Issues in print.php (master) - Issues in master - XoopsModules25x/news - Measure and Improve Code Quality continuously with Scrutinizer

Issues (384)

Security Analysis not enabled

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

Header Injection

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

print.php (2 issues)

Labels

Severity

<?php declare(strict_types=1);
/*
 * You may not change or alter any portion of this comment or credits
 * of supporting developers from this source code or any supporting source code
 * which is considered copyrighted (c) material of the original comment or credit authors.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 */

/**
 * @copyright      {@link https://xoops.org/ XOOPS Project}
 * @license        {@link https://www.gnu.org/licenses/gpl-2.0.html GNU GPL 2 or later}
 * @author         XOOPS Development Team
 */

/**
 * Print an article
 *
 * This page is used to print an article. The advantage of this script is that you
 * only see the article and nothing else.
 *
 * @author                Xoops Modules Dev Team
 * @copyright    (c)      XOOPS Project (https://xoops.org)
 *
 * Parameters received by this page :
 * @page_param            int        storyid                    Id of news to print
 *
 * @page_title            Story's title - Printer Friendly Page - Topic's title - Site's name
 *
 * @template_name         This page does not use any template
 */

use Xmf\Request;
.
|-- OtherDir
|   |-- Bar.php
|   `-- Foo.php
`-- SomeDir
    `-- Foo.php
use XoopsModules\News;
use XoopsModules\News\NewsStory;

require_once \dirname(__DIR__, 2) . '/mainfile.php';
// require_once XOOPS_ROOT_PATH . '/modules/news/class/class.newsstory.php';
$storyid = Request::getInt('storyid', 0, 'GET');
if (empty($storyid)) {
    redirect_header(XOOPS_URL . '/modules/news/index.php', 2, _NW_NOSTORY);
}

// Verify that the article is published
$story = new NewsStory($storyid);
// Not yet published
if (0 == $story->published() || $story->published() > time()) {
    redirect_header(XOOPS_URL . '/modules/news/index.php', 2, _NW_NOSTORY);
}

// Expired
if (0 != $story->expired() && $story->expired() < time()) {
    redirect_header(XOOPS_URL . '/modules/news/index.php', 2, _NW_NOSTORY);
}

// Verify permissions
/** @var \XoopsGroupPermHandler $grouppermHandler */
$grouppermHandler = xoops_getHandler('groupperm');
if (is_object($xoopsUser)) {
    $groups = $xoopsUser->getGroups();
} else {
    $groups = XOOPS_GROUP_ANONYMOUS;
}
if (!$grouppermHandler->checkRight('news_view', $story->topicid(), $groups, $xoopsModule->getVar('mid'))) {
    redirect_header(XOOPS_URL . '/modules/news/index.php', 3, _NOPERM);
}

$xoops_meta_keywords    = '';
$xoops_meta_description = '';

if ('' !== trim($story->keywords())) {
    $xoops_meta_keywords = $story->keywords();
} else {
    $xoops_meta_keywords = News\Utility::createMetaKeywords($story->hometext() . ' ' . $story->bodytext());
}

if ('' !== trim($story->description())) {
    $xoops_meta_description = $story->description();
} else {
    $xoops_meta_description = strip_tags($story->title());
}

function PrintPage(): void
{
    global $xoopsConfig, $xoopsModule, $story, $xoops_meta_keywords, $xoops_meta_description;
    $myts     = \MyTextSanitizer::getInstance();

