PHP serendipity_checkFormToken函数代码示例

 function introspect(&$propbag)
 {
     $this->title = $this->get_config('title', $this->title);
     $propbag->add('name', PLUGIN_SIDEBAR_IMAGESIDEBAR_NAME);
     $propbag->add('description', PLUGIN_SIDEBAR_IMAGESIDEBAR_DESC);
     $propbag->add('stackable', true);
     $propbag->add('author', 'Andrew Brown (Menalto code), Matthew Groeninger (Unified/Media Lib. Code), Stefan Lange-Hegermann (Zooomr Code), Matthew Maude (Coppermine code)');
     $propbag->add('version', '0.98');
     $propbag->add('license', 'BSD');
     $propbag->add('requirements', array('serendipity' => '0.8', 'smarty' => '2.6.7', 'php' => '4.1.0'));
     $propbag->add('groups', array('IMAGES'));
     //And now, off the beaten path.  Here we check to see if the configuration is being saved.  If so, lets just 'borrow' display_source so we can get the configuration right.
     if (isset($_POST['SAVECONF']) && serendipity_checkFormToken()) {
         $this->set_config('display_source', $_POST['serendipity']['plugin']['display_source']);
     }
     //Ok, now let's set the sub_plugin to the right one/ create the sub_plugin object.
     $this->object_extend = $this->create_sub_class(true);
     //add an array generated by 'set_configuration_array' to the propbag configuration.
     $config_array = $this->set_configuration_array($this->object_extend);
     $propbag->add('configuration', $config_array);
 }

                echo "Backtrace:<br />\n" . implode("<br />\n", $serendipity['debug']['pluginload']) . "<br />";
            }
            $bag = new serendipity_property_bag();
            $plugin->introspect($bag);
            if ($bag->is_set('configuration')) {
                /* Only play with the plugin if there is something to play with */
                echo '<script type="text/javascript">location.href = \'' . $serendipity['baseurl'] . '?serendipity[adminModule]=plugins&serendipity[plugin_to_conf]=' . $inst . '\';</script>';
                die;
            } else {
                /* If no config is available, redirect to plugin overview, because we do not want that a user can install the plugin a second time via accidental browser refresh */
                echo '<script type="text/javascript">location.href = \'' . $serendipity['baseurl'] . '?serendipity[adminModule]=plugins\';</script>';
                die;
            }
        }
    }
    if (isset($_POST['REMOVE']) && serendipity_checkFormToken()) {
        if (is_array($_POST['serendipity']['plugin_to_remove'])) {
            foreach ($_POST['serendipity']['plugin_to_remove'] as $key) {
                $plugin =& serendipity_plugin_api::load_plugin($key);
                if ($plugin->serendipity_owner == '0' || $plugin->serendipity_owner == $serendipity['authorid'] || serendipity_checkPermission('adminPluginsMaintainOthers')) {
                    serendipity_plugin_api::remove_plugin_instance($key);
                }
            }
        }
    }
    ?>

<?php 
    if (isset($_POST['SAVE'])) {
        ?>
    <div class="serendipityAdminMsgSuccess"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="<?php 

/**
 * Creates the necessary session data to be used by later iframe calls
 *
 * This function emits the actual <iframe> call.
 *
 * @access private
 * @see serendipity_is_iframe()
 * @param   string  Indicates whether an entry is previewed or saved. Save performs XML-RPC calls.
 * @param   mixed   The entry array (comes from HTTP POST request)
 * @return  boolean Indicates whether iframe data was stored
 */
function serendipity_iframe_create($mode, &$entry)
{
    global $serendipity;
    if (!empty($serendipity['POST']['no_save'])) {
        return true;
    }
    if (!serendipity_checkFormToken()) {
        return false;
    }
    $_SESSION['save_entry'] = $entry;
    $_SESSION['save_entry_POST'] = $serendipity['POST'];
    $attr = '';
    switch ($mode) {
        case 'save':
            $attr = ' height="100" ';
            break;
        case 'preview':
            $attr = ' height="300" ';
            break;
    }
    return '<iframe src="serendipity_admin.php?serendipity[is_iframe]=true&amp;serendipity[iframe_mode]=' . $mode . '" id="serendipity_iframe" name="serendipity_iframe" ' . $attr . ' width="100%" frameborder="0" marginwidth="0" marginheight="0" scrolling="auto" title="Serendipity">' . IFRAME_WARNING . '</iframe>';
}

