#616485 by Jay Williams (d3designs)

Embed
Download
Raw
A A A
Ruby September 14, 2009
2:33PM EDT Report abuse
diff -r -w pixelpost_v1.7.2/ReadMe.txt pixelpost_v1.7.3/ReadMe.txt
1c1
< Pixelpost version 1.7.2
---
> Pixelpost version 1.7.3
diff -r -w pixelpost_v1.7.2/addons/copy_folder.php pixelpost_v1.7.3/addons/copy_folder.php
77,78c77
< 
<   for ($k=0;$k<count($files);$k++)
---
>   foreach($files as $k => $file)
80,81d78
<       $file = $files[$k];
< 
83a81
>       $file = $files[$k];
165c163
< Enter the absolute path to folder:<br /><br />
---
> Enter the relative path to the folder:<br /><br />
diff -r -w pixelpost_v1.7.2/addons/paged_archive.php pixelpost_v1.7.3/addons/paged_archive.php
319,321c319,322
<   { // archive date is available
<       $archivedate_start = $_GET['archivedate'] ."-01 00:00:00";
<       $archivedate_end = $_GET['archivedate'] ."-31 23:59:59";
---
>   { // archive date is available.
>       $archivedate = preg_replace('/[^0-9\-]/', '', $_GET['archivedate']);
>       $archivedate_start = $archivedate ."-01 00:00:00";
>       $archivedate_end = $archivedate ."-31 23:59:59";
395,396c396,398
<       $archivedate_start = mysql_real_escape_string($_GET['archivedate']) ."-01 00:00:00";
<       $archivedate_end = mysql_real_escape_string($_GET['archivedate']) ."-31 23:59:59";
---
>       $archivedate = preg_replace('/[^0-9\-]/', '', $_GET['archivedate']);
>       $archivedate_start = mysql_real_escape_string($archivedate) ."-01 00:00:00";
>       $archivedate_end = mysql_real_escape_string($archivedate) ."-31 23:59:59";
439c441
<           $archivedate=$_GET['archivedate'];
---
>           $archivedate = preg_replace('/[^0-9\-]/', '', $_GET['archivedate']);
diff -r -w pixelpost_v1.7.2/admin/images_edit.php pixelpost_v1.7.3/admin/images_edit.php
184c184
<                       $values[1] = '('.(int)$idz[$i].', "'.$tags_arr[$y].'", "")';
---
>                       $values[1] = '('.(int)$idz[$x].', "'.$tags_arr[$y].'", "")';
195c195
<                       $values[1] = '('.(int)$idz[$i].', "", "'.$tags_arr[$y].'")';
---
>                       $values[1] = '('.(int)$idz[$x].', "", "'.$tags_arr[$y].'")';
378c378
<       if ($_SESSION['numimg_pp'] == 0)    $_SESSION['numimg_pp'] = 10;
---
>       if (isset($_SESSION['numimg_pp']) AND $_SESSION['numimg_pp'] == 0 OR !isset($_SESSION['numimg_pp']))  $_SESSION['numimg_pp'] = 10;
544c544,545
<               $image_page_Links .= "<a href='index.php?view=images&amp;page=$pagecounter$getfstring'>".($_GET['page']==$pagecounter?'<b>'.$pcntr.'</b>':$pcntr)."</a> ";
---
>               $page_num = ($page == $pagecounter) ? "<strong>$pcntr</strong>" : $pcntr;
>               $image_page_Links .= "<a href='index.php?view=images&amp;page=$pagecounter$getfstring'>$page_num</a> ";
644,645c645
<     $category = $imagerow['category'];
<     $category = explode(",",$category);
---
>      // fetch the categories
646a647,653
>      $category = array();
> 
>     $query = mysql_query("SELECT `cat_id` FROM " . $pixelpost_db_prefix . "catassoc where image_id='$getid'");
>     while(list($cat_id) = mysql_fetch_row($query))
>     {
>       $category[] = $cat_id;
>     }
704c711
<           category_list_as_table(array(), $cfgrow);
---
>           category_list_as_table($category, $cfgrow);
diff -r -w pixelpost_v1.7.2/admin/index.php pixelpost_v1.7.3/admin/index.php
45a46,47
> define('PIXELPOST',true);
> 
69c71
