running Ubuntu Server Edition 10.04.</p>');
    write('<p>On the other hand, Tim36 (which is serving this page) is a ' . (date("Y") - 2007) . '-year-old laptop running Ubuntu Server Edition 10.04.</p>');
    ?>
    <p>By using this website, you hereby accept cookies being stored on your computer.</p>
    <br />
     
    <h3 title="Take the Tim32 challenge: http://tim32.org/challenge/">Latest Blog Posts</h3>
    24,15 → 21,19
     
    <?php
     
    $ids = $page->findIDs('BlogPosts', 'WHERE ParentID = -1 ORDER BY DatePosted DESC');
    $ids = $page->findIDs('BlogPosts', 'WHERE ParentID = -1 AND Category != "Drafts" ORDER BY DatePosted DESC');
    for ($i = 0; $i < 4 && $i < count($ids); $i++)
    {
    $id = $ids[$i];
    $post = $page->getBlogPost($id);
    write('<h4><a href="blog/post.php?id=' . $post->ID . '">' . $post->title. '</a></h4>');
     
    $comment_count = 0;
    $ids2 = $page->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"');
     
    write('<a href="blog/post.php?id=' . $id . '"><h3>' . $post->title. '</h3></a>');
    write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>');
    write('<p>' . $page->replaceBBCode($post->content) . '</p>');
    write('<h5 style="color: #666666;">' . count($ids2) . ' Comments</h5>');
    write('<br />');
    }
     
    /tcp.js
    0,0 → 1,51
    function updateResult(box, text) {
    box.find(".tcp_inner_result").html("<i>Loading...</i>");
    $.get('http://tim32.org/~freddie/VOSLookup/tcppop.php?totr=' + text, function(data) {
    box.find(".tcp_inner_result").html(data);
    });
    }
     
    function openBox(box) {
    var text = box.attr("data-text");
    box.append("<div class=\"tcp_inner\"><input type=\"text\" value=\"" + text + "\" /><input type=\"submit\" value=\"Parse\" /><br /><div class=\"tcp_inner_result\"></div></div>");
    box.children(".tcp_inner").hide().fadeIn();
    updateResult(box, text);
    box.find("input[type=submit]").click(function() {
    updateResult(box, box.find("input[type=text]").val());
    return false;
    });
     
    box.find("input[type=text]").change(function() {
    updateResult(box, $(this).val());
    });
    }
     
    function closeBox(box) {
    $(box).children(".tcp_inner").fadeOut(function() {
    $(this).remove();
    });
    }
     
    $(document).ready(function() {
    $(".tcp .tcp_button").on("click", function() {
    var box = $(this).parent();
    var s = box.attr("data-status");
    if (s == "closed") {
    box.attr("data-status", "open");
    $(this).attr("src", "http://tim32.org/~freddie/timlan/noTCP.png");
    $(this).attr("title", "Close TCP Editor");
    openBox(box);
    } else {
    box.attr("data-status", "closed");
    $(this).attr("src", "http://tim32.org/~freddie/timlan/goTCP.png");
    $(this).attr("title", "Open TCP Editor");
    closeBox(box);
    }
    });
    });
     
    /styles.css
    1,12 → 1,10
    body {
    background-color: #FFFFFF;
    color: #000000;
    font-family: Droid Sans, Tahoma, sans-serif;
    font-size: 10pt;
    font-size: 10pt;
    margin: 0px;
    padding: 0px;
    height: 100%;
    }
     
    h1 {
    64,6 → 62,12
    border: 1px solid #000000;
    color: #000000;
    background-color: #B5D7FF;
    padding: 4px;
    margin: 5px;
    font-size: 11pt;
    }
     
    input[type=text], input[type=password] {
    width: 500px;
    }
     
    91,13 → 95,20
    }
     
    .sidebar {
    top: 0px;
    left: 0px;
    position: absolute;
    float: left;
    width: 156px;
    padding: 0px;
    padding-left: 32px;
    border-right: 0px solid #000089;
     
    border-right: 2px solid #000049;
    border-bottom: 2px solid #000049;
     
    color: #FFFFFF;
    z-index: 50;
    background-color: #032865;
    color: #FFFFFF;
    }
     