# $Id: configuration.inc.php 2366 2008-11-06 11:44:43Z garvinhicking $
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved.  See LICENSE file for licensing details
if (IN_serendipity !== true) {
    die("Don't hack!");
}
umask(00);
$umask = 0775;
@define('IN_installer', true);
if (!isset($_POST['installAction'])) {
    $_POST['installAction'] = '';
}
if (!serendipity_checkPermission('siteConfiguration') && !serendipity_checkPermission('blogConfiguration')) {
    return;
}
switch ($_POST['installAction'] && serendipity_checkFormToken()) {
    case 'check':
        $oldConfig = $serendipity;
        $res = serendipity_updateConfiguration();
        if (is_array($res)) {
            echo DIAGNOSTIC_ERROR;
            echo '<div class="serendipityAdminMsgError">- <img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . implode('<br />', $res) . '</div><br /><br />';
        } else {
            /* If we have new rewrite rules, then install them */
            $permalinkOld = array($oldConfig['serendipityHTTPPath'], $oldConfig['serendipityPath'], $oldConfig['baseURL'], $oldConfig['indexFile'], $oldConfig['rewrite']);
            $permalinkNew = array($serendipity['serendipityHTTPPath'], $serendipity['serendipityPath'], $serendipity['baseURL'], $serendipity['indexFile'], $serendipity['rewrite']);
            // Compare all old permalink section values against new one. A change in any of those
            // will force to update the .htaccess for rewrite rules.
            $permconf = serendipity_parseTemplate(S9Y_CONFIG_TEMPLATE);
            if (is_array($permconf) && is_array($permconf['permalinks']['items'])) {
                foreach ($permconf['permalinks']['items'] as $permitem) {

/**
 * Prints the content of the iframe.
 *
 * Called by serendipity_is_iframe, when preview is requested. Fetches data from session.
 * An iframe is used so that a single s9y page must not timeout on intensive operations,
 * and so that the frontend stylesheet can be embedded without screwing up the backend.
 *
 * @access private
 * @see serendipity_is_iframe()
 * @param   mixed   The entry array (comes from session variable)
 * @param   string  Indicates whether an entry is previewed or saved. Save performs XML-RPC calls.
 * @param   boolean Use smarty templating?
 * @return  boolean Indicates whether iframe data was printed
 */
function serendipity_iframe(&$entry, $mode = null, $use_smarty = true)
{
    global $serendipity;
    if (empty($mode) || !is_array($entry)) {
        return false;
    }
    if (!serendipity_checkFormToken()) {
        return false;
    }
    if ($use_smarty) {
        $serendipity['smarty_raw_mode'] = true;
        // Force output of Smarty stuff in the backend
        $serendipity['smarty_preview'] = true;
        serendipity_smarty_init();
        $serendipity['smarty']->assign('is_preview', true);
        ob_start();
    }
    $show = false;
    switch ($mode) {
        case 'save':
            echo '<div style="float: left; height: 75px"></div>';
            $res = serendipity_updertEntry($entry);
            if (is_string($res)) {
                echo '<div class="serendipity_msg_error">' . ERROR . ': <b>' . $res . '</b></div>';
            } else {
                if (!empty($serendipity['lastSavedEntry'])) {
                    // Last saved entry must be propagated to entry form so that if the user re-edits it,
                    // it needs to be stored with the new ID.
                    echo '<script type="text/javascript">parent.document.forms[\'serendipityEntry\'][\'serendipity[id]\'].value = "' . $serendipity['lastSavedEntry'] . '";</script>';
                }
                $entrylink = serendipity_archiveURL($res, $entry['title'], 'serendipityHTTPPath', true, array('timestamp' => $entry['timestamp']));
                echo '<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . ENTRY_SAVED . ' (<a href="' . $entrylink . '" target="_blank">' . VIEW . '</a>)</div>';
            }
            echo '<br style="clear: both" />';
            $show = true;
            break;
        case 'preview':
            echo '<div id="serendipity_preview_spacer" style="float: left; height: 225px"></div>';
            serendipity_printEntries(array($entry), $entry['extended'] != '' ? 1 : 0, true);
            echo '<br id="serendipity_preview_spacer2" style="clear: both" />';
            $show = true;
            break;
    }
    if ($use_smarty) {
        $preview = ob_get_contents();
        ob_end_clean();
        $serendipity['smarty']->assign_by_ref('preview', $preview);
        $serendipity['smarty']->display(serendipity_getTemplateFile('preview_iframe.tpl', 'serendipityPath'));
    }
    return $show;
}

