/** * Log to db * * Default log types: DEBUG|INFO|ERROR|INFO or use specific module name */ function log_message($type = 'UNDEFINED', $message = '', $userid = 0) { $log = array('log_created' => date('Y-m-d H:i:s', now()), 'log_type' => 'UNDEFINED', 'log_ip' => getRemoteIP(), 'log_user_agent' => '', 'log_user_id' => 0, 'log_user_name' => '', 'log_referrer_id' => 0, 'log_referrer_url' => '', 'log_data1' => '', 'log_data2' => '', 'log_data3' => '', 'log_msg' => ''); if (is_array($type)) { foreach ($type as $key => $value) { if (isset($log[$key])) { $log[$key] = $value; } } } else { $log['log_type'] = trim($type); $log['log_user_id'] = intval($userid); $log['log_msg'] = trim($message); } $log['log_type'] = strtoupper($log['log_type']); if ($log['log_user_agent'] == '') { $log['log_user_agent'] = empty($_SERVER['HTTP_USER_AGENT']) ? implode(', ', phpwcms_getUserAgent()) : $_SERVER['HTTP_USER_AGENT']; } if (empty($log['log_referrer_url']) && isset($_SERVER['HTTP_REFERER'])) { $log['log_referrer_url'] = $_SERVER['HTTP_REFERER']; } _dbInsert('phpwcms_log', $log, 'DELAYED'); }
$cpdata = array('acontent_aid' => $result['INSERT_ID'], 'acontent_uid' => $feedimport_result['cnt_object']['author_id'], 'acontent_created' => date('Y-m-d H:i:s', now()), 'acontent_tstamp' => date('Y-m-d H:i:s', now()), 'acontent_title' => '', 'acontent_subtitle' => '', 'acontent_text' => '', 'acontent_html' => '', 'acontent_sorting' => 100, 'acontent_visible' => 1, 'acontent_before' => '', 'acontent_after' => '', 'acontent_top' => 0, 'acontent_block' => 'CONTENT', 'acontent_anchor' => 0, 'acontent_module' => '', 'acontent_comment' => $article_title, 'acontent_paginate_page' => 0, 'acontent_paginate_title' => '', 'acontent_granted' => 0, 'acontent_tab' => '', 'acontent_image' => '', 'acontent_files' => '', 'acontent_redirect' => '', 'acontent_alink' => '', 'acontent_template' => '', 'acontent_spacer' => '', 'acontent_category' => '', 'acontent_lang' => '', 'acontent_alink' => '', 'acontent_redirect' => '', 'acontent_form' => '', 'acontent_media' => '', 'acontent_newsletter' => ''); // CP WYSIWYG HTML if (preg_match('/<[^<]+>/', $article_content) || preg_match('/&[A-Za-z]+|#x[\\dA-Fa-f]+|#\\d+;/', $article_content)) { $cpdata['acontent_type'] = 14; $cpdata['acontent_html'] = $article_content; } else { $cpdata['acontent_type'] = 0; $cpdata['acontent_text'] = $article_content; } // Inset CP Data $insert = _dbInsert('phpwcms_articlecontent', $cpdata); if (!isset($insert['INSERT_ID'])) { dumpVar(mysql_error()); } } $feedimport_result['status'][] = date('Y-m-d, H:i:s', $article_begin) . LF . $article_title . LF . $rssvalue->get_permalink() . LF . PHPWCMS_URL . 'phpwcms.php?do=articles&p=2&s=1&id=' . $result['INSERT_ID']; $data = array('cref_type' => 'feed_to_article_import', 'cref_rid' => $result['INSERT_ID'], 'cref_str' => 'feedimport_' . $article_unique_hash); _dbInsert('phpwcms_crossreference', $data); $article_sort_counter = $article_sort_counter + 10; } } // check if status email should be sent if (!empty($feedimport_result['cnt_object']['import_status_email']) && is_valid_email($feedimport_result['cnt_object']['import_status_email'])) { $feedimport_result['status'] = implode(LF . LF, $feedimport_result['status']); sendEmail(array('recipient' => $feedimport_result['cnt_object']['import_status_email'], 'subject' => 'Import Status: ' . $feedimport_result['cnt_name'], 'isHTML' => 0, 'text' => $feedimport_result['status'], 'fromName' => 'Feed Importer')); } } } // we quit here exit; }