    .sidebar-header {
    128,9 → 139,17
     
    .content {
    top: 0px;
    left: 190px;
    position: absolute;
    margin-right: 32px;
    /* left: 0px;*/
    margin-left: 190px;
    /* padding-top: 0px*/
    /* position: absolute;*/
    /* margin-right: 32px;*/
    background-color: #FFFFFF;
    height: 100%;
    height: auto !important;
    width: auto;
    display: block;
    /* display: inline-block;*/
    }
     
    .bold {
    149,13 → 168,29
    .code {
    border-top: 2px solid #999999;
    border-bottom: 2px solid #999999;
    margin: 14px;
    margin: 4px 16px;
    padding: 3px;
    background-color: #DDDDDD;
    font-family: Droid Sans Mono, Monospace, Fixed;
    font-size: 9px;
    line-height: 80%;
    font-size: 10pt;
    }
     
    .tcp_button {
    border: none;
    margin: 0px 14px;
    cursor: pointer;
    }
     
    .tcp_inner {
    margin: 4px;
    padding: 2px;
    border: 1px solid #000000;
    }
     
    .tcp_inner_result {
    margin: 6px;
    }
     
    .copyright {
    color: #BBBBBB;
    text-align: left;
    /blog/add-post.php
    40,12 → 40,12
    }
    else
    {
    if ($page->getLoggedInUser()->accessID >= 2 && $parentID == -1)
    if (($page->getLoggedInUser()->accessID >= 2 && $parentID == -1) || $page->getLoggedInUser()->accessID > 2)
    {
    $page->drawError('You do not have permission to access this page.');
    }
    $page->query('INSERT INTO BlogPosts VALUES(0, ' . $parentID . ', "' . $page->getLoggedInUser()->ID . '", "' . $title . '", "' . $content . '", NOW(), "' . $category . '", 0)');
    $page->query('INSERT INTO BlogPosts VALUES(0, "' . $parentID . '", "' . $page->getLoggedInUser()->ID . '", "' . $title . '", "' . $content . '", NOW(), "' . $category . '", 0)');
    $page->redirect('post.php?id=' . $parentID);
    }
    }
    /blog/index.php
    23,6 → 23,11
    write('<p>Only showing blog posts from the ' . $_GET['cat'] . ' category. <a href="index.php">Reset Filtering</a></p><br />');
    }
     
    if(!$page->isUserGM($page->getLoggedInUser()))
    {
    $query = $query . ' AND Category != "Drafts"';
    }
     
    $query = $query . " ORDER BY DatePosted DESC";
     
    $ids = $page->findIDs('BlogPosts', $query);
    30,10 → 35,13
    {
    $id = $ids[$i];
    $post = $page->getBlogPost($id);
     
    $ids2 = $page->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"');
    write('<a href="post.php?id=' . $id . '"><h3>' . $post->title. '</h3></a>');
    write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>');
    write('<p>' . $page->replaceBBCode($post->content) . '</p>');
    write('<h5 style="color: #666666;"><a href="post.php?id=' . $id . '">' . count($ids2) . ' Comments</a></h5>');
    write('<br />');
    }
     
    /blog/edit-post.php
    20,7 → 20,7
    $page->checkLoggedIn();
     