                $dbn = 'latin1';
                break;
            case 'UTF-8':
                $dbn = 'utf8';
                break;
        }
        if ($dbn && $serendipity['dbNames']) {
            mysql_query("SET NAMES " . $dbn, $db);
        }
        $return =& mysql_query($query, $db);
        mysql_select_db($serendipity['dbName'], $serendipity['dbConn']);
        serendipity_db_reconnect();
        return $return;
    }
}
if (isset($serendipity['GET']['importFrom']) && serendipity_checkFormToken()) {
    /* Include the importer */
    $class = @(require_once S9Y_INCLUDE_PATH . 'include/admin/importers/' . basename($serendipity['GET']['importFrom']) . '.inc.php');
    if (!class_exists($class)) {
        die('FAILURE: Unable to require import module, possible syntax error?');
    }
    /* Init the importer with form data */
    $importer = new $class($serendipity['POST']['import']);
    /* Yes sir, we are importing if we have valid data */
    if ($importer->validateData()) {
        echo IMPORT_STARTING . '<br />';
        /* import() MUST return (bool)true, otherwise we assume it failed */
        if (($result = $importer->import()) !== true) {
            echo IMPORT_FAILED . ': ' . $result . '<br />';
        } else {
            echo IMPORT_DONE . '<br />';

 function insertevent(&$array)
 {
     global $serendipity;
     if (!serendipity_checkFormToken()) {
         return false;
     }
     return serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}mycalendar\n                                                 (eventname, eventurl, eventurltitle, eventdate, eventdate2)\n                                          VALUES ('" . serendipity_db_escape_string($array['eventname']) . "','" . serendipity_db_escape_string($array['eventurl']) . "','" . serendipity_db_escape_string($array['eventurltitle']) . "','" . serendipity_db_escape_string($array['eventdate']) . "','" . serendipity_db_escape_string($array['eventdate2']) . "')");
 }

global $serendipity;
$data = array();
switch ($serendipity['POST']['adminAction']) {
    case 'publish':
        if (!serendipity_checkFormToken()) {
            break;
        }
        $success = serendipity_updertEntry(array('id' => serendipity_specialchars($serendipity['POST']['id']), 'timestamp' => time(), 'isdraft' => 0));
        if (is_numeric($success)) {
            $data['published'] = $success;
        } else {
            $data['error_publish'] = $success;
        }
        break;
    case 'updateCheckDisable':
        if (!serendipity_checkFormToken() || !serendipity_checkPermission('blogConfiguration')) {
            break;
        }
        serendipity_set_config_var('updateCheck', false);
        break;
}
$user = serendipity_fetchAuthor($serendipity['authorid']);
// chrome-compatible, from Oliver Gassner, adapted from TextPattern. Hi guys, keep it up. :-)
$bookmarklet = "javascript:var%20d=document,w=window,e=w.getSelection,k=d.getSelection,x=d.selection,s=(e?e():(k)?k():(x?x.createRange().text:0)),f='" . $serendipity['baseURL'] . "',l=d.location,e=encodeURIComponent,p='serendipity_admin.php?serendipity[adminModule]=entries&serendipity[adminAction]=new&serendipity[title]='+e(d.title)+'&serendipity[body]='+e(s)+'&serendipity[url]='+location.href,u=f+p;a=function(){%20%20if(!w.open(u,'t','toolbar=0,resizable=1,scrollbars=1,status=1,width=800,height=800'))%20%20%20%20l.href=u;};if(/Firefox/.test(navigator.userAgent))%20%20setTimeout(a,0);else%20%20a();void(0)";
$data['bookmarklet'] = $bookmarklet;
$data['username'] = $user[0]['realname'];
$data['js_failure_file'] = serendipity_getTemplateFile('admin/serendipity_editor.js');
$output = array();
serendipity_plugin_api::hook_event('backend_frontpage_display', $output);
$data['backend_frontpage_display'] = $output['more'];
$data['usedVersion'] = $serendipity['version'];