function update_404redirect() { $data = array('error' => array(), 'data' => array('rid' => intval($_POST['rid']), 'alias' => clean_slweg($_POST['alias']), 'id' => trim($_POST['id']) === '' ? '' : intval($_POST['id']), 'aid' => trim($_POST['aid']) === '' || !intval($_POST['aid']) ? '' : intval($_POST['aid']), 'type' => empty($_POST['type']) || !in_array($_POST['type'], array('alias', 'id', 'aid', 'link')) ? '' : clean_slweg($_POST['type']), 'active' => empty($_POST['active']) ? 0 : 1, 'shortcut' => empty($_POST['shortcut']) ? 0 : 1, 'code' => empty($_POST['code']) || !in_array($_POST['code'], array('301', '307', '404', '401', '503')) ? '' : clean_slweg($_POST['code']), 'target' => clean_slweg($_POST['target']), 'changed' => date('Y-m-d H:i:s'))); if (!$data['data']['aid'] && !$data['data']['alias'] && $data['data']['id'] == '' && !isset($_POST['delete_' . md5($data['data']['rid'])])) { $data['error'][] = $GLOBALS['BL']['be_redirect_error1']; } if ($data['data']['type'] && $data['data']['target'] === '') { $data['error'][] = $GLOBALS['BL']['be_redirect_error2']; } elseif (($data['data']['type'] == 'id' || $data['data']['type'] == 'aid') && !is_intval($data['data']['target'])) { $data['error'][] = $GLOBALS['BL']['be_redirect_error3']; } if (count($data['error'])) { $data['data']['active'] = 0; set_status_message(implode('<br />', $data['error']), 'error'); } else { $data['error'] = NULL; $rid = $data['data']['rid']; unset($data['data']['rid']); if ($rid) { // Mark for deletion if (isset($_POST['delete_' . md5($rid)])) { $data['data']['active'] = 9; $result = _dbQuery('DELETE FROM ' . DB_PREPEND . 'phpwcms_redirect WHERE rid=' . $rid, 'DELETE'); } else { $result = _dbUpdate('phpwcms_redirect', $data['data'], 'rid=' . $rid); } } else { $result = _dbInsert('phpwcms_redirect', $data['data']); if (isset($result['INSERT_ID'])) { $rid = $result['INSERT_ID']; } } $data['data']['rid'] = $rid; if ($result) { if ($data['data']['active'] == 9) { set_status_message(str_replace('{ID}', $data['data']['rid'], $GLOBALS['BL']['be_action_deleted']), 'success'); headerRedirect('phpwcms.php?' . get_token_get_string('csrftoken') . '&do=admin&p=14'); } else { set_status_message($GLOBALS['BL']['be_successfully_saved'], 'success'); } } else { set_status_message($GLOBALS['BL']['be_error_while_save'], 'error'); } } return $data; }
headerRedirect($content['404error']['result']['target'], $content['404error']['result']['code']); break; case 'aid': $content['404error']['result']['target'] = abs_url(array(), array(), 'aid=' . $content['404error']['result']['target'], 'rawurlencode'); headerRedirect($content['404error']['result']['target'], $content['404error']['result']['code']); break; case 'link': headerRedirect($content['404error']['result']['target'], $content['404error']['result']['code']); break; } } } $content['404error']['result'] = NULL; } elseif (!empty($phpwcms['log_404error'])) { // Store failed page access _dbInsert('phpwcms_redirect', array('id' => $content['404error']['id'], 'aid' => $content['404error']['aid'], 'alias' => $content['404error']['alias'], 'views' => 1)); } } else { // Send 200 OK headerRedirect('', 200, false); } } // define special OUTPUT format/action $phpwcms['output_action'] = false; if (!empty($_GET['phpwcms_output_action']) || !empty($_POST['phpwcms_output_action'])) { // split by function - value: F-function1|function2|function3--S-SECT1|SECT2|SECT3 $phpwcms['output_action'] = explode('--', clean_slweg(empty($_GET['phpwcms_output_action']) ? $_POST['phpwcms_output_action'] : $_GET['phpwcms_output_action'])); unset($_GET['phpwcms_output_action'], $_POST['phpwcms_output_action'], $_getVar['phpwcms_output_action']); if (is_array($phpwcms['output_action'])) { $phpwcms['output_function'] = array(); $phpwcms['output_section'] = array();