    $post = $page->getBlogPost($id);
    if (!$page->isUserAdmin($page->getLoggedInUser()) && $page->getLoggedInUser()->ID != $post->author->ID)
    if ((!$page->isUserAdmin($page->getLoggedInUser()) && $page->getLoggedInUser()->ID != $post->author->ID) || !$page->isUserNormal($page->getLoggedInUser()))
    {
    $page->drawError('You do not have permission to access this page.');
    }
    43,7 → 43,7
    }
    else
    {
    $page->query('UPDATE BlogPosts SET Content = "' . $content . '", Title = "' . $title . '", Category = "' . $category . '" WHERE ID = ' . $id);
    $page->query('UPDATE BlogPosts SET Content = "' . $content . '", Title = "' . $title . '", Category = "' . $category . '" WHERE ID = "' . $id . '"');
    $page->redirect('post.php?id=' . $id);
    }
    }
    /blog/rss.php
    13,7 → 13,7
    write('<description>This is the RSS feed for the Tim32 Blog.</description>');
    write('<link>http://tim32.org/blog/</link>');
    $ids = $page->findIDs('BlogPosts', 'WHERE ParentID = -1 ORDER BY DatePosted DESC');
    $ids = $page->findIDs('BlogPosts', 'WHERE ParentID = -1 AND CATEGORY != "Drafts" ORDER BY DatePosted DESC');
    for ($i = 0; $i < count($ids); $i++)
    {
    $id = $ids[$i];
    /blog/del-post.php
    7,7 → 7,7
    $id = $_GET['id'];
    if ($id)
    {
    if ($page->isUserAdmin($page->getLoggedInUser()) || $page->getLoggedInUser()->ID == $page->getBlogPost($id)->author->ID)
    if ($page->isUserAdmin($page->getLoggedInUser()) || $page->getLoggedInUser()->ID == $page->getBlogPost($id)->author->ID && $page->isUserNormal($page->getLoggedInUser()))
    {
    $page->delBlogPost($id);
    }
    /404.php
    7,11 → 7,8
    $page = new Taios_Page('404 - Page not found', '/');
    $page->drawHeader();
    write('<h3>Pages</h3>');
    $page->drawMenuItem('Biggles', '/~biggles/');
    $page->drawMenuItem('Freddie', '/~freddie/');
    $page->drawMenuItem('Muzer', '/~muzer/');
    $page->drawMenuItem('Sh4rk', '/~szabot/');
    $page->drawMenuItem('Tom', '/~tom/');
    $page->drawMenuItem('FredFace', '~freddie/');
    $page->drawMenuItem('Muzer', '~muzer/');
    $page->drawMiddle();
     
    ?>
    27,6 → 24,9
    $page->drawMenuItem('Tim32 Homepage', 'index.php');
    $page->drawMenuItem('Youfail.org', 'http://youfail.org');
     
    ?>
    <iframe src="http://notfound-static.fwebservices.be/404/index.html?&amp;key=30aca9cedc0df2682afc4e195eedb1e2" width="100%" height="650" frameborder="0"></iframe>
    <?php
    $page->drawFooter();
     
    ?>
    /login.php
    9,6 → 9,7
    ?>
     
    <p class="bold">Here you can login to Tim32 using your Tim32 account.</p>
    <p>By using this website, you hereby accept cookies being stored on your computer.</p>
    <br />
     
    <?php
    21,6 → 22,12
    ?>
     
    <form action="login-do.php" method="POST">
    <?php
    $redirurl = $_SERVER['HTTP_REFERER'];
    if($_GET['oldurl'])
    $redirurl = $_GET['oldurl'];
    write('<input type="hidden" name="oldurl" value="' . $redirurl . '" />');
    ?>
    <table>
    <tr>
    <td class="bold">Username: </td>
    /forums/add-post-do.php
    20,6 → 20,11
    $title = $_POST['title'];
    $content = $_POST['content'];
     
    if (!$page->isUserNormal($page->getLoggedInUser()))
    {
    $page->redirect('add-post.php?error=You do not have permission to access this page');
    }
     
    if (empty($title))
    {
    $page->redirect('add-post.php?error=No Title Specified');
    29,7 → 34,7
    $page->redirect('add-post.php?error=No Content Specified');
    }
     
    $page->query('INSERT INTO ForumPosts VALUES (0, ' .$page->getLoggedInUser()->ID . ', ' . $categoryID . ', ' . $parentID . ', "' . $title . '", "' . $content . '", NOW(), FALSE)');
    $page->query('INSERT INTO ForumPosts VALUES (0, "' .$page->getLoggedInUser()->ID . '", "' . $categoryID . '", "' . $parentID . '", "' . $title . '", "' . $content . '", NOW(), FALSE)');
    $page->redirect('index.php?parentID=' . $categoryID);
     