        serendipity_approveComment((int) $serendipity['GET']['id'], (int) $rs['entry_id']);
        $msg .= DONE . ': ' . sprintf(COMMENT_APPROVED, (int) $serendipity['GET']['id']);
    }
}
if (isset($serendipity['GET']['adminAction']) && $serendipity['GET']['adminAction'] == 'pending' && serendipity_checkFormToken()) {
    $sql = "SELECT c.*, e.title, a.email as authoremail, a.mail_comments\n            FROM {$serendipity['dbPrefix']}comments c\n            LEFT JOIN {$serendipity['dbPrefix']}entries e ON (e.id = c.entry_id)\n            LEFT JOIN {$serendipity['dbPrefix']}authors a ON (e.authorid = a.authorid)\n            WHERE c.id = " . (int) $serendipity['GET']['id'] . " AND status = 'approved'";
    $rs = serendipity_db_query($sql, true);
    if ($rs === false) {
        $errormsg .= ERROR . ': ' . sprintf(COMMENT_ALREADY_APPROVED, (int) $serendipity['GET']['id']);
    } else {
        serendipity_approveComment((int) $serendipity['GET']['id'], (int) $rs['entry_id'], true, true);
        $msg .= DONE . ': ' . sprintf(COMMENT_MODERATED, (int) $serendipity['GET']['id']);
    }
}
/* We are asked to delete a comment */
if (isset($serendipity['GET']['adminAction']) && $serendipity['GET']['adminAction'] == 'delete' && serendipity_checkFormToken()) {
    serendipity_deleteComment($serendipity['GET']['id'], $serendipity['GET']['entry_id']);
    $msg .= DONE . ': ' . sprintf(COMMENT_DELETED, (int) $serendipity['GET']['id']);
}
/* We are either in edit mode, or preview mode */
if (isset($serendipity['GET']['adminAction']) && ($serendipity['GET']['adminAction'] == 'edit' || $serendipity['GET']['adminAction'] == 'reply') || isset($serendipity['POST']['preview'])) {
    $serendipity['smarty_raw_mode'] = true;
    // Force output of Smarty stuff in the backend
    serendipity_smarty_init();
    if ($serendipity['GET']['adminAction'] == 'reply' || $serendipity['GET']['adminAction'] == 'doReply') {
        $c = serendipity_fetchComments($serendipity['GET']['entry_id'], 1, 'co.id', false, 'NORMAL', ' AND co.id=' . (int) $serendipity['GET']['id']);
        if (isset($serendipity['POST']['preview'])) {
            $c[] = array('email' => $serendipity['POST']['email'], 'author' => $serendipity['POST']['name'], 'body' => $serendipity['POST']['comment'], 'url' => $serendipity['POST']['url'], 'timestamp' => time(), 'parent_id' => $serendipity['GET']['id']);
        }
        $target_url = '?serendipity[action]=admin&serendipity[adminModule]=comments&serendipity[adminAction]=doReply&serendipity[id]=' . (int) $serendipity['GET']['id'] . '&serendipity[entry_id]=' . (int) $serendipity['GET']['entry_id'] . '&serendipity[noBanner]=true&serendipity[noSidebar]=true&' . serendipity_setFormToken('url');
        $codata = $serendipity['POST'];

