error_reporting(E_ALL);
ini_set('display_errors','On');
header('Content-Type: text/html; charset=utf-8');
define("NEWTITLES_DB", "newtitles");
require_once 'Text/CAPTCHA.php';
session_start();
require_once 'captcha_pul.php';
include_once("../includes/newtitles_includes.php");
require_once 'HTML/QuickForm.php';
require_once 'HTML/QuickForm/Renderer/Default.php';
require_once '../includes/admin_fns.php';
require_once '../includes/data.php';
require_once 'site.config';
$info = $_GET;
$rss_feed = "http://library.princeton.edu/catalogs/rssfeeds/newtitles.php?";
$url_rep = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']."?";
$filter = "
Filters Selected:
";
if ($_GET['searchtype']!='') {
$st = $_GET['searchtype'];
$urlarr[] = "searchtype=$_GET[searchtype]";
} else {
$st = "AND";
}
if ($_GET['language']!='') {
$arr[] = "language = '$_GET[language]'";
$urlarr[] = str_replace(" ","+","language=$_GET[language]");
$filter .= "- Language: $_GET[language]
\n";
}
if ($_GET['location']!='') {
$arr[] = "location = '$_GET[location]'";
$urlarr[] = str_replace(" ","+","location=$_GET[location]");
$filter .= "- Location: $_GET[location]
\n";
}
if ($_GET['callrange']!='') {
$arr[] = "callrange = '$_GET[callrange]'";
$urlarr[] = str_replace(" ","+","callrange=$_GET[callrange]");
$filter .= "- Call Range: $_GET[callrange]
\n";
}
if ($_GET['format']!='') {
$arr[] = "format = '$_GET[format]'";
$urlarr[] = str_replace(" ","+","format=$_GET[format]");
$filter .= "- Format: $_GET[format]
\n";
}
if ($_GET['catdate']!='') {
if ($_GET['catdate']>-4) {
$arr[] = "catDate >= '".date("Y-m-d",strtotime("$_GET[catdate] week"))."'";
$urlarr[] = "catdate=$_GET[catdate]";
} else {
$cdate = $_GET['catdate'] + 3;
$arr[] = "catDate >= '".date("Y-m-d",strtotime("$cdate month"))."'";
$urlarr[] = "catdate=$_GET[catdate]";
}
if ($_GET['catdate'] == -1) $filtdate = "Week";
if ($_GET['catdate'] == -2) $filtdate = "2 Weeks";
if ($_GET['catdate'] == -3) $filtdate = "3 Weeks";
if ($_GET['catdate'] == -4) $filtdate = "Month";
if ($_GET['catdate'] == -5) $filtdate = "2 Months";
if ($_GET['catdate'] == -6) $filtdate = "3 Months";
$filter .= "- Cataloged within the last: $filtdate
\n";
}
$filter .= "
";
$query = "select * from ".NEWTITLES_DB." ";
if (sizeof($arr)==1) {
$query .= " where $arr[0]";
$rss_feed .= "$urlarr[0]";
$url_rep .= "$urlarr[0]";
} else if (sizeof($arr)>1) {
$query .= " where ".implode(" $st ", $arr);
$urr = implode("&",$urlarr);
$rss_feed .= $urr;
$url_rep .= $urr;
}
if (isset($_GET['order'])) {
$order = " order by ".$_GET['order'];
if ($_GET['order']=="catdate") {
$order .= " DESC";
}
} else {
$order = " order by title";
}
$query .= $order;
?>
include_once "/var/www/html/includes/catalog_includes.php"; ?>
$title = "New Titles List"; ?>
echo "Princeton University Library | ".$title?>
if (isset($query)) { ?>
} ?>
load_general_css("/var/www/html/"); ?>
page_header($title="$title",$art_bar=false);
if ($_GET['act']=="comment"||$_POST['act']=="comment") {
$form = new HTML_QuickForm('webform');
$form->addElement('header', null, 'Comments or Suggestions');
$form->addElement('text', 'name', 'Enter your fullname:', array('size' => 40, 'maxlength' => 255));
$form->addElement('text', 'email', 'Enter your complete email address:', array('size' => 40, 'maxlength' => 255));
#Captcha
if (ereg("128\.112\.[0-9]+\.[0-9]+",getip())||ereg("140\.180\.[0-9]+\.[0-9]+",getip())) {
$nonpu = false;
} else {
$nonpu = true;
$form->addElement('static','s1','',"");
$form->addElement('text','phrase',"Enter the text from the image above");
}
#End Captcha
$form->addElement('textarea','comments','Comment',array('rows'=>5,'cols'=>30));
$form->addElement('hidden','act','comment');
$form->addElement('hidden','queryrequested',$url_rep);
$form->addElement('submit', null, 'Send');
// Define filters and validation rules
$form->applyFilter('name', 'trim');
$form->addRule('name', 'Please enter your name.', 'required', null, 'server');
$form->addRule('email', 'Please enter your complete valid email address.', 'required');
$form->addRule('email', 'Please enter your complete valid email address.', 'email');
$form->addRule('comments', 'Please enter a comment.', 'required');
#Captcha Rules
if ($nonpu) {
$form->addRule('phrase','Please enter the phrase from the image.','required');
}
# End Captcha Rules
if ($form->validate()) {
$email = htmlspecialchars($form->exportValue('email'));
$name = htmlspecialchars($form->exportValue('name'));
$qreq = $form->exportValue('queryrequested');
$comments = nl2br(htmlspecialchars($form->exportValue('comments')));
# Validate Captcha
if (isset($_POST['phrase']) && isset($_SESSION['phrase']) &&
strlen($_POST['phrase']) > 0 && strlen($_SESSION['phrase']) > 0 &&
$_POST['phrase'] == $_SESSION['phrase']) {
$msg = 'OK!';
$ok = true;
unset($_SESSION['phrase']);
} else {
$msg = 'Please try again!';
}
#End Captcha Validate
$headers = "Content-type: text/html; charset=iso-8859-1 \r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "X-Mailer: PHP\n";
$headers .= "X-Priority: 3\n";
$headers .= "From: $email\n";
$headers .= "Reply-to: $email\n";
$omsg .= "Comment From: $name - $email
\n";
$omsg .= "
\nQuery: ".$qreq."