require_once PHPWCMS_ROOT . '/include/config/conf.template_default.inc.php'; require_once PHPWCMS_ROOT . '/include/config/conf.indexpage.inc.php'; require_once PHPWCMS_ROOT . '/include/inc_lib/general.inc.php'; require_once PHPWCMS_ROOT . '/include/inc_front/cnt.lang.inc.php'; require_once PHPWCMS_ROOT . '/include/inc_lib/modules.check.inc.php'; require_once PHPWCMS_ROOT . '/include/inc_lib/article.contenttype.inc.php'; require PHPWCMS_ROOT . '/include/inc_lib/imagick.convert.inc.php'; require PHPWCMS_ROOT . '/include/inc_front/front.func.inc.php'; require PHPWCMS_ROOT . '/include/inc_front/ext.func.inc.php'; require PHPWCMS_ROOT . '/include/inc_front/content.func.inc.php'; // SEO logging if (!empty($phpwcms['enable_seolog']) && !empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], $_SERVER['SERVER_NAME']) === false) { $phpwcms['seo_referrer_data'] = seReferrer($_SERVER['HTTP_REFERER']); if (is_array($phpwcms['seo_referrer_data'])) { $phpwcms['seo_referrer_data']['hash'] = md5(strtolower($phpwcms['seo_referrer_data']['domain'] . $phpwcms['seo_referrer_data']['query'])); @_dbInsert('phpwcms_log_seo', $phpwcms['seo_referrer_data'], 'DELAYED'); } } $phpwcms["templates"] = TEMPLATE_PATH; $content['page_start'] = sprintf(PHPWCMS_DOCTYPE, $phpwcms['htmlhead_inject_prefix'], str_replace('{DOCTYPE_LANG}', $phpwcms['DOCTYPE_LANG'], PHPWCMS_DOCTYPE_LANG) . ' id="' . str_replace(array('.', '/'), '-', PHPWCMS_HOST) . '"', empty($content['htmltag_inject']) ? '' : ' ' . $content['htmltag_inject'], $phpwcms['htmlhead_inject_suffix'], sprintf(PHPWCMS_HEADER_COMMENT, empty($phpwcms['header_comment']) ? '' : LF . ' ' . trim($phpwcms['header_comment']) . LF), $phpwcms['htmlhead_inject']); // Compatibility Mode if (!empty($phpwcms['X-UA-Compatible'])) { $content['page_start'] .= ' <meta http-equiv="X-UA-Compatible" content="' . $phpwcms['X-UA-Compatible'] . '"' . HTML_TAG_CLOSE . LF; } // HTML5 does not like content-style-type if ($phpwcms['mode_XHTML'] != 3) { $content['page_start'] .= ' <meta http-equiv="content-type" content="' . $_use_content_type . '; charset=' . PHPWCMS_CHARSET . '"' . HTML_TAG_CLOSE . LF; $content['page_start'] .= ' <meta http-equiv="content-style-type" content="text/css"' . HTML_TAG_CLOSE . LF; } else { $content['page_start'] .= ' <meta charset="' . PHPWCMS_CHARSET . '"' . HTML_TAG_CLOSE . LF; }
} else { $sendbutton = $BL['be_admin_fcat_button2']; //create group } if (!empty($_POST["group_aktion"])) { $group["id"] = intval($_POST["group_id"]); $group["name"] = clean_slweg($_POST["group_name"], 250); $group["member"] = isset($_POST["acat_access"]) && is_array($_POST["acat_access"]) ? implode(',', $_POST["acat_access"]) : ''; $group["value"] = clean_slweg($_POST["group_value"]); $group["trash"] = empty($_POST["group_trash"]) ? 0 : intval($_POST["group_trash"]); $group["active"] = empty($_POST["group_active"]) ? 0 : 1; if (empty($group["name"])) { $group["error"] = 1; } else { $data = array('group_name' => $group["name"], 'group_member' => $group["member"], 'group_value' => $group["value"], 'group_trash' => $group["trash"], 'group_active' => $group["active"]); $result = $group["id"] ? _dbUpdate('phpwcms_usergroup', $data, 'group_id=' . $group["id"]) : _dbInsert('phpwcms_usergroup', $data); if (isset($result['AFFECTED_ROWS']) || isset($result['INSERT_ID'])) { headerRedirect(PHPWCMS_URL . 'phpwcms.php?' . get_token_get_string('csrftoken') . '&do=admin&p=1'); } else { echo mysql_error(); } } $group["member"] = convertStringToArray($group["member"]); } ?> <form action="phpwcms.php?do=admin&p=1&create_group=1" method="post" name="editsitestructure" id="editsitestructure" onsubmit="selectAllOptions(this.acat_access);selectAllOptions(this.acat_cp);var x = wordcount(this.acat_name.value);if(x<1) {alert('Fill in a category title! \n\n('+x+' words total)');this.acat_name.focus();return false;}"> <tr align="center" bgcolor="#F0F2F4"><td colspan="2"><table border="0" cellpadding="0" cellspacing="0" summary=""> <?php