//.........这里部分代码省略.........
                                $eventData[$i]['properties']['votes'] = $votes;
                                $eventData[$i]['properties']['visits'] = $visits;
                                $footer .= sprintf($karma_block, $myvote, $points, $votes, $visits, $url);
                            }
                            // foreach key in entries
                    }
                    // End switch on karma voting status
                    return true;
                    break;
                    // Display the Karma Log link on the sidebar
                // Display the Karma Log link on the sidebar
                case 'backend_sidebar_entries':
                    ?>
<li class="serendipitySideBarMenuLink serendipitySideBarMenuEntryLinks">
    <a href="?serendipity[adminModule]=event_display&amp;serendipity[adminAction]=karmalog">
        <?php 
                    echo PLUGIN_KARMA_DISPLAY_LOG;
                    ?>
    </a>
</li>
<?php 
                    return true;
                    break;
                    // Display the Karma Log!
                    //case 'external_plugin':
                // Display the Karma Log!
                //case 'external_plugin':
                case 'backend_sidebar_entries_event_display_karmalog':
                    // Print any stored messages
                    //foreach ($serendipity['karma_messages'] as $msg) {
                    //    print("<div class='serendipityAdminInfo'>$msg</div>\n");
                    //}
                    // Was I asked to process any votes?
                    if (($serendipity['POST']['delete_button'] || $serendipity['POST']['approve_button']) && sizeof($serendipity['POST']['delete']) != 0 && serendipity_checkFormToken()) {
                        foreach ($serendipity['POST']['delete'] as $d => $i) {
                            $kdata = $serendipity['POST']['karmalog' . $i];
                            // validate posted variables
                            // posted points
                            $ppoints = $kdata['points'];
                            if (!is_numeric($ppoints) || (int) $ppoints < -2 || (int) $ppoints > 2) {
                                print "<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_INVALID_INPUT . "</div>\n";
                                return false;
                            }
                            // posted id
                            $pid = $kdata['entryid'];
                            if (!is_numeric($pid)) {
                                print "<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_INVALID_INPUT . "</div>\n";
                                return false;
                            }
                            // posted IP
                            $pip = long2ip(ip2long($kdata['ip']));
                            if ($pip == -1 || $pip === FALSE) {
                                print "<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_INVALID_INPUT . "</div>\n";
                                return false;
                            }
                            // posted user agent (need a better validator, I think)
                            $puser_agent = $kdata['user_agent'];
                            if (serendipity_db_escape_string($puser_agent) != $puser_agent) {
                                print "<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_INVALID_INPUT . "</div>\n";
                                return false;
                            }
                            // posted vote time
                            $pvotetime = $kdata['votetime'];
                            $unixsecs = date('U', $kdata['votetime']);
                            if ($pvotetime != $unixsecs) {
                                print "<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_INVALID_INPUT . "</div>\n";

     // if entries end
     break;
 case 'delete':
     if (!serendipity_checkFormToken()) {
         break;
     }
     $newLoc = '?' . serendipity_setFormToken('url') . '&serendipity[action]=admin&serendipity[adminModule]=entries&serendipity[adminAction]=doDelete&serendipity[id]=' . (int) $serendipity['GET']['id'];
     $entry = serendipity_fetchEntry('id', $serendipity['GET']['id'], 1, 1);
     $data['switched_output'] = true;
     $data['is_delete'] = true;
     $data['newLoc'] = $newLoc;
     // for smartification printf had to turn into sprintf!!
     $data['rip_entry'] = sprintf(DELETE_SURE, $entry['id'] . ' - ' . serendipity_specialchars($entry['title']));
     break;
 case 'multidelete':
     if (!serendipity_checkFormToken()) {
         return;
         // blank content page, but default token check parameter is presenting a XSRF message when false
     }
     if (!is_array($serendipity['POST']['multiDelete'])) {
         echo '<div class="msg_notice"><span class="icon-attention-circled"></span> ' . sprintf(MULTICHECK_NO_ITEM, $_SERVER['HTTP_REFERER']) . '</div>' . "\n";
         break;
     }
     $ids = '';
     $data['rip_entry'] = array();
     foreach ($serendipity['POST']['multiDelete'] as $idx => $id) {
         $ids .= (int) $id . ',';
         $entry = serendipity_fetchEntry('id', $id, 1, 1);
         $data['is_multidelete'] = true;
         $data['rip_entry'][] = sprintf(DELETE_SURE, $entry['id'] . ' - ' . serendipity_specialchars($entry['title']));
     }