    ?>
    /forums/delete-category-do.php
    10,7 → 10,7
     
    if ($page->isUserAdmin($page->getLoggedInUser()))
    {
    $page->query('DELETE FROM ForumCategories WHERE ID = ' . $id);
    $page->query('DELETE FROM ForumCategories WHERE ID = "' . $id . '"');
    $page->redirect('index.php');
    }
    else
    /forums/edit-category-do.php
    18,7 → 18,7
    $page->redirect('edit-category.php?error=No Title Specified');
    }
    $page->query('UPDATE ForumCategories SET Title = "' . $title . '", Description = "' . $description . '" WHERE ID = ' . $id);
    $page->query('UPDATE ForumCategories SET Title = "' . $title . '", Description = "' . $description . '" WHERE ID = "' . $id . '"');
    $page->redirect('index.php');
    }
    else
    /forums/add-category-do.php
    22,7 → 22,7
    $page->redirect('add-category.php?error=No Title Specified');
    }
    $page->query('INSERT INTO ForumCategories VALUES (0, ' . $parentID . ', "' . $title . '", "' . $description . '")');
    $page->query('INSERT INTO ForumCategories VALUES (0, "' . $parentID . '", "' . $title . '", "' . $description . '")');
    $page->redirect('index.php?parentID=' . $parentID);
    }
    else
    /forums/delete-post-do.php
    9,9 → 9,9
    $id = $page->getGetID();
    $post = $page->getForumPost($id);
     
    if (($page->isUserAdmin($page->getLoggedInUser()) || $post->author->ID == $page->getLoggedInUser()->ID) && $post)
    if (($page->isUserAdmin($page->getLoggedInUser()) || $post->author->ID == $page->getLoggedInUser()->ID) && $post && $page->isUserNormal($page->getLoggedInUser()))
    {
    $page->query('DELETE FROM ForumPosts WHERE ID = ' . $id);
    $page->query('DELETE FROM ForumPosts WHERE ID = "' . $id . '"');
    $page->redirect('index.php');
    }
    else
    /forums/post.php
    24,7 → 24,7
    }
    write('<br />');
     
    $ids = $page->findIDs('ForumPosts', 'WHERE ParentID = ' . $id . ' ORDER BY DatePosted ASC');
    $ids = $page->findIDs('ForumPosts', 'WHERE ParentID = "' . $id . '" ORDER BY DatePosted ASC');
    for ($i = 0; $i < count($ids); $i++)
    {
    $forumPost = $page->getForumPost($ids[$i]);
    /forums/index.php
    24,7 → 24,7
    {
    write('<a href="index.php?parentID=-1">Back to root</a>');
    }
    if ($page->isLoggedIn())
    if ($page->isLoggedIn() && $page->isUserNormal($page->getLoggedInUser()))
    {
    if ($parentID != -1)
    {
    42,7 → 42,7
    }
    write('</p><br />');
     
    $ids = $page->findIDs('ForumCategories', 'WHERE ParentID = ' . $parentID . ' ORDER BY Title ASC');
    $ids = $page->findIDs('ForumCategories', 'WHERE ParentID = "' . $parentID . '" ORDER BY Title ASC');
     
    if (count($ids) >= 1)
    {
    61,7 → 61,7
    write('<br />');
    }
     
    $ids = $page->findIDs('ForumPosts', 'WHERE CategoryID = ' . $parentID . ' AND ParentID = -1 ORDER BY Title ASC');
    $ids = $page->findIDs('ForumPosts', 'WHERE CategoryID = "' . $parentID . '" AND ParentID = -1 ORDER BY Title ASC');
     
    if (count($ids) >= 1)
    {
    /forums/add-post.php
    20,7 → 20,7
    $categoryID = -1;
    }
     