    $datetime = formatTimestamp($story->published(), News\Utility::getModuleOption('dateformat')); ?>
    <!DOCTYPE html>
<html xml:lang="<?php echo _LANGCODE; ?>" lang="<?php echo _LANGCODE; ?>">
    <?php
    echo "<head>\n";
    echo '<title>' . htmlspecialchars($story->title(), ENT_QUOTES | ENT_HTML5) . ' - ' . _NW_PRINTER . ' - ' . htmlspecialchars($story->topic_title(), ENT_QUOTES | ENT_HTML5) . ' - ' . $xoopsConfig['sitename'] . '</title>';
    echo '<meta http-equiv="Content-Type" content="text/html; charset=' . _CHARSET . '">';
    echo '<meta name="author" content="XOOPS">';
    echo '<meta name="keywords" content="' . $xoops_meta_keywords . '">';
    echo '<meta name="COPYRIGHT" content="Copyright (c) 2014 by ' . $xoopsConfig['sitename'] . '">';
    echo '<meta name="DESCRIPTION" content="' . $xoops_meta_description . '">';
    echo '<meta name="generator" content="XOOPS">';
    echo '<meta name="robots" content="noindex,nofollow">';
    if (file_exists(XOOPS_ROOT_PATH . '/language/' . $GLOBALS['xoopsConfig']['language'] . '/style.css')) {
        echo '<link rel="stylesheet" type="text/css" media="all" title="Style sheet" href="' . XOOPS_URL . '/language/' . $GLOBALS['xoopsConfig']['language'] . '/style.css">';
    } else {
        echo '<link rel="stylesheet" type="text/css" media="all" title="Style sheet" href="' . XOOPS_URL . '/language/english/style.css">';
    }
    echo '<link rel="stylesheet" type="text/css" media="all" title="Style sheet" href="' . XOOPS_URL . '/modules/news/assets/css/print.css">';
    $supplemental = '';
    if (News\Utility::getModuleOption('footNoteLinks')) {
        $supplemental = "footnoteLinks('content','content'); "; ?>
        <script type="text/javascript">
            // <![CDATA[
            /*------------------------------------------------------------------------------
             Function:       footnoteLinks()
             Author:         Aaron Gustafson (aaron at easy-designs dot net)
             Creation Date:  8 May 2005
             Version:        1.3
             Homepage:       https://www.easy-designs.net/code/footnoteLinks/
             License:        Creative Commons Attribution-ShareAlike 2.0 License
             https://creativecommons.org/licenses/by-sa/2.0/
             Note:           This version has reduced functionality as it is a demo of
             the script's development
             ------------------------------------------------------------------------------*/
            function footnoteLinks(containerID, targetID) {
                if (!document.getElementById || !document.getElementsByTagName || !document.createElement) return false;
                if (!document.getElementById(containerID) || !document.getElementById(targetID)) return false;
                var container = document.getElementById(containerID);
                var target = document.getElementById(targetID);
                var h2 = document.createElement('h2');
                addClass.apply(h2, ['printOnly']);
                var h2_txt = document.createTextNode('<?php echo _NW_LINKS; ?>');
                h2.appendChild(h2_txt);
                var coll = container.getElementsByTagName('*');
                var ol = document.createElement('ol');
                addClass.apply(ol, ['printOnly']);
                var myArr = [];
                var thisLink;
                var num = 1;
                for (var i = 0; i < coll.length; i++) {
                    if (coll[i].getAttribute('href') ||
                        coll[i].getAttribute('cite')) {
                        thisLink = coll[i].getAttribute('href') ? coll[i].href : coll[i].cite;
                        var note = document.createElement('sup');
                        addClass.apply(note, ['printOnly']);
                        var note_txt;
                        var j = inArray.apply(myArr, [thisLink]);
                        if (j || j === 0) { // if a duplicate
                            // get the corresponding number from
                            // the array of used links
                            note_txt = document.createTextNode(j + 1);
                        } else { // if not a duplicate
                            var li = document.createElement('li');
                            var li_txt = document.createTextNode(thisLink);
                            li.appendChild(li_txt);
                            ol.appendChild(li);
                            myArr.push(thisLink);
                            note_txt = document.createTextNode(num);
                            num++;
                        }
                        note.appendChild(note_txt);
                        if (coll[i].tagName.toLowerCase() === 'blockquote') {
                            var lastChild = lastChildContainingText.apply(coll[i]);
                            lastChild.appendChild(note);
                        } else {
                            coll[i].parentNode.insertBefore(note, coll[i].nextSibling);
                        }
                    }
                }
                target.appendChild(h2);
                target.appendChild(ol);

                return true;
            }

            // ]]>
        </script>
        <script type="text/javascript">
            // <![CDATA[
            /*------------------------------------------------------------------------------
             Excerpts from the jsUtilities Library
             Version:        2.1
             Homepage:       https://www.easy-designs.net/code/jsUtilities/
             License:        Creative Commons Attribution-ShareAlike 2.0 License
             https://creativecommons.org/licenses/by-sa/2.0/
             Note:           If you change or improve on this script, please let us know.
             ------------------------------------------------------------------------------*/
            if (Array.prototype.push === null) {
                Array.prototype.push = function (item) {
                    this[this.length] = item;