    function event_hook($event, &$bag, &$eventData, $addData = null)
    {
        global $serendipity;
        $hooks =& $bag->get('event_hooks');
        if (isset($hooks[$event])) {
            switch ($event) {
                // called when admin sidebar is being "built"
                case 'backend_sidebar_entries_images':
                    ?>
<li class="serendipitySideBarMenuLink serendipitySideBarMenuMediaLinks"><a href="?serendipity[adminModule]=event_display&amp;serendipity[adminAction]=flickr">
                        <?php 
                    echo PLUGIN_EVENT_FLICKR_NAME;
                    ?>
</a></li><?php 
                    break;
                    // called when admin sidebar is been "drawn"
                // called when admin sidebar is been "drawn"
                case 'backend_sidebar_entries_event_display_flickr':
                    // he, is user allowed to import images ?!?
                    if (!serendipity_checkPermission('adminImagesAdd')) {
                        // TODO: add a message to the user ?!?
                        break;
                    }
                    // if method is POST, we must have a valid form token !
                    if ($_SERVER['REQUEST_METHOD'] == 'POST' && !serendipity_checkFormToken()) {
                        // TODO: add a message to the user ?!?
                        break;
                    }
                    ?>
                <?php 
                    echo PLUGIN_EVENT_FLICKR_IMPORT_BLAHBLAH;
                    ?>
                <script type="text/javascript">
                function flickr_showPage(p) {
                    var f = document.getElementById('flickr_uploadform');
                    f.elements['serendipity[flickr_page]'].value = p;
                    f.submit();
                }
                function flickr_doImport(url) {
                    var f = document.getElementById('flickr_uploadform');
                    f.elements['serendipity[adminModule]'].value = 'images';
                    f.elements['serendipity[adminAction]'].value = 'add';
                    f.elements['serendipity[imageurl]'].value = url;
                    f.submit();
                }
                function flickr_toggleExtended() {
                    var d = document.getElementById('flickr_extendedCriteria');
                    d.style.display = (d.style.display != '') ? '' : 'none';
                }
                </script>
                <h3><? echo PLUGIN_EVENT_FLICKR_IMPORT; ?></h3>
                <form action="?" method="POST" id="flickr_uploadform" enctype="multipart/form-data" onsubmit="">
                    <?php 
                    echo serendipity_setFormToken();
                    ?>
                    <?php 
                    // these two fields will only be used when an image has been chosen for dl
                    ?>
                    <input type="hidden" name="serendipity[imageurl]" value="" />
                    <input type="hidden" name="serendipity[imageimporttype]" value="image" />

                    <input type="hidden" name="serendipity[action]"      value="admin" />
                    <input type="hidden" name="serendipity[adminModule]" value="event_display" />
                    <input type="hidden" name="serendipity[adminAction]" value="flickr" />

                    <input type="hidden" name="serendipity[flickr_page]" value="1" />
                    Flickr username: <input class="input_textbox" name="serendipity[flickr_username]" value="<?php 
                    echo function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['flickr_username']) : htmlspecialchars($serendipity['POST']['flickr_username'], ENT_COMPAT, LANG_CHARSET);
                    ?>
" />
                    <input type="submit" value="<?php 
                    echo GO;
                    ?>
" class="serendipityPrettyButton input_button" /><br /><br />
                    <a style="border: 0pt none ; text-decoration: none;" href="#" onclick="flickr_toggleExtended(); return false"
                         title="<?php 
                    echo TOGGLE_OPTION;
                    ?>
">
                    <img border="0" src="<?php 
                    echo serendipity_getTemplateFile('img/plus.png');
                    ?>
" /> <?php 
                    echo TOGGLE_ALL;
                    ?>
</a>
                    <div id="flickr_extendedCriteria" <?php 
                    echo strlen($serendipity['POST']['flickr_username']) ? '' : 'style="display:none;"';
                    ?>
>
                        <p><?php 
                    echo PLUGIN_EVENT_FLICKR_TAGS;
                    ?>
 <input class="input_textbox" name="serendipity[flickr_tags]" value="<?php 
                    echo function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['flickr_tags']) : htmlspecialchars($serendipity['POST']['flickr_tags'], ENT_COMPAT, LANG_CHARSET);
                    ?>
" />
                        <?php 
                    echo PLUGIN_EVENT_FLICKR_KEYWORDS;
                    ?>
//.........这里部分代码省略.........

}
/* Delete a group */
if (isset($_POST['DELETE_YES']) && serendipity_checkFormToken()) {
    $group = serendipity_fetchGroup($serendipity['POST']['group']);
    serendipity_deleteGroup($serendipity['POST']['group']);
    printf('<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . DELETED_GROUP . '</div>', htmlspecialchars($serendipity['POST']['group']), htmlspecialchars($group['name']));
}
/* Save new group */
if (isset($_POST['SAVE_NEW']) && serendipity_checkFormToken()) {
    $serendipity['POST']['group'] = serendipity_addGroup($serendipity['POST']['name']);
    $perms = serendipity_getAllPermissionNames();
    serendipity_updateGroupConfig($serendipity['POST']['group'], $perms, $serendipity['POST'], false, $serendipity['POST']['forbidden_plugins'], $serendipity['POST']['forbidden_hooks']);
    printf('<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . CREATED_GROUP . '</div>', '#' . htmlspecialchars($serendipity['POST']['group']) . ', ' . htmlspecialchars($serendipity['POST']['name']));
}
/* Edit a group */
if (isset($_POST['SAVE_EDIT']) && serendipity_checkFormToken()) {
    $perms = serendipity_getAllPermissionNames();
    serendipity_updateGroupConfig($serendipity['POST']['group'], $perms, $serendipity['POST'], false, $serendipity['POST']['forbidden_plugins'], $serendipity['POST']['forbidden_hooks']);
    printf('<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . MODIFIED_GROUP . '</div>', htmlspecialchars($serendipity['POST']['name']));
}
if ($serendipity['GET']['adminAction'] != 'delete') {
    ?>
    <table width="100%">
        <tr>
            <td><strong><?php 
    echo GROUP;
    ?>
</strong></td>
            <td width="200">&nbsp;</td>
        </tr>
        <tr>

