WebSVN - taios - Path Comparison - / Rev 290 and / Rev 486

Ignore whitespace Rev 290 → Rev 486

 /wiki/edit-do.php
 ,6 → 2,22
 require '../_taios.php';
+if (get_magic_quotes_gpc()) {
+    $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
+    while (list($key, $val) = each($process)) {
+        foreach ($val as $k => $v) {
+            unset($process[$key][$k]);
+            if (is_array($v)) {
+                $process[$key][stripslashes($k)] = $v;
+                $process[] = &$process[$key][stripslashes($k)];
+            } else {
+                $process[$key][stripslashes($k)] = stripslashes($v);
+            }
+        }
+    }
+    unset($process);
+}
 $pageName = $_POST['page'];
 if (empty($pageName))
 {
 ,7 → 30,12
 if ($page->isUserGM($page->getLoggedInUser()))
 {
+    $pageName = str_replace("../", "/", $pageName);
     $filename = 'pages/' . $pageName . '.txt';
+    if(!is_dir(dirname($filename)))
+        mkdir(dirname($filename), 0777, true);
     $fp = @fopen($filename, 'w');
     if ($fp)

 /wiki/edit.php
 ,6 → 16,8
 if ($page->isUserGM($page->getLoggedInUser()))
 {
+    $pageName = str_replace("../", "/", $pageName);
     $filename = 'pages/' . $pageName . '.txt';
     $content = "";
 ,7 → 35,7
 <input type="hidden" name="page" value="<?php echo $pageName; ?>" />
 <table>
 <tr>
-<td><textarea name="content"><?php echo $content; ?></textarea></td>
+<td><textarea name="content"><?php write($content); ?></textarea></td>
 </tr>
 <tr>
 <td><input type="submit" value="Edit" /></td>

 /wiki/index.php
 ,5 → 1,12
 <?php
+function endswith($string, $test) {
+    $strlen = strlen($string);
+    $testlen = strlen($test);
+    if ($testlen > $strlen) return false;
+    return substr_compare($string, $test, -$testlen) === 0;
+}
 require '../_taios.php';
 $pageName = $_GET['page'];
 ,14 → 16,37
 }
 $page = new Taios_Page('Wiki - ' . $pageName, '../');
+if (isset($_GET['random']))
+{
+    $results = array();
+    $handler = opendir('pages/');
+    while ($file = readdir($handler))
+    {
+        if ($file != '.' && $file != '..' && endswith($file, ".txt"))
+        {
+            $results[] = substr($file, 0, count($file) - 5);
+        }
+    }
+    $index = rand() % count($results);
+    $result = $results[$index];
+    $page->redirect('index.php?page=' . $result);
+}
 $page->drawHeader();
+write('<h3>Wiki</h3>');
+$page->drawMenuItem('Index', 'wiki/index.php');
+$page->drawMenuItem('Random Page', 'wiki/index.php?random');
 $page->drawMiddle();
 if ($page->isUserGM($page->getLoggedInUser()))
 {
-    write('<p><a href="edit.php?page=' . $pageName . '">Edit Page</a></p><br />');
+    write('<p class="bold"><a href="edit.php?page=' . $pageName . '">Edit Page</a></p><br />');
 }
+$pageName = str_replace("../", "/", $pageName);
 $filename = 'pages/' . $pageName . '.txt';
 $fp = @fopen($filename, 'r');
 ,6 → 60,26
     write('<p>This page is empty.</p>');
 }
+if(is_dir('pages/' . $pageName))
+{
+    write('<p>Directory listing of ' . $pageName . ':</p>');
+    write('<ul>');
+    $dir = opendir('pages/' . $pageName);
+    if($dir)
+    {
+        while (($file = readdir($dir)) !== false)
+        {
+            if($file != '.' && $file != '..' && (preg_match('/\.txt$/', $file) || is_dir('pages/' . $pageName . '/' . $file)))
+            {
+                $file = preg_replace('/\.txt$/', '', $file);
+                write('<li><a href="index.php?page=' . $pageName . '/' . htmlspecialchars($file) . '">' . htmlspecialchars($file) . '</a></li>');
+            }
+        }
+    }
+    write('</ul>');
+    write('<p>End of directory listing</p>');
+}
 $page->drawFooter();
 ?>