                    return this.length;
                };
            }
            // ---------------------------------------------------------------------
            //                  function.apply (if unsupported)
            //           Courtesy of Aaron Boodman - https://youngpup.net
            // ---------------------------------------------------------------------
            if (!Function.prototype.apply) {
                Function.prototype.apply = function (oScope, args) {
                    var sarg = [];
                    var rtrn, call;
                    if (!oScope) oScope = window;
                    if (!args) args = [];
                    for (var i = 0; i < args.length; i++) {
                        sarg[i] = "args[" + i + "]";
                    }
                    call = "oScope.__applyTemp__(" + sarg.join(",") + ");";
                    oScope.__applyTemp__ = this;
                    rtrn = eval(call);
                    oScope.__applyTemp__ = null;

                    return rtrn;
                };
            }

            function inArray(needle) {
                for (var i = 0; i < this.length; i++) {
                    if (this[i] === needle) {
                        return i;
                    }
                }

                return false;
            }

            function addClass(theClass) {
                if (this.className !== '') {
                    this.className += ' ' + theClass;
                } else {
                    this.className = theClass;
                }
            }

            function lastChildContainingText() {
                var testChild = this.lastChild;
                var contentCntnr = ['p', 'li', 'dd'];
                while (testChild.nodeType != 1) {
                    testChild = testChild.previousSibling;
                }
                var tag = testChild.tagName.toLowerCase();
                var tagInArr = inArray.apply(contentCntnr, [tag]);
                if (!tagInArr && tagInArr !== 0) {
                    testChild = lastChildContainingText.apply(testChild);
                }

                return testChild;
            }

            // ]]>
        </script>
        <style type="text/css" media="screen">
            .printOnly {
                display: none;
            }
        </style>
        <?php
    }
    echo '</head>';
    echo '<body bgcolor="#ffffff" text="#000000" onload="' . $supplemental . ' window.print()">
        <div id="content">
        <table border="0"><tr><td align="center">
        <table border="0" width="100%" cellpadding="0" cellspacing="1" bgcolor="#000000"><tr><td>
        <table border="0" width="100%" cellpadding="20" cellspacing="1" bgcolor="#ffffff"><tr><td align="center">
        <img src="' . XOOPS_URL . '/images/logo.png" border="0" alt=""><br><br>
        <h3>' . $story->title() . '</h3>
        <small><b>' . _NW_DATE . '</b>&nbsp;' . $datetime . ' | <b>' . _NW_TOPICC . '</b>&nbsp;' . htmlspecialchars($story->topic_title(), ENT_QUOTES | ENT_HTML5) . '</small><br><br></td></tr>';
    echo '<tr valign="top" style="font:12px;"><td>' . $story->hometext() . '<br>';
    $bodytext = $story->bodytext();
    $bodytext = str_replace('[pagebreak]', '<br style="page-break-after:always;">', $bodytext);
    if ('' !== $bodytext) {
        echo $bodytext . '<br><br>';
    }
    echo '</td></tr></table></td></tr></table>
    <br><br>';
    printf(_NW_THISCOMESFROM, htmlspecialchars($xoopsConfig['sitename'], ENT_QUOTES));
    echo '<br><a href="' . XOOPS_URL . '/">' . XOOPS_URL . '</a><br><br>
        ' . _NW_URLFORSTORY . ' <!-- Tag below can be used to display Permalink image --><!--img src="' . XOOPS_URL . '/modules/' . $xoopsModule->dirname() . '/assets/images/x.gif" /--><br>
        <a class="ignore" href="' . XOOPS_URL . '/modules/' . $xoopsModule->dirname() . '/article.php?storyid=' . $story->storyid() . '">' . XOOPS_URL . '/modules/news/article.php?storyid=' . $story->storyid() . '</a>
        </td></tr></table></div>
        </body>
        </html>
        ';
}

PrintPage();