     $file = serendipity_fetchImageFromDatabase($serendipity['GET']['fid']);
     if (!is_array($file) || !serendipity_checkPermission('adminImagesDelete') || !serendipity_checkPermission('adminImagesMaintainOthers') && $file['authorid'] != '0' && $file['authorid'] != $serendipity['authorid']) {
         return;
     }
     if (empty($serendipity['adminFile_redirect'])) {
         $serendipity['adminFile_redirect'] = serendipity_specialchars($_SERVER['HTTP_REFERER']);
     }
     $data['case_rotateCCW'] = true;
     if (serendipity_rotateImg($serendipity['GET']['fid'], 90)) {
         $data['rotate_img_done'] = true;
         $data['adminFile_redirect'] = $serendipity['adminFile_redirect'];
     }
     break;
 case 'scale':
     $file = serendipity_fetchImageFromDatabase($serendipity['GET']['fid']);
     if (!is_array($file) || !serendipity_checkFormToken() || !serendipity_checkPermission('adminImagesDelete') || !serendipity_checkPermission('adminImagesMaintainOthers') && $file['authorid'] != '0' && $file['authorid'] != $serendipity['authorid']) {
         return;
     }
     $data['case_scale'] = true;
     $data['print_SCALING_IMAGE'] = sprintf(SCALING_IMAGE, $file['path'] . $file['name'] . '.' . $file['extension'], (int) $serendipity['GET']['width'], (int) $serendipity['GET']['height']);
     $data['extraParems'] = serendipity_generateImageSelectorParems();
     $data['print_serendipity_scaleImg'] = serendipity_scaleImg($serendipity['GET']['fid'], $serendipity['GET']['width'], $serendipity['GET']['height']);
     break;
 case 'scaleSelect':
     $file = serendipity_fetchImageFromDatabase($serendipity['GET']['fid']);
     if (!is_array($file) || !serendipity_checkPermission('adminImagesDelete') || !serendipity_checkPermission('adminImagesMaintainOthers') && $file['authorid'] != '0' && $file['authorid'] != $serendipity['authorid']) {
         return;
     }
     $data['extraParems'] = serendipity_generateImageSelectorParems("form");
     $data['case_scaleSelect'] = true;
     $s = getimagesize($serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file['path'] . $file['name'] . ($file['extension'] ? '.' . $file['extension'] : ""));