< $version = "MS43LjIgKFF1aWNraWUpIC0gSnVseSAyMDA5";
---
> $version = "MS43LjMgKFF1aWNraWUgRml4KSAtIFNlcHRlbWJlciAyMDA5";
77c79
< if( $installed_version < 1.72 )
---
> if( $installed_version < 1.73 )
diff -r -w pixelpost_v1.7.2/admin/install/install_functions.php pixelpost_v1.7.3/admin/install/install_functions.php
33c33,36
<                  'japanese'=>array('JP','Japanese')
---
>                  'japanese'=>array('JP','Japanese'),
>                    'romanian'=>array('RO','Romana'),
>                    'russian'=>array('RU','Russian'),
>                    'czech'=>array('CS','Česky')
247c250
<   $var = htmlentities(stripslashes(strip_tags($var)));
---
>   $var = stripslashes(strip_tags($var));
1010c1013
<       $admin_user     = stripslashes($data['admin_username']);
---
>       $admin_username = stripslashes($data['admin_username']);
diff -r -w pixelpost_v1.7.2/admin/install/install_schema.php pixelpost_v1.7.3/admin/install/install_schema.php
61,68d60
<        //$ins_data[] = UpgradeTo165($prefix,'1.65');
<        
<   //case 1.65:
<        //$ins_data[] = UpgradeTo1651($prefix,'1.651');
<   
<   //case 1.651:
<        //$ins_data[] = UpgradeTo1652($prefix,'1.652');
<        
73a66,67
>   case 1.72:
>       $ins_data[] = UpgradeTo171($prefix,'1.73');
diff -r -w pixelpost_v1.7.2/admin/install.php pixelpost_v1.7.3/admin/install.php
13c13
< define('PP_VERSION', '1.72');
---
> define('PP_VERSION', '1.73');
diff -r -w pixelpost_v1.7.2/admin/new_image.php pixelpost_v1.7.3/admin/new_image.php
81c81,82
<           $userfile = strtolower($_FILES['userfile']['name']);
---
>           $userfile = strtolower(str_replace(" ", "_", $_FILES['userfile']['name']));
>           $userfile = preg_replace('/[^0-9a-z\-_\.]/', '', $userfile);
diff -r -w pixelpost_v1.7.2/admin/pass_recovery.php pixelpost_v1.7.3/admin/pass_recovery.php
2a3,4
> if(!defined('PIXELPOST')){die("Try another day!!");}
> 
diff -r -w pixelpost_v1.7.2/admin/view_info.php pixelpost_v1.7.3/admin/view_info.php
135a136,172
> echo "
>   <div class='jcaption'>Comment ERROR codes explanation</div>
>   <div class='content'>
>   <table border=\"0\" cellspacing=\"5\">
>     <tbody><tr>
>     <td><b>Errorcode</b></td>
>     <td><b>Description</b></td>
>   </tr>
>   <tr>
>     <td>ERR: 01</td>
>     <td>The comment was blocked because the token didn't match with the controltoken.</td>
>   </tr>
>   <tr>
>     <td>ERR: 02</td>
>     <td>The ID of the image didn't correspond with the image ID in the form.</td>
>   </tr>
>   <tr>
>     <td>ERR: 03</td>
>     <td>The comment was blocked on an intrusion ID.</td>
>   </tr>
>   <tr>
>     <td>ERR: 04</td>
>     <td>The comment contained more than the allowed maximum of URLS.</td>
>   </tr>
>   <tr>
>     <td>ERR: 05</td>
>     <td>The comment contains blacklisted words or IPaddress.</td>
>   </tr>
>   <tr>
>     <td>ERR: 06</td>
>     <td>The comment doesn't allow comments (disabled by the administrator).</td>
>   </tr>
>   <tr>
>     <td>ERR: 07</td>
>     <td>The comment was blocked because the e-mailaddress failed the check. People are required to fill in either a real e-mailaddress or leave it blank.</td>
>   </tr>
> </table>";
137a175
>   </div>
diff -r -w pixelpost_v1.7.2/includes/create_tables.php pixelpost_v1.7.3/includes/create_tables.php
461,463d460
<   deactivateAddons($prefix);
<   activatePxlpstAddons($prefix);
<   
528c525,527