function _dbSaveCategories($categories = array(), $type = '', $pid = 0, $seperator = ',') { $pid = intval($pid); $type = trim($type); if (is_string($categories)) { $categories = convertStringToArray($categories, $seperator); } // delete all related categories first if ($type && $pid) { $sql = 'DELETE FROM ' . DB_PREPEND . 'phpwcms_categories WHERE cat_pid=' . $pid . " AND cat_type=" . _dbEscape($type); _dbQuery($sql, 'DELETE'); } if (is_array($categories) && count($categories) && $type && $pid) { $data = array('cat_type' => $type, 'cat_pid' => $pid, 'cat_status' => 1, 'cat_createdate' => date('Y-m-d H:i:s'), 'cat_changedate' => date('Y-m-d H:i:s'), 'cat_name' => '', 'cat_info' => ''); foreach ($categories as $value) { $value = trim($value); if ($value != '') { $data['cat_name'] = $value; _dbInsert('phpwcms_categories', $data); } } } }
$mail_neworder = str_replace('{SHIPPING_DISTANCE_LABEL}', $subtotal['shipping_distance_details']['label'], $mail_neworder); } else { $mail_customer = render_cnt_template($mail_customer, 'SHIPPING_DISTANCE', ''); $mail_neworder = render_cnt_template($mail_neworder, 'SHIPPING_DISTANCE', ''); } $payment_options = get_payment_options(); foreach ($payment_options as $item_key => $row) { $mail_customer = render_cnt_template($mail_customer, 'PAYBY_' . strtoupper($item_key), ''); $mail_neworder = render_cnt_template($mail_neworder, 'PAYBY_' . strtoupper($item_key), ''); } $mail_customer = str_replace(array('{CURRENCY_SYMBOL}', '{$}'), $_shopPref['shop_pref_currency'], $mail_customer); $mail_neworder = str_replace(array('{CURRENCY_SYMBOL}', '{$}'), $_shopPref['shop_pref_currency'], $mail_neworder); // store order in database $order_data = array('order_number' => $order_num, 'order_date' => gmdate('Y-m-d H:i'), 'order_name' => $_SESSION[CART_KEY]['step1']['INV_NAME'], 'order_firstname' => $_SESSION[CART_KEY]['step1']['INV_FIRSTNAME'], 'order_email' => $_SESSION[CART_KEY]['step1']['EMAIL'], 'order_net' => $subtotal['float_total_net'], 'order_gross' => $subtotal['float_total_gross'], 'order_payment' => $payment, 'order_data' => @serialize(array('cart' => $cart_data, 'address' => $_SESSION[CART_KEY]['step1'], 'mail_customer' => $mail_customer, 'mail_self' => $mail_neworder, 'subtotal' => array('subtotal_net' => $subtotal['float_net'], 'subtotal_gross' => $subtotal['float_gross']), 'shipping' => array('shipping_net' => $subtotal['float_shipping_net'], 'shipping_gross' => $subtotal['float_shipping_gross'], 'shipping_distance' => $subtotal['shipping_distance'] === false ? 0 : $subtotal['shipping_distance']), 'discount' => array('discount_net' => $subtotal['float_discount_net'], 'discount_gross' => $subtotal['float_discount_gross']), 'loworder' => array('loworder_net' => $subtotal['float_loworder_net'], 'loworder_gross' => $subtotal['float_loworder_gross']), 'weight' => $subtotal['float_weight'], 'lang' => $phpwcms['default_lang'], 'distance' => $subtotal['shipping_distance'] === false ? null : $subtotal['shipping_distance_details'])), 'order_status' => 'NEW-ORDER'); // receive order db ID $order_data = _dbInsert('phpwcms_shop_orders', $order_data); // send mail to customer $email_from = _getConfig('shop_pref_email_from', '_shopPref'); if (!is_valid_email($email_from)) { $email_from = $phpwcms['SMTP_FROM_EMAIL']; } $order_mail_customer = array('recipient' => $_SESSION[CART_KEY]['step1']['EMAIL'], 'toName' => $_SESSION[CART_KEY]['step1']['INV_FIRSTNAME'] . ' ' . $_SESSION[CART_KEY]['step1']['INV_NAME'], 'subject' => str_replace('{ORDER}', $order_num, $_tmpl['config']['mail_customer_subject']), 'text' => $mail_customer, 'from' => $email_from, 'sender' => $email_from); $order_data_mail_customer = sendEmail($order_mail_customer); // send mail to shop $send_order_to = convertStringToArray(_getConfig('shop_pref_email_to', '_shopPref'), ';'); if (empty($send_order_to[0]) || !is_valid_email($send_order_to[0])) { $email_to = $phpwcms['SMTP_FROM_EMAIL']; } else { $email_to = $send_order_to[0]; unset($send_order_to[0]); }
