Просмотр файла MiniCMS/manager.php

Размер файла: 18.12Kb
<?php
include("minicms/lang.inc.php");
include("minicms/config_bd.php");
include("minicms/config.php");
Error_Reporting(E_ALL & ~E_NOTICE);          /////////////// èãíîðèðóåì îøèáêè
header("Content-type:text/vnd.wap.wml;charset=utf-8");      //////// òèï è êîäèðîâêà äîêóìåíòà
print "<?xml version=\"1.0\" encoding=\"utf-8\"?>
	<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">
	<wml><card id=\"mas\" title=\"AdminPL\"><p>";
							///////////// âûâîäèì âìë çàãîëîâîê
$par=trim($par);
$adpar=trim($adpar);
if($par!=$adpar) {print"&#x0412;&#x044B; &#x043D;&#x0435; &#x0432;&#x0432;&#x0435;&#x043B;&#x0438; &#x043F;&#x0430;&#x0440;&#x043E;&#x043B;&#x044C;, &#x043B;&#x0438;&#x0431;&#x043E; &#x0432;&#x044B; &#x0432;&#x0432;&#x0435;&#x043B;&#x0438; &#x043D;&#x0435;&#x0432;&#x0435;&#x0440;&#x043D;&#x044B;&#x0439; &#x043F;&#x0430;&#x0440;&#x043E;&#x043B;&#x044C;.
	<br/>";}
////////////////////adminManagrR///////////////////////////////////////////////////////////	////////
else{
if($st=="managr"){
echo "<img src=\"stl/wml_cms.gif\" alt=\"Admin\"/><br/>";
$max_files = 5;

if(isset($_GET['from']))
   $from = $_GET['from'];
else
   $from = 0;

$to = $from + $max_files;

$n = 0;
   $files = '';
   if ($handle = opendir("inc/"))
   {
      while (false !== ($file = readdir($handle)))
      {
         if($file != '.' && $file != '..' && $file != 'files')
         {
            $filesize = filesize("inc/$file");
            if($n >= $from && $n < $to)
               $files .= '<a href="manager.php?st=manview&amp;par=' . $par . '&amp;page=' . $file . '">' . $file . '(' . $filesize . ' byte)</a><br/>';
            $n++;
         }
      }
      closedir($handle);
   }

if($n > $to )
         $files .= <<<FILEDATA
<a href="manager.php?st=managr&amp;par=$par&amp;from=$to">Далее</a>
<br/>
FILEDATA;

$back_from = $from - $max_files;
if($from > 0)
   $files .= <<<FILEDATA
<a href="manager.php?st=managr&amp;par=$par&amp;from=$back_from">Назад</a>
<br/>
FILEDATA;

?>
&#x0412;&#x0441;&#x0435;&#x0433;&#x043E; &#x0444;&#x0430;&#x0439;&#x043B;&#x043E;&#x0432;:<?php echo $n; ?>
<br/>
<?php echo $files; ?>
</p>
<p align="center">
*********<br/>
<a href="manager.php?st=edittitle&amp;par=<?php echo $par; ?>&amp;page=index.wml&amp;cp=go">Добавить страницу</a><br/>

<?php
}
///////////////////////////////MngerVIEW///////////////////////////////////////////////////////////
if($st=="manview") {print"&#x0421;&#x0422;&#x0420;&#x0410;&#x041D;&#x0418;&#x0426;&#x0410;<br/>";
if(preg_match('/[^\w\.]/', $_GET['page']) || (isset($_POST['pagename']) && preg_match('/[^\w\.]/', $_POST['pagename'])))
{
?>

Неправильное имя страницы

<?php
   exit;
}

if(isset($_GET['action']) && $_GET['action'] == 'rename')
{
   rename("inc/$_GET[page]", "inc/$_POST[pagename]");
   $_GET['page'] = $_POST['pagename'];
}
if(isset($_GET['action']) && $_GET['action'] == 'delete')
{
   unlink("inc/$_GET[page]");
?>

Страница удалена<br/>

<a href="admin.php?par=$par&amp;st=amPL">&#x0410;&#x0434;&#x043C;&#x0438;&#x043D; &#x043F;&#x0430;&#x043D;&#x0435;&#x043B;&#x044C;</a>

