<?php
if (!defined('IN_HBS') || IN_HBS !== TRUE) { header('Location: /404.php'); exit(); }
/***************************************************************************************************\
| |
| Function QuickCard Reference |
| |
| redirect($url, $wait) Redirects to page $url after $wait seconds. |
| db() Connects to the user's database. |
| getConfig() Returns an array of configuration variables. |
| countComments() Returns the number of comments for the specified post ID. |
| head($title) and foot() Displays the header (with specified title) and footer for the blog. |
| getVersion() Returns the version number for this blog. |
| |
\***************************************************************************************************/
include('cfg.php');
if(file_exists('install/index.php')) {
define(WARNING, true);
} else {
define(WARNING, false);
}
/**
* Redirects to a page.
*
* @param string $url The url to redirect to
* @param int $wait Wait time before redirecting
* @return void
*/
function redirect($url, $wait) {
echo '<head><meta http-equiv="refresh" content="' . $wait . ';url=' . $url . '"></head>';
}
/**
* Function to connect to the database
*/
function db() {
global $mysql;
mysql_connect($mysql["hostname"], $mysql["username"], $mysql["password"]) or
die("Can't connect to your database. MySQL gave this reason: <b>" . mysql_error() . "</b>");
mysql_select_db($mysql["db"]) or
die("Your database is invalid. MySQL gave this reason: <b>" . mysql_error() . "</b>");
}
/**
* Builds and returns an array of configuration variables
*
* @return array An array which contains configuration variables
*/
function getConfig() {
$cfg = array();
global $mysql;
mysql_connect($mysql["hostname"], $mysql["username"], $mysql["password"]) or
die("Can't connect to your database. MySQL gave this reason: <b>" . mysql_error() . "</b>");
mysql_select_db($mysql["db"]) or
die("Your database is invalid. MySQL gave this reason: <b>" . mysql_error() . "</b>");
$sql = "SELECT * FROM `" . $mysql["db_prefix"] . "config` WHERE `id` = 1;";
$res = mysql_query($sql) or die(mysql_error());
$data = mysql_fetch_row($res);
$cfg["hzn_title"] = $data['1'];
$cfg["hzn_subtitle"] = $data['2'];
$cfg["hzn_a_user"] = $data['3'];
$cfg["hzn_a_pass"] = $data['4'];
$cfg["template"] = $data['5'];
return $cfg;
}
/**
* Counts the number of comments for specified post ID
*
* @param int $post_id The id of the post to count comment for
* @return int Number of comments for the given post ID
*/
function countComments($post_id) {
global $mysql;
mysql_connect($mysql["hostname"], $mysql["username"], $mysql["password"]) or
die("Can't connect to your database. MySQL gave this reason: <b>" . mysql_error() . "</b>");
mysql_select_db($mysql["db"]) or
die("Your database is invalid. MySQL gave this reason: <b>" . mysql_error() . "</b>");
$sql = "SELECT * FROM " . $mysql["db_prefix"] . "comments WHERE entry='$post_id'";
$res = mysql_query($sql);
$num = mysql_num_rows($res) or $num = 0;
return $num;
}
/**
* Displays header
*
* @param string $title The title for the header
* @return void
*/
function head($title) {
$config = getConfig();
echo '
<head>
<!-- Title Of Your Page -->
<title>' . $title . '</title>
<link href="style/default.css" rel="stylesheet" type="text/css" ></link>
</head>
<body>
';
if(WARNING) {
echo '<br /><center><div style="width: 98%; background-color: #FFCACA; font-weight: bold; font-family: Verdana; font-size: 14px; padding: 5px; border: 1px dashed #FF0000;" align="center"><div align="center">WARNING: Please delete your install/index.php and install/upgrade.php file to avoid serious security risks!</div></center></div>';
}
echo '
<div id="wrapper"><div class="container">