/wiki/pages/Index.txt
File deleted

Property changes:
Deleted: svn:executable
## -1 +0,0 ##
-*
\ No newline at end of property
Index: _taios.php
===================================================================
--- _taios.php (revision 290)
+++ _taios.php (revision 486)
@@ -1,537 +1,591 @@
-
-
-require '_config.php';
-
-class Taios_Page
-{
- function __construct($title, $url = "")
- {
- $this->title = $title;
- $this->url = $url;
-
- $this->drawnHeader = false;
- $this->drawnMiddle = false;
- $this->drawnFooter = false;
-
- $this->db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD);
- if (!$this->db)
- {
- $this->drawError('Failed to connect to database: ' . mysql_error());
- }
-
- if (!mysql_select_db('Tim32'))
- {
- $this->drawError('Failed to select database: ' . mysql_error());
- }
- }
-
- function drawHeader()
- {
- if (!$this->drawnHeader)
- {
- write('');
- write('');
- write('');
- write('');
- write('Tim32 · ' . $this->title . '');
- write('');
- write('');
- write('');
- write(' ');
- write(' ');
- write(' Tim32 ');
- write('');
- write(' ');
- $this->drawMenuItem('Home', 'index.php');
- $this->drawMenuItem('Blog', 'blog/');
- $this->drawMenuItem('Projects', 'projects/');
- $this->drawMenuItem('Forums', 'forums/');
- $this->drawMenuItem('Wiki', 'wiki/');
- $this->drawMenuItem('Photos', 'photos/');
- write(' ');
- if ($this->isLoggedIn())
- {
- $this->drawMenuItem('Administration', 'admin/');
- $this->drawMenuItem('Logout', 'logout-do.php');
- }
- else
- {
- $this->drawMenuItem('Login', 'login.php');
- $this->drawMenuItem('Register', 'register.php');
- }
- write(' ');
-
- $this->drawnHeader = true;
- }
- }
-
- function drawMenuItem($t, $u)
- {
- write(' ' . $t . ' ');
- }
-
- function drawMiddle()
- {
- if (!$this->drawnMiddle)
- {
- write(' ');
- write('');
- write('');
- write(' ');
- write(' ' . $this->title . ' ');
-
- $this->drawnMiddle = true;
- }
- }
-
- function drawFooter()
- {
- if (!$this->drawnFooter)
- {
- write('');
- write('');
- write('');
-
- $this->drawnFooter = true;
- }
-
- die();
- }
-
- function drawError($text, $die = true)
- {
- $this->drawHeader();
- $this->drawMiddle();
-
- write(' Error: ' . $text . ' ');
-
- if ($die)
- {
- $this->drawFooter();
- die();
- }
- }
-
- function drawBlogPostTree($id, $first = false)
- {
- $post = $this->getBlogPost($id);
- if ($first)
- {
- write(' ' . $post->title. ' ^ ');
- }
- else
- {
- write(' ' . $post->title. ' ');
- }
- write(' Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ') ');
- write(' ' . $this->replaceBBCode($post->content) . ' ');
-
- if ($this->isUserNormal($this->getLoggedInUser()))
- {
- echo ' Add Comment';
- if ($this->isUserAdmin($this->getLoggedInUser()) \|\| $this->getLoggedInUser()->ID == $post->author->ID)
- {
- echo ' · Edit Post';
- echo ' · Delete Post';
- }
- write(' ');
- }
-
- $ids = $this->findIDs('BlogPosts', 'WHERE ParentID=' . $id);
- for ($i = 0; $i < count($ids); $i++)
- {
- write(' ');
- $this->drawBlogPostTree($ids[$i]);
- write('');
- }
- }
-
- function drawBlogCategoriesMenu()
- {
- $cats = array();
-
- $ids = $this->findIDs('BlogPosts', 'WHERE ParentID = -1');
- for ($i = 0; $i < count($ids); $i++)
- {
- $cat = $this->getBlogPost($ids[$i])->category;
- if (!in_array($cat, $cats))
- {
- array_push($cats, $cat);
- }
- }
-
- write(' Categories ');
- for ($i = 0; $i < count($cats); $i++)
- {
- $this->drawMenuItem($cats[$i], 'blog/index.php?cat=' . $cats[$i]);
- }
- }
-
- function replaceBBCode($str)
- {
- $newstr = str_replace("\n", ' ', $str);
- $newstr = str_replace(' ', ' ', $newstr);
- $newstr = str_replace(' :)', ' ', $newstr);
- $newstr = str_replace(' :p', ' ', $newstr);
- $newstr = str_replace(' :P', ' ',$newstr);
- $newstr = str_replace(' :\|', ' ',$newstr);
- $newstr = str_replace(' :D', ' ',$newstr);
- $newstr = str_replace(' =D', ' ',$newstr);
- $newstr = str_replace(' :(', ' ',$newstr);
- $newstr = str_replace(' :0', ' ',$newstr);
- $newstr = str_replace(' :o', ' ',$newstr);
- $newstr = str_replace(' :O', ' ',$newstr);
- $newstr = str_replace(' :/', ' ',$newstr);
- $newstr = str_replace(' ;)', ' ',$newstr);
-
- $bbcode = array(
- '/\[b\](.+?)\[\/b\]/is',
- '/\[i\](.+?)\[\/i\]/is',
- '/\[u\](.+?)\[\/u\]/is',
- '/\[url\](.+?)\[\/url\]/is',
- '/\[code\](.+?)\[\/code\]/is',
- '/\[img\](.+?)\[\/img\]/is'
- );
-
- $html = array(
- '$1',
- '$1',
- '$1',
- '$1',
- ' $1 ',
- ''
- );
-
- $newstr = preg_replace($bbcode, $html, $newstr);
-
- return $newstr;
- }
-
- function redirect($u)
- {
- header('Location: ' . $u);
- die();
- }
-
- function isLoggedIn()
- {
- $cookie = $_COOKIE['Tim32_Login'];
- if (!empty($cookie))
- {
- $clist = explode('\|~\|', $cookie);
- $user = $this->getUserByUsername($clist[0]);
- if ($user)
- {
- if ($user->password == $clist[1])
- {
- return true;
- }
- }
- }
-
- return false;
- }
-
- function isUserAdmin()
- {
- if ($this->isLoggedIn())
- {
- if ($this->getLoggedInUser()->accessID <= 0)
- {
- return true;
- }
- }
-
- return false;
- }
-
- function isUserGM()
- {
- if ($this->isLoggedIn())
- {
- if ($this->getLoggedInUser()->accessID <= 1)
- {
- return true;
- }
- }
-
- return false;
- }
-
- function isUserNormal()
- {
- if ($this->isLoggedIn())
- {
- if ($this->getLoggedInUser()->accessID <= 2)
- {
- return true;
- }
- }
-
- return false;
- }
-
- function checkLoggedIn()
- {
- if (!$this->isLoggedIn())
- {
- $this->drawError('You need to be logged in.');
- }
- }
-
- function query($query)
- {
- $result = mysql_query($query);
- if (!$result)
- {
- $this->drawError('Query Failed: ' . $query . "\n" . 'MySQL Error: ' . mysql_error());
- }
-
- return $result;
- }
-
- function findIDs($table, $query = '')
- {
- $array = array();
-
- $result = $this->query('SELECT ID FROM ' . $table . ' ' . $query);
- while ($row = mysql_fetch_array($result))
- {
- array_push($array, $row['ID']);
- }
-
- return $array;
- }
-
- function getUserByID($id)
- {
- $result = $this->query('SELECT * FROM Users WHERE ID = ' . $id);
- while ($row = mysql_fetch_array($result))
- {
- $user = new User;
- $user->ID = $row['ID'];
- $user->accessID = $row['AccessID'];
- $user->username = $row['Username'];
- $user->password = $row['Password'];
- $user->emailAddress = $row['EmailAddress'];
- $user->name = $row['Name'];
- $user->challengeID = $row['ChallengeID'];
-
- return $user;
- }
-
- return false;
- }
-
- function getUserByUsername($username)
- {
- $result = $this->query('SELECT * FROM Users WHERE Username = "' . $username . '"');
- while ($row = mysql_fetch_array($result))
- {
- return $this->getUserByID($row['ID']);
- }
-
- return false;
- }
-
- function getLoggedInUser()
- {
- if ($this->isLoggedIn())
- {
- $clist = explode('\|~\|', $_COOKIE['Tim32_Login']);
- return $this->getUserByUsername($clist[0]);
- }
-
- return false;
- }
-
- function getBlogPost($id)
- {
- $result = $this->query('SELECT * FROM BlogPosts WHERE ID = ' . $id);
- while ($row = mysql_fetch_array($result))
- {
- $post = new BlogPost;
- $post->ID = $row['ID'];
- if ($row['ParentID'] == -1)
- {
- $post->parent = -1;
- }
- else
- {
- $post->parent = $this->getBlogPost($row['ParentID']);
- }
- $post->author = $this->getUserByID($row['AuthorID']);
- $post->user = $this->getUserByID($row['AuthorID']); // For some older pages
- $post->title = $row['Title'];
- $post->content = $row['Content'];
- $post->datePosted = strtotime($row['DatePosted']);
- $post->category = $row['Category'];
- $post->spam = $row['Spam'];
-
- return $post;
- }
-
- $this->drawError('Cannot find blog post, #' . $id);
- }
-
- function getProject($id)
- {
- $result = $this->query('SELECT * FROM Projects WHERE ID = ' . $id);
- while ($row = mysql_fetch_array($result))
- {
- $project = new Project;
-
- $project->ID = $row['ID'];
- $project->author = $this->getUserByID($row['AuthorID']);
- $project->title = $row['Title'];
- $project->description = $row['Description'];
- $project->logoURL = $row['LogoURL'];
- $project->downloadURL = $row['DownloadURL'];
- $project->websiteURL = $row['WebsiteURL'];
- $project->latestVersion = $row['LatestVersion'];
- $project->lastUpdate = strtotime($row['LastUpdate']);
-
- return $project;
- }
-
- return false;
- }
-
- function getForumCategory($id)
- {
- $result = $this->query('SELECT * FROM ForumCategories WHERE ID = ' . $id);
- while ($row = mysql_fetch_array($result))
- {
- $f = new ForumCategory;
-
- $f->ID = $row['ID'];
- $f->parent = $this->getForumCategory($row['ParentID']);
- $f->title = $row['Title'];
- $f->description = $row['Description'];
-
- return $f;
- }
-
- return false;
- }
-
- function getForumPost($id)
- {
- $result = $this->query('SELECT * FROM ForumPosts WHERE ID = ' . $id);
- while ($row = mysql_fetch_array($result))
- {
- $f = new ForumPost;
-
- $f->ID = $row['ID'];
- $f->author = $this->getUserByID($row['AuthorID']);
- $f->category = $this->getForumCategory($row['CategoryID']);
- $f->parent = $this->getForumPost($row['ParentID']);
- $f->title = $row['Title'];
- $f->content = $row['Content'];
- $f->datePosted = strtotime($row['DatePosted']);
- $f->spam = $row['Spam'];
-
- return $f;
- }
-
- return false;
- }
-
- function delBlogPost($id)
- {
- $ids = $this->findIDs('BlogPosts', 'WHERE ParentID=' . $id);
- for ($i = 0; $i < count($ids); $i++)
- {
- $this->delBlogPost($ids[$i]);
- }
-
- $this->query('DELETE FROM BlogPosts WHERE ID=' . $id);
- }
-
- function getGetID()
- {
- $id = $_GET['id'];
- if (empty($id))
- {
- $id = 1;
- }
-
- return $id;
- }
-
- function getPostID()
- {
- $id = $_POST['id'];
- if (empty($id))
- {
- $id = 1;
- }
-
- return $id;
- }
-
-}
-
-class User
-{
- public $ID;
- public $accessID;
- public $username;
- public $password;
- public $emailAddress;
- public $name;
- public $challengeID;
-}
-
-class BlogPost
-{
- public $ID;
- public $parent;
- public $author;
- public $title;
- public $content;
- public $datePosted;
- public $category;
- public $spam;
-}
-
-class Project
-{
- public $ID;
- public $author;
- public $title;
- public $description;
- public $logoURL;
- public $downloadURL;
- public $websiteURL;
- public $latestVersion;
- public $lastUpdate;
-}
-
-class ForumCategory
-{
- public $ID;
- public $parent;
- public $title;
- public $description;
-}
-
-class ForumPost
-{
- public $id;
- public $author;
- public $category;
- public $parent;
- public $title;
- public $content;
- public $datePosted;
- public $spam;
-}
-
-function write($str)
-{
- echo $str;
- echo "\n";
-}
-
-?>
+
+
+require '_config.php';
+
+class Taios_Page
+{
+ function __construct($title, $url = "")
+ {
+ $this->title = $title;
+ $this->url = $url;
+
+ $this->drawnHeader = false;
+ $this->drawnMiddle = false;
+ $this->drawnFooter = false;
+
+ $this->db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD);
+ if (!$this->db)
+ {
+ $this->drawError('Failed to connect to database: ' . mysql_error());
+ }
+
+ if (!mysql_select_db('Tim32'))
+ {
+ $this->drawError('Failed to select database: ' . mysql_error());
+ }
+ }
+
+ function drawHeader()
+ {
+ if (!$this->drawnHeader)
+ {
+ write('');
+ write('');
+ write('');
+ write('');
+ write('Tim32 · ' . $this->title . '');
+ write('');
+ write('');
+ write('');
+ write('');
+ write('');
+ write('');
+ write(' ');
+ write(' ');
+ write(' Tim32 ');
+ write('');
+ write(' ');
+ $this->drawMenuItem('Home', 'index.php');
+ $this->drawMenuItem('Blog', 'blog/');
+ $this->drawMenuItem('Projects', 'projects/');
+ $this->drawMenuItem('Forums', 'forums/');