1			<?php declare(strict_types=1);
2			/*
3			* You may not change or alter any portion of this comment or credits
4			* of supporting developers from this source code or any supporting source code
5			* which is considered copyrighted (c) material of the original comment or credit authors.
6			*
7			* This program is distributed in the hope that it will be useful,
8			* but WITHOUT ANY WARRANTY; without even the implied warranty of
9			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10			*/
11
12			/**
13			* @copyright {@link https://xoops.org/ XOOPS Project}
14			* @license {@link https://www.gnu.org/licenses/gpl-2.0.html GNU GPL 2 or later}
15			* @author XOOPS Development Team
16			*/
17
18			/**
19			* Print an article
20			*
21			* This page is used to print an article. The advantage of this script is that you
22			* only see the article and nothing else.
23			*
24			* @author Xoops Modules Dev Team
25			* @copyright (c) XOOPS Project (https://xoops.org)
26			*
27			* Parameters received by this page :
28			* @page_param int storyid Id of news to print
29			*
30			* @page_title Story's title - Printer Friendly Page - Topic's title - Site's name
31			*
32			* @template_name This page does not use any template
33			*/
34
35			use Xmf\Request;
			0 ignored issues – show Bug introduced 2025-01-16 11:24 UTC by Report Bug Copy Issue Report Show Similar Issues like this This use statement conflicts with another class in this namespace, `Request`. Consider defining an alias. Let?s assume that you have a directory layout like this: . \|-- OtherDir \| \|-- Bar.php \| `-- Foo.php `-- SomeDir `-- Foo.php and let?s assume the following content of `Bar.php`: // Bar.php namespace OtherDir; use SomeDir\Foo; // This now conflicts the class OtherDir\Foo If both files `OtherDir/Foo.php` and `SomeDir/Foo.php` are loaded in the same runtime, you will see a PHP error such as the following: PHP Fatal error: Cannot use SomeDir\Foo as Foo because the name is already in use in OtherDir/Foo.php However, as `OtherDir/Foo.php` does not necessarily have to be loaded and the error is only triggered if it is loaded before `OtherDir/Bar.php`, this problem might go unnoticed for a while. In order to prevent this error from surfacing, you must import the namespace with a different alias: // Bar.php namespace OtherDir; use SomeDir\Foo as SomeDirFoo; // There is no conflict anymore. Loading history...
36			use XoopsModules\News;
37			use XoopsModules\News\NewsStory;
38
39			require_once \dirname(__DIR__, 2) . '/mainfile.php';
40			// require_once XOOPS_ROOT_PATH . '/modules/news/class/class.newsstory.php';
41			$storyid = Request::getInt('storyid', 0, 'GET');
42			if (empty($storyid)) {
43			redirect_header(XOOPS_URL . '/modules/news/index.php', 2, _NW_NOSTORY);
44			}
45
46			// Verify that the article is published
47			$story = new NewsStory($storyid);
48			// Not yet published
49			if (0 == $story->published() \|\| $story->published() > time()) {
50			redirect_header(XOOPS_URL . '/modules/news/index.php', 2, _NW_NOSTORY);
51			}
52
53			// Expired
54			if (0 != $story->expired() && $story->expired() < time()) {
55			redirect_header(XOOPS_URL . '/modules/news/index.php', 2, _NW_NOSTORY);
56			}
57
58			// Verify permissions
59			/** @var \XoopsGroupPermHandler $grouppermHandler */
60			$grouppermHandler = xoops_getHandler('groupperm');
61			if (is_object($xoopsUser)) {
62			$groups = $xoopsUser->getGroups();
63			} else {
64			$groups = XOOPS_GROUP_ANONYMOUS;
65			}
66			if (!$grouppermHandler->checkRight('news_view', $story->topicid(), $groups, $xoopsModule->getVar('mid'))) {
67			redirect_header(XOOPS_URL . '/modules/news/index.php', 3, _NOPERM);
68			}
69
70			$xoops_meta_keywords = '';
71			$xoops_meta_description = '';
72
73			if ('' !== trim($story->keywords())) {
74			$xoops_meta_keywords = $story->keywords();
75			} else {
76			$xoops_meta_keywords = News\Utility::createMetaKeywords($story->hometext() . ' ' . $story->bodytext());
77			}
78
79			if ('' !== trim($story->description())) {
80			$xoops_meta_description = $story->description();
81			} else {
82			$xoops_meta_description = strip_tags($story->title());
83			}
84
85			function PrintPage(): void
86			{
87			global $xoopsConfig, $xoopsModule, $story, $xoops_meta_keywords, $xoops_meta_description;
88			$myts = \MyTextSanitizer::getInstance();