<b class="rtop"><b class="r1"></b> <b class="r2"></b> <b class="r3"></b> <b class="r4"></b></b>
<div class="top">
<div class="top2">
<b class="rtop3"><b class="r1"></b> <b class="r2"></b> <b class="r3"></b> <b class="r4"></b></b>
<br /><br />
<strong>
<font size="5" lineheight="14"><span id="blog_title">
<a href="index.php">' . $config["hzn_title"] . '</a></span></font></div>
<font size="3"><span id="blog_subtitle">' . $config["hzn_subtitle"] . '</span></font>
</strong>
<br /><br /><br /><br />
<b class="rbottom2"><b class="r4"></b> <b class="r3"></b> <b class="r2"></b> <b class="r1"></b></b>
</div>
<br />
<!-- The Navigation Bar -->
<div id="navigation">
<b class="rtop2"><b class="r1"></b> <b class="r2"></b> <b class="r3"></b> <b class="r4"></b></b>
'; include(dirname(__FILE__)."/navigation.php"); echo '
<b class="rbottom2"><b class="r4"></b> <b class="r3"></b> <b class="r2"></b> <b class="r1"></b></b>
</div>
<table width="100%" cellpadding="0" cellspacing="7" border="0">
<tr>
<td class="sidebar" width="150px" valign="top">
<div style="background:#F0F0F0;">
<b class="rtops"><b class="r1s"></b> <b class="r2s"></b> <b class="r3s"></b> <b class="r4s"></b></b>
'; require(dirname(__FILE__)."/sidebar.php"); echo 'asdf
<b class="rbottoms"><b class="r4s"></b> <b class="r3s"></b> <b class="r2s"></b> <b class="r1s"></b></b>
</div>
</div>
</td>
<td class="content" valign="top">
';
}
/**
* Displays footer
*
* @return void
*/
function foot() {
echo '</td>
</tr>
</table>
<!-- The Footer -->
<a href="http://jigsaw.w3.org/css-validator/"><img src="style/default_img/css_valid.png"></a>
<div id="footer"><center>Powered by <a href="http://www.edgedrive.com">Horizon Blogging Software</a> '; echo getVersion(); echo '</center><br /></div>
<b class="rbottom"><b class="r4"></b> <b class="r3"></b> <b class="r2"></b> <b class="r1"></b></b>
</div></div>
<br />
</body>
</html>
';
}
/**
* Returns the version number for this software (This should be defined elsewhere)
*
* @return string
*/
function getVersion() {
return "1.0.0";
}
$temp = (defined(BASE_DIR)) ? BASE_DIR.'templates/' : 'templates/';
define('TEMP_DIR',$temp);
/**
* Shows a page
*
* @param string $page The page to show
* @param array $vars Array containing variables for the specified page
* @param string $template Holds the value for the current template being used
* @return void
*/
function show_page ($page,&$vars,$template)
{
$template = (is_dir(TEMP_DIR.$template)) ? $template : 'default';
if ((is_readable(TEMP_DIR.$template.'/'.$template.'_'.$page.'.php') == false) && $template != 'default')
{
show_page($page,$vars,'default');
return;
}
else if (is_readable(TEMP_DIR.$template.'/'.$template.'_'.$page.'.php') == FALSE)
{
header('Location: /index.php');
return;
}
if (is_array($vars))
{
foreach ($vars AS $key => $value)
{
$$key = $value;
}
}
$vars = null;
include TEMP_DIR.$template.'/'.$template.'_'.$page.'.php';
}
/**
* Escape quotes in a given string if 'get_magic_quotes_gpc()' is ON
*
* @param string $string Holds the string value
* @return string String with escaped quotes
*/
function hbs_real_escape($string)
{
if(get_magic_quotes_gpc())
{
if(ini_get('magic_quotes_sybase'))
{
$string = str_replace("''", "'", $string);
}
else
{
$string = stripslashes($string);
}
}
$string = mysql_real_escape_string($string);
return $string;
}
/**
* Generates a random string and adds a little salt
*
* @param string $id An id used to as 'salt' to encrypt the random string
* @return string Randomly generated and encrypted string
*/
function random($id = '1')
{
$alphabet = 'abcedfghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!@#$%^&*()';
$pswd = "";
$i=16;
while ($i>0)
{
$f = mt_rand(1,strlen($alphabet));
$pswd .= substr($alphabet,$f-1,1);
$i--;
}
return md5($id.$pswd);
}
?>