    if ($page->isLoggedIn())
    if ($page->isLoggedIn() && $page->isUserNormal($page->getLoggedInUser))
    {
     
    if (isset($_GET['error']))
    /login-do.php
    8,19 → 8,24
    $password = $_POST['password'];
    $remember = $_POST['remember'] == 'yes';
     
    if(strpos($_POST['oldurl'], "tim32.org") === FALSE || strpos($_POST['oldurl'], "login") !== FALSE)
    $redirurl = "http://tim32.org";
    else
    $redirurl = $_POST['oldurl'];
     
    if (empty($username))
    {
    $page->redirect('login.php?error=No Username Specified');
    $page->redirect('login.php?error=No Username Specified&oldurl=' . urlencode($redirurl));
    }
    if (empty($password))
    {
    $page->redirect('login.php?error=No Password Specified');
    $page->redirect('login.php?error=No Password Specified&oldurl=' . urlencode($redirurl));
    }
     
    $user = $page->getUserByUsername($username);
    if (!$user || $user->password != sha1($password))
    {
    $page->redirect('login.php?error=Incorrect Username or Password');
    $page->redirect('login.php?error=Incorrect Username or Password&oldurl=' . urlencode($redirurl));
    }
     
    $expires = -1;
    32,6 → 37,6
     
    setcookie('Tim32_Login', $user->username . '|~|' . $user->password, $expires, '/');
     
    $page->redirect('index.php');
    $page->redirect($redirurl);
     
    ?>
    /data/favicon.png
    Cannot display: file marked as a binary type.
    svn:mime-type = application/octet-stream
    /data/favicon.png
    Property changes:
    Added: svn:mime-type
    ## -0,0 +1 ##
    +application/octet-stream
    \ No newline at end of property
    Index: register.php
    ===================================================================
    --- register.php (revision 446)
    +++ register.php (revision 486)
    @@ -54,6 +54,10 @@
    +3 + 9 * 8
    +
    +
    +
    Index: register-do.php
    ===================================================================
    --- register-do.php (revision 446)
    +++ register-do.php (revision 486)
    @@ -10,6 +10,7 @@
    $password2 = $_POST['password2'];
    $email = $_POST['email'];
    $name = $_POST['name'];
    +$maths = $_POST['maths'];
    if (empty($username))
    {
    @@ -27,6 +28,10 @@
    {
    $page->redirect('register.php?error=Passwords do not match');
    }
    +if ($maths != '75')
    +{
    + $page->redirect('register.php?error=Incorrect maths answer');
    +}
    $resp = recaptcha_check_answer(RECAPTCHA_PRIVATEKEY, $_SERVER["REMOTE_ADDR"],
    $_POST["recaptcha_challenge_field"],
    /photos/album.php
    36,6 → 36,8
    }
     
    $page->drawHeader();
    write('<br /><h3>RSS</h3>');
    $page->drawMenuItem('RSS Feed', 'photos/rss.php?dir=' . $dirName);
    $page->drawMiddle();
     
    write('<p class="bold"><a href="index.php">Back to Photos</a></p><br />');
    45,8 → 47,6
    write('<p>' . $page->replaceBBCode(file_get_contents("albums/" . $dirName . "/description.txt")) . '</p><br />');
    }
     
    write('<p><a href="rss.php?dir=' . $dirName . '">RSS Feed</a></p>');
     
    write('<table>');
    write('<tr>');
     
    /photos/rss.php
    62,7 → 62,7
    write('<item>');
    write('<title>' . $file . '</title>');
    write('<link>http://tim32.org/photos/' . str_replace(" ", "%20", $filename) . '</link>');
    write('<guid>' . $indexInArray . '</guid>');
    write('<guid>id_' . $file . '</guid>');
    write('<pubDate>' . date('D, d M Y H:i:s O', $date). '</pubDate>');
    write('<description><![CDATA[<img src="http://tim32.org/photos/' . str_replace(" ", "%20", $filename) . '" />]]></description>');
    write('</item>');