function IndexForumEditPosts() { global $forum_lang; if (!System::user()->isAdmin()) { System::site()->AddTextBox($forum_lang['forum'], '<p align="center">' . $forum_lang['error_no_right_edit'] . '.</p>'); return; } if (!isset($_POST['posts'])) { System::site()->AddTextBox($forum_lang['forum'], '<p align="center">' . $forum_lang['error_no_messages'] . '</p><br><a href="javascript:history.go(-1)">' . System::site()->Button($forum_lang['back']) . '</a>'); return; } if (isset($_GET['ok']) && $_GET['ok'] == '1') { $posts_ids = SafeEnv(explode(',', $_POST['posts']), 11, int); $moderation_result = ForumModerationPosts($_GET['edit'], $posts_ids, true); if ($moderation_result) { if (isset($_GET['back'])) { GoRefererUrl($_GET['back']); } else { GO($_POST['backurl']); } } } else { $posts_ids = array(); foreach (array_keys($_POST['posts']) as $post_id) { $posts_ids[] = SafeEnv($post_id, 11, int); } $do = SafeDB($_POST['do'], 255, str); $form_url = 'index.php?name=forum&op=edit_posts&edit=' . $do . '&ok=1'; if (isset($_GET['back'])) { $form_url .= '&back=' . SafeDB($_GET['back'], 10, str); } $vars['lang_premoderation'] = $forum_lang['moderation_messages']; $vars['posts_count'] = count($posts_ids); $vars['form_action'] = $form_url; $vars['form_name'] = 'forum_delete'; $vars['posts'] = implode(',', $posts_ids); $vars['backurl'] = $_SERVER['HTTP_REFERER']; $vars['reason'] = System::config('forum/basket') && $do == 'deleteposts'; $vars['lang_do'] = ForumModerationPosts($do, $posts_ids, false); System::site()->AddTemplatedBox($vars['lang_do'], 'module/forum_moderation.html'); System::site()->AddBlock('forum_moderation', true, false, 'mod'); System::site()->SetVars('forum_moderation', $vars); } }
exit; } $table = SafeEnv($_GET['name'], 255, str); $index = SafeEnv($_GET['index'], 255, int); $where = ''; $where_url = ''; if (isset($_GET['where'])) { $where = $_GET['where']; $where_url = '&where=' . $_GET['where']; } $rows = System::database()->Select($table, $where); $row = $rows[$index]; $columns = System::database()->GetTableColumns($table); $names = array(); foreach ($columns as $col) { $names[$col['name']] = $row[$col['name']]; } $sql = ''; foreach ($row as $key => $value) { if (isset($names[$key])) { $sql .= "`" . $key . "`='" . System::database()->EscapeString($value) . "' and "; } } $sql = substr($sql, 0, strlen($sql) - 4); System::database()->Delete($table, $sql); Audit('Управление БД: Удаление строки из таблицы "' . $table . '"'); if (isset($_REQUEST['back'])) { GoRefererUrl($_REQUEST['back']); } else { GO(ADMIN_FILE . '?exe=dbadmin&a=review&name=' . SafeDB($_GET['name'], 255, str) . $where_url); }
function AdminConfigDeleteRetrofitting() { $back_url = ''; if (!AdminConfigPlugins()) { $back_url = ADMIN_FILE . '?exe=config_admin&a=view_all&delok'; } else { $back_url = ADMIN_FILE . '?exe=config_admin&a=view_all_plugins&plugins=1&delok'; } if (!isset($_GET['id'])) { if (isset($_REQUEST['back'])) { GoRefererUrl($_REQUEST['back']); } else { GO($back_url); } } else { $id = SafeEnv($_GET['id'], 11, int); } if (isset($_GET['ok']) && $_GET['ok'] == '1' || IsAjax()) { System::database()->Select(AdminConfigConfigTable(), "`id`='{$id}'"); $conf = System::database()->FetchRow(); System::database()->Delete(AdminConfigConfigTable(), "`id`='{$id}'"); Audit('Управление настройками: Удаление настройки "' . $conf['hname'] . '(' . $conf['name'] . ')" в "' . AdminConfigConfigTable() . '"'); if (isset($_REQUEST['back'])) { GoRefererUrl($_REQUEST['back']); } else { GO($back_url); } } else { $back = ''; if (isset($_REQUEST['back'])) { $back = '&back=' . SafeDB($_REQUEST['back'], 255, str); } $r = System::database()->Select(AdminConfigConfigTable(), "`id`='{$id}'"); AddCenterBox('Удаление настройки'); System::admin()->HighlightConfirm('Это может повлиять на работу системы. Нажмите отмена, если не уверены. Удалить группу настроек "' . SafeDB($r[0]['hname'], 255, str) . '"?', ADMIN_FILE . '?exe=config_admin&a=delete&id=' . $id . '&ok=1' . (AdminConfigPlugins() ? '&plugins=1' : '') . '$back=' . $back); } }
function CommentsDeletePost($ObjectId, $CommentsTable, $ObjectsTable, $CounterField, $DeleteUrl, $Anchor = '#comments') { $posts = new Posts($CommentsTable); $posts->DeletePageUrl = $DeleteUrl; $deleted_posts_count = $posts->DeletePost(); if ($deleted_posts_count > 0) { System::database()->Select($ObjectsTable, "`id`='{$ObjectId}'"); $obj = System::database()->FetchRow(); $counter = $obj[$CounterField] - $deleted_posts_count; System::database()->Update($ObjectsTable, "`{$CounterField}`='{$counter}'", "`id`='{$ObjectId}'"); GoRefererUrl($_REQUEST['back'], $Anchor); } }
function AdminNewsDelete() { global $news_access_editnews; if (!$news_access_editnews) { System::admin()->AccessDenied(); } if (!isset($_REQUEST['id'])) { exit('ERROR'); } if (IsAjax() || isset($_GET['ok']) && $_GET['ok'] == '1') { $id = SafeEnv($_REQUEST['id'], 11, int); System::database()->Select('news', "`id`='{$id}'"); $news = System::database()->FetchRow(); System::database()->Delete('news', "`id`='{$id}'"); System::database()->Delete('news_comments', "`object_id`='{$id}'"); if ($news['enabled']) { CalcNewsCounter(SafeDB($news['topic_id'], 11, int), false); } AdminNewsClearBlockCache(); Audit('Удаление новости "' . $news['title'] . '"'); if (isset($_GET['back'])) { GoRefererUrl($_GET['back']); } GO(ADMIN_FILE . '?exe=news'); } else { System::admin()->AddCenterBox('Удаление новости'); System::database()->Select('news', "`id`='" . SafeEnv($_REQUEST['id'], 11, int) . "'"); $news = System::database()->FetchRow(); $id = SafeDB($_REQUEST['id'], 11, int); $back = SafeDB($_REQUEST['back'], 255, str); System::admin()->HighlightConfirmNoAjax('Удалить новость "' . SafeDB($news['title'], 255, str) . '"?', ADMIN_FILE . '?exe=news&a=delete&id=' . $id . '&back=' . $back . '&ok=1'); } }
function AdminGalleryResetRating() { global $edit_images; if (!$edit_images) { System::admin()->AccessDenied(); } $id = SafeEnv($_GET['id'], 11, int); System::database()->Select('gallery', "`id`='{$id}'"); $img = System::database()->FetchRow(); System::database()->Update('gallery', "`num_votes`='0',`sum_votes`='0'", "`id`='{$id}'"); Audit('Фотогалерея: Сброс рейтинга для изображения "' . $img['title'] . '" (id: ' . $img['id'] . ')'); GoRefererUrl($_REQUEST['back']); }
function AdminArticlesResetRating() { global $editarticles; if (!$editarticles) { System::admin()->AccessDenied(); } $id = SafeEnv($_GET['id'], 11, int); System::database()->Select('articles', "`id`='{$id}'"); $r = System::database()->FetchRow(); System::database()->Update('articles', "num_votes='0',all_votes='0'", "`id`='{$id}'"); Audit('Статьи: Сброс рейтинга для "' . $r['title'] . '"'); GoRefererUrl($_REQUEST['back']); }