<?php
   exit;
}   
?>
   name:<?php echo $_GET['page']?>, size:<?php echo filesize("inc/" . addslashes($_GET['page'])); ?> byte
<br/>*********<br/>
<a href="edit.php?par=<?php echo $par; ?>&amp;page=<?php echo $_GET['page']; ?>">&#x0420;&#x0435;&#x0434;&#x0430;&#x043A;&#x0442;&#x0438;&#x0440;&#x043E;&#x0432;&#x0430;&#x0442;&#x044C;</a><br/>
*********<br/>
<b>&#x041F;&#x0435;&#x0440;&#x0435;&#x0438;&#x043C;&#x0435;&#x043D;&#x043E;&#x0432;&#x0430;&#x0442;&#x044C;</b><br/>
&#x0418;&#x043C;&#x044F; &#x0441;&#x0442;&#x0440;&#x0430;&#x043D;&#x0438;&#x0446;&#x044B;(&#x0431;&#x0435;&#x0437; wml):<br/>
<input name="pagename" type="text" maxlength="20" value="<?php echo preg_replace('/\..*?$/',"", $_GET['page']); ?>" title="page"/><br/>
<anchor title="go">Ok<go href="manager.php?st=manview&amp;par=<?php echo $par; ?>&amp;page=<?php echo $_GET['page']; ?>&amp;action=rename" method="post">
<postfield name="pagename" value="$(pagename).wml"/>
</go></anchor><br/>
*********<br/>
<a href="manager.php?st=manview&amp;par=<?php echo $par; ?>&amp;page=<?php echo $_GET['page']; ?>&amp;action=delete">&#x0423;&#x0434;&#x0430;&#x043B;&#x0438;&#x0442;&#x044C;</a><br/>
*********<br/>
<a href="manager.php?st=managr&amp;par=<?php echo $par; ?>">&#x041A; &#x0441;&#x043F;&#x0438;&#x0441;&#x043A;&#x0443;</a><br/>
<?php
}