\n";
$omsg .= "Comment: $comments
\n";
# Send Email if Captcha Successful
if ($nonpu) {
if($ok) {
#mail('keslami@princeton.edu, abarrera@princeton.edu','New Title List Comment '.$sub, $omsg, $headers);
send_mail('keslami@princeton.edu, abarrera@princeton.edu', $email, 'New Title List Comment '.$sub, $omsg);
unlink("dynimages/".md5(session_id()) . '.png');
echo "Thank You, $name
Your comments have been successfully submitted. Thank you for contacting the Princeton University Library.
";
} else {
echo "The phrase submitted was incorrect, please press back to try again.
";
spam_attempts('keslami@princeton.edu, abarrera@princeton.edu','New Title List Comment: '.$sub, $omsg, $email, $headers);
$fp = fopen("logging/comments.log", "a");
fwrite($fp, "========\n");
fwrite($fp,date("m/d/Y H:m")."\n");
fwrite($fp,"$_SERVER[HTTP_REFERER]==$_SERVER[REQUEST_URI]\n");
fwrite($fp,"Subject: $subject\n");
fwrite($fp,"Message: $omsg\n");
fwrite($fp,"Headers: $headers\n");
fwrite($fp,"IP: ".$_SERVER["REMOTE_ADDR"]."\n");
$sql = "SELECT DISTINCT Count(`captured_spam`.`ip_address`) AS `countofattempts`, `captured_spam`.`ip_address` FROM `captured_spam` where ip_address='$_SERVER[REMOTE_ADDR]' GROUP BY `captured_spam`.`ip_address` order by `countofattempts` DESC";
$res = db_query($sql);
$infoip = db_returnrow($res);
if ($infoip[0] >= 20) {
fwrite($fp,"BLOCKED\n");
} else {
#mail('abarrera@princeton.edu',"New Title List Comment Spam: ".$sub, $omsg, $headers);
send_mail('abarrera@princeton.edu', $email, 'New Title List Comment Spam:'.$sub, $omsg);
}
fclose($fp);
}
} else {
#mail('keslami@princeton.edu, abarrera@princeton.edu','New Title List Comment '.$sub, $omsg, $headers);
send_mail('keslami@princeton.edu, abarrera@princeton.edu', $email, 'New Title List Comment '.$sub, $omsg);
echo "Comment submitted.
Thank you for using this service of the Princeton University Library.
";
}
} else {
?>
Required fields are marked with an asterisk (*).
$renderer =& new HTML_QuickForm_Renderer_Default(true);
$head_tpl = "\n\t\n\t\t{header} | \n\t
";
$form_tpl = "\n";
$renderer->setFormTemplate($form_tpl);
$renderer->setHeaderTemplate($head_tpl);
$renderer->setElementTemplate("\n\t\n\t\t\n\t\t{element}
| \n\t
", "s1");
$renderer->setElementTemplate("\n\t\n\t\t\n\t\t{element}
| \n\t
", "s2");
$renderer->setElementTemplate("\n\t\n\t\t\n\t\t{element}
| \n\t
", "s3");
$form->accept($renderer);
echo $renderer->toHtml();
#$form->display();
}
}
display_search_choices($info);
$qquery = "select timeStamp from ".NEWTITLES_DB." order by timeStamp DESC limit 0,1";
$res = db_query($qquery);
$info = db_returnrow($res);
echo "Last Updated: ".date("m/d/Y",strtotime($info["timeStamp"]))."
";
if (isset($query)&&$query!="select * from ".NEWTITLES_DB." order by title") {
echo "Add the Web Feed to your News Reader:
";
echo "$rss_feed
";
echo "What is a Web Feed?
";
echo $filter;
display_newtitles($query);
}
?>
page_footer($is_hp=false)
?>