<?php
/*
+------------------------------------------------------
| Write2Left
| (c) timdorr
| http://www.write2left.com
| hide@address.com
| See License.txt for license info
|------------------------------------------------------
| Script: form.php
| Description:
| Responsible for form input from the frontend users
| Created Jul-23-2003
+------------------------------------------------------
*/
// Lets be cheap and use PHP's buffering :)
ob_start();
// Lets get a timer started first thing.
list( $msec, $sec ) = explode( ' ', microtime() );
$start_time = $sec + $msec;
// I ain't wussing out here.. :P
error_reporting ( E_ALL );
set_magic_quotes_runtime( 0 );
// Seeds all random numbers. stolen graciously from the PHP manual. :)
function make_seed()
{
list( $usec, $sec ) = explode( ' ', microtime() );
return ( float ) $sec + ( ( float ) $usec * 100000 );
}
srand( make_seed() );
// Better have our config, or we're in trouble :S
require( './config.php' );
// Lets load up the default scripts
require( './general.php' );
$func = new functions();
/* Class: W2L
* Description:
* Info class to hold info about the current iteration of the script
*/
class W2L
{
var $time_now = 0;
var $settings = array();
var $input = array();
var $log_id = 0;
var $origin = '';
function W2L()
{
global $CONFIG, $func;
$this->time_now = time();
$this->settings = $CONFIG;
$this->input = $func->safe_input( true );
$this->origin = $_SERVER['HTTP_REFERER'];
}
function error( $errtext = '' )
{
print str_replace( '<W2Error>', $errtext, $this->settings['error_template'] );
exit;
}
}
// And then we create our main object
$W2L = new W2L();
// Load up our database module
require( "./Database/".$W2L->settings['db_driver'].".php" );
$db = new database( $W2L->settings['db_server'],
$W2L->settings['db_user'],
$W2L->settings['db_pass'],
$W2L->settings['db_name'],
$W2L->settings['db_prefix'] );
// Check if we have a log id, else error
if( !array_key_exists( 'log_id', $W2L->input ) )
die( 'Log id not specified in form' );
$W2L->log_id = $W2L->input['log_id'];
$W2L->settings = $db->query_fetch( "SELECT * FROM w2l_logs WHERE log_id = $W2L->log_id" );
// Check if the user is actually doing something...
if( !array_key_exists( 'Action', $W2L->input ) )
$W2L->error( "Action not specified" );
// Define the available actions in this script
$base_actions = array ( 'AddComment' );
// Load the plugins for added bonus
$plug_dir = opendir( './Plugins' );
$plugin_actions = array();
$plugin_callbacks = array();
// Now do the addon module tag handlers
while( ( $file = readdir( $plug_dir ) ) !== false )
{
if( is_dir( './Plugins/' . $file ) )
continue;
if( substr( $file, 0, 4 ) != 'form_' )
continue;
if( substr( $file, -4 ) != '.php' )
continue;
/**
* This file should add to the $plugin_actions array.
* The key added is the name of the action, the value
* is the function to call.
**/
include( './Plugins' . $file );
}
// Do yo' thang, girl!
if( in_array( $W2L->input['Action'], $base_actions ) )
{
switch( $W2L->input['Action'] )
{
case 'AddComment':
if( !array_key_exists( 'id', $W2L->input ) )
$W2L->error( "Post id not specified" );
$errtext = '';
if( !$W2L->settings['anon_comments'] )
{
if( !array_key_exists( 'author_name', $W2L->input ) )
$errtext .= "<li>Name not entered</li>";
else if( trim( $W2L->input['author_name'] ) == '')
$errtext .= "<li>Name not entered</li>";
if( !array_key_exists( 'author_email', $W2L->input ) )
$errtext .= "<li>Email not entered</li>";
else if( trim( $W2L->input['author_email'] ) == '')
$errtext .= "<li>Email not entered</li>";
if( !array_key_exists( 'author_url', $W2L->input ) )
$errtext .= "<li>URL not entered</li>";
else if( trim( $W2L->input['author_url'] ) == '')
$errtext .= "<li>URL not entered</li>";
}
if( !array_key_exists( 'text', $W2L->input ) )
$errtext .= "<li>Comment blank</li>";
else if( trim( $W2L->input['text'] ) == '')
$errtext .= "<li>Comment blank</li>";
if( $errtext != '' )
$W2L->error( 'The following errors occured:<br /><ul>'.$errtext.'</ul>' );
$db->query( "INSERT INTO w2l_comments
VALUES (
NULL,
{$W2L->input['id']},
$W2L->log_id,
'{$W2L->input['text']}',
0,
'{$W2L->input['author_name']}',
'{$W2L->input['author_email']}',
'{$W2L->input['author_url']}',
'{$W2L->input['IP_ADDRESS']}',
".time()." )", 1 );
// Get the Build Manager out and ready
require( "./Build/BuildManager.php" );
$return = $BM->cache_data( "Item", $W2L->log_id, $W2L->input['id'] );
$return .= $BM->cache_data( "Archive", $W2L->log_id, $W2L->input['id'] );
$return .= $BM->cache_data( "Index", $W2L->log_id );
break;
case 'AddSubscription':
$errtext = '';
if( !$W2L->settings['anon_comments'] )
{
if( !array_key_exists( 'sub_name', $W2L->input ) )
$errtext .= "<li>Name not entered</li>";
else if( trim( $W2L->input['sub_name'] ) == '')
$errtext .= "<li>Name not entered</li>";
if( !array_key_exists( 'sub_email', $W2L->input ) )
$errtext .= "<li>Email not entered</li>";
else if( trim( $W2L->input['sub_email'] ) == '')
$errtext .= "<li>Email not entered</li>";
}
if( $errtext != '' )
$W2L->error( 'The following errors occured:<br /><ul>'.$errtext.'</ul>' );
$db->query( "INSERT INTO w2l_subs
VALUES (
NULL,
$W2L->log_id,
'{$W2L->input['sub_name']}',
'{$W2L->input['sub_email']}',
'Email'" );
break;
}
} // Do plugin thingys
else if( array_key_exists( $W2L->input['Action'], array_keys( $plugin_actions ) ) )
{
}
else // or die trying...
$W2L->error( "Invalid action" );
// If we're not coming from somewhere, go back to the log URL
if( $W2L->origin == '' )
{
$log = $db->query_fetch( "SELECT url FROM w2l_logs WHERE log_id=$W2L->log_id" );
header( "Location: $log[url]" );
}
else
header( "Location: $W2L->origin" );
?>