			0 ignored issues – show Unused Code introduced 2020-11-09 07:32 UTC by Report Bug Copy Issue Report Show Similar Issues like this The assignment to `$myts` is dead and can be removed. Loading history...
89			$datetime = formatTimestamp($story->published(), News\Utility::getModuleOption('dateformat')); ?>
90			<!DOCTYPE html>
91			<html xml:lang="<?php echo _LANGCODE; ?>" lang="<?php echo _LANGCODE; ?>">
92			<?php
93			echo "<head>\n";
94			echo '<title>' . htmlspecialchars($story->title(), ENT_QUOTES \| ENT_HTML5) . ' - ' . _NW_PRINTER . ' - ' . htmlspecialchars($story->topic_title(), ENT_QUOTES \| ENT_HTML5) . ' - ' . $xoopsConfig['sitename'] . '</title>';
95			echo '<meta http-equiv="Content-Type" content="text/html; charset=' . _CHARSET . '">';
96			echo '<meta name="author" content="XOOPS">';
97			echo '<meta name="keywords" content="' . $xoops_meta_keywords . '">';
98			echo '<meta name="COPYRIGHT" content="Copyright (c) 2014 by ' . $xoopsConfig['sitename'] . '">';
99			echo '<meta name="DESCRIPTION" content="' . $xoops_meta_description . '">';
100			echo '<meta name="generator" content="XOOPS">';
101			echo '<meta name="robots" content="noindex,nofollow">';
102			if (file_exists(XOOPS_ROOT_PATH . '/language/' . $GLOBALS['xoopsConfig']['language'] . '/style.css')) {
103			echo '<link rel="stylesheet" type="text/css" media="all" title="Style sheet" href="' . XOOPS_URL . '/language/' . $GLOBALS['xoopsConfig']['language'] . '/style.css">';
104			} else {
105			echo '<link rel="stylesheet" type="text/css" media="all" title="Style sheet" href="' . XOOPS_URL . '/language/english/style.css">';
106			}
107			echo '<link rel="stylesheet" type="text/css" media="all" title="Style sheet" href="' . XOOPS_URL . '/modules/news/assets/css/print.css">';
108			$supplemental = '';
109			if (News\Utility::getModuleOption('footNoteLinks')) {
110			$supplemental = "footnoteLinks('content','content'); "; ?>
111			<script type="text/javascript">
112			// <![CDATA[
113			/*------------------------------------------------------------------------------
114			Function: footnoteLinks()
115			Author: Aaron Gustafson (aaron at easy-designs dot net)
116			Creation Date: 8 May 2005
117			Version: 1.3
118			Homepage: https://www.easy-designs.net/code/footnoteLinks/
119			License: Creative Commons Attribution-ShareAlike 2.0 License
120			https://creativecommons.org/licenses/by-sa/2.0/
121			Note: This version has reduced functionality as it is a demo of
122			the script's development
123			------------------------------------------------------------------------------*/
124			function footnoteLinks(containerID, targetID) {
125			if (!document.getElementById \|\| !document.getElementsByTagName \|\| !document.createElement) return false;
126			if (!document.getElementById(containerID) \|\| !document.getElementById(targetID)) return false;
127			var container = document.getElementById(containerID);
128			var target = document.getElementById(targetID);
129			var h2 = document.createElement('h2');
130			addClass.apply(h2, ['printOnly']);
131			var h2_txt = document.createTextNode('<?php echo _NW_LINKS; ?>');
132			h2.appendChild(h2_txt);
133			var coll = container.getElementsByTagName('*');
134			var ol = document.createElement('ol');
135			addClass.apply(ol, ['printOnly']);
136			var myArr = [];
137			var thisLink;
138			var num = 1;
139			for (var i = 0; i < coll.length; i++) {
140			if (coll[i].getAttribute('href') \|\|
141			coll[i].getAttribute('cite')) {
142			thisLink = coll[i].getAttribute('href') ? coll[i].href : coll[i].cite;
143			var note = document.createElement('sup');
144			addClass.apply(note, ['printOnly']);
145			var note_txt;
146			var j = inArray.apply(myArr, [thisLink]);
147			if (j \|\| j === 0) { // if a duplicate
148			// get the corresponding number from
149			// the array of used links
150			note_txt = document.createTextNode(j + 1);
151			} else { // if not a duplicate
152			var li = document.createElement('li');
153			var li_txt = document.createTextNode(thisLink);
154			li.appendChild(li_txt);
155			ol.appendChild(li);
156			myArr.push(thisLink);
157			note_txt = document.createTextNode(num);
158			num++;
159			}
160			note.appendChild(note_txt);
161			if (coll[i].tagName.toLowerCase() === 'blockquote') {
162			var lastChild = lastChildContainingText.apply(coll[i]);
163			lastChild.appendChild(note);
164			} else {
165			coll[i].parentNode.insertBefore(note, coll[i].nextSibling);
166			}
167			}
168			}
169			target.appendChild(h2);