$img_sql .= $article['image']['list_id'] . " LIMIT 1"; if ($img_result = mysql_query($img_sql, $db) or die("error while getting content image info")) { if ($img_row = mysql_fetch_assoc($img_result)) { $article['image']['list_id'] = $img_row['f_id']; $article['image']['list_name'] = $img_row['f_name']; $article['image']['list_hash'] = $img_row['f_hash']; $article['image']['list_ext'] = $img_row['f_ext']; } mysql_free_result($img_result); } } if (count($article_err) == 0) { if ($article["article_id"] == 0) { // Insert (create) new article $data = array('article_created' => time(), "article_cid" => $article["article_catid"], "article_title" => $article["article_title"], "article_alias" => $article["article_alias"], "article_keyword" => $article["article_keyword"], "article_aktiv" => $article["article_aktiv"], "article_begin" => $article["article_begin"], "article_end" => $article["article_end"], "article_subtitle" => $article["article_subtitle"], "article_summary" => $article["article_summary"], "article_redirect" => $article["article_redirect"], "article_sort" => $article["article_sort"], "article_username" => $article["article_username"], "article_notitle" => $article["article_notitle"], "article_hidesummary" => $article["article_hidesummary"], "article_image" => serialize($article['image']), "article_cache" => $article["article_timeout"], "article_nosearch" => $article['article_nosearch'], "article_nositemap" => $article['article_nositemap'], "article_aliasid" => $article['article_aliasid'], "article_headerdata" => $article['article_headerdata'], "article_morelink" => $article['article_morelink'], "article_noteaser" => $article['article_noteaser'], "article_pagetitle" => $article['article_pagetitle'], "article_paginate" => $article['article_paginate'], "article_priorize" => $article['article_priorize'], "article_norss" => $article['article_norss'], "article_uid" => $article["article_uid"], "article_archive_status" => $article["article_archive_status"], "article_menutitle" => $article["article_menutitle"], 'article_description' => $article["article_description"], 'article_serialized' => '', 'article_lang' => $article["article_lang"], 'article_lang_type' => $article["article_lang_type"], 'article_lang_id' => $article["article_lang_id"], 'article_opengraph' => $article["article_opengraph"], 'article_canonical' => $article["article_canonical"]); $result = _dbInsert('phpwcms_article', $data); if (isset($result['INSERT_ID'])) { $article["article_id"] = $result['INSERT_ID']; } else { $result = false; } } else { // Update article summary data $sql = "UPDATE " . DB_PREPEND . "phpwcms_article SET " . "article_cid=" . $article["article_catid"] . "," . "article_title=" . _dbEscape($article["article_title"]) . ", " . "article_alias=" . _dbEscape($article["article_alias"]) . ", " . "article_keyword=" . _dbEscape($article["article_keyword"]) . ", " . "article_aktiv=" . $article["article_aktiv"] . ", " . "article_begin=" . _dbEscape($article["article_begin"]) . ", " . "article_end=" . _dbEscape($article["article_end"]) . ", " . "article_subtitle=" . _dbEscape($article["article_subtitle"]) . ", " . "article_summary=" . _dbEscape($article["article_summary"]) . ", " . "article_redirect=" . _dbEscape($article["article_redirect"]) . ", " . "article_sort=" . _dbEscape($article["article_sort"]) . ", " . "article_username="******"article_username"]) . ", " . "article_notitle=" . $article["article_notitle"] . ", " . "article_hidesummary=" . $article["article_hidesummary"] . ", " . "article_image=" . _dbEscape(serialize($article['image'])) . ", " . "article_cache=" . _dbEscape($article["article_timeout"]) . ", " . "article_nosearch=" . _dbEscape($article['article_nosearch']) . ", " . "article_nositemap=" . $article['article_nositemap'] . ", " . "article_aliasid=" . $article['article_aliasid'] . ", " . "article_headerdata=" . $article['article_headerdata'] . ", " . "article_morelink=" . $article['article_morelink'] . ", " . "article_noteaser=" . $article['article_noteaser'] . ", " . "article_pagetitle=" . _dbEscape($article['article_pagetitle']) . ", " . "article_paginate=" . $article['article_paginate'] . ", " . "article_priorize=" . $article['article_priorize'] . ", " . "article_norss=" . $article['article_norss'] . ", " . "article_archive_status=" . $article['article_archive_status'] . ", " . "article_menutitle=" . _dbEscape($article["article_menutitle"]) . "," . "article_description=" . _dbEscape($article["article_description"]) . ", " . "article_lang=" . _dbEscape($article["article_lang"]) . ", " . "article_lang_type=" . _dbEscape($article["article_lang_type"]) . ", " . "article_lang_id=" . _dbEscape($article["article_lang_id"]) . ", " . "article_opengraph=" . $article["article_opengraph"] . ', ' . "article_canonical=" . _dbEscape($article["article_canonical"]); if ($_SESSION["wcs_user_admin"]) { $sql .= ", article_uid=" . $article["article_uid"]; } $sql .= " WHERE article_id=" . $article["article_id"]; $result = _dbQuery($sql, 'UPDATE'); } if ($result) {
/** * put the geocode lat/lon points into cache for given address * * @param string $address * @param string $lon the map latitude (horizontal) * @param string $lat the map latitude (vertical) * @return bool Status of put cache request */ function putCache($address, $lon, $lat) { if (strlen($address) == 0 || strlen($lon) == 0 || strlen($lat) == 0) { return false; } _dbInsert($this->_db_cache_table, array('address' => $address, 'lon' => $lon, 'lat' => $lat), 'LOW_PRIORITY'); return true; }
} $uploader = new qqFileUploader($phpwcms['allowed_upload_ext'], min($post_max_size, $upload_max_filesize, $phpwcms['file_maxsize'])); $uploadDir = PHPWCMS_ROOT . $phpwcms["ftp_path"]; // Call handleUpload() with the name of the folder, relative to PHP's getcwd() $result = $uploader->handleUpload($uploadDir, NULL, TRUE, FALSE); $result['filename'] = $uploader->getUploadName(); if (!empty($result['success']) && !empty($_GET['file_public'])) { require_once PHPWCMS_ROOT . '/include/inc_lib/dbcon.inc.php'; $data = array('f_pid' => intval($_GET['file_dir']), 'f_uid' => intval($_SESSION["wcs_user_id"]), 'f_kid' => 1, 'f_aktiv' => 1, 'f_public' => 1, 'f_name' => $result['filename'], 'f_created' => now(), 'f_size' => $uploader->getFileSize(), 'f_type' => $uploader->getFileType(), 'f_ext' => strtolower($uploader->getFileExtension()), 'f_longinfo' => slweg($_GET['file_longinfo']), 'f_hash' => md5($result['filename'] . microtime()), 'f_copyright' => slweg($_GET['file_copyright']), 'f_tags' => clean_slweg($_GET['file_tags'])); if (PHPWCMS_CHARSET != 'utf-8') { $data['f_name'] = makeCharsetConversion($data['f_name'], 'utf-8', PHPWCMS_CHARSET); $data['f_longinfo'] = makeCharsetConversion($data['f_longinfo'], 'utf-8', PHPWCMS_CHARSET); $data['f_copyright'] = makeCharsetConversion($data['f_copyright'], 'utf-8', PHPWCMS_CHARSET); $data['f_tags'] = makeCharsetConversion($data['f_tags'], 'utf-8', PHPWCMS_CHARSET); } $insert = _dbInsert('phpwcms_file', $data); // move uploaded file if (!empty($insert['INSERT_ID'])) { $userftppath = PHPWCMS_ROOT . $phpwcms["ftp_path"]; $useruploadpath = PHPWCMS_ROOT . $phpwcms["file_path"]; $usernewfile = $useruploadpath . $data['f_hash']; if ($data['f_ext']) { $usernewfile .