< function UpgradeTo171($prefix, $newversion) {
---
> function UpgradeTo171($prefix, $newversion) 
> {
>   
529a529,532
> 
>   deactivateAddons($prefix);
>   activatePxlpstAddons($prefix);
> 
diff -r -w pixelpost_v1.7.2/includes/functions.php pixelpost_v1.7.3/includes/functions.php
623,630c623,624
<   global $pixelpost_db_pixelpost;
<   //start_mysql();
<   // Check to see if the ban table exists, if not, create it
<   //$query = "show tables from ".$pixelpost_db_pixelpost." like '".$pixelpost_db_prefix."addons'";
<   $query = "SHOW TABLES FROM `".$pixelpost_db_pixelpost."` LIKE '".$pixelpost_db_prefix."addons'";
<   $query = mysql_query( $query);
<   $query = mysql_fetch_array($query);
<   if ($query !='')
---
>   $query = mysql_query("SELECT * FROM `".$pixelpost_db_prefix."addons` LIMIT 1");
>   if($query)  
716,723c710,711
<   global $pixelpost_db_pixelpost;
<   //start_mysql();
<   // Check to see if the ban table exists, if not, create it
<   //$query = "show tables from `".$pixelpost_db_pixelpost."` like '".$pixelpost_db_prefix."addons'";
<   $query = "SHOW TABLES FROM `".$pixelpost_db_pixelpost."` LIKE '".$pixelpost_db_prefix."addons'";
<   $query = mysql_query( $query);
<   $query = mysql_fetch_array($query);
<   if ($query !='')
---
>   $query = mysql_query("SELECT * FROM `".$pixelpost_db_prefix."addons` LIMIT 1");
>   if($query)  
833c821
<               echo "<a href='".$_SERVER['PHP_SELF']."?view=".strtolower($funcs['menu_name'])."'>".$funcs['menu_name']."</a>";
---
>               echo "<a href='".$_SERVER['PHP_SELF']."?view=".rawurlencode(strtolower($funcs['menu_name']))."'>".$funcs['menu_name']."</a>";
840c828
<               if ($funcs['workspace']=='admin_main_menu_contents' & $_GET['view']!=strtolower($funcs['menu_name']))   continue;
---
>               if ($funcs['workspace']=='admin_main_menu_contents' & $_GET['view']!=rawurlencode(strtolower($funcs['menu_name']))) continue;
928c916
<               $toecho ="|<a class='".$selecteclass."' href='?view=".strtolower($menu_name) ."&amp;".$menuitem ."=".$submenuitem.$additional."' id='".$menu_name.$submenu_name."'>" .strtoupper($submenu_name) ."</a>";
---
>               $toecho ="|<a class='".$selecteclass."' href='?view=".rawurlencode(strtolower($menu_name)) ."&amp;".$menuitem ."=".$submenuitem.$additional."' id='".$menu_name.$submenu_name."'>" .strtoupper($submenu_name) ."</a>";
1311c1299
<   global $pixelpost_db_prefix;
---
>   global $pixelpost_db_prefix, $admin_lang_spam_err_6, $admin_lang_spam_com_upd;
1345,1346c1333,1334
<       if (mysql_error())  $additional_msg = "$admin_lang_spam_err_6 ".mysql_error()."<br/>";
<       else    $additional_msg = "$admin_lang_spam_com_upd"."<br/>";
---
>       if (mysql_error())  $additional_msg = $admin_lang_spam_err_6.'&nbsp;'.mysql_error().'<br />';
>       else    $additional_msg = $admin_lang_spam_com_upd.'<br />';
1359c1347
<   global $pixelpost_db_prefix;
---
>   global $pixelpost_db_prefix, $admin_lang_spam_com_del, $admin_lang_spam_err_7;
1392,1393c1380,1381
<       if (mysql_error())  $additional_msg = "$admin_lang_spam_err_7 ".mysql_error()."<br/>";
<       else    $additional_msg = "$admin_lang_spam_com_del"."<br/>";
---
>       if (mysql_error())  $additional_msg = $admin_lang_spam_err_7.'&nbsp;'.mysql_error().'<br />';
>       else    $additional_msg = $admin_lang_spam_com_del.'<br />';
1405c1393
<   global $pixelpost_db_prefix;
---