/////////////////////////////////////////////////////////////////////////////////////////////////////
////////////////////////////////adminManagrR//////////////////////////////////////////////////////////////
if($st=="edittext") {print"Редактор!<br/>";
$contents = file("inc/" . addslashes($_GET['page']));
echo htmlspecialchars($contents[(int)$_GET['i']]);//echo htmlentities($contents[(int)$_GET['i']]); ?><br/>
<a href="manager.php?par=<?php echo $par; ?>&amp;p=<?php echo $login; ?>&amp;page=<?php echo $_GET['page']; ?>&amp;i=<?php echo $_GET['i']; ?>&amp;st=menudelt">&#x0423;&#x0434;a&#x043B;&#x0438;&#x0442;&#x044C;</a><br/>
*********<br/>
&#x0414;&#x043E;&#x0431;&#x0430;&#x0432;&#x0438;&#x0442;&#x044C;<br/>
Te&#x043A;c&#x0442;:<br/>
<input name="text" emptyok="true" value="" title="text"/><br/>
URL:<br/>
<input name="link" emptyok="true" maxlength="150" value="http://" title="link"/><br/>
&#x041A;ap&#x0442;&#x0438;&#x043D;&#x043A;a:<br/>
<input name="picture" emptyok="true" maxlength="150" value="http://" title="picture"/><br/>
Co&#x0437;&#x0434;a&#x0442;&#x044C; &#x043A;a&#x043A;:<br/>
<select name="action">
<option value="link">&#x041B;&#x0438;&#x043D;&#x043A;</option>
<option value="linkb">&#x0416;&#x0438;&#x0440;&#x043D;&#x044B;&#x0439; &#x043B;&#x0438;&#x043D;&#x043A;</option>
<option value="linki">&#x041A;&#x0443;&#x0440;&#x0441;&#x0438;&#x0432;&#x043D;&#x044B;&#x0439; &#x043B;&#x0438;&#x043D;&#x043A;</option>
<option value="linku">&#x041F;&#x043E;&#x0434;&#x0447;&#x0435;&#x0440;&#x043A;&#x043D;&#x0443;&#x0442;&#x044B;&#x0439; &#x043B;&#x0438;&#x043D;&#x043A;</option>
<option value="links">&#x041C;&#x0430;&#x043B;&#x044B;&#x0439; &#x043B;&#x0438;&#x043D;&#x043A;</option>
<option value="text">Te&#x043A;c&#x0442;</option>
<option value="textb">&#x0416;&#x0438;&#x0440;&#x043D;&#x044B;&#x0439; &#x0442;&#x0435;&#x043A;&#x0441;&#x0442;</option>
<option value="texti">&#x041A;&#x0443;&#x0440;&#x0441;&#x0438;&#x0432;&#x043D;&#x044B;&#x0439; &#x0442;&#x0435;&#x043A;&#x0441;&#x0442;</option>
<option value="textu">&#x041F;&#x043E;&#x0434;&#x0447;&#x0435;&#x0440;&#x043A;&#x043D;&#x0443;&#x0442;&#x044B;&#x0439;</option>
<option value="texts">&#x041C;&#x0430;&#x043B;&#x044B;&#x0439; &#x0442;&#x0435;&#x043A;&#x0441;&#x0442;</option>
<option value="picture">&#x041A;ap&#x0442;&#x0438;&#x043D;&#x043A;a</option>
<option value="urlpict">&#x041B;&#x0438;&#x043D;&#x043A; &#x0432; &#x043A;ap&#x0442;&#x0438;&#x043D;&#x043A;e</option>
<option value="br">&lt;br/&gt;</option>
<option value="left">align=left</option>
<option value="center">align=center</option>
<option value="right">align=right</option>
</select><br/>
A&#x0432;&#x0442;o&lt;br/&gt;:<br/>
<select name="abr">
<option value="yes">&#x0414;a</option>
<option value="no">&#x041D;e&#x0442;</option>
</select><br/>
Pac&#x043F;o&#x043B;o&#x0436;e&#x043D;&#x0438;e:<br/>
<select name="location">
<option value="below">H&#x0438;&#x0436;&#x0435;</option>
<option value="rewrite">&#x041F;epe&#x0437;a&#x043F;&#x0438;c&#x044C;</option>
<option value="above">&#x0412;&#x044B;&#x0448;e</option>
</select><br/>
&#x0420;&#x0435;&#x0437;&#x0430;&#x0442;&#x044C; &#x0442;&#x0435;&#x0433;&#x0438;:<br/>
<select name="strip">
<option value="yes">&#x0414;&#x0430;</option>
<option value="no">&#x041D;&#x0435;&#x0442;</option>
</select><br/>
<anchor title="go">OK<go href="manager.php?st=menuandd&amp;par=<?php echo $par; ?>&amp;page=<?php echo $_GET['page']; ?>&amp;i=<?php echo $_GET['i']; ?>" method="post">
<postfield name="action" value="$(action)"/>
<postfield name="location" value="$(location)"/>
<postfield name="abr" value="$(abr)"/>
<postfield name="text" value="$(text)"/>
<postfield name="link" value="$(link)"/>
<postfield name="picture" value="$(picture)"/>
<postfield name="strip" value="$(strip)"/>
</go></anchor><br/>
<br/>
<?php 
}
////////////////////////////////adminManagrR DEL//////////////////////////////////////////////////////
if($st=="menudelt") {print"&#x0423;&#x0434;a&#x043B;&#x0438;&#x043D;&#x043E;!! &#x0423;&#x0434;&#x0430;&#x0447;&#x043D;&#x043E;!<br/>";
 if($_GET['i'] != 5) // ñòðîêà ñ ïåðâûì <p align ...
   {
      $contents = file("inc/" . addslashes($_GET['page']));
      $contents2 = array();
      for($i = 0; $i < count($contents); $i++)
      {
         if($i != $_GET['i'])
            $contents2[] = $contents[$i];
      }
      $fp = fopen("inc/" . addslashes($_GET['page']), 'w');
      fputs($fp, join('', $contents2));
      fclose($fp);
      $message = 'Текст удален';
   }
   else
   {
      $message = 'Данную строку нельзя удалить';
   }
}
////////////////////////////////adminManagrR ANDD//////////////////////////////////////////////////////
if($st=="menuandd") {print" &#x043C;&#x0435;&#x043D;&#x044E; &#x0434;&#x043E;&#x0431;&#x0430;&#x0432;&#x043B;&#x0435;&#x043D;!<br/>";
if(preg_match('/[^\w\.]/', $_GET['page']))
{
?>
<wml>
<card id="error" title="error" ontimer="main.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>"><timer value="15"/>
<p align="center">
Неправильное имя страницы
</p>
</card>
</wml>
<?php
   exit;
}