+ $this->drawMenuItem('Wiki', 'wiki/');
+ $this->drawMenuItem('Photos', 'photos/');
+ write(' ');
+
+ if ($this->isLoggedIn() && $this->isUserNormal($this->getLoggedInUser())) {
+ $this->drawMenuItem('Administration', 'admin/');
+ $this->drawMenuItem('Logout', 'logout-do.php');
+ } else if ($this->isLoggedIn()) {
+ $this->drawMenuItem('Logout', 'logout-do.php');
+
+ if ($this->getLoggedInUser()->username != "cake") {
+ $this->drawMenuItem('You are banned', NULL);
+ } else {
+ $this->drawMenuItem('#undefined', '/challenge/cakefolder');
+ }
+ } else {
+ $this->drawMenuItem('Login', 'login.php');
+ $this->drawMenuItem('Register', 'register.php');
+ }
+
+ write(' ');
+ $this->drawnHeader = true;
+ }
+ }
+
+ function drawMenuItem($t, $u) {
+ if ($u == NULL) {
+ write(' ' . $t . ' ');
+ } else {
+ write(' ' . $t . ' ');
+ }
+ }
+
+ function drawMiddle()
+ {
+ if (!$this->drawnMiddle) {
+ write('');
+ write('');
+ write(' ');
+ write(' ' . $this->title . ' ');
+
+ $this->drawnMiddle = true;
+ }
+ }
+
+ function drawFooter()
+ {
+ if (!$this->drawnFooter)
+ {
+ write('');
+ write('');
+ write('');
+
+ $this->drawnFooter = true;
+ }
+
+ die();
+ }
+
+ function drawError($text, $die = true)
+ {
+ $this->drawHeader();
+ $this->drawMiddle();
+
+ write(' Error: ' . $text . ' ');
+
+ if ($die)
+ {
+ $this->drawFooter();
+ die();
+ }
+ }
+
+ function drawBlogPostTree($id, $first = false)
+ {
+ $post = $this->getBlogPost($id);
+ if ($first)
+ {
+ write(' ' . $post->title. ' ^ ');
+ }
+ else
+ {
+ write(' ' . $post->title. ' ');
+ }
+ write(' Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ') ');
+ write(' ' . $this->replaceBBCode($post->content) . ' ');
+
+ if ($this->isUserNormal($this->getLoggedInUser()))
+ {
+ echo ' Add Comment';
+ if ($this->isUserAdmin($this->getLoggedInUser()) \|\| $this->getLoggedInUser()->ID == $post->author->ID)
+ {
+ echo ' · Edit Post';
+ echo ' · Delete Post';
+ }
+ write(' ');
+ }
+
+ $ids = $this->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"');
+ for ($i = 0; $i < count($ids); $i++)
+ {
+ write(' ');
+ $this->drawBlogPostTree($ids[$i]);
+ write('');
+ }
+ }
+
+ function drawBlogCategoriesMenu()
+ {
+ $cats = array();
+
+ $ids = $this->findIDs('BlogPosts', 'WHERE ParentID = -1');
+ for ($i = 0; $i < count($ids); $i++)
+ {
+ $cat = $this->getBlogPost($ids[$i])->category;
+ if (!in_array($cat, $cats) && ($cat != "Drafts" \|\| $this->isUserGM($this->getLoggedInUser())))
+ {
+ array_push($cats, $cat);
+ }
+ }
+
+ write(' Categories ');
+ for ($i = 0; $i < count($cats); $i++)
+ {
+ $this->drawMenuItem($cats[$i], 'blog/index.php?cat=' . $cats[$i]);
+ }
+ }
+
+ function replaceBBCode($str)
+ {
+ $newstr = $str;
+ $newstr = str_replace("<", "<", $newstr);
+ $newstr = str_replace(">", ">", $newstr);
+ $newstr = str_replace("\n", " ", $newstr);
+ $newstr = str_replace("\\'", "'", $newstr);
+ $newstr = str_replace("\\\"",'"', $newstr);
+ $newstr = str_replace(' ', ' ', $newstr);
+
+ $bbcode = array(
+ '/\[b\](.+?)\[\/b\]/is',
+ '/\[i\](.+?)\[\/i\]/is',
+ '/\[u\](.+?)\[\/u\]/is',
+ '/\[url\](.+?)\[\/url\]/is',
+ '/\[w\](.+?)\[\/w\]/is',
+ '/\[url=(?:")?(.+?)(?:")?\](.+?)\[\/url\]/is',
+ '/\[w=(?:")?(.+?)(?:")?\](.+?)\[\/w\]/is',
+ '/\[code\](.+?)\[\/code\]/is',
+ '/\[img\](.+?)\[\/img\]/is',
+ '/\[ul\](.+?)\[\/ul\]/is',
+ '/\[ol\](.+?)\[\/ol\]/is',
+ '/\[li\](.+?)\[\/li\]/is',
+ '/\[mono\](.+?)\[\/mono\]/is',
+ '/\[tcp\](.+?)\[\/tcp\]/is'
+ );
+
+ $html = array(
+ '$1',
+ '$1',
+ '$1',
+ '$1',
+ '$1',
+ '$2',
+ '$2',
+ ' $1 ',
+ '',
+ ' $1 ',
+ ' $1 ',
+ ' $1 ',
+ '$1',
+ '$1'
+ );
+
+ $newstr = preg_replace($bbcode, $html, $newstr);
+
+ return $newstr;
+ }
+
+ function redirect($u)
+ {
+ header('Location: ' . $u);
+ die();
+ }
+
+ function isLoggedIn()
+ {
+ $cookie = $_COOKIE['Tim32_Login'];
+ if (!empty($cookie))
+ {
+ $clist = explode('\|~\|', $cookie);
+ $user = $this->getUserByUsername($clist[0]);
+ if ($user)
+ {
+ if ($user->password == $clist[1])
+ {
+ return true;
+ }
+ }
+ }
+
+ return false;
+ }
+
+ function isUserAdmin()
+ {
+ if ($this->isLoggedIn())
+ {
+ if ($this->getLoggedInUser()->accessID <= 0)
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ function isUserGM()
+ {
+ if ($this->isLoggedIn())
+ {
+ if ($this->getLoggedInUser()->accessID <= 1)
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ function isUserNormal()
+ {
+ if ($this->isLoggedIn())
+ {
+ if ($this->getLoggedInUser()->accessID <= 2)
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ function isUserBanned()
+ {
+ if ($this->isLoggedIn())
+ {
+ if ($this->getLoggedInUser()->accessID >= 3)
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ function checkChallengeStatus($challengeID, $previous, $next)
+ {
+ $currentChallengeID = $this->getLoggedInUser()->challengeID;
+
+ if (!$this->isLoggedIn())
+ {
+ $this->redirect('index.php');
+ }
+ else if ($currentChallengeID > $challengeID)
+ {
+ $this->redirect($next . '.php');
+ }
+ else if ($currentChallengeID < $challengeID)
+ {
+ $this->redirect($previous . '.php');
+ }
+ }
+
+ function checkLoggedIn()
+ {
+ if (!$this->isLoggedIn())
+ {
+ $this->drawError('You need to be logged in.');
+ }
+ }
+
+ function query($query)
+ {
+ $result = mysql_query($query);
+ if (!$result)
+ {
+ $this->drawError('Query Failed: ' . $query . "\n" . 'MySQL Error: ' . mysql_error());
+ }
+
+ return $result;
+ }
+
+ function findIDs($table, $query = '')
+ {
+ $array = array();
+
+ $result = $this->query('SELECT ID FROM ' . $table . ' ' . $query);
+ while ($row = mysql_fetch_array($result))
+ {
+ array_push($array, $row['ID']);
+ }
+
+ return $array;
+ }
+
+ function getUserByID($id)
+ {
+ $result = $this->query('SELECT * FROM Users WHERE ID = "' . $id . '"');
+ while ($row = mysql_fetch_array($result))
+ {
+ $user = new User;
+ $user->ID = $row['ID'];
+ $user->accessID = $row['AccessID'];
+ $user->username = $row['Username'];
+ $user->password = $row['Password'];
+ $user->emailAddress = $row['EmailAddress'];
+ $user->name = $row['Name'];
+ $user->challengeID = $row['ChallengeID'];
+
+ return $user;
+ }
+
+ return false;
+ }
+
+ function getUserByUsername($username)
+ {
+ $result = $this->query('SELECT * FROM Users WHERE Username = "' . $username . '"');
+ while ($row = mysql_fetch_array($result))
+ {
+ return $this->getUserByID($row['ID']);
+ }
+
+ return false;
+ }
+
+ function getLoggedInUser()
+ {
+ if ($this->isLoggedIn())
+ {
+ $clist = explode('\|~\|', $_COOKIE['Tim32_Login']);
+ return $this->getUserByUsername($clist[0]);
+ }
+
+ return false;
+ }
+
+ function getBlogPost($id)
+ {
+ $result = $this->query('SELECT * FROM BlogPosts WHERE ID = "' . $id . '"');
+ while ($row = mysql_fetch_array($result))
+ {
+ $post = new BlogPost;
+ $post->ID = $row['ID'];
+ if ($row['ParentID'] == -1)
+ {
+ $post->parent = -1;
+ }
+ else
+ {
+ $post->parent = $this->getBlogPost($row['ParentID']);
+ }
+ $post->author = $this->getUserByID($row['AuthorID']);
+ $post->user = $this->getUserByID($row['AuthorID']); // For some older pages
+ $post->title = htmlspecialchars($row['Title']);
+ $post->content = htmlspecialchars($row['Content']);
+ $post->datePosted = strtotime($row['DatePosted']);
+ $post->category = $row['Category'];
+ $post->spam = $row['Spam'];
+
+ return $post;
+ }
+
+ $this->drawError('Cannot find blog post, #' . $id);
+ }
+
+ function getProject($id)
+ {
+ $result = $this->query('SELECT * FROM Projects WHERE ID = "' . $id . '"');
+ while ($row = mysql_fetch_array($result))
+ {
+ $project = new Project;
+
+ $project->ID = $row['ID'];
+ $project->author = $this->getUserByID($row['AuthorID']);
+ $project->title = $row['Title'];
+ $project->description = $row['Description'];
+ $project->logoURL = $row['LogoURL'];
+ $project->downloadURL = $row['DownloadURL'];
+ $project->websiteURL = $row['WebsiteURL'];
+ $project->latestVersion = $row['LatestVersion'];
+ $project->lastUpdate = strtotime($row['LastUpdate']);
+
+ return $project;
+ }
+
+ return false;
+ }
+
+ function getForumCategory($id)
+ {
+ $result = $this->query('SELECT * FROM ForumCategories WHERE ID = "' . $id . '"');
+ while ($row = mysql_fetch_array($result))
+ {
+ $f = new ForumCategory;
+
+ $f->ID = $row['ID'];
+ $f->parent = $this->getForumCategory($row['ParentID']);
+ $f->title = $row['Title'];
+ $f->description = $row['Description'];
+
+ return $f;
+ }
+
+ return false;
+ }
+
+ function getForumPost($id)
+ {
+ $result = $this->query('SELECT * FROM ForumPosts WHERE ID = "' . $id . '"');
+ while ($row = mysql_fetch_array($result))
+ {
+ $f = new ForumPost;
+
+ $f->ID = $row['ID'];
+ $f->author = $this->getUserByID($row['AuthorID']);
+ $f->category = $this->getForumCategory($row['CategoryID']);
+ $f->parent = $this->getForumPost($row['ParentID']);
+ $f->title = $row['Title'];
+ $f->content = $row['Content'];
+ $f->datePosted = strtotime($row['DatePosted']);
+ $f->spam = $row['Spam'];
+
+ return $f;
+ }
+
+ return false;
+ }
+
+ function delBlogPost($id)
+ {
+ $ids = $this->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"');
+ for ($i = 0; $i < count($ids); $i++)
+ {
+ $this->delBlogPost($ids[$i]);
+ }
+
+ $this->query('DELETE FROM BlogPosts WHERE ID="' . $id . '"');
+ }
+
+ function getGetID()
+ {
+ $id = $_GET['id'];
+ if (empty($id))
+ {
+ $id = 1;
+ }
+
+ return $id;
+ }
+
+ function getPostID()
+ {
+ $id = $_POST['id'];
+ if (empty($id))
+ {
+ $id = 1;
+ }
+
+ return $id;
+ }
+
+}
+
+class User
+{
+ public $ID;
+ public $accessID;
+ public $username;
+ public $password;
+ public $emailAddress;
+ public $name;
+
+ public $challengeID;
+}
+
+class BlogPost
+{
+ public $ID;
+ public $parent;
+ public $author;
+ public $title;
+ public $content;
+ public $datePosted;
+ public $category;
+ public $spam;
+}
+
+class Project
+{
+ public $ID;
+ public $author;
+ public $title;
+ public $description;
+
+
+ public $logoURL;
+ public $downloadURL;
+ public $websiteURL;
+ public $latestVersion;
+ public $lastUpdate;
+}
+
+class ForumCategory
+{
+ public $ID;
+ public $parent;
+ public $title;
+ public $description;
+
+}
+
+class ForumPost
+{
+ public $id;
+ public $author;
+ public $category;
+ public $parent;
+ public $title;
+ public $content;
+ public $datePosted;
+ public $spam;
+}
+
+function write($str)
+{
+ echo $str;
+ echo "\n";
+}
+
+?>
Index: admin/nowify.php
===================================================================
--- admin/nowify.php (nonexistent)
+++ admin/nowify.php (revision 486)
@@ -0,0 +1,68 @@
+
+
+require '../_taios.php';
+
+$page = new Taios_Page('Nowify', '../');
+
+if (isset($_GET['id']))
+{
+ $id = $_GET['id'];
+}
+else if (isset($_POST['id']))
+{
+ $id = $_POST['id'];
+}
+else
+{
+ $page->drawError('No ID set.');
+}
+
+$page->checkLoggedIn();
+
+$post = $page->getBlogPost($id);
+if ((!$page->isUserAdmin($page->getLoggedInUser()) && $page->getLoggedInUser()->ID != $post->author->ID) \|\| !$page->isUserNormal($page->getLoggedInUser()))
+{
+ $page->drawError('You do not have permission to access this page.');
+}
+
+$error = '';
+
+if (isset($_POST['id']))
+{
+ $title = $_POST['title'];
+
+ $page->query('UPDATE BlogPosts SET DatePosted = NOW() WHERE ID = "' . $id . '"');
+ $page->redirect('/blog/post.php?id=' . $id);
+}
+
+$page->drawHeader();
+$page->drawBlogCategoriesMenu();
+$page->drawMiddle();
+
+if (!empty($error))
+{
+ $page->drawError($error, false);
+}
+
+?>
+
+
+Press Sumbit if you wish to nowify post title; ?>.
+
+
+write('');
+?>
+
+
+
+
+
+