function AdminGuestBookDeleteAnswer() { $id = SafeEnv($_GET['id'], 11, int); System::database()->Select('guestbook', "`id`='" . $id . "'"); if (System::database()->NumRows() > 0) { $msg = System::database()->FetchRow(); if ($msg['answers'] == '') { $answers = array(); } else { $answers = unserialize($msg['answers']); } if (isset($answers[System::user()->Name()])) { unset($answers[System::user()->Name()]); } $answers = serialize($answers); System::database()->Update('guestbook', "answers='{$answers}'", "`id`='" . $id . "'"); Audit('Гостевая книга: Удаление ответа'); } if (isset($_GET['back'])) { GoRefererUrl($_GET['back']); } else { GO(ADMIN_FILE . '?exe=guestbook'); } }
function AdminDownloadsResetCounter() { if (!System::user()->CheckAccess2('downloads', 'edit_files')) { System::admin()->AccessDenied(); } $id = SafeEnv($_GET['id'], 11, int); System::database()->Select('downloads', "`id`='{$id}'"); $file = System::database()->FetchRow(); System::database()->Update('downloads', "hits='0'", "`id`='" . SafeEnv($_GET['id'], 11, int) . "'"); Audit('Архив файлов: Сброс счетчика скачиваний файла "' . $file['title'] . '"'); GoRefererUrl($_REQUEST['back']); }
function IndexForumRestoreBasketTopic($topic_id = 0, $go_back = true) { global $forum_lang; if (!System::user()->isAdmin()) { HackOff(); return; } $topic = System::database()->Select('forum_topics', "`id`='{$topic_id}' and `delete`='1'"); if (count($topic) > 0) { $topic = $topic[0]; $forum_id = SafeEnv($topic['forum_id'], 11, int); // Восстанавливаем количество сообщений и тем для форума System::database()->Select('forums', "`id`='{$forum_id}'"); if (System::database()->NumRows() == 0) { // Форум не найден System::site()->AddTextBox($forum_lang['error'], $forum_lang['error_no_forum']); return; } $forum = System::database()->FetchRow(); $forum_topics = SafeEnv($forum['topics'], 11, int) + 1; if ($forum_topics < 0) { $forum_topics = 0; } $forum_posts = SafeEnv($forum['posts'], 11, int) + SafeEnv($topic['posts'], 11, int); if ($forum_posts < 0) { $forum_posts = 0; } $forum_set = "`topics`='{$forum_topics}',`posts`='{$forum_posts}'"; System::database()->Update('forums', $forum_set, "`id`='{$forum_id}'"); // Восстанавливаем тему System::database()->Update('forum_topics', "`delete`='0'", "`id`='{$topic_id}'"); // Удаляем метку в корзине System::database()->Delete('forum_basket_topics', "`obj_id`='{$topic_id}'"); // Устанавливаем инф-ю о последнем сообщении для темы и форума ForumSetLastPost($topic_id); ForumSetLastTopic($forum_id); // Очищаем кэш форума ForumCacheClear(); if ($go_back) { if (isset($_GET['back'])) { GoRefererUrl($_GET['back']); } else { GoBack(); } } } else { System::site()->AddTextBox($forum_lang['error'], $forum_lang['error_no_topic']); return; } }
function ForumModerationSet($topics, $begin, $action, $set) { global $forum_lang; if ($begin) { System::database()->Update('forum_topics', $set, '`id`=\'' . implode('\' or `id`=\'', $topics) . '\''); ForumCacheClear(); if (isset($_GET['back'])) { GoRefererUrl($_GET['back']); } else { GO($_POST['backurl']); } } else { $topics = System::database()->Select('forum_topics', '`id`=\'' . implode('\' or `id`=\'', $topics) . '\''); $text = $forum_lang['confirm'] . ': ' . $action; $text .= '<ul style="margin: 10px 0;">'; foreach ($topics as $topic) { $text .= '<li>' . SafeDB($topic['title'], 255, str) . '</li>'; } $text .= '</ul>'; return $text; } }