= '.' . $data['f_ext']; } $oldmask = umask(0); if ($dir = @opendir($useruploadpath) && @copy($userftppath . $result['filename'], $usernewfile)) { @unlink($userftppath . $result['filename']); } else { require PHPWCMS_ROOT . '/include/inc_lang/backend/en/lang.inc.php'; $cust_lang = PHPWCMS_ROOT . '/include/inc_lang/backend/' . strtolower(substr($_SESSION["wcs_user_lang"], 0, 2)) . '/lang.inc.php'; if (is_file($cust_lang)) {
if (is_array($data[$key[0]]) || is_object($data[$key[0]])) { $data_serialize[$key[0]] = $key[0]; } } if (count($data_serialize)) { foreach ($data_serialize as $value) { $data[$value] = serialize($data[$value]); } } if ($plugin['data']['id']) { // UPDATE $result = _dbUpdate('phpwcms_content', $data, 'cnt_id=' . $plugin['data']['id'] . ' AND cnt_module=' . _dbEscape(MODULE_KEY)); } else { // INSERT $data['cnt_created'] = now(); $result = _dbInsert('phpwcms_content', $data); } // Back to module listing if (isset($_POST['save'])) { headerRedirect(MODULE_HREF_DECODE); } // set ID if (!empty($result['INSERT_ID'])) { $plugin['data']['id'] = $result['INSERT_ID']; $plugin['id'] = $result['INSERT_ID']; } } else { set_status_message(implode(LF, $plugin['error']), 'warning'); } } // try to read entry from database
function edit() { $this->newsId = intval($_GET['cntid']); $this->data = array(); if (isset($_GET['status'])) { $status = intval($_GET['status']); switch ($status) { case 0: case 1: case 9: _dbUpdate('phpwcms_content', array('cnt_status' => $status), 'cnt_id=' . $this->newsId); set_status_message($status == 9 ? $this->BL['be_action_deleted'] : $this->BL['be_action_status'], 'success', array('ID' => $this->newsId)); break; default: set_status_message($this->BL['be_action_notvalid'], 'warning'); } headerRedirect($this->base_url_decoded); } $start_date = 0; $end_date = 0; $this->data = array('cnt_id' => 0, 'cnt_pid' => 0, 'cnt_status' => intval($this->phpwcms['set_news_active']), 'cnt_livedate' => '0000-00-00 00:00:00', 'cnt_killdate' => '0000-00-00 00:00:00', 'cnt_archive_status' => 1, 'cnt_alias' => '', 'cnt_name' => '', 'cnt_title' => '', 'cnt_subtitle' => '', 'cnt_editor' => '', 'cnt_place' => '', 'cnt_teasertext' => '', 'cnt_text' => '', 'cnt_duplicate' => 0, 'cnt_lang' => '', 'cnt_prio' => 0, 'cnt_readmore' => 1, 'cnt_image' => array('id' => 0, 'name' => '', 'zoom' => 0, 'lightbox' => 0, 'caption' => '', 'link' => ''), 'cnt_files' => array('id' => array(), 'caption' => '', 'gallery' => 0, 'gallery_download' => 0), 'cnt_link' => '', 'cnt_linktext' => '', 'cnt_category' => '', 'cnt_livedate' => '', 'cnt_killdate' => '', 'cnt_sort' => 0, 'cnt_opengraph' => empty($this->phpwcms['set_sociallink']['news']) ? 0 : 1, 'cnt_textformat' => 'plain', 'cnt_searchoff' => 0); // check form post if (isset($_POST['cnt_name'])) { $post = $this->getPostData(); $post_error = false; if (!empty($_POST['cnt_duplicate'])) { $this->newsId = 0; $duplicate = 1; $post['cnt_created'] = now(); } else { $duplicate = 0; } // 1st check if we have a name because it's mandatory if ($post['cnt_name'] == '') { $post_error = true; set_status_message($this->BL['be_news_name_mandatory'], 'warning'); $post['cnt_duplicate'] = $duplicate; } // do db work if ($post_error === false) { $values = $post; $values['cnt_object'] = serialize($values['cnt_object']); $success = false; // store new dataset if ($this->newsId == 0) { $result = _dbInsert('phpwcms_content', $values); if (isset($result['INSERT_ID'])) { $this->newsId = $result['INSERT_ID']; $success = true; set_status_message($this->BL['be_successfully_saved'] . LF . $post['cnt_name'], 'success'); } // update existing dataset } else { $result = _dbUpdate('phpwcms_content', $values, 'cnt_id=' . $this->newsId); if ($result != false) { $success = true; set_status_message($this->BL['be_successfully_updated'] . LF . $post['cnt_name'], 'success'); } } // if success if ($success) { // save categories if ($this->newsId) { _dbSaveCategories($post['cnt_object']['cnt_category'], 'news', $this->newsId, ','); } // redirect to form again if ($this->newsId && isset($_POST['submit'])) { headerRedirect($this->base_url_decoded . '&cntid=' . $this->newsId . '&action=edit'); // back to listing } else { headerRedirect($this->base_url_decoded); } // error while storing data } else { set_status_message($BL['be_error_while_save'] . trim(html(' ' . mysql_errno() . ': ' . mysql_error())), 'warning'); } } $this->data = array_merge($this->data, $post); } elseif ($this->newsId > 0) { $result = _dbGet('phpwcms_content', '*', 'cnt_status!=9 AND cnt_id=' . $this->newsId, '', '', '1'); if (isset($result[0])) { $result[0]['cnt_object'] = @unserialize($result[0]['cnt_object']); if (is_array($result[0]['cnt_object']['cnt_image'])) { $result[0]['cnt_image'] = array_merge($this->data['cnt_image'], $result[0]['cnt_object']['cnt_image']); } if (is_array($result[0]['cnt_object']['cnt_files'])) { $result[0]['cnt_files'] = array_merge($this->data['cnt_files'], $result[0]['cnt_object']['cnt_files']); } if (isset($result[0]['cnt_object']['cnt_link'])) { $result[0]['cnt_link'] = $result[0]['cnt_object']['cnt_link']; } if (isset($result[0]['cnt_object']['cnt_linktext'])) { $result[0]['cnt_linktext'] = $result[0]['cnt_object']['cnt_linktext']; } if (isset($result[0]['cnt_object']['cnt_category'])) { $result[0]['cnt_category'] = $result[0]['cnt_object']['cnt_category']; } if (isset($result[0]['cnt_object']['cnt_readmore'])) { $result[0]['cnt_readmore'] = $result[0]['cnt_object']['cnt_readmore']; } if (isset($result[0]['cnt_object']['cnt_textformat'])) { $result[0]['cnt_textformat'] = $result[0]['cnt_object']['cnt_textformat']; } if (isset($result[0]['cnt_object']['cnt_searchoff'])) { $result[0]['cnt_searchoff'] = $result[0]['cnt_object']['cnt_searchoff']; } $this->data = array_merge($this->data, $result[0]); } else { set_status_message($this->BL['be_data_select_failed'], 'warning'); headerRedirect($this->base_url_decoded); } } $start_date = strtotime($this->data['cnt_livedate']); $end_date = strtotime($this->data['cnt_killdate']); $sort_date = intval($this->data['cnt_sort']); if ($start_date <= 0) { $this->data['cnt_livedate'] = '0000-00-00 00:00:00'; $this->data['cnt_date_start'] = ''; $this->data['cnt_time_start'] = ''; } else { $this->data['cnt_date_start'] = date($this->BL['default_date'], $start_date); $this->data['cnt_time_start'] = date($this->BL['default_time'], $start_date); } if ($end_date <= 0) { $this->data['cnt_killdate'] = '0000-00-00 00:00:00'; $this->data['cnt_date_end'] = ''; $this->data['cnt_time_end'] = ''; } else { $this->data['cnt_date_end'] = date($this->BL['default_date'], $end_date); $this->data['cnt_time_end'] = date($this->BL['default_time'], $end_date); } // sort date if ($sort_date <= 0) { $this->data['cnt_sort'] = 0; $this->data['cnt_sort_date'] = ''; $this->data['cnt_sort_time'] = ''; } else { $this->data['cnt_sort_date'] = date($this->BL['default_date'], $sort_date); $this->data['cnt_sort_time'] = date($this->BL['default_time'], $sort_date); } }