+ + + + +$page->drawFooter(); + +?> + Index: admin/account-do.php =================================================================== --- admin/account-do.php (revision 290) +++ admin/account-do.php (revision 486) @@ -13,26 +13,26 @@ $name = $_POST['name']; $user = $page->getUserByID($userID); -if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user) +if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser())) { if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser())) { - $page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = ' . $userID); + $page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = "' . $userID . '"'); } if (!empty($password)) { - $page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = ' . $userID); + $page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = "' . $userID . '"'); } if (!empty($email)) { - $page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = ' . $userID); + $page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = "' . $userID . '"'); } if (!empty($name)) { - $page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = ' . $userID); + $page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = "' . $userID . '"'); } } else

 /admin/all-blog-posts.php
 ,24 → 27,28
     $ids = $page->findIDs('BlogPosts', 'ORDER BY DatePosted DESC');
     for ($i = 0; $i < count($ids); $i++)
     {
-        $post = $page->getBlogPost($ids[$i]);
-        write('<tr>');
-        write('<td><a href="../blog/edit-post.php?id=' . $post->ID . '">' . $post->ID . '</a></td>');
-        if ($post->parent == -1)
+        $id_str = $ids[$i];
+        if (!empty($id_str))
         {
-            write('<td style="color: #444444;">No Parent</td>');
+            $post = $page->getBlogPost($id_str);
+            write('<tr>');
+            write('<td><a href="../blog/edit-post.php?id=' . $post->ID . '">' . $post->ID . '</a></td>');
+            if ($post->parent == -1)
+            {
+                write('<td style="color: #444444;">No Parent</td>');
+            }
+            else
+            {
+                write('<td>' . $post->parent->title . '</td>');
+            }
+            write('<td><a href="account.php?id=' . $post->author->ID . '">' . $post->author->name . '</a></td>');
+            write('<td>' . $post->title . '</td>');
+            write('<td>' . str_replace("\n", '<br />', $post->content) . '</td>');
+            write('<td>' . date('j/m/Y H:i', $post->datePosted) . ' <a href="nowify.php?id=' . $post->ID . '">Nowify</a></td>');
+            write('<td>' . $post->category . '</td>');
+            write('<td>' . $post->spam . '</td>');
+            write('</tr>');
         }
-        else
-        {
-            write('<td>' . $post->parent->title . '</td>');
-        }
-        write('<td><a href="account.php?id=' . $post->author->ID . '">' . $post->author->name . '</a></td>');
-        write('<td>' . $post->title . '</td>');
-        write('<td>' . str_replace("\n", '<br />', $post->content) . '</td>');
-        write('<td>' . date('j/m/Y H:i', $post->datePosted) . '</td>');
-        write('<td>' . $post->category . '</td>');
-        write('<td>' . $post->spam . '</td>');
-        write('</tr>');
     }
     write('</table>');

 /admin/account.php
 ,7 → 11,7
 $userID = $page->getGetID();
 $user = $page->getUserByID($userID);
-if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user)
+if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser()))
 {
 ?>

 /admin/index.php
 ,7 → 9,14
 $page->checkLoggedIn();
 $user = $page->getLoggedInUser();
-write('<h4><a href="account.php?id=' . $user->ID. '">Manage Account</a></h4>');
+if ($page->isUserNormal($user))
+{
+    write('<h4><a href="account.php?id=' . $user->ID. '">Manage Account</a></h4>');
+}
+else
+{
+    $page->drawError('You do not have permission to access this page.');
+}
 if ($page->isUserAdmin($user))
 {

 /admin/all-accounts.php
 ,7 → 17,7
     write('<td class="bold">ID</td>');
     write('<td class="bold">AccessID</td>');
     write('<td class="bold">Username</td>');
-    write('<td class="bold">Password</td>');
+    write('<td class="bold">SHA1 Password</td>');
     write('<td class="bold">Name</td>');
     write('<td class="bold">Email Address</td>');
     write('<td class="bold">Challenge ID</td>');

 /projects/index.php
 ,7 → 22,7
     write('<h3>' . $project->title . '</h3>');
     write('<table style="border: 0px;">');
     write('<tr>');
-    write('<td style="border: 0px; vertical-align: top;"><img class="smiley" src="' . $project->logoURL . '" /></td>');
+    write('<td style="border: 0px; vertical-align: top;"><img class="smiley" src="' . $project->logoURL . '" alt="' . $project->title . ' logo" /></td>');
     write('<td style="border: 0px;">');
     if (empty($project->latestVersion))
     {

 /projects/edit-project-do.php
 ,30 → 24,30
 {
     if (!empty($title))
     {
-        $page->query('UPDATE Projects SET Title = "' . $title . '" WHERE ID = ' . $project->ID);
+        $page->query('UPDATE Projects SET Title = "' . $title . '" WHERE ID = "' . $project->ID . '"');
     }
     if (!empty($description))
     {
-        $page->query('UPDATE Projects SET Description = "' . $description . '" WHERE ID = ' . $project->ID);
+        $page->query('UPDATE Projects SET Description = "' . $description . '" WHERE ID = "' . $project->ID . '"');
     }
     if (!empty($logoURL))
     {
-        $page->query('UPDATE Projects SET LogoURL = "' . $logoURL . '" WHERE ID = ' . $project->ID);
+        $page->query('UPDATE Projects SET LogoURL = "' . $logoURL . '" WHERE ID = "' . $project->ID . '"');
     }
     if (!empty($websiteURL))
     {
-        $page->query('UPDATE Projects SET WebsiteURL = "' . $websiteURL . '" WHERE ID = ' . $project->ID);
+        $page->query('UPDATE Projects SET WebsiteURL = "' . $websiteURL . '" WHERE ID = "' . $project->ID . '"');
     }
     if (!empty($downloadURL))
     {
-        $page->query('UPDATE Projects SET DownloadURL = "' . $downloadURL . '" WHERE ID = ' . $project->ID);
+        $page->query('UPDATE Projects SET DownloadURL = "' . $downloadURL . '" WHERE ID = "' . $project->ID . '"');
     }
     if (!empty($latestVersion))
     {
-        $page->query('UPDATE Projects SET LatestVersion = "' . $latestVersion . '" WHERE ID = ' . $project->ID);
+        $page->query('UPDATE Projects SET LatestVersion = "' . $latestVersion . '" WHERE ID = "' . $project->ID . '"');
     }
-    $page->query('UPDATE Projects SET LastUpdate = NOW() WHERE ID = ' . $project->ID);
+    $page->query('UPDATE Projects SET LastUpdate = NOW() WHERE ID = "' . $project->ID . '"');
     $page->redirect('index.php');
 }

 /projects/add-project-do.php
 ,7 → 25,7
 if ($page->isUserGM($user))
 {
-    $page->query('INSERT INTO Projects VALUES (0, ' . $user->ID . ', "' . $title . '", "' . $description . '", "' . $logoURL . '", "' . $downloadURL . '", "' . $websiteURL . '", "' . $latestVersion . '", NOW())');
+    $page->query('INSERT INTO Projects VALUES (0, "' . $user->ID . '", "' . $title . '", "' . $description . '", "' . $logoURL . '", "' . $downloadURL . '", "' . $websiteURL . '", "' . $latestVersion . '", NOW())');
     $page->redirect('index.php');
 }
 else

 /projects/delete-project-do.php
 ,7 → 10,7
 if (($page->isUserAdmin($page->getLoggedInUser()) || $page->getLoggedInUser()->ID == $project->author->ID) && $project)
 {
-    $page->query('DELETE FROM Projects WHERE ID = ' . $id);
+    $page->query('DELETE FROM Projects WHERE ID = "' . $id . '"');
     $page->redirect('index.php');
 }
 else

 /index.php
 ,33 → 4,36
 $page = new Taios_Page('Home');
 $page->drawHeader();
-write('<h3>Pages</h3>');
-$page->drawMenuItem('Biggles', '/~biggles/');
-$page->drawMenuItem('Freddie', '/~freddie/');
-$page->drawMenuItem('Muzer', '/~muzer/');
-$page->drawMenuItem('Sh4rk', '/~szabot/');
-$page->drawMenuItem('Tom', '/~tom/');
 $page->drawMiddle();
 ?>
 <p class="bold">Welcome to Tim32!</p>
-<p>Tim32 is a 10 year-old laptop running Ubuntu Server Edition 10.04.</p>
+<?php
+write('<p>Tim32 is a ' . (date("Y") - 2000) . '-year-old laptop running Ubuntu Server Edition 10.04.</p>');
+write('<p>On the other hand, Tim36 (which is serving this page) is a ' . (date("Y") - 2007) . '-year-old laptop running Ubuntu Server Edition 10.04.</p>');
+?>
+<p>By using this website, you hereby accept cookies being stored on your computer.</p>
 <br />
-<h3>Latest Blog Posts</h3>
+<h3 title="Take the Tim32 challenge: http://tim32.org/challenge/">Latest Blog Posts</h3>
+<p><a href="blog/rss.php">Rss Feed</a></p>
 <?php
-$ids = $page->findIDs('BlogPosts', 'WHERE ParentID = -1 ORDER BY DatePosted DESC');
-for ($i = 0; $i < 5 && $i < count($ids); $i++)
+$ids = $page->findIDs('BlogPosts', 'WHERE ParentID = -1 AND Category != "Drafts" ORDER BY DatePosted DESC');
+for ($i = 0; $i < 4 && $i < count($ids); $i++)
 {
     $id = $ids[$i];
     $post = $page->getBlogPost($id);
-    write('<h4><a href="blog/post.php?id=' . $post->ID . '">' . $post->title. '</a></h4>');
+    $comment_count = 0;
+    $ids2 = $page->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"');
+    write('<a href="blog/post.php?id=' . $id . '"><h3>' . $post->title. '</h3></a>');
     write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>');
     write('<p>' . $page->replaceBBCode($post->content) . '</p>');
+    write('<h5 style="color: #666666;">' . count($ids2) . ' Comments</h5>');
     write('<br />');
 }