>   global $pixelpost_db_prefix, $admin_lang_spam_err_8, $admin_lang_spam_visit_del;
1438c1426
<           $additional_msg = "$admin_lang_spam_err_8".mysql_error()."<br/>";
---
>           $additional_msg = $admin_lang_spam_err_8.'&nbsp;'.mysql_error().'<br />';
1440c1428
<           $additional_msg = "$admin_lang_spam_visit_del"."<br/>";
---
>           $additional_msg = $admin_lang_spam_visit_del.'<br />';
diff -r -w pixelpost_v1.7.2/includes/functions_browse.php pixelpost_v1.7.3/includes/functions_browse.php
33c33,34
<       $where = "AND (DATE_FORMAT(datetime, '%Y-%m')='".$_GET['archivedate']."')"; //DATE_FORMAT(foo, '%Y-%m-%d')
---
>       $archivedate = preg_replace('/[^0-9\-]/', '', $_GET['archivedate']);
>       $where = "AND (DATE_FORMAT(datetime, '%Y-%m')='$archivedate')"; //DATE_FORMAT(foo, '%Y-%m-%d')
diff -r -w pixelpost_v1.7.2/includes/functions_comments.php pixelpost_v1.7.3/includes/functions_comments.php
107c107
<       echo "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"><HTML><HEAD>\n<TITLE>404 Not Found</TITLE>\n</HEAD><BODY>\n<H1>Not Found</H1>\nThe comment could not be accepted because it got flagged as SPAM by our anti-SPAM measures. (ERR: 06).<P>\n<P>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.\n<br /><a href='javascript:history.back()'> Click here to go BACK</a></BODY></HTML>";
---
>       echo "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"><HTML><HEAD>\n<TITLE>404 Not Found</TITLE>\n</HEAD><BODY>\n<H1>Not Found</H1>\nThe administrator of this blog has disabled comments for this picture. (ERR: 06)<P>\n<P>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.\n<br /><a href='javascript:history.back()'> Click here to go BACK</a></BODY></HTML>";
diff -r -w pixelpost_v1.7.2/includes/functions_exif.php pixelpost_v1.7.3/includes/functions_exif.php
86a87,88
>           $aperture = round(trim($aperture,' f'),1);
>           $aperture = "f/$aperture";
102c104
<           $flash = $empty_exif;
---
>           $flash = null;
129c131
<     if(isset($exposure)&&$exposure != "")
---
>     if(isset($exposure)&&$exposure != "0")
221,222d222
<     if(isset($flash)&&$flash != "")
<     {
226,231d225
<     else
<     {
<       $flash = "$empty_exif";
<       $tpl = ereg_replace("<EXIF_FLASH>",$flash,$tpl);
<     }
<   }
diff -r -w pixelpost_v1.7.2/index.php pixelpost_v1.7.3/index.php
45a46
> ini_set('arg_separator.output', '&amp;');
49a51
> define('PIXELPOST',true);
55a58,68
> /**
>  * Load the $cfgrow configuration variable and set the upload directory
>  */
> // get config
> if($cfgrow = sql_array("SELECT * FROM ".$pixelpost_db_prefix."config"))
> {
>   $upload_dir = $cfgrow['imagepath'];
> }else{
>   $extra_message= "Coming Soon. Not Installed Yet. Cause #1";
>   show_splash($extra_message,"templates");
> }
63a77,78
> session_start();
> 
90,93d104
< ini_set('arg_separator.output', '&amp;');
< 
< session_start();
< 
105,114d115
< // get config
< if($cfgrow = sql_array("SELECT * FROM ".$pixelpost_db_prefix."config"))
< {
<   $upload_dir = $cfgrow['imagepath'];
< }else{
<   $extra_message= "Coming Soon. Not Installed Yet. Cause #1";
<   show_splash($extra_message,"templates");
< 
< }
< 
248a250
>       setcookie ('lang', "", time() - 3600, '/', false, 0);
256a259
>           setcookie ('lang', "", time() - 3600, '/', false, 0);
261a265
>   setcookie ('lang', "", time() - 3600, '/', false, 0);
13104 characters / 333 lines