//.........这里部分代码省略.........
                echo '</form>';
                break;
            case 'delete':
                $newLoc = '?' . serendipity_setFormToken('url') . '&amp;serendipity[adminModule]=event_display&amp;serendipity[adminAction]=adminnotes&amp;action=isdelete&amp;note=' . (int) $_REQUEST['note'];
                $entry = $this->getMyNotes((int) $_REQUEST['note']);
                if ($serendipity['version'][0] > 1) {
                    echo '<span class="msg_hint"><span class="icon-help-circled"></span> ';
                }
                printf(DELETE_SURE, $entry['noteid'] . ' - ' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($entry['subject']) : htmlspecialchars($entry['subject'], ENT_COMPAT, LANG_CHARSET)));
                if ($serendipity['version'][0] > 1) {
                    echo '</span>';
                }
                if ($serendipity['version'][0] < 2) {
                    ?>
                    <br />
                    <br />
                    <div>
                        <a href="<?php 
                    echo function_exists('serendipity_specialchars') ? serendipity_specialchars($_SERVER["HTTP_REFERER"]) : htmlspecialchars($_SERVER["HTTP_REFERER"], ENT_COMPAT, LANG_CHARSET);
                    ?>
" class="serendipityPrettyButton"><?php 
                    echo NOT_REALLY;
                    ?>
</a>
                        <?php 
                    echo str_repeat('&nbsp;', 10);
                    ?>
                        <a href="<?php 
                    echo $newLoc;
                    ?>
" class="serendipityPrettyButton"><?php 
                    echo DUMP_IT;
                    ?>
</a>
                    </div>
<?php 
                } else {
                    ?>
                    <div class="form_buttons">
                        <a class="button_link state_submit" href="<?php 
                    echo $newLoc;
                    ?>
"><?php 
                    echo DUMP_IT;
                    ?>
</a>
                        <a class="button_link state_cancel" href="<?php 
                    echo function_exists('serendipity_specialchars') ? serendipity_specialchars($_SERVER["HTTP_REFERER"]) : htmlspecialchars($_SERVER["HTTP_REFERER"], ENT_COMPAT, LANG_CHARSET);
                    ?>
"><?php 
                    echo NOT_REALLY;
                    ?>
</a>
                    </div>
<?php 
                }
                break;
            case 'isdelete':
                if (!serendipity_checkFormToken()) {
                    break;
                }
                $entry = $this->getMyNotes((int) $_REQUEST['note']);
                if (isset($entry['noteid'])) {
                    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}adminnotes           WHERE noteid = " . (int) $_REQUEST['note']);
                    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}adminnotes_to_groups WHERE noteid = " . (int) $_REQUEST['note']);
                }
                if ($serendipity['version'][0] > 1) {
                    echo '<span class="msg_success"><span class="icon-ok-circled"></span> ';
                }
                printf(RIP_ENTRY, $entry['noteid'] . ' - ' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($entry['subject']) : htmlspecialchars($entry['subject'], ENT_COMPAT, LANG_CHARSET)));
                if ($serendipity['version'][0] > 1) {
                    echo '</span>';
                }
                break;
            default:
                $notes = $this->getMyNotes(false);
                echo '<ol class="note_list plainList">';
                if (is_array($notes)) {
                    foreach ($notes as $note) {
                        if ($serendipity['version'][0] < 2) {
                            echo '<li><strong>' . $note['subject'] . '</strong> ' . POSTED_BY . ' ' . $note['realname'] . ' ' . ON . ' ' . serendipity_strftime(DATE_FORMAT_SHORT, $note['notetime']) . '<br />';
                            echo '<a class="serendipityPrettyButton" href="?serendipity[adminModule]=event_display&amp;serendipity[adminAction]=adminnotes&amp;action=edit&amp;note=' . $note['noteid'] . '">' . EDIT . '</a> ';
                            echo '<a class="serendipityPrettyButton" href="?serendipity[adminModule]=event_display&amp;serendipity[adminAction]=adminnotes&amp;action=delete&amp;note=' . $note['noteid'] . '">' . DELETE . '</a> ';
                            echo '<br /><br /></li>';
                        } else {
                            echo '<li><h3>' . $note['subject'] . '</h3><p>' . POSTED_BY . ' ' . $note['realname'] . ' ' . ON . ' ' . serendipity_strftime(DATE_FORMAT_SHORT, $note['notetime']) . '</p>';
                            echo '<div class="form_buttons"><a class="button_link state_submit" href="?serendipity[adminModule]=event_display&amp;serendipity[adminAction]=adminnotes&amp;action=edit&amp;note=' . $note['noteid'] . '">' . EDIT . '</a> ';
                            echo '<a class="button_link state_cancel" href="?serendipity[adminModule]=event_display&amp;serendipity[adminAction]=adminnotes&amp;action=delete&amp;note=' . $note['noteid'] . '">' . DELETE . '</a></div></li>';
                        }
                    }
                }
                echo '</ol>';
                if ($serendipity['version'][0] < 2) {
                    echo '<a class="serendipityPrettyButton" href="?serendipity[adminModule]=event_display&amp;serendipity[adminAction]=adminnotes&amp;action=new">' . NEW_ENTRY . '</a>';
                } else {
                    echo '<div class="form_buttons"><a class="button_link state_submit" href="?serendipity[adminModule]=event_display&amp;serendipity[adminAction]=adminnotes&amp;action=new">' . NEW_ENTRY . '</a></div>';
                }
                break;
        }
    }