 /tcp.js
 ,0 → 1,51
+function updateResult(box, text) {
+    box.find(".tcp_inner_result").html("<i>Loading...</i>");
+    $.get('http://tim32.org/~freddie/VOSLookup/tcppop.php?totr=' + text, function(data) {
+        box.find(".tcp_inner_result").html(data);
+    });
+}
+function openBox(box) {
+    var text = box.attr("data-text");
+    box.append("<div class=\"tcp_inner\"><input type=\"text\" value=\"" + text + "\" /><input type=\"submit\" value=\"Parse\" /><br /><div class=\"tcp_inner_result\"></div></div>");
+    box.children(".tcp_inner").hide().fadeIn();
+    updateResult(box, text);
+    box.find("input[type=submit]").click(function() {
+        updateResult(box, box.find("input[type=text]").val());
+        return false;
+    });
+    box.find("input[type=text]").change(function() {
+        updateResult(box, $(this).val());
+    });
+}
+function closeBox(box) {
+    $(box).children(".tcp_inner").fadeOut(function() {
+        $(this).remove();
+    });
+}
+$(document).ready(function() {
+    $(".tcp .tcp_button").on("click", function() {
+        var box = $(this).parent();
+        var s = box.attr("data-status");
+        if (s == "closed") {
+            box.attr("data-status", "open");
+            $(this).attr("src", "http://tim32.org/~freddie/timlan/noTCP.png");
+            $(this).attr("title", "Close TCP Editor");
+            openBox(box);
+        } else {
+            box.attr("data-status", "closed");
+            $(this).attr("src", "http://tim32.org/~freddie/timlan/goTCP.png");
+            $(this).attr("title", "Open TCP Editor");
+            closeBox(box);
+        }
+    });
+});

 /styles.css
 ,22 → 1,23
 body {
-    background-color: #FFFFFF;
     color: #000000;
     font-family: Droid Sans, Tahoma, sans-serif;
-    font-size: 11pt;
+    font-size: 10pt;
+    margin: 0px;
+    padding: 0px;
+    height: 100%;
 }
 h1 {
     font-size: 28pt;
-    margin: 6px;
+    margin: 8px;
     margin-top: 0px;
-    color: #000089;
-    border-bottom: 1px solid #000000;
+    color: #FFFFFF;
+    border-bottom: 1px solid #FFFFFF;
 }
 h2 {
     font-size: 20pt;
-    margin: 6px;
+    margin: 8px;
     margin-left: 8px;
     color: #00004B;
 }
 ,7 → 24,7
 h3 {
     font-size: 16pt;
-    margin: 6px;
+    margin: 8px;
     margin-left: 10px;
     color: #000055;
 }
 ,7 → 31,7
 h4 {
     font-size: 12pt;
-    margin: 6px;
+    margin: 8px;
     margin-left: 12px;
     color: #00005F;
 }
 ,14 → 38,14
 h5 {
     font-size: 10pt;
-    margin: 6px;
+    margin: 8px;
     margin-left: 14px;
     color: #000069;
 }
 p, table, span {
-    font-size: 11pt;
-    margin: 6px;
+    font-size: 10pt;
+    margin: 8px;
     margin-left: 16px;
 }
 ,6 → 62,12
     border: 1px solid #000000;
     color: #000000;
     background-color: #B5D7FF;
+    padding: 4px;
+    margin: 5px;
+    font-size: 11pt;
+}
+input[type=text], input[type=password] {
     width: 500px;
 }
 ,21 → 95,23
 }
 .sidebar {
+    top: 0px;
     left: 0px;
-    top: 0px;
-    position: fixed;
+    position: absolute;
+    float: left;
+    width: 156px;
     padding: 0px;
     padding-left: 32px;
-    border-right: 1px solid #000089;
-    background-color: #FFFF73;
-    background-image: url('data/sidebar-gradient.png');
-    background-repeat: repeat-x;
-    background-position: center bottom;
+    border-right: 2px solid #000049;
+    border-bottom: 2px solid #000049;
+    color: #FFFFFF;
+    z-index: 50;
+    background-color: #032865;
 }
 .sidebar-header {
-    left: 0px;
     width: 140px;
     padding: 6px;
     text-align: right;
 ,10 → 120,12
 .sidebar-menu {
     text-align: right;
     padding: 6px;
+    color: #FFFFFF;
 }
 .sidebar-menu h3 {
     margin: 6px;
+    color: #FFFFFF;
 }
 .sidebar-menu p {
 ,11 → 133,23
     margin: 4px;
 }
+.sidebar-menu a {
+    color: #FFFFFF;
+}
 .content {
-    left: 200px;
     top: 0px;
-    position: absolute;
-    margin-right: 32px;
+/*    left: 0px;*/
+    margin-left: 190px;
+/*    padding-top: 0px*/
+/*    position: absolute;*/
+/*    margin-right: 32px;*/
+    background-color: #FFFFFF;
+    height: 100%;
+    height: auto !important;
+    width: auto;
+    display: block;
+/*    display: inline-block;*/
 }
 .bold {
 ,6 → 156,10
     font-weight: bold;
 }
+.italic {
+    font-style: italic;
+}
 .indent {
     margin-left: 14px;
     border-left: 1px solid #BBBBBB;
 ,8 → 166,51
 }
 .code {
-    border: 1px solid #333333;
+    border-top: 2px solid #999999;
+    border-bottom: 2px solid #999999;
+    margin: 4px 16px;
+    padding: 3px;
     background-color: #DDDDDD;
     font-family: Droid Sans Mono, Monospace, Fixed;
+    font-size: 10pt;
 }
+.tcp_button {
+    border: none;
+    margin: 0px 14px;
+    cursor: pointer;
+}
+.tcp_inner {
+    margin: 4px;
+    padding: 2px;
+    border: 1px solid #000000;
+}
+.tcp_inner_result {
+    margin: 6px;
+}
+.copyright {
+    color: #BBBBBB;
+    text-align: left;
+    font-size: 9pt;
+}
+.copyright a {
+    color: #BBBBBB;
+}
+.recaptchatable .recaptcha_image_cell, #recaptcha_table {
+    background-color: #4B9DE0 !important; //reCaptcha widget background color
+}
+#recaptcha_table {
+    border-color: #3874A4 !important; //reCaptcha widget border color
+}
+#recaptcha_response_field {
+    border-color: #000000 !important; //Text input field border color
+    background-color:#FFFFFF !important; //Text input field background color
+}

 /blog/add-post.php
 ,12 → 40,12
     }
     else
     {
-        if ($page->getLoggedInUser()->accessID >= 2 && $parentID == -1)
+        if (($page->getLoggedInUser()->accessID >= 2 && $parentID == -1) || $page->getLoggedInUser()->accessID > 2)
         {
             $page->drawError('You do not have permission to access this page.');
         }
-        $page->query('INSERT INTO BlogPosts VALUES(0, ' . $parentID . ', "' . $page->getLoggedInUser()->ID . '", "' . $title . '", "' . $content . '", NOW(), "' . $category . '", 0)');
+        $page->query('INSERT INTO BlogPosts VALUES(0, "' . $parentID . '", "' . $page->getLoggedInUser()->ID . '", "' . $title . '", "' . $content . '", NOW(), "' . $category . '", 0)');
         $page->redirect('post.php?id=' . $parentID);
     }
 }

 /blog/index.php
 ,6 → 5,8
 $page = new Taios_Page('Blog Posts', '../');
 $page->drawHeader();
 $page->drawBlogCategoriesMenu();
+write('<br /><h3>RSS</h3>');
+$page->drawMenuItem('RSS Feed', 'blog/rss.php');
 $page->drawMiddle();
 if ($page->isUserGM($page->getLoggedInUser()))
 ,6 → 23,11
     write('<p>Only showing blog posts from the ' . $_GET['cat'] . ' category. <a href="index.php">Reset Filtering</a></p><br />');
 }
+if(!$page->isUserGM($page->getLoggedInUser()))
+{
+    $query = $query . ' AND Category != "Drafts"';
+}
 $query = $query . " ORDER BY DatePosted DESC";
 $ids = $page->findIDs('BlogPosts', $query);
 ,10 → 35,13
 {
     $id = $ids[$i];
     $post = $page->getBlogPost($id);
+    $ids2 = $page->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"');
     write('<a href="post.php?id=' . $id . '"><h3>' . $post->title. '</h3></a>');
     write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>');
     write('<p>' . $page->replaceBBCode($post->content) . '</p>');
+    write('<h5 style="color: #666666;"><a href="post.php?id=' . $id . '">' . count($ids2) . ' Comments</a></h5>');
     write('<br />');
 }

 /blog/edit-post.php
 ,7 → 20,7
 $page->checkLoggedIn();
 $post = $page->getBlogPost($id);
-if (!$page->isUserAdmin($page->getLoggedInUser()) && $page->getLoggedInUser()->ID != $post->author->ID)
+if ((!$page->isUserAdmin($page->getLoggedInUser()) && $page->getLoggedInUser()->ID != $post->author->ID) || !$page->isUserNormal($page->getLoggedInUser()))
 {
     $page->drawError('You do not have permission to access this page.');
 }
 ,7 → 43,7
     }
     else
     {
-        $page->query('UPDATE BlogPosts SET Content = "' . $content . '", Title = "' . $title . '", Category = "' . $category . '" WHERE ID = ' . $id);
+        $page->query('UPDATE BlogPosts SET Content = "' . $content . '", Title = "' . $title . '", Category = "' . $category . '" WHERE ID = "' . $id . '"');
         $page->redirect('post.php?id=' . $id);
     }
 }