   $contents = file("inc/" . addslashes($_GET['page']));
   for($i = 0; $i < count($contents); $i++)
   {
      if($banner == 'top' && $i == 6)
      {
      }
      else
      {
         $contents2[] = $contents[$i];
      }
      if(trim($contents[$i]) == '<p align="center">' || trim($contents[$i]) == '<p align="left">' || trim($contents[$i]) == '<p align="right">')
      {
         if($banner == 'top')
            $contents2[] = get_random_link();
      }

      if((isset($contents[$i+1]) && trim($contents[$i+1]) == '</p>') || (isset($contents[$i+2]) && trim($contents[$i+2]) == '</card>'))
      {
         if($banner == 'bottom')
         {
            array_pop($contents2);
            $contents2[] = get_random_link();
         }
      }

      if($i == $_GET['i'])
      {
         if($i == 5 && $_POST['location'] == 'rewrite' && $_POST['action'] != 'left' && $_POST['action'] != 'center' && $_POST['action'] != 'right')
         {
?>
<wml>
<card id="added" title="added" ontimer="edit.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>&amp;page=<?php echo $_GET['page']; ?>"><timer value="15"/>
<p>
В этой строке Вы можете использовать только выравнивание текста<br/>
</p>
</card>
</wml>
<?php
            exit;
         }

         $_POST['text'] = str_replace('&', '&amp;', $_POST['text']);
         $_POST['text'] = str_replace('$', '$$', $_POST['text']);
         if($_POST['strip'] == 'yes')
            $_POST['text'] = strip_tags($_POST['text']);

         if($_POST['text'] == '' && ($_POST['action'] != 'left' && $_POST['action'] != 'center' && $_POST['action'] != 'right'))
         {
?>
<wml>
<card id="added" title="added" ontimer="edit.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>&amp;page=<?php echo $_GET['page']; ?>"><timer value="15"/>
<p>
Вы не ввели текст<br/>
</p>
</card>
</wml>
<?php
            exit;
         }

         switch($_POST['action'])
         {
            case 'link':
               $new_line = '<a href="' . $_POST['link'] . '">' . $_POST['text'] . "</a>\n";
               break;
            case 'linkb':
               $new_line = '<b><a href="' . $_POST['link'] . '">' . $_POST['text'] . "</a></b>\n";
               break;
            case 'linki':
               $new_line = '<i><a href="' . $_POST['link'] . '">' . $_POST['text'] . "</a></i>\n";
               break;
            case 'links':
               $new_line = '<small><a href="' . $_POST['link'] . '">' . $_POST['text'] . "</a></small>\n";
               break;
            case 'linku':
               $new_line = '<u><a href="' . $_POST['link'] . '">' . $_POST['text'] . "</a></u>\n";
               break;
            case 'text':
               $new_line = $_POST['text'] . "\n";
               break;
            case 'textb':
               $new_line = '<b>' . $_POST['text'] . "</b>\n";
               break;
            case 'texti':
               $new_line = '<i>' . $_POST['text'] . "</i>\n";
               break;
            case 'texts':
               $new_line = '<small>' . $_POST['text'] . "</small>\n";
               break;
            case 'textu':
               $new_line = '<u>' . $_POST['text'] . "</u>\n";
               break;
            case 'picture':
               $new_line = '<img src="' . $_POST['picture'] . '" alt="' . $_POST['text'] . '"/>' . "\n";
               break;
            case 'urlpict':
               $new_line = '<a href="' . $_POST['link'] . '"><img src="' . $_POST['picture'] . '" alt="' . $_POST['text'] . '"/></a>' . "\n";
               break;
            case 'br':
               $new_line = '<br/>' . "\n";
               break;
            case 'left':
               if($_GET['i'] == 5)
                  $new_line = '<p align="left">' . "\n";
               else
                  $new_line = '</p><p align="left">' . "\n";
               break;
            case 'center':
               if($_GET['i'] == 5)
                  $new_line = '<p align="center">' . "\n";
               else
                  $new_line = '</p><p align="center">' . "\n";
               break;
           case 'right':
               if($_GET['i'] == 5)
                  $new_line = '<p align="right">' . "\n";
               else
                  $new_line = '</p><p align="right">' . "\n";
               break;
            default:
               $new_line = '';
         }