170			target.appendChild(ol);
171
172			return true;
173			}
174
175			// ]]>
176			</script>
177			<script type="text/javascript">
178			// <![CDATA[
179			/*------------------------------------------------------------------------------
180			Excerpts from the jsUtilities Library
181			Version: 2.1
182			Homepage: https://www.easy-designs.net/code/jsUtilities/
183			License: Creative Commons Attribution-ShareAlike 2.0 License
184			https://creativecommons.org/licenses/by-sa/2.0/
185			Note: If you change or improve on this script, please let us know.
186			------------------------------------------------------------------------------*/
187			if (Array.prototype.push === null) {
188			Array.prototype.push = function (item) {
189			this[this.length] = item;
190
191			return this.length;
192			};
193			}
194			// ---------------------------------------------------------------------
195			// function.apply (if unsupported)
196			// Courtesy of Aaron Boodman - https://youngpup.net
197			// ---------------------------------------------------------------------
198			if (!Function.prototype.apply) {
199			Function.prototype.apply = function (oScope, args) {
200			var sarg = [];
201			var rtrn, call;
202			if (!oScope) oScope = window;
203			if (!args) args = [];
204			for (var i = 0; i < args.length; i++) {
205			sarg[i] = "args[" + i + "]";
206			}
207			call = "oScope.__applyTemp__(" + sarg.join(",") + ");";
208			oScope.__applyTemp__ = this;
209			rtrn = eval(call);
210			oScope.__applyTemp__ = null;
211
212			return rtrn;
213			};
214			}
215
216			function inArray(needle) {
217			for (var i = 0; i < this.length; i++) {
218			if (this[i] === needle) {
219			return i;
220			}
221			}
222
223			return false;
224			}
225
226			function addClass(theClass) {
227			if (this.className !== '') {
228			this.className += ' ' + theClass;
229			} else {
230			this.className = theClass;
231			}
232			}
233
234			function lastChildContainingText() {
235			var testChild = this.lastChild;
236			var contentCntnr = ['p', 'li', 'dd'];
237			while (testChild.nodeType != 1) {
238			testChild = testChild.previousSibling;
239			}
240			var tag = testChild.tagName.toLowerCase();
241			var tagInArr = inArray.apply(contentCntnr, [tag]);
242			if (!tagInArr && tagInArr !== 0) {
243			testChild = lastChildContainingText.apply(testChild);
244			}
245
246			return testChild;
247			}
248
249			// ]]>
250			</script>
251			<style type="text/css" media="screen">
252			.printOnly {
253			display: none;
254			}
255			</style>
256			<?php
257			}
258			echo '</head>';
259			echo '<body bgcolor="#ffffff" text="#000000" onload="' . $supplemental . ' window.print()">
260			<div id="content">
261			<table border="0"><tr><td align="center">
262			<table border="0" width="100%" cellpadding="0" cellspacing="1" bgcolor="#000000"><tr><td>
263			<table border="0" width="100%" cellpadding="20" cellspacing="1" bgcolor="#ffffff"><tr><td align="center">
264			<img src="' . XOOPS_URL . '/images/logo.png" border="0" alt=""><br><br>
265			<h3>' . $story->title() . '</h3>
266			<small><b>' . _NW_DATE . '</b> ' . $datetime . ' \| <b>' . _NW_TOPICC . '</b> ' . htmlspecialchars($story->topic_title(), ENT_QUOTES \| ENT_HTML5) . '</small><br><br></td></tr>';
267			echo '<tr valign="top" style="font:12px;"><td>' . $story->hometext() . '<br>';
268			$bodytext = $story->bodytext();
269			$bodytext = str_replace('[pagebreak]', '<br style="page-break-after:always;">', $bodytext);
270			if ('' !== $bodytext) {
271			echo $bodytext . '<br><br>';
272			}
273			echo '</td></tr></table></td></tr></table>
274			<br><br>';
275			printf(_NW_THISCOMESFROM, htmlspecialchars($xoopsConfig['sitename'], ENT_QUOTES));
276			echo '<br><a href="' . XOOPS_URL . '/">' . XOOPS_URL . '</a><br><br>
277			' . _NW_URLFORSTORY . ' <!-- Tag below can be used to display Permalink image --><!--img src="' . XOOPS_URL . '/modules/' . $xoopsModule->dirname() . '/assets/images/x.gif" /--><br>
278			<a class="ignore" href="' . XOOPS_URL . '/modules/' . $xoopsModule->dirname() . '/article.php?storyid=' . $story->storyid() . '">' . XOOPS_URL . '/modules/news/article.php?storyid=' . $story->storyid() . '</a>
279			</td></tr></table></div>
280			</body>
281			</html>
282			';
283			}
284
285			PrintPage();
286

XoopsModules25x / news

Issues (384)

Security Analysis not enabled

print.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like