 /blog/rss.php
 ,0 → 1,34
+<?php
+require '../_taios.php';
+header("Content-type: application/rss+xml");
+$page = new Taios_Page('Blog RSS Feed', '../');
+write('<?xml version="1.0" encoding="UTF-8" ?>');
+write('<rss version="2.0">');
+write('<channel>');
+write('<title>Tim32 Blog RSS</title>');
+write('<description>This is the RSS feed for the Tim32 Blog.</description>');
+write('<link>http://tim32.org/blog/</link>');
+$ids = $page->findIDs('BlogPosts', 'WHERE ParentID = -1 AND CATEGORY != "Drafts" ORDER BY DatePosted DESC');
+for ($i = 0; $i < count($ids); $i++)
+{
+    $id = $ids[$i];
+    $post = $page->getBlogPost($id);
+    write('<item>');
+    write('<title>' . $post->title . '</title>');
+    write('<link>http://tim32.org/blog/post.php?id=' . $id . '</link>');
+    write('<guid>' . $id . '</guid>');
+    write('<pubDate>' . date('D, d M Y H:i:s O', $post->datePosted). '</pubDate>');
+    write('<description><![CDATA[' . $page->replaceBBCode($post->content) . ']]></description>');
+    write('</item>');
+}
+write('</channel>');
+write('</rss>');
+?>

 /blog/del-post.php
 ,7 → 7,7
 $id = $_GET['id'];
 if ($id)
 {
-    if ($page->isUserAdmin($page->getLoggedInUser()) || $page->getLoggedInUser()->ID == $page->getBlogPost($id)->author->ID)
+    if ($page->isUserAdmin($page->getLoggedInUser()) || $page->getLoggedInUser()->ID == $page->getBlogPost($id)->author->ID && $page->isUserNormal($page->getLoggedInUser()))
     {
         $page->delBlogPost($id);
     }

 /404.php
 ,15 → 1,14
 <?php
+header('Status: 404 Not Found');
 require '_taios.php';
-$page = new Taios_Page('404');
+$page = new Taios_Page('404 - Page not found', '/');
 $page->drawHeader();
 write('<h3>Pages</h3>');
-$page->drawMenuItem('Biggles', '/~biggles/');
-$page->drawMenuItem('Freddie', '/~freddie/');
-$page->drawMenuItem('Muzer', '/~muzer/');
-$page->drawMenuItem('Sh4rk', '/~szabot/');
-$page->drawMenuItem('Tom', '/~tom/');
+$page->drawMenuItem('FredFace', '~freddie/');
+$page->drawMenuItem('Muzer', '~muzer/');
 $page->drawMiddle();
 ?>
 ,6 → 15,7
 <p class="bold">404 - Page not found</p>
 <p>The page you requested could not be found.</p>
+<br />
 <h4>Useful Links</h4>
 ,7 → 22,11
 <?php
 $page->drawMenuItem('Tim32 Homepage', 'index.php');
+$page->drawMenuItem('Youfail.org', 'http://youfail.org');
+?>
+<iframe src="http://notfound-static.fwebservices.be/404/index.html?&amp;key=30aca9cedc0df2682afc4e195eedb1e2" width="100%" height="650" frameborder="0"></iframe>
+<?php
 $page->drawFooter();
 ?>

 /login.php
 ,6 → 9,7
 ?>
 <p class="bold">Here you can login to Tim32 using your Tim32 account.</p>
+<p>By using this website, you hereby accept cookies being stored on your computer.</p>
 <br />
 <?php
 ,6 → 22,12
 ?>
 <form action="login-do.php" method="POST">
+<?php
+$redirurl = $_SERVER['HTTP_REFERER'];
+if($_GET['oldurl'])
+    $redirurl = $_GET['oldurl'];
+write('<input type="hidden" name="oldurl" value="' . $redirurl . '" />');
+?>
 <table>
 <tr>
 <td class="bold">Username: </td>

 /forums/add-post-do.php
 ,6 → 20,11
 $title = $_POST['title'];
 $content = $_POST['content'];
+if (!$page->isUserNormal($page->getLoggedInUser()))
+{
+    $page->redirect('add-post.php?error=You do not have permission to access this page');
+}
 if (empty($title))
 {
     $page->redirect('add-post.php?error=No Title Specified');
 ,7 → 34,7
     $page->redirect('add-post.php?error=No Content Specified');
 }
-$page->query('INSERT INTO ForumPosts VALUES (0, ' .$page->getLoggedInUser()->ID  . ', ' . $categoryID . ', ' . $parentID . ', "' . $title . '", "' . $content . '", NOW(), FALSE)');
+$page->query('INSERT INTO ForumPosts VALUES (0, "' .$page->getLoggedInUser()->ID  . '", "' . $categoryID . '", "' . $parentID . '", "' . $title . '", "' . $content . '", NOW(), FALSE)');
 $page->redirect('index.php?parentID=' . $categoryID);
 ?>

 /forums/delete-category-do.php
 ,7 → 10,7
 if ($page->isUserAdmin($page->getLoggedInUser()))
 {
-    $page->query('DELETE FROM ForumCategories WHERE ID = ' . $id);
+    $page->query('DELETE FROM ForumCategories WHERE ID = "' . $id . '"');
     $page->redirect('index.php');
 }
 else

 /forums/edit-category-do.php
 ,7 → 18,7
         $page->redirect('edit-category.php?error=No Title Specified');
     }
-    $page->query('UPDATE ForumCategories SET Title = "' . $title . '", Description = "' . $description . '" WHERE ID = ' . $id);
+    $page->query('UPDATE ForumCategories SET Title = "' . $title . '", Description = "' . $description . '" WHERE ID = "' . $id . '"');
     $page->redirect('index.php');
 }
 else

 /forums/add-category-do.php
 ,7 → 22,7
         $page->redirect('add-category.php?error=No Title Specified');
     }
-    $page->query('INSERT INTO ForumCategories VALUES (0, ' . $parentID . ', "' . $title . '", "' . $description . '")');
+    $page->query('INSERT INTO ForumCategories VALUES (0, "' . $parentID . '", "' . $title . '", "' . $description . '")');
     $page->redirect('index.php?parentID=' . $parentID);
 }
 else

 /forums/delete-post-do.php
 ,0 → 1,30
+<?php
+require '../_taios.php';
+$page = new Taios_Page('Delete Post', '../');
+$page->checkLoggedIn();
+$id = $page->getGetID();
+$post = $page->getForumPost($id);
+if (($page->isUserAdmin($page->getLoggedInUser()) || $post->author->ID == $page->getLoggedInUser()->ID) && $post && $page->isUserNormal($page->getLoggedInUser()))
+{
+    $page->query('DELETE FROM ForumPosts WHERE ID = "' . $id . '"');
+    $page->redirect('index.php');
+}
+else
+{
+    if (!$post)
+    {
+        $page->drawError('No such forum post, #' . $id);
+    }
+    else
+    {
+        $page->drawError('You do not have permission to access this page.');
+    }
+}
+?>

 /forums/post.php
 ,34 → 1,45
-<?php
-require '../_taios.php';
-$page = new Taios_Page('Forum Post', '../');
-$page->drawHeader();
-$page->drawMiddle();
-$id = $page->getGetID();
-$forumPost = $page->getForumPost($id);
-write('<p class="bold"><a href="index.php?parentID=' . $forumPost->category->ID . '">Back to Topics</a></p><br />');
-write('<h3>' . $forumPost->title . '</h3>');
-write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $forumPost->datePosted) . ' by ' . $forumPost->author->name . ' (' . $forumPost->author->username . ')</h5>');
-write('<p>' . $page->replaceBBCode($forumPost->content) . '</p>');
-if ($page->isLoggedIn())
-{
-    write('<p class="bold"><a href="add-post.php?parentID=' . $id . '">Post Reply</a></p>');
-}
-write('<br />');
-$ids = $page->findIDs('ForumPosts', 'WHERE ParentID = ' . $id . ' ORDER BY DatePosted ASC');
-for ($i = 0; $i < count($ids); $i++)
-{
-    $forumPost = $page->getForumPost($ids[$i]);
-write('<h4>' . $forumPost->title . '</h4>');
-write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $forumPost->datePosted) . ' by ' . $forumPost->author->name . ' (' . $forumPost->author->username . ')</h5>');
-write('<p>' . $page->replaceBBCode($forumPost->content) . '</p>');
-write('<br />');
-}
-$page->drawFooter();
-?>
+<?php
+require '../_taios.php';
+$page = new Taios_Page('Forum Post', '../');
+$page->drawHeader();
+$page->drawMiddle();
+$id = $page->getGetID();
+$forumPost = $page->getForumPost($id);
+write('<p class="bold"><a href="index.php?parentID=' . $forumPost->category->ID . '">Back to Topics</a></p><br />');
+write('<h3>' . $forumPost->title . '</h3>');
+write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $forumPost->datePosted) . ' by ' . $forumPost->author->name . ' (' . $forumPost->author->username . ')</h5>');
+write('<p>' . $page->replaceBBCode($forumPost->content) . '</p>');
+if ($page->isLoggedIn())
+{
+    write('<p class="bold"><a href="add-post.php?parentID=' . $id . '">Post Reply</a>');
+    if ($page->isUserAdmin($page->getLoggedInUser()) || $forumPost->author->ID == $page->getLoggedInUser()->ID)
+    {
+        write(' &nbsp; &middot; &nbsp; <a href="edit-post.php?id=' . $id . '">Edit Post</a>');
+        write(' &nbsp; &middot; &nbsp; <a href="delete-post-do.php?id=' . $id . '">Delete Post</a>');
+    }
+    write('</p>');
+}
+write('<br />');
+$ids = $page->findIDs('ForumPosts', 'WHERE ParentID = "' . $id . '" ORDER BY DatePosted ASC');
+for ($i = 0; $i < count($ids); $i++)
+{
+    $forumPost = $page->getForumPost($ids[$i]);
+    write('<h4>' . $forumPost->title . '</h4>');
+    write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $forumPost->datePosted) . ' by ' . $forumPost->author->name . ' (' . $forumPost->author->username . ')</h5>');
+    write('<p>' . $page->replaceBBCode($forumPost->content) . '</p>');
+    if ($page->isUserAdmin($page->getLoggedInUser()) || $forumPost->author->ID == $page->getLoggedInUser()->ID)
+    {
+        write('<p class="bold"><a href="edit-post.php?id=' . $ids[$i] . '">Edit Post</a>');
+        write(' &nbsp; &middot; &nbsp; <a href="delete-post-do.php?id=' . $ids[$i] . '">Delete Post</a></p>');
+    }
+    write('<br />');
+}
+$page->drawFooter();
+?>