         if($_POST['abr'] == 'yes')
            $new_line .= "\n<br/>\n";

         if($_POST['location'] == 'below')
         {
            // adding new line
            $contents2[] = $new_line;
         }
         if($_POST['location'] == 'rewrite')
         {
            // adding new line
            if($_GET['i'] == 5)
            {
               $adv_link = array_pop($contents2);
               array_pop($contents2);
               $contents2[] = $new_line;
               //$contents2[] = $adv_link;
            }
            else
            {
               array_pop($contents2);
               $contents2[] = $new_line;
            }
         }
         if($_POST['location'] == 'above')
         {
            // adding new line
            $curr_row = array_pop($contents2);
            $contents2[] = $new_line;
            array_push($contents2, $curr_row);
         }
      }
   }
   $fp = fopen("inc/" . addslashes($_GET['page']), 'wb');
   fputs($fp, join('', $contents2));
   fclose($fp);

}

if(!isset($_GET['page']))
   $_GET['page'] = 'index.wml';

if(preg_match('/[^\w\.]/', $_GET['page']))
{
?>
<wml>
<card id="error" title="error" ontimer="main.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>"><timer value="15"/>
<p align="center">
Неправильное имя страницы
</p>
</card>
</wml>
<?php
   exit;


}
//////////////////////////////////////////////////////////////////////////////////////////////////////
////////////////////////////////GL edittitle///////////////////////////////////////////////////
if($st=="edittitle") {print"&#x0414;&#x043E;&#x0431;&#x0430;&#x0432;&#x0438;&#x0442;&#x044C; WML<br/>";
?>
&#x0418;&#x043C;&#x044F; c&#x0442;pa&#x043D;&#x0438;&#x0446;&#x044B;(&#x0431;&#x0435;&#x0437; wml)<br/>
<input name="page" emptyok="true" maxlength="20" value="<?php echo preg_replace('/\..*?$/',"",$_GET['page']); ?>" title="page"/><br/>
&#x0417;a&#x0433;o&#x043B;o&#x0432;o&#x043A;:<br/>
<input name="title" emptyok="true" maxlength="20" title="title"/><br/>
<select name="action">
<option value="create">Co&#x0437;&#x0434;a&#x0442;&#x044C;</option>
</select><br/>
<anchor title="go">Ok<go href="manager.php?st=edittitle2&amp;par=<?php echo $par; ?>&amp;page=<?php echo $_GET['page']; ?>" method="post">
<postfield name="action" value="$(action)"/>
<postfield name="page" value="$(page).wml"/>
<postfield name="title" value="$(title)"/>
</go></anchor><br/>
*********<br/>
<?php
}
////////////////////////////////GL edittitle2///////////////////////////////////////////////////
if($st=="edittitle2") {print"&#x0421;&#x0442;&#x0440;&#x0430;&#x043D;&#x0438;&#x0446;&#x0430; WML &#x0414;&#x043E;&#x0431;&#x0430;&#x0432;&#x043B;&#x0435;&#x043D;&#x0430;!<br/>";
$fp = fopen("inc/" . $_POST['page'], 'w');
 $clear_page = '<?xml version="1.0" encoding="UTF-8"?>';
         $clear_page .= <<<CLEARPAGE
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head>
<card id="index" title="$_POST[title]">
<do type="prev" label="&#x041D;&#x0430;&#x0437;&#x0430;&#x0434;"><prev/></do>
<p align="center">
<br/>
</p>
</card>
</wml>
CLEARPAGE;
         fputs($fp, $clear_page);
         fclose($fp);
         $message = 'C&#x0442;pa&#x043D;&#x0438;&#x0446;a "' . $_POST['page'] . '" co&#x0437;&#x0434;a&#x043D;a';
}
/////////////////////////////////////////////////////////////////////////////////////////////////////
}
print"<br/>__________<br/>
<a href=\"admin.php?par=$par&amp;st=amPL\">&#x0410;&#x0434;&#x043C;&#x0438;&#x043D; &#x043F;&#x0430;&#x043D;&#x0435;&#x043B;&#x044C;</a>
<br/>
</p></card></wml>";

?>