 /forums/index.php
 ,8 → 3,6
 require '../_taios.php';
 $page = new Taios_Page('Forums', '../');
-$page->drawHeader();
-$page->drawMiddle();
 $parentID = $_GET['parentID'];
 if (empty($parentID))
 ,13 → 9,22
 {
     $parentID = -1;
 }
+else if ($parentID != -1)
+{
+    $page->title = $page->getForumCategory($parentID)->title;
+}
+$page->drawHeader();
+$page->drawMiddle();
+write('<p><i>The forums are still under construction.</i></p>');
 write('<p class="bold">');
 if ($parentID != -1)
 {
     write('<a href="index.php?parentID=-1">Back to root</a>');
 }
-if ($page->isLoggedIn())
+if ($page->isLoggedIn() && $page->isUserNormal($page->getLoggedInUser()))
 {
     if ($parentID != -1)
     {
 ,7 → 42,7
 }
 write('</p><br />');
-$ids = $page->findIDs('ForumCategories', 'WHERE ParentID = ' . $parentID . ' ORDER BY Title ASC');
+$ids = $page->findIDs('ForumCategories', 'WHERE ParentID = "' . $parentID . '" ORDER BY Title ASC');
 if (count($ids) >= 1)
 {
 ,12 → 56,12
     write('<p>' . $forumCategory->description . '</p>');
     if ($page->isUserAdmin($page->getLoggedInUser()))
     {
-        write('<p class="bold"><a href="edit-category.php?id=' . $forumCategory->ID . '">Edit Category</a> &nbsp;&nbsp; &middot; &nbsp;&nbsp; <a href="delete-category-do.php?id=' . $forumCategory->ID . '">Delete Category</a></p>');
+        write('<p class="bold"><a href="edit-category.php?id=' . $forumCategory->ID . '">Edit Category</a> &nbsp; &middot; &nbsp; <a href="delete-category-do.php?id=' . $forumCategory->ID . '">Delete Category</a></p>');
     }
     write('<br />');
 }
-$ids = $page->findIDs('ForumPosts', 'WHERE CategoryID = ' . $parentID . ' AND ParentID = -1 ORDER BY Title ASC');
+$ids = $page->findIDs('ForumPosts', 'WHERE CategoryID = "' . $parentID . '" AND ParentID = -1 ORDER BY Title ASC');
 if (count($ids) >= 1)
 {

 /forums/add-post.php
 ,7 → 20,7
     $categoryID = -1;
 }
-if ($page->isLoggedIn())
+if ($page->isLoggedIn() && $page->isUserNormal($page->getLoggedInUser))
 {
 if (isset($_GET['error']))

 /login-do.php
 ,19 → 8,24
 $password = $_POST['password'];
 $remember = $_POST['remember'] == 'yes';
+if(strpos($_POST['oldurl'], "tim32.org") === FALSE || strpos($_POST['oldurl'], "login") !== FALSE)
+    $redirurl = "http://tim32.org";
+else
+    $redirurl = $_POST['oldurl'];
 if (empty($username))
 {
-    $page->redirect('login.php?error=No Username Specified');
+    $page->redirect('login.php?error=No Username Specified&oldurl=' . urlencode($redirurl));
 }
 if (empty($password))
 {
-    $page->redirect('login.php?error=No Password Specified');
+    $page->redirect('login.php?error=No Password Specified&oldurl=' . urlencode($redirurl));
 }
 $user = $page->getUserByUsername($username);
 if (!$user || $user->password != sha1($password))
 {
-    $page->redirect('login.php?error=Incorrect Username or Password');
+    $page->redirect('login.php?error=Incorrect Username or Password&oldurl=' . urlencode($redirurl));
 }
 $expires = -1;
 ,6 → 37,6
 setcookie('Tim32_Login', $user->username . '|~|' . $user->password, $expires, '/');
-$page->redirect('index.php');
+$page->redirect($redirurl);
 ?>

/data/favicon.png
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream

/data/favicon.png

Property changes:

Added: svn:mime-type

## -0,0 +1 ##

+application/octet-stream

\ No newline at end of property

Index: register.php

===================================================================

--- register.php (revision 290)

+++ register.php (revision 486)

@@ -1,6 +1,7 @@

require '_taios.php';

+require_once '_recaptchalib.php';

$page = new Taios_Page('Register');

$page->drawHeader();

@@ -20,6 +21,12 @@

: :


@@ -35,18 +42,28 @@



-	Email Address
+	Email Address:



-	Name
+	Name:




+
+
+
+	3 + 9 * 8
+
+
+
+

By registering to Tim32, you agree to be reasonable in all your suggestion/accusations and advoid subjectivity. Suvbjective posts/comments are subject to removal by a Subject of the Tim32 Admins.

 /register-do.php
 ,6 → 1,7
 <?php
 require '_taios.php';
+require_once '_recaptchalib.php';
 $page = new Taios_Page('Login');
 ,6 → 10,7
 $password2 = $_POST['password2'];
 $email = $_POST['email'];
 $name = $_POST['name'];
+$maths = $_POST['maths'];
 if (empty($username))
 {
 ,7 → 28,20
 {
     $page->redirect('register.php?error=Passwords do not match');
 }
+if ($maths != '75')
+{
+    $page->redirect('register.php?error=Incorrect maths answer');
+}
+$resp = recaptcha_check_answer(RECAPTCHA_PRIVATEKEY, $_SERVER["REMOTE_ADDR"],
+                               $_POST["recaptcha_challenge_field"],
+                               $_POST["recaptcha_response_field"]);
+if (!$resp->is_valid)
+{
+    $page->redirect('register.php?error=Incorrect reCAPTCHA response');
+}
 $page->query('INSERT INTO Users (AccessID, Username, Password, EmailAddress, Name, ChallengeID) VALUES (2, "' . $username . '", "' . sha1($password) . '", "' . $email . '", "' . $name . '", 0)');
 $page->redirect('login.php');

 /photos/album.php
 ,8 → 28,6
 }
 $page = new Taios_Page('Photo Albums', '../');
-$page->drawHeader();
-$page->drawMiddle();
 $dirName = $_GET['dir'];
 if (empty($dirName))
 ,34 → 35,79
     $page->redirect('index.php');
 }
+$page->drawHeader();
+write('<br /><h3>RSS</h3>');
+$page->drawMenuItem('RSS Feed', 'photos/rss.php?dir=' . $dirName);
+$page->drawMiddle();
 write('<p class="bold"><a href="index.php">Back to Photos</a></p><br />');
+if (file_exists("albums/" . $dirName . "/description.txt"))
+{
+    write('<p>' . $page->replaceBBCode(file_get_contents("albums/" . $dirName . "/description.txt")) . '</p><br />');
+}
 write('<table>');
 write('<tr>');
+$directory = "albums/" . $dirName . "/";
+$sortOrder = "newestFirst";
+$results = array();
+$handler = opendir($directory);
+while ($file = readdir($handler))
+{
+    if ($file != '.' && $file != '..' && $file != "robots.txt" && $file != ".htaccess" && getimagesize($directory . $file))
+    {
+           $currentModified = filectime($directory . $file);
+           $file_names[] = $file;
+           $file_dates[] = $currentModified;
+    }
+}
+closedir($handler);
+if ($sortOrder == "newestFirst")
+{
+    arsort($file_dates);
+}
+else
+{
+    asort($file_dates);
+}
+$file_names_Array = array_keys($file_dates);
+foreach ($file_names_Array as $idx => $name) $name=$file_names[$name];
+$file_dates = array_merge($file_dates);
+$i = 0;
+$indexInArray = 0;
 $i = 0;
-$dir = dir('albums/' . $dirName);
-while (($file = $dir->read()) !== false)
+foreach ($file_dates as $$file_dates)
 {
-    if ($file[0] != '.')
+    $j = $file_names_Array[$indexInArray];
+    $file = $file_names[$j];
+    if ($i >= 3)
     {
-        if ($i >= 4)
-        {
-            write('</tr><tr>');
-        }
+        write('</tr><tr>');
+        $i = 0;
+    }
-        $filename = 'albums/' . $dirName . '/' . $file;
-        $size = getImageSizes($filename, 200, 200);
-        write('<td><a href="' . $filename . '"><img wdith="' . $size[0] . '" height="' . $size[1] . '" src="' . $filename . '" /></a></td>');
+    $filename = $directory . $file;
+    $size = getImageSizes($filename, 280, 260);
+    write('<td><a href="' . str_replace(" ", "%20", $filename) . '"><img width="' . $size[0] . '" height="' . $size[1] . '" src="' . str_replace(" ", "%20", $filename) . '" /></a></td>');
-        $i++;
-    }
+    $i++;
+    $indexInArray++;
 }
 write('</tr>');
-write('<table>');
+write('</table>');
 $page->drawFooter();

 /photos/rss.php
 ,0 → 1,76
+<?php
+require '../_taios.php';
+header("Content-type: application/rss+xml");
+$page = new Taios_Page('Photos RSS Feed', '../');
+$dirName = $_GET['dir'];
+if (empty($dirName))
+{
+    $dirName = "Lassitor";
+}
+write('<?xml version="1.0" encoding="UTF-8" ?>');
+write('<rss version="2.0">');
+write('<channel>');
+write('<title>Tim32 Photo RSS - ' . $dirName . '</title>');
+write('<description>This is the RSS feed for the Tim32 Photos.</description>');
+write('<link>http://tim32.org/photos/album.php?dir=' . $dirName . '</link>');
+$directory = "albums/" . $dirName . "/";
+$sortOrder = "newestFirst";
+$results = array();
+$handler = opendir($directory);
+while ($file = readdir($handler))
+{
+    if ($file != '.' && $file != '..' && $file != "robots.txt" && $file != ".htaccess" && getimagesize($directory . $file))
+    {
+           $currentModified = filectime($directory . $file);
+           $file_names[] = $file;
+           $file_dates[] = $currentModified;
+    }
+}
+closedir($handler);
+if ($sortOrder == "newestFirst")
+{
+    arsort($file_dates);
+}
+else
+{
+    asort($file_dates);
+}
+$file_names_Array = array_keys($file_dates);
+foreach ($file_names_Array as $idx => $name) $name=$file_names[$name];
+$file_dates = array_merge($file_dates);
+$indexInArray = 0;
+foreach ($file_dates as $date)
+{
+    $j = $file_names_Array[$indexInArray];
+    $file = $file_names[$j];
+    $filename = $directory . $file;
+    write('<item>');
+    write('<title>' . $file . '</title>');
+    write('<link>http://tim32.org/photos/' . str_replace(" ", "%20", $filename) . '</link>');
+    write('<guid>id_' . $file . '</guid>');
+    write('<pubDate>' . date('D, d M Y H:i:s O', $date). '</pubDate>');
+    write('<description><![CDATA[<img src="http://tim32.org/photos/' . str_replace(" ", "%20", $filename) . '" />]]></description>');
+    write('</item>');
+    $indexInArray++;
+}
+write('</channel>');
+write('</rss>');
+?>

 /photos/index.php
 ,9 → 8,17
 write('<p>Here we have all sorts of photos from Tim32.</p><br />');
+$dirs = array();
 $dir = dir('albums/');
 while (($file = $dir->read()) !== false)
 {
+    array_push($dirs, $file);
+}
+asort($dirs);
+foreach ($dirs as $file)
+{
     if ($file[0] != '.')
     {
         write('<p><a href="album.php?dir=' . $file . '">' . $file . '</a></p>');

 /_recaptchalib.php
 ,0 → 1,277
+<?php
+/*
+ * This is a PHP library that handles calling reCAPTCHA.
+ *    - Documentation and latest version
+ *          http://recaptcha.net/plugins/php/
+ *    - Get a reCAPTCHA API Key
+ *          https://www.google.com/recaptcha/admin/create
+ *    - Discussion group
+ *          http://groups.google.com/group/recaptcha
+ *
+ * Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net
+ * AUTHORS:
+ *   Mike Crawford
+ *   Ben Maurer
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+/**
+ * The reCAPTCHA server URL's
+ */
+define("RECAPTCHA_API_SERVER", "http://www.google.com/recaptcha/api");
+define("RECAPTCHA_API_SECURE_SERVER", "https://www.google.com/recaptcha/api");
+define("RECAPTCHA_VERIFY_SERVER", "www.google.com");
+/**
+ * Encodes the given data into a query string format
+ * @param $data - array of string elements to be encoded
+ * @return string - encoded request
+ */
+function _recaptcha_qsencode ($data) {
+        $req = "";
+        foreach ( $data as $key => $value )
+                $req .= $key . '=' . urlencode( stripslashes($value) ) . '&';
+        // Cut the last '&'
+        $req=substr($req,0,strlen($req)-1);
+        return $req;
+}
+/**
+ * Submits an HTTP POST to a reCAPTCHA server
+ * @param string $host
+ * @param string $path
+ * @param array $data
+ * @param int port
+ * @return array response
+ */
+function _recaptcha_http_post($host, $path, $data, $port = 80) {
+        $req = _recaptcha_qsencode ($data);
+        $http_request  = "POST $path HTTP/1.0\r\n";
+        $http_request .= "Host: $host\r\n";
+        $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n";
+        $http_request .= "Content-Length: " . strlen($req) . "\r\n";
+        $http_request .= "User-Agent: reCAPTCHA/PHP\r\n";
+        $http_request .= "\r\n";
+        $http_request .= $req;
+        $response = '';
+        if( false == ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) {
+                die ('Could not open socket');
+        }
+        fwrite($fs, $http_request);
+        while ( !feof($fs) )
+                $response .= fgets($fs, 1160); // One TCP-IP packet
+        fclose($fs);
+        $response = explode("\r\n\r\n", $response, 2);
+        return $response;
+}
+/**
+ * Gets the challenge HTML (javascript and non-javascript version).
+ * This is called from the browser, and the resulting reCAPTCHA HTML widget
+ * is embedded within the HTML form it was called from.
+ * @param string $pubkey A public key for reCAPTCHA
+ * @param string $error The error given by reCAPTCHA (optional, default is null)
+ * @param boolean $use_ssl Should the request be made over ssl? (optional, default is false)
+ * @return string - The HTML to be embedded in the user's form.
+ */
+function recaptcha_get_html ($pubkey, $error = null, $use_ssl = false)
+{
+        if ($pubkey == null || $pubkey == '') {
+                die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
+        }
+        if ($use_ssl) {
+                $server = RECAPTCHA_API_SECURE_SERVER;
+        } else {
+                $server = RECAPTCHA_API_SERVER;
+        }
+        $errorpart = "";
+        if ($error) {
+           $errorpart = "&amp;error=" . $error;
+        }
+        return '<script type="text/javascript" src="'. $server . '/challenge?k=' . $pubkey . $errorpart . '"></script>
+        <noscript>
+                <iframe src="'. $server . '/noscript?k=' . $pubkey . $errorpart . '" height="300" width="500" frameborder="0"></iframe><br/>
+                <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
+                <input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>
+        </noscript>';
+}
+/**
+ * A ReCaptchaResponse is returned from recaptcha_check_answer()
+ */
+class ReCaptchaResponse {
+        var $is_valid;
+        var $error;
+}
+/**
+  * Calls an HTTP POST function to verify if the user's guess was correct
+  * @param string $privkey
+  * @param string $remoteip
+  * @param string $challenge
+  * @param string $response
+  * @param array $extra_params an array of extra variables to post to the server
+  * @return ReCaptchaResponse
+  */
+function recaptcha_check_answer ($privkey, $remoteip, $challenge, $response, $extra_params = array())
+{
+        if ($privkey == null || $privkey == '') {
+                die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
+        }
+        if ($remoteip == null || $remoteip == '') {
+                die ("For security reasons, you must pass the remote ip to reCAPTCHA");
+        }
+        //discard spam submissions
+        if ($challenge == null || strlen($challenge) == 0 || $response == null || strlen($response) == 0) {
+                $recaptcha_response = new ReCaptchaResponse();
+                $recaptcha_response->is_valid = false;
+                $recaptcha_response->error = 'incorrect-captcha-sol';
+                return $recaptcha_response;
+        }
+        $response = _recaptcha_http_post (RECAPTCHA_VERIFY_SERVER, "/recaptcha/api/verify",
+                                          array (
+                                                 'privatekey' => $privkey,
+                                                 'remoteip' => $remoteip,
+                                                 'challenge' => $challenge,
+                                                 'response' => $response
+                                                 ) + $extra_params
+                                          );
+        $answers = explode ("\n", $response [1]);
+        $recaptcha_response = new ReCaptchaResponse();
+        if (trim ($answers [0]) == 'true') {
+                $recaptcha_response->is_valid = true;
+        }
+        else {
+                $recaptcha_response->is_valid = false;
+                $recaptcha_response->error = $answers [1];
+        }
+        return $recaptcha_response;
+}
+/**
+ * gets a URL where the user can sign up for reCAPTCHA. If your application
+ * has a configuration page where you enter a key, you should provide a link
+ * using this function.
+ * @param string $domain The domain where the page is hosted
+ * @param string $appname The name of your application
+ */
+function recaptcha_get_signup_url ($domain = null, $appname = null) {
+        return "https://www.google.com/recaptcha/admin/create?" .  _recaptcha_qsencode (array ('domains' => $domain, 'app' => $appname));
+}
+function _recaptcha_aes_pad($val) {
+        $block_size = 16;
+        $numpad = $block_size - (strlen ($val) % $block_size);
+        return str_pad($val, strlen ($val) + $numpad, chr($numpad));
+}
+/* Mailhide related code */
+function _recaptcha_aes_encrypt($val,$ky) {
+        if (! function_exists ("mcrypt_encrypt")) {
+                die ("To use reCAPTCHA Mailhide, you need to have the mcrypt php module installed.");
+        }
+        $mode=MCRYPT_MODE_CBC;
+        $enc=MCRYPT_RIJNDAEL_128;
+        $val=_recaptcha_aes_pad($val);
+        return mcrypt_encrypt($enc, $ky, $val, $mode, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
+}
+function _recaptcha_mailhide_urlbase64 ($x) {
+        return strtr(base64_encode ($x), '+/', '-_');
+}
+/* gets the reCAPTCHA Mailhide url for a given email, public key and private key */
+function recaptcha_mailhide_url($pubkey, $privkey, $email) {
+        if ($pubkey == '' || $pubkey == null || $privkey == "" || $privkey == null) {
+                die ("To use reCAPTCHA Mailhide, you have to sign up for a public and private key, " .
+                     "you can do so at <a href='http://www.google.com/recaptcha/mailhide/apikey'>http://www.google.com/recaptcha/mailhide/apikey</a>");
+        }
+        $ky = pack('H*', $privkey);
+        $cryptmail = _recaptcha_aes_encrypt ($email, $ky);
+        return "http://www.google.com/recaptcha/mailhide/d?k=" . $pubkey . "&c=" . _recaptcha_mailhide_urlbase64 ($cryptmail);
+}
+/**
+ * gets the parts of the email to expose to the user.
+ * eg, given johndoe@example,com return ["john", "example.com"].
+ * the email is then displayed as john...@example.com
+ */
+function _recaptcha_mailhide_email_parts ($email) {
+        $arr = preg_split("/@/", $email );
+        if (strlen ($arr[0]) <= 4) {
+                $arr[0] = substr ($arr[0], 0, 1);
+        } else if (strlen ($arr[0]) <= 6) {
+                $arr[0] = substr ($arr[0], 0, 3);
+        } else {
+                $arr[0] = substr ($arr[0], 0, 4);
+        }
+        return $arr;
+}
+/**
+ * Gets html to display an email address given a public an private key.
+ * to get a key, go to:
+ *
+ * http://www.google.com/recaptcha/mailhide/apikey
+ */
+function recaptcha_mailhide_html($pubkey, $privkey, $email) {
+        $emailparts = _recaptcha_mailhide_email_parts ($email);
+        $url = recaptcha_mailhide_url ($pubkey, $privkey, $email);
+        return htmlentities($emailparts[0]) . "<a href='" . htmlentities ($url) .
+                "' onclick=\"window.open('" . htmlentities ($url) . "', '', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=300'); return false;\" title=\"Reveal this e-mail address\">...</a>@" . htmlentities ($emailparts [1]);
+}
+?>

Subversion Repositories taios

Compare Revisions

Ignore whitespace Rev 290 → Rev 486

Tim32

' . $this->title . '

Error: ' . $text . '

' . $post->title. ' ^

' . $